针对基于Linux和TCG软件栈(Trusted computing group Software Stack,TSS)的复杂性问题,提出一种轻量级的可信软件栈。分析了TSS的基本结构与TSS在嵌入式系统的局限,总结出基于嵌入式系统的可信软件栈设计需求,设计出软件栈命令调用的...针对基于Linux和TCG软件栈(Trusted computing group Software Stack,TSS)的复杂性问题,提出一种轻量级的可信软件栈。分析了TSS的基本结构与TSS在嵌入式系统的局限,总结出基于嵌入式系统的可信软件栈设计需求,设计出软件栈命令调用的机制和软件栈的结构。此外,分析了TSS密钥管理缓存算法,在flash中定义一块密钥槽空间,方便密钥管理中直接访问,阐述密钥生成的逻辑过程,实现面向嵌入式系统的可信软件系统。经实验验证,该软件栈可以结合RT-Thread实时系统实现基本的可信计算功能。展开更多
This paper analyzes the threat of TCG Software Stack(TSS)/TCM Service Module(TSM) deadlock in multi-user environment such as cloud and discusses its causes and mechanism.In addition,this paper puts forward a dynamic p...This paper analyzes the threat of TCG Software Stack(TSS)/TCM Service Module(TSM) deadlock in multi-user environment such as cloud and discusses its causes and mechanism.In addition,this paper puts forward a dynamic priority task scheduling strategy based on value evaluation to handle this threat.The strategy is based on the implementation features of trusted hardware and establishes a multi-level ready queue.In this strategy,an algorithm for real-time value computing is also designed,and it can adjust the production curves of the real time value by setting parameters in different environment,thus enhancing its adaptability,which is followed by scheduling and algorithm description.This paper also implements the algorithm and carries out its performance optimization.Due to the experiment result from Intel NUC,it is shown that TSS based on advanced DPTSV is able to solve the problem of deadlock with no negative influence on performance and security in multi-user environment.展开更多
文摘针对基于Linux和TCG软件栈(Trusted computing group Software Stack,TSS)的复杂性问题,提出一种轻量级的可信软件栈。分析了TSS的基本结构与TSS在嵌入式系统的局限,总结出基于嵌入式系统的可信软件栈设计需求,设计出软件栈命令调用的机制和软件栈的结构。此外,分析了TSS密钥管理缓存算法,在flash中定义一块密钥槽空间,方便密钥管理中直接访问,阐述密钥生成的逻辑过程,实现面向嵌入式系统的可信软件系统。经实验验证,该软件栈可以结合RT-Thread实时系统实现基本的可信计算功能。
基金supported by the State Key Program of National Natural Science Foundation of China(Grant No.91118003)the National Natural Science Foundation of China(Grant No.61173138,61272452,61332019)+1 种基金the National Basic Research Program of China("973"Program)(Grant No.2014CB340600)the National High-Tech Research and Development Program of China("863"Program)(Grant No.2015AA016002)
文摘This paper analyzes the threat of TCG Software Stack(TSS)/TCM Service Module(TSM) deadlock in multi-user environment such as cloud and discusses its causes and mechanism.In addition,this paper puts forward a dynamic priority task scheduling strategy based on value evaluation to handle this threat.The strategy is based on the implementation features of trusted hardware and establishes a multi-level ready queue.In this strategy,an algorithm for real-time value computing is also designed,and it can adjust the production curves of the real time value by setting parameters in different environment,thus enhancing its adaptability,which is followed by scheduling and algorithm description.This paper also implements the algorithm and carries out its performance optimization.Due to the experiment result from Intel NUC,it is shown that TSS based on advanced DPTSV is able to solve the problem of deadlock with no negative influence on performance and security in multi-user environment.