期刊文献+
共找到304篇文章
< 1 2 16 >
每页显示 20 50 100
Modeling Trusted Computing 被引量:3
1
作者 CHEN Shuyi WEN Yingyou ZHAO Hong 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1507-1510,共4页
In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relation... In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relationship among these objects in a trusted system according to trusted computing specifications. Inference rules of trusted relation are given too. With the semantics proposed, some trusted computing models are formalized and verified, which shows that Predicate calculus logic provides a general and effective method for modeling and reasoning trusted computing systems. 展开更多
关键词 trusted computing group (TCG) trusted platform module (tpm trusted computing root of trust predicate logic
下载PDF
An Improved Grid Security Infrastructure by Trusted Computing 被引量:3
2
作者 YAN Fei ZHANG Huanguo +3 位作者 SUN Qi SHEN Zhidong ZHANG Liqiang QIANG Weizhong 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1805-1808,共4页
Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled ... Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment. 展开更多
关键词 trusted computing grid computing grid security trusted platform module
下载PDF
The Mechanism about Key and Credential on Trusted Computing Platform and the Application Study 被引量:2
3
作者 SHEN Zhidong ZHANG Huanguo ZHANG Miao YAN Fei ZHANG Liqiang 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1641-1644,共4页
Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cry... Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cryptology. In this paper, we analyze the key and credential mechanism which is two basic aspects in the cryptology application of trusted computing. We give an example application to illustrate that the TPM enabled key and credential mechanism can improve the security of computer system. 展开更多
关键词 trusted computing trusted platform module (tpm key management CREDENTIAL
下载PDF
A Method to Implement Full Anonymous Attestation for Trusted Computing Platform 被引量:3
4
作者 HAO Liming SUN Xun YANG Shutang LU Songnian 《Wuhan University Journal of Natural Sciences》 CAS 2007年第1期101-104,共4页
Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by w... Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform's real identity, which are Privacy CA-based protocol and direct anonymous attestation (DAA) protocol. However, in the first protocol the privacy CA is the bottleneck and the platform's identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM's real identity. 展开更多
关键词 trusted computing trusted platform module direct anonymous attestation
下载PDF
A Security Kernel Architecture Based Trusted Computing Platform 被引量:2
5
作者 CHENYou-lei SHENChang-xiang 《Wuhan University Journal of Natural Sciences》 CAS 2005年第1期1-4,共4页
A security kernel architeclrne built on trusted computing platform in thelight of thinking about trusted computing is presented According to this architecture, a newsecurity module TCB (Trusted Computing Base) is adde... A security kernel architeclrne built on trusted computing platform in thelight of thinking about trusted computing is presented According to this architecture, a newsecurity module TCB (Trusted Computing Base) is added to the operation system kerneland twooperation interface modes are provided for the sake of self-protection. The security kernel isdivided into two parts and trusted mechanism Is separated from security functionality. Ihe TCBmodule implements the trusted mechanism such as measurement and attestation, while the othercomponents of security kernel provide security functionality based on these mechanisms. Thisarchitecture takes full advantage of functions provided by trusted platform and clearly defines thesecurity perimeter of TCB so as to assure stlf-securily from architcetmal vision. We also presentfunction description of TCB and discuss the strengths and limitations comparing with other relatedresearches. 展开更多
关键词 trusted computing TCB module security kernel trusted mechanism
下载PDF
Formal Analysis of Trusted Platform Module Commands for Compromising User Key 被引量:2
6
作者 Qin Yu Zhao Shijun Zhang Qianying 《China Communications》 SCIE CSCD 2012年第10期91-102,共12页
The Trusted Platform Module (TPM) is a dedicated hardware chip designed to provide a higher level of security for computing platform. All TPM functionalities are implemented in TPM corntrends to achieve specific sec... The Trusted Platform Module (TPM) is a dedicated hardware chip designed to provide a higher level of security for computing platform. All TPM functionalities are implemented in TPM corntrends to achieve specific security goals. We attempt to analyze the security properties of these commands, especially the key management API. Our study utilizes applied pi calculus to forrmlize the commands and determine how their security properties affect TPM key rmnagement. The attacker is assumed to call TPM comrmnds without bounds and without knowing the TPM root key, expecting to obtain or replace the user key. The analysis goal in our study is to guarantee the corre- sponding property of API execution and the integrity of API data. We analyze the security properties of TPM commands with a process reduction method, identify the key-handle hijack attack on a TPM newly created key, and propose reasonable solutions to solve the problem. Then, we conduct an experiment involving a key-handle attack, which suc- cessfully replaces a user key with an attacker's key using lmlicious TPM software. This paper discloses the weakness of the relationship between the key handle and the key object. After the TPM software stack is compromised, the attacker can hunch a keyhandle attack to obtain the user key and even break into the whole storage tree of user keys. 展开更多
关键词 trusted computing tpm tpm command applied pi calculus API analysis
下载PDF
Protocol for Trusted Channel Based on Portable Trusted Module 被引量:1
7
作者 张大伟 韩臻 +2 位作者 蒋逸尘 杜晔 黎妹红 《China Communications》 SCIE CSCD 2013年第11期1-14,共14页
Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A us... Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A user-oriented trusted computing system based on Portable Trusted Module(PTM)is presented.Remote attestation is incorporated into Transport Layer Security(TLS)handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network.This protocol can resist masquerading,trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively.The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet. 展开更多
关键词 trusted computing trusted module remote attestation transport layer security
下载PDF
Protecting mobile agents' data using trusted computing technology 被引量:1
8
作者 XIAN He-qun FENG Deng-guo 《通讯和计算机(中英文版)》 2007年第3期44-51,共8页
关键词 信任计算技术 移动代理 私钥 通信安全
下载PDF
Shape our Cyberworld: Profile of trusted computing products
9
作者 LIU Hui LIN Xin WEI Jun-yin 《通讯和计算机(中英文版)》 2008年第1期73-81,共9页
关键词 计算机组 计算机网络 虚拟世界 安全
下载PDF
Implementing Operating System Support for Extended Trusted Path in TPM-Capable Environments 被引量:3
10
作者 SHI Wenchang 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1493-1497,共5页
Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of truste... Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of trusted platform module (TPM) technologies, and to support TPM capabilities in operating systems, the paper extended the scope of the conventional trusted path to cover the situation in which a user communicates with software residing on a remote host. The paper combined the concept of operating system support for trusted path with that for TPM platforms, and proposed the architecture of an extended trusted path mechanism in operating system with considerations on TPM-capable platforms support. As part of the author's research in secure operating systems, the work of the paper was carried out with Linux as an experimental prototype system. The research result shows that TPM capabilities can strengthen extended trusted path mechanisms of operating systems. 展开更多
关键词 operating system trusted path trusted platform module (tpm trusted software
下载PDF
TPM Context Manager and Dynamic Configuration Management for Trusted Virtualization Platform 被引量:1
11
作者 QIN Yu FENG Dengguo LIU Chunyong 《Wuhan University Journal of Natural Sciences》 CAS 2008年第5期539-546,共8页
It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen who... It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen whose system configuration changes easily. TPM (trusted platform module) context manager is presented to carry out dynamic configuration management for virtual machine. It manages the TPM command requests and VM (virtual machine) configurations. The dynamic configuration representa- tion method based on Merkle hash tree is explicitly proposed against TCG (trusted computing group) static configuration representation. It reflects the true VM status in real time even if the configuration has changed, and it eliminates the invalidation of configuration representation, sealing storage and remote attestation. TPM context manager supports TCG storage protection, remote attestation etc, which greatly enhances the security on trusted virtualization platform. 展开更多
关键词 trusted computing tpm trusted platform module trusted virtualization configuration representation configuration management
下载PDF
Root-Of-Trust for Continuous Integration and Continuous Deployment Pipeline in Cloud Computing
12
作者 Abdul Saboor Mohd Fadzil Hassan +4 位作者 Rehan Akbar Erwin Susanto Syed Nasir Mehmood Shah Muhammad Aadil Siddiqui Saeed Ahmed Magsi 《Computers, Materials & Continua》 SCIE EI 2022年第11期2223-2239,共17页
Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and avail... Cloud computing has gained significant use over the last decade due to its several benefits,including cost savings associated with setup,deployments,delivery,physical resource sharing across virtual machines,and availability of on-demand cloud services.However,in addition to usual threats in almost every computing environment,cloud computing has also introduced a set of new threats as consumers share physical resources due to the physical co-location paradigm.Furthermore,since there are a growing number of attacks directed at cloud environments(including dictionary attacks,replay code attacks,denial of service attacks,rootkit attacks,code injection attacks,etc.),customers require additional assurances before adopting cloud services.Moreover,the continuous integration and continuous deployment of the code fragments have made cloud services more prone to security breaches.In this study,the model based on the root of trust for continuous integration and continuous deployment is proposed,instead of only relying on a single signon authentication method that typically uses only id and password.The underlying study opted hardware security module by utilizing the Trusted Platform Module(TPM),which is commonly available as a cryptoprocessor on the motherboards of the personal computers and data center servers.The preliminary proof of concept demonstrated that the TPM features can be utilized through RESTful services to establish the root of trust for continuous integration and continuous deployment pipeline and can additionally be integrated as a secure microservice feature in the cloud computing environment. 展开更多
关键词 Root of trust(RoT) trusted Platform module(tpm) cryptoprocessor microservices Hardware Security modules(HSM) DevOps
下载PDF
BBACIMA:A Trustworthy Integrity Measurement Architecture through Behavior-Based TPM Access Control
13
作者 YU Aimin FENG Dengguo 《Wuhan University Journal of Natural Sciences》 CAS 2008年第5期513-518,共6页
Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious us... Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture, BBACIMA, through enforcing behavior-based access control for trusted platform module (TPM). BBACIMA introduces a TPM reference monitor (TPMRM) to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based access control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR (platform configuration register) operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement architectures. 展开更多
关键词 integrity measurement behavior-based access control trusted platform module (tpm trusted computing remoteattestation
下载PDF
A Trusted Smart Phone and Its Applications in Electronic Payment
14
作者 Chang-Ying Zhou Chun-Ru Zhang 《Journal of Electronic Science and Technology of China》 2007年第3期206-211,共6页
With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applica... With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applications, like the electronic payment which will be discussed in this paper, the lack of trust in the underlying mobile infrastructure and secure interface to legacy systems (for this case, the banking systems) poses obstacles to their widespread presence in mobile services. Recently, the exposure of hacking of iPhone and other smart phones further emphasizes the criticality of establishing a trust platform for mobile applications. This paper analyzes the building blocks of the trusted smart phone, and proposes a framework to provide a trusted platform for mobile electronic payment. Such a proposed system may allow direct interface to the banking systems due to the banking industry recognized strong security, and hence, may enable its widespread use. 展开更多
关键词 Mobile electronic payment trusted computing trusted platform module.
下载PDF
Design and implementation of a portable TPM scheme for general-purpose trusted computing based on EFI 被引量:4
15
作者 Lei HAN Jiqiang LIU +1 位作者 Zhen HAN Xueye WEI 《Frontiers of Computer Science》 SCIE EI CSCD 2011年第2期169-180,共12页
In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-p... In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user. 展开更多
关键词 trusted computing portable trusted platform module (Ptpm) extensible firmware interface (EFI) KEYS CERTIFICATES
原文传递
基于TPM的运行时软件可信证据收集机制 被引量:18
16
作者 古亮 郭耀 +3 位作者 王华 邹艳珍 谢冰 邵维忠 《软件学报》 EI CSCD 北大核心 2010年第2期373-387,共15页
扩展了已有的软件可信性证据模型,引入了运行时软件可信证据,从而提供了更为全面的软件可信证据模型.为了提供客观、真实、全面的可信证据,提出了一种基于可信计算技术的软件运行时可信证据收集机制.利用可信平台模块(trusted platform ... 扩展了已有的软件可信性证据模型,引入了运行时软件可信证据,从而提供了更为全面的软件可信证据模型.为了提供客观、真实、全面的可信证据,提出了一种基于可信计算技术的软件运行时可信证据收集机制.利用可信平台模块(trusted platform module,简称TPM)提供的安全功能,结合"最新加载技术(late launch)",在操作系统层引入了一个可信证据收集代理.此代理利用TPM,可以客观地收集目标应用程序的运行时可作为软件可信证据的信息,并保障可信证据本身的可信性.该可信证据收集机制具有良好的可扩展性,能够支持面向不同应用的信任评估模型.基于Linux Security Module,在Linux中实现了一个可信证据收集代理的原型.基于该原型,分析了一个分布式计算客户端实例的相关可信属性,并且分析了可信证据收集代理在该应用实例中的性能开销.该应用实例验证了该方案的可行性. 展开更多
关键词 高可信软件 软件可信性评估 软件可信证据 软件可信证据收集 可信计算 tpm(trusted PLATFORM module)
下载PDF
基于TPM 2.0的内核完整性度量框架 被引量:5
17
作者 王勇 张雨菡 +3 位作者 洪智 文茹 樊成阳 王鹃 《计算机工程》 CAS CSCD 北大核心 2018年第3期166-170,177,共6页
针对当前的完整性度量技术无法支持可信平台模块(TPM)2.0规范的问题,对Linux内核完整性度量架构(IMA)进行改进,设计基于TPM 2.0的内核完整性度量框架,同时基于TPM 2.0芯片实现支持TPM 2.0规范的Linux可信内核。测试结果表明,IM A 2.0可... 针对当前的完整性度量技术无法支持可信平台模块(TPM)2.0规范的问题,对Linux内核完整性度量架构(IMA)进行改进,设计基于TPM 2.0的内核完整性度量框架,同时基于TPM 2.0芯片实现支持TPM 2.0规范的Linux可信内核。测试结果表明,IM A 2.0可以基于TPM 2.0对系统关键文件进行完整性检测,同时抵御对内核文件的篡改攻击。 展开更多
关键词 可信计算 可信平台模块 完整性 度量 扩展验证模块 安全
下载PDF
嵌入式平台TPM扩展及可信引导设计与实现 被引量:11
18
作者 王禹 王震宇 姚立宁 《计算机工程与设计》 CSCD 北大核心 2009年第9期2089-2091,2101,共4页
为了提高目前嵌入式系统的安全性能,提出了一种针对嵌入式平台的安全设计方案。在研究了可信计算和嵌入式系统的技术基础上,提出通过扩展可信平台模块(TPM)的方法从底层对整个架构进行改进。在ARM嵌入式开发平台上,通过分析TPM芯片的低... 为了提高目前嵌入式系统的安全性能,提出了一种针对嵌入式平台的安全设计方案。在研究了可信计算和嵌入式系统的技术基础上,提出通过扩展可信平台模块(TPM)的方法从底层对整个架构进行改进。在ARM嵌入式开发平台上,通过分析TPM芯片的低引脚数(LPC)接口功能,基于通用输入输出接口实现了TPM芯片在嵌入式平台上的扩展,并通过对平台启动代码的研究,设计并完成了该平台上的可信引导,整个过程验证了此设计方案的可行性。 展开更多
关键词 可信计算 ARM嵌入式平台 LPC接口 tpm扩展 可信引导
下载PDF
vTSE:一种基于SGX的vTPM安全增强方案 被引量:7
19
作者 严飞 于钊 +1 位作者 张立强 赵波 《工程科学与技术》 EI CAS CSCD 北大核心 2017年第2期133-139,共7页
针对现有虚拟化可信平台架构中vTPM(virtual trusted platform module)实例缺乏有效安全保障的问题,提出一种基于Intel SGX(software guard extension)的虚拟可信平台模块安全增强方案——vTSE。该方案利用SGX技术的物理安全隔离特性,将... 针对现有虚拟化可信平台架构中vTPM(virtual trusted platform module)实例缺乏有效安全保障的问题,提出一种基于Intel SGX(software guard extension)的虚拟可信平台模块安全增强方案——vTSE。该方案利用SGX技术的物理安全隔离特性,将vTPM实例的代码和数据放入SGX提供的安全隔离区域enclave中进行隔离保护;同时vTSE使用SGX具有的基于可信区身份的密封功能加密存储安全隔离区中的非易失数据。通过实验证明了本方案能够在vTPM实例运行时动态地保护其代码和数据的机密性、完整性,同时实现vTPM实例数据的安全存储。最后,从安全性和性能开销两方面进行评估,实验结果表明,vTSE的方案在保证vTPM实例运行和存储安全的同时,增加的性能开销不超过1 ms。 展开更多
关键词 可信计算 虚拟可信平台模块 INTEL SGX
下载PDF
嵌入式TPM及信任链的研究与实现 被引量:9
20
作者 吴悠 李光 +1 位作者 刘绍方 张鹏 《计算机工程与设计》 CSCD 北大核心 2012年第6期2229-2235,共7页
为将可信计算技术更有效应用于嵌入式系统,结合链式与星型信任结构,提出了一种带数据恢复功能的混合式信任结构,可降低链式结构的信任损失,减轻星型结构中可信平台模块(TPM)的计算负担。在此基础上构建并实现了一种嵌入式可信平台,以内... 为将可信计算技术更有效应用于嵌入式系统,结合链式与星型信任结构,提出了一种带数据恢复功能的混合式信任结构,可降低链式结构的信任损失,减轻星型结构中可信平台模块(TPM)的计算负担。在此基础上构建并实现了一种嵌入式可信平台,以内置可信度量核心根(CRTM)的嵌入式TPM作为信任根,并在其内部设计了双端口内存作为与嵌入式处理器间的通信接口。该平台在启动过程中通过CRTM验证启动程序及操作系统的完整性,利用操作系统动态拦截和验证应用程序的完整性,并在发现完整性度量值被修改时启动数据恢复功能,从而有效保证了嵌入式系统软件组件的完整性和可信启动。 展开更多
关键词 可信计算 信任链 嵌入式可信平台模块 片上系统 嵌入式可信平台
下载PDF
上一页 1 2 16 下一页 到第
使用帮助 返回顶部