The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on t...The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on the Windows and today's commodity hardware, merely depends on availability of an embedded security module (ESM). ESM and security enhanced BIOS is the root of trust, PMBR (Pre-MBR) checks the integrity of boot data and Windows kernel, which is a checking agent stored in ESM. In the end, the paper analyzed the mathematic expression of the chain of trust and the runtime performance compared with the common booring process. The trust chain bootstrap greatly strengthens the security of personal computer system, and affects the runtime performance with only adding about 12% booting time.展开更多
Facing the increasing security issues in P2P networks, a scheme for resource sharing using trusted computing technologies is proposed in this paper. We advance a RS-UCON model with decision continuity and attribute mu...Facing the increasing security issues in P2P networks, a scheme for resource sharing using trusted computing technologies is proposed in this paper. We advance a RS-UCON model with decision continuity and attribute mutability to control the usage process and an architecture to illustrate how TC technologies support policy enforcement with bidirectional attestation. The properties required for attestation should include not only integrity measurement value of platform and related application, but also reputation of users and access history, in order to avoid the limitation of the existing approaches. To make a permission, it is required to evaluate both the authorization and conditions of the subject and the object in resource usage to ensure trustable resources to be transferred to trusted users and platform.展开更多
To build a trusted platform based on Trusted Computing Platform Alliance(TCPA)' s recommendation, we analyze the integrity mechanism for such a PC platfoim in this paper.By combinning access control model with inf...To build a trusted platform based on Trusted Computing Platform Alliance(TCPA)' s recommendation, we analyze the integrity mechanism for such a PC platfoim in this paper.By combinning access control model with information flow model, we put forwarda combinedprocess-based lattice model to enforce security This moelel creates a trust chain by which we canmanage a series of processes from a core root of trust module to some other application modules Inthe model, once the trust chain is created andmanaged cor-rectly, the integrity of the computer'shardware and sofware has bctn maintained, so does the confidentiality and authenticity. Moreover, arelevant implementation of the model is explained.展开更多
Emerging technologies and innovative developments cause the supply chain management to change dramatically. Therefore the subjects regarding trust have become important. Trust established in Supply Chain causes effect...Emerging technologies and innovative developments cause the supply chain management to change dramatically. Therefore the subjects regarding trust have become important. Trust established in Supply Chain causes effective relationships among definitive numbers of suppliers in the long-run. The effect of trust in supply chain on firm performance and the contribution of agility to this relation have been supported in the literature. In this research, the role of agility in the effect of trust in supply chain on firm performance will be investigated. According to the results of hypotheses tests, there are positive and significant relations between supply management integration and trust in supply chain, between trust in supply chain and supply chain agility, and between supply chain agility and firm performance.展开更多
With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has bec...With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module(TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model(DIMM) based on virtual Trusted Platform Module(v TPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.展开更多
The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence (NI) theory of the inform...The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence (NI) theory of the information flow is studied. Firstly, existing methods cannot analyze the impact of the system states on the trustworthiness of software during the process of trust chain trans- fer. To solve this problem, the impact of the system state on trust- worthiness of software is investigated, the run-time mutual interfer- ence behavior of software entitles is described and an interference model of the access control automaton of a system is established. Secondly, based on the intransitive noninterference (INI) theory, a formal analytic method of trustworthiness for trust chain transfer is proposed, providing a theoretical basis for the analysis of dynamic trustworthiness of software during the trust chain transfer process. Thirdly, a prototype system with dynamic trustworthiness on a plat- form with dual core architecture is constructed and a verification algorithm of the system trustworthiness is provided. Finally, the monitor hypothesis is extended to the dynamic monitor hypothe- sis, a theorem of static judgment rule of system trustworthiness is provided, which is useful to prove dynamic trustworthiness of a system at the beginning of system construction. Compared with previous work in this field, this research proposes not only a formal analytic method for the determination of system trustworthiness, but also a modeling method and an analysis algorithm that are feasible for practical implementation.展开更多
The most significant strategic development in information technology over the past years has been "trusted computing" and trusted computers have been produced. In this paper trusted mechanisms adopted by PC is impor...The most significant strategic development in information technology over the past years has been "trusted computing" and trusted computers have been produced. In this paper trusted mechanisms adopted by PC is imported into distributed system, such as chain of trust, trusted root and so on. Based on distributed database server system (DDSS), a novel model of trusted distributed database server system (TDDSS) is presented ultimately. In TDDSS role-based access control, two-level of logs and other technologies are adopted to ensure the trustworthiness of the system.展开更多
基金Supported by the National Natural Science Foun-dation of China (90104005 ,60373087 ,60473023) Network andInformation Security Key Laboratory Programof Ministry of Educa-tion of China
文摘The chain of trust in bootstrap process is the basis of whole system trust in the trusted computing group (TCG) definition. This paper presents a design and implementation of a bootstrap trust chain in PC based on the Windows and today's commodity hardware, merely depends on availability of an embedded security module (ESM). ESM and security enhanced BIOS is the root of trust, PMBR (Pre-MBR) checks the integrity of boot data and Windows kernel, which is a checking agent stored in ESM. In the end, the paper analyzed the mathematic expression of the chain of trust and the runtime performance compared with the common booring process. The trust chain bootstrap greatly strengthens the security of personal computer system, and affects the runtime performance with only adding about 12% booting time.
基金the National Natural Science Foundation of China (60673071, 60743003,90718005,90718006)the National High Technology Research and Development Program of China (2006AA01Z442,2007AA01Z411)
文摘Facing the increasing security issues in P2P networks, a scheme for resource sharing using trusted computing technologies is proposed in this paper. We advance a RS-UCON model with decision continuity and attribute mutability to control the usage process and an architecture to illustrate how TC technologies support policy enforcement with bidirectional attestation. The properties required for attestation should include not only integrity measurement value of platform and related application, but also reputation of users and access history, in order to avoid the limitation of the existing approaches. To make a permission, it is required to evaluate both the authorization and conditions of the subject and the object in resource usage to ensure trustable resources to be transferred to trusted users and platform.
基金Supported by the National Natural Science Foun dation of China (90104005) and the National High Technology Re search and Development Program of China ( 863 Program )(2002AA141051)
文摘To build a trusted platform based on Trusted Computing Platform Alliance(TCPA)' s recommendation, we analyze the integrity mechanism for such a PC platfoim in this paper.By combinning access control model with information flow model, we put forwarda combinedprocess-based lattice model to enforce security This moelel creates a trust chain by which we canmanage a series of processes from a core root of trust module to some other application modules Inthe model, once the trust chain is created andmanaged cor-rectly, the integrity of the computer'shardware and sofware has bctn maintained, so does the confidentiality and authenticity. Moreover, arelevant implementation of the model is explained.
文摘Emerging technologies and innovative developments cause the supply chain management to change dramatically. Therefore the subjects regarding trust have become important. Trust established in Supply Chain causes effective relationships among definitive numbers of suppliers in the long-run. The effect of trust in supply chain on firm performance and the contribution of agility to this relation have been supported in the literature. In this research, the role of agility in the effect of trust in supply chain on firm performance will be investigated. According to the results of hypotheses tests, there are positive and significant relations between supply management integration and trust in supply chain, between trust in supply chain and supply chain agility, and between supply chain agility and firm performance.
基金supported by National Natural Science Foundation of China (61170254,61379116), Hebei Natural Science Foundation Project (F2016201244)Hebei Province Science and Technology Research Project of Higher Education (ZD2016043)Hebei Engineering Technology Research Center for IOT Data Acquisition & Processing, North China Insitute of Science and Technology, Hebei 065201,China
文摘With the development of cloud computing, virtualization technology has been widely used in our life. Meanwhile, it became one of the key targets for some attackers. The integrity measurement in virtual machine has become an urgent problem. Some of the existing virtualization platform integrity measurement mechanism introduces the trusted computing technology, according to a trusted chain that the Trusted Platform Module(TPM) established for trusted root to measure the integrity of process in static. But this single chain static measurement cannot ensure the dynamic credible in platform running. To solve the problem that the virtual trusted platform can not guarantee the dynamic credibility, this paper put forward Dynamic Integrity Measurement Model(DIMM) based on virtual Trusted Platform Module(v TPM) which had been implemented with typical virtual machine monitor Xen as an example. DIMM combined with virtual machine introspection and event capture technology to ensure the security of the entire user domain. Based on the framework, this paper put forward Self-modify dynamic measurement strategy which can effectively reduce the measurement frequency and improve the measurement performance. Finally, it is proved that the validity and feasibility of the proposed model with comparison experiments.
基金supported by the Natural Science Foundation of Jiangsu Province(BK2012237)
文摘The trustworthiness analysis and evaluation are the bases of the trust chain transfer. In this paper the formal method of trustworthiness analysis of a system based on the noninterfer- ence (NI) theory of the information flow is studied. Firstly, existing methods cannot analyze the impact of the system states on the trustworthiness of software during the process of trust chain trans- fer. To solve this problem, the impact of the system state on trust- worthiness of software is investigated, the run-time mutual interfer- ence behavior of software entitles is described and an interference model of the access control automaton of a system is established. Secondly, based on the intransitive noninterference (INI) theory, a formal analytic method of trustworthiness for trust chain transfer is proposed, providing a theoretical basis for the analysis of dynamic trustworthiness of software during the trust chain transfer process. Thirdly, a prototype system with dynamic trustworthiness on a plat- form with dual core architecture is constructed and a verification algorithm of the system trustworthiness is provided. Finally, the monitor hypothesis is extended to the dynamic monitor hypothe- sis, a theorem of static judgment rule of system trustworthiness is provided, which is useful to prove dynamic trustworthiness of a system at the beginning of system construction. Compared with previous work in this field, this research proposes not only a formal analytic method for the determination of system trustworthiness, but also a modeling method and an analysis algorithm that are feasible for practical implementation.
基金Supported by the Natural Science Foundation ofHebei Province (F2004000133)
文摘The most significant strategic development in information technology over the past years has been "trusted computing" and trusted computers have been produced. In this paper trusted mechanisms adopted by PC is imported into distributed system, such as chain of trust, trusted root and so on. Based on distributed database server system (DDSS), a novel model of trusted distributed database server system (TDDSS) is presented ultimately. In TDDSS role-based access control, two-level of logs and other technologies are adopted to ensure the trustworthiness of the system.