期刊文献+
共找到285篇文章
< 1 2 15 >
每页显示 20 50 100
A Method to Implement Full Anonymous Attestation for Trusted Computing Platform 被引量:3
1
作者 HAO Liming SUN Xun YANG Shutang LU Songnian 《Wuhan University Journal of Natural Sciences》 CAS 2007年第1期101-104,共4页
Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by w... Trusted computing (TC) technology is brought out by trusted computing group (TCG) to make computing as safe and reliable as people expect. Attestation is one main function specified by TCG, which is the means by which a trusted computer assures a remote computer whose platform is not tampered with. There are two protocols that implement attestation without disclosing the platform's real identity, which are Privacy CA-based protocol and direct anonymous attestation (DAA) protocol. However, in the first protocol the privacy CA is the bottleneck and the platform's identity will be disclosed if the privacy CA is compromise, while DAA protocol can do profiling when dealing with rogue hardware device. In this paper, we propose a DAA-extended new approach to ensure full anonymous attestation that can not only detect a rogue TPM, but also reveal rogue TPM's real identity. 展开更多
关键词 trusted computing trusted platform module direct anonymous attestation
下载PDF
The Mechanism about Key and Credential on Trusted Computing Platform and the Application Study 被引量:2
2
作者 SHEN Zhidong ZHANG Huanguo ZHANG Miao YAN Fei ZHANG Liqiang 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1641-1644,共4页
Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cry... Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cryptology. In this paper, we analyze the key and credential mechanism which is two basic aspects in the cryptology application of trusted computing. We give an example application to illustrate that the TPM enabled key and credential mechanism can improve the security of computer system. 展开更多
关键词 trusted computing trusted platform module (TPM) key management CREDENTIAL
下载PDF
Merkle Tree Digital Signature and Trusted Computing Platform 被引量:1
3
作者 WANG Xiaofei HONG Fan TANG Xueming CUI Guohua 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1467-1472,共6页
Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signatu... Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signature scheme is constructed, and it is provably existentially unforgeable under adaptive chosen message attack. By decentralizing the initial key generation process of the original scheme within the signature process, a large Merkle tree with 6.87×10^10 possible signatures can be initialized in 590 milliseconds. Storing some small Merkle trees in hard disk and memory can speed up Merkle tree signature scheme. Mekle tree signature schemes are fit for trusted computing platform in most scenarios. 展开更多
关键词 digital signature one-time signature Merkle tree trusted computing platform
下载PDF
Modeling Trusted Computing 被引量:3
4
作者 CHEN Shuyi WEN Yingyou ZHAO Hong 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1507-1510,共4页
In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relation... In this paper, a formal approach based on predicate logic is proposed for representing and reasoning of trusted computing models. Predicates are defined to represent the characteristics of the objects and the relationship among these objects in a trusted system according to trusted computing specifications. Inference rules of trusted relation are given too. With the semantics proposed, some trusted computing models are formalized and verified, which shows that Predicate calculus logic provides a general and effective method for modeling and reasoning trusted computing systems. 展开更多
关键词 trusted computing group (TCG) trusted platform module (TPM) trusted computing root of trust predicate logic
下载PDF
An Improved Grid Security Infrastructure by Trusted Computing 被引量:3
5
作者 YAN Fei ZHANG Huanguo +3 位作者 SUN Qi SHEN Zhidong ZHANG Liqiang QIANG Weizhong 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1805-1808,共4页
Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled ... Current delegation mechanism of grid security infrastructure (GSI) can't satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment. 展开更多
关键词 trusted computing grid computing grid security trusted platform module
下载PDF
TPM Context Manager and Dynamic Configuration Management for Trusted Virtualization Platform 被引量:1
6
作者 QIN Yu FENG Dengguo LIU Chunyong 《Wuhan University Journal of Natural Sciences》 CAS 2008年第5期539-546,共8页
It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen who... It is absolutely critical that trusted configuration management which significantly affects trust chain establishment, sealing storage and remote attestation, especially in trusted virtualization platform like Xen whose system configuration changes easily. TPM (trusted platform module) context manager is presented to carry out dynamic configuration management for virtual machine. It manages the TPM command requests and VM (virtual machine) configurations. The dynamic configuration representa- tion method based on Merkle hash tree is explicitly proposed against TCG (trusted computing group) static configuration representation. It reflects the true VM status in real time even if the configuration has changed, and it eliminates the invalidation of configuration representation, sealing storage and remote attestation. TPM context manager supports TCG storage protection, remote attestation etc, which greatly enhances the security on trusted virtualization platform. 展开更多
关键词 trusted computing TPM trusted platform module) trusted virtualization configuration representation configuration management
下载PDF
A Trusted Smart Phone and Its Applications in Electronic Payment
7
作者 Chang-Ying Zhou Chun-Ru Zhang 《Journal of Electronic Science and Technology of China》 2007年第3期206-211,共6页
With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applica... With the growing intelligence and popularity of mobile phones, and the trend of cellular network's convergence to IP based network, more and more mobile applications emerge on the market. For mission critical applications, like the electronic payment which will be discussed in this paper, the lack of trust in the underlying mobile infrastructure and secure interface to legacy systems (for this case, the banking systems) poses obstacles to their widespread presence in mobile services. Recently, the exposure of hacking of iPhone and other smart phones further emphasizes the criticality of establishing a trust platform for mobile applications. This paper analyzes the building blocks of the trusted smart phone, and proposes a framework to provide a trusted platform for mobile electronic payment. Such a proposed system may allow direct interface to the banking systems due to the banking industry recognized strong security, and hence, may enable its widespread use. 展开更多
关键词 Mobile electronic payment trusted computing trusted platform module.
下载PDF
智能网联汽车数据流通技术研究
8
作者 王磊 《计算机应用文摘》 2024年第13期121-124,128,共5页
为深入研究智能网联汽车数据流通技术,文章结合某具体项目案例,首先探讨了基于区块链和隐私计算技术构建的可信数据空间框架,其次阐述了数据流通中存在的问题及其解决方法,包括数据权属问题、数据安全问题以及利益分配问题等,最后分析... 为深入研究智能网联汽车数据流通技术,文章结合某具体项目案例,首先探讨了基于区块链和隐私计算技术构建的可信数据空间框架,其次阐述了数据流通中存在的问题及其解决方法,包括数据权属问题、数据安全问题以及利益分配问题等,最后分析了具体的系统架构设计方案,涵盖区块链、智能合约、数据网关和隐私计算等部分。 展开更多
关键词 智能网联汽车 数据流通平台 可信数据空间 区块链技术 隐私计算技术
下载PDF
A Behavior-Based Remote Trust Attestation Model 被引量:10
9
作者 ZHANG Huanguo WANG Fan 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1819-1822,共4页
While remote trust attestation is a useful concept to detect unauthorized changes to software, the current mechanism only ensures authenticity at the start of the operating system and cannot ensure the action of runni... While remote trust attestation is a useful concept to detect unauthorized changes to software, the current mechanism only ensures authenticity at the start of the operating system and cannot ensure the action of running software. Our approach is to use a behavior-based monitoring agent to make remote attestation more flexible, dynamic, and trustworthy. This approach was mostly made possible by extensive use of process information which is readily available in Unix. We also made use of a behavior tree to effectively record predictable behaviors of each process. In this paper, we primarily focus on building a prototype implementation of such framework, presenting one example built on it, successfully find potential security risks in the run time of a ftp program and then evaluate the performance of this model. 展开更多
关键词 remote attestation trusted computing trusted platform behavior monitoring agent behavior tree
下载PDF
Design and implementation of a portable TPM scheme for general-purpose trusted computing based on EFI 被引量:4
10
作者 Lei HAN Jiqiang LIU +1 位作者 Zhen HAN Xueye WEI 《Frontiers of Computer Science》 SCIE EI CSCD 2011年第2期169-180,共12页
In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-p... In today's globalized digital world, networkbased, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user. 展开更多
关键词 trusted computing portable trusted platform module (PTPM) extensible firmware interface (EFI) KEYS CERTIFICATES
原文传递
A Trusted Mobile Payment Environment Based on Trusted Computing and Virtualization Technology 被引量:2
11
作者 WANG Juan LIN Wutao +3 位作者 LI Haoyu DU Bianxia MENG Ke WANG Jiang 《Wuhan University Journal of Natural Sciences》 CAS 2014年第5期379-384,共6页
In this paper, we propose a trusted mobile payment environment (TMPE) based on trusted computing and virtualization technology. There are a normal operating system (OS) and a trusted OS (TOS) in TMPE. We store t... In this paper, we propose a trusted mobile payment environment (TMPE) based on trusted computing and virtualization technology. There are a normal operating system (OS) and a trusted OS (TOS) in TMPE. We store the image of TOS in a memory card to hinder tampering. The integrity of TOS is protected by means of a trusted platform module (TPM). TOS can only be updated through a trusted third party. In addition, virtualization technology is applied to isolate TOS from normal OS. Users complete ordinary affairs in normal OS and security-sensitive affairs in TOS. TMPE can offer users a highly protected environment for mobile payment. Moreover, TMPE has good compatibility in different hardware architectures of mobile platforms. As the evaluation shows, TMPE satisfies the requirement of mobile payment well. 展开更多
关键词 trusted computing mobile payment VIRTUALIZATION mobile platform
原文传递
一种面向网络信息系统的TCP应用架构设计
12
作者 金雷 徐开勇 +1 位作者 李剑飞 成茂才 《计算机科学》 CSCD 北大核心 2015年第10期154-158,163,共6页
针对可信计算平台在网络信息系统中的应用需求,提出了一种面向网络信息系统的TCP应用架构TCPAA。将该架构主要分为访问认证子系统和信息交互子系统两部分来进行设计。在访问认证子系统中,为了增强可信计算应用的灵活性,提出一种基于证... 针对可信计算平台在网络信息系统中的应用需求,提出了一种面向网络信息系统的TCP应用架构TCPAA。将该架构主要分为访问认证子系统和信息交互子系统两部分来进行设计。在访问认证子系统中,为了增强可信计算应用的灵活性,提出一种基于证明代理的可信验证机制PATAM,并对改进的访问认证模式进行了协议设计和流程说明。在信息交互子系统中,设计了内外网之间数据的可信传输流程,并提出了一种改进的金字塔可信评估模型PTAM。最后通过测试实验验证了该架构的良好性能。研究结果表明,该方案对于网络信息系统环境内可信计算平台的应用开发具有良好的通用性。 展开更多
关键词 网络信息系统 可信计算平台 应用架构 可信验证机制 访问认证模式 金字塔可信评估模型
下载PDF
BBACIMA:A Trustworthy Integrity Measurement Architecture through Behavior-Based TPM Access Control
13
作者 YU Aimin FENG Dengguo 《Wuhan University Journal of Natural Sciences》 CAS 2008年第5期513-518,共6页
Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious us... Two limitations of current integrity measurement architectures are pointed out: (1) a reference value is required for every measured entity to verify the system states, as is impractical however; (2) malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture, BBACIMA, through enforcing behavior-based access control for trusted platform module (TPM). BBACIMA introduces a TPM reference monitor (TPMRM) to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based access control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR (platform configuration register) operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement architectures. 展开更多
关键词 integrity measurement behavior-based access control trusted platform module (TPM) trusted computing remoteattestation
下载PDF
Confidential computing and related technologies:a critical review
14
作者 Muhammad Usama Sardar Christof Fetzer 《Cybersecurity》 EI CSCD 2023年第4期26-32,共7页
This research critically reviews the definition of confidential computing(CC)and the security comparison of CC with other related technologies by the Confidential Computing Consortium(CCC).We demonstrate that the defi... This research critically reviews the definition of confidential computing(CC)and the security comparison of CC with other related technologies by the Confidential Computing Consortium(CCC).We demonstrate that the definitions by CCC are ambiguous,incomplete and even conflicting.We also demonstrate that the security comparison of CC with other technologies is neither scientific nor fair.We highlight the issues in the definitions and comparisons and provide initial recommendations for fixing the issues.These recommendations are the first step towards more precise definitions and reliable comparisons in the future. 展开更多
关键词 Confidential computing(CC) trusted Execution Environment(TEE) Homomorphic Encryption(HE) trusted platform Module(TPM) Formal methods
原文传递
Efficient ID-based TPM key loading scheme for trusted platform
15
作者 SONG Cheng LIU Bing +3 位作者 HU Zheng-ming XIN Yang YANG Yi-xian YIN Han 《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2010年第4期74-79,共6页
One important function in trusted computing is protected storage, which can protect unlimited amount of data and keys. In the existing trusted platform module (TPM) key loading scheme for trusted platform, a computi... One important function in trusted computing is protected storage, which can protect unlimited amount of data and keys. In the existing trusted platform module (TPM) key loading scheme for trusted platform, a computing platform with TPM as its trusted anchor, the total times of loading operation is the same as the number of the loaded target object's ancestors, resulting in low efficiency of loading a TPM key which has many ancestors. To improve efficiency, an identity-based TPM key loading scheme is proposed. In this scheme, the times of loading operation is only two when any TPM key is loaded into TPM. Therefore, the required time cost for loading a TPM key can be reduced, especially for complex TPM key storage hierarchy. By analyzing the correctness, security, efficiency and feasibility, the proposed scheme has the better theoretical and application value. 展开更多
关键词 trusted computing trusted platform module protected storage ID-BASED
原文传递
基于可信执行环境的智能汽车计算平台架构分析
16
作者 于士淇 张晓谦 李岩 《汽车零部件》 2023年第8期105-108,共4页
智能汽车计算平台是当前汽车行业的关注点。经典AUTOSAR平台难以满足自动驾驶需求,自适应AUTOSAR的出现逐渐弥补了这一需求空缺,而未来的车内控制器平台架构将以两个平台相互补充的形式存在。随着自适应AUTOSAR架构对自驾、娱乐功能的... 智能汽车计算平台是当前汽车行业的关注点。经典AUTOSAR平台难以满足自动驾驶需求,自适应AUTOSAR的出现逐渐弥补了这一需求空缺,而未来的车内控制器平台架构将以两个平台相互补充的形式存在。随着自适应AUTOSAR架构对自驾、娱乐功能的支持力度的不断加大,其信息安全成为不可忽略的问题。自适应AUTOSAR架构本身的标准模块不足以满足车内信息安全需求,而可信执行环境可以作为非标准中间件被引入,可以使控制器平台兼具进行高性能计算与安全处理信息的能力。本文关注智能汽车计算平台上可信执行环境的集成,对汽车操作系统的安全启动、隔离环境的切换、车内场景需求等进行分析,讨论可信环境在汽车行业的发展趋势。 展开更多
关键词 汽车计算平台 信息安全 操作系统 可信执行环境
下载PDF
可信PDA计算平台系统结构与安全机制 被引量:49
17
作者 赵波 张焕国 +2 位作者 李晶 陈璐 文松 《计算机学报》 EI CSCD 北大核心 2010年第1期82-92,共11页
PDA作为一种手持设备,面临着众多的安全问题.文中利用可信计算思想构造了可信PDA的体系结构与安全机制.首先提出了一种带数据恢复功能的星型信任结构,其在安全性、效率及可靠性等方面较TCG的链式信任结构都有很大提升.在此基础上,进一... PDA作为一种手持设备,面临着众多的安全问题.文中利用可信计算思想构造了可信PDA的体系结构与安全机制.首先提出了一种带数据恢复功能的星型信任结构,其在安全性、效率及可靠性等方面较TCG的链式信任结构都有很大提升.在此基础上,进一步使用总线仲裁等技术构造了可信PDA的体系结构模型.文中还提出并实现了针对可信PDA嵌入式操作系统的安全增强、基于可信PDA平台的可信网络连接(TNC)以及SD卡全卡加密等新的安全技术与方法.在此基础上,给出一种可信PDA的原型系统.经过实验验证,这款可信PDA在各方面都达到了可信计算平台的技术要求. 展开更多
关键词 可信计算 可信计算平台 可信PDA 星型信任结构
下载PDF
基于无干扰理论的可信链模型 被引量:29
18
作者 赵佳 沈昌祥 +1 位作者 刘吉强 韩臻 《计算机研究与发展》 EI CSCD 北大核心 2008年第6期974-980,共7页
可信计算的相关研究已成为当前国内外信息安全方面的研究热点和趋势之一.可信计算技术也成为构建安全计算机系统行之有效的新技术.目前可信计算理论的发展滞后于技术的发展,针对可信计算中可信链传递缺乏理论模型的问题,将无干扰理论引... 可信计算的相关研究已成为当前国内外信息安全方面的研究热点和趋势之一.可信计算技术也成为构建安全计算机系统行之有效的新技术.目前可信计算理论的发展滞后于技术的发展,针对可信计算中可信链传递缺乏理论模型的问题,将无干扰理论引入到可信计算领域,提出了计算机系统可信的基本理论.从动态的角度建立了基于无干扰理论的可信链模型,并对该模型进行了形式化描述和验证,而且实现了基于Linux操作系统内核的可信启动过程.其实现思路对于可信计算理论的发展和应用具有很好的参考价值. 展开更多
关键词 可信计算 可信计算平台 可信链 无干扰理论 可信根
下载PDF
嵌入式系统可信平台模块研究 被引量:39
19
作者 张焕国 李晶 +1 位作者 潘丹铃 赵波 《计算机研究与发展》 EI CSCD 北大核心 2011年第7期1269-1278,共10页
如何有效增强嵌入式系统的安全性是信息安全领域研究的热点和难点之一.相关研究表明,可信平台模块对于有效提高信息系统的安全性十分重要.然而,现有的可信平台模块是为个人计算机设计的,并不能满足嵌入式系统特有的应用需求.针对上述问... 如何有效增强嵌入式系统的安全性是信息安全领域研究的热点和难点之一.相关研究表明,可信平台模块对于有效提高信息系统的安全性十分重要.然而,现有的可信平台模块是为个人计算机设计的,并不能满足嵌入式系统特有的应用需求.针对上述问题,设计了一种适应嵌入式环境的新型嵌入式可信平台模块(embedded trusted platform module,ETPM).作为嵌入式可信平台模块的重要组成部分,总线仲裁提高了ETPM的控制能力,增强了嵌入式系统的安全性;对称密码引擎提高了嵌入式系统的对称密码运算效率;系统备份恢复增强了嵌入式系统的可靠性.除此之外,ETPM还能够支持嵌入式平台的星型信任度量模型.这一设计已经在可信PDA中进行了实验验证,实验表明嵌入式可信平台模块是实用、高效、可靠、安全的. 展开更多
关键词 信息安全 可信计算 嵌入式系统 可信平台模块 嵌入式系统可信平台模块
下载PDF
可信的云计算运行环境构建和审计 被引量:21
20
作者 刘川意 王国峰 +1 位作者 林杰 方滨兴 《计算机学报》 EI CSCD 北大核心 2016年第2期339-350,共12页
可信的云计算运行环境很大程度决定了云服务的推广和有效使用.采用可信计算技术的基本假设是所有在运行环境中安装的内核模块和应用程序都需要事先指定并已知其执行代码的完整性信息.这个假设在云用户实际使用时往往是不可能的.所以该... 可信的云计算运行环境很大程度决定了云服务的推广和有效使用.采用可信计算技术的基本假设是所有在运行环境中安装的内核模块和应用程序都需要事先指定并已知其执行代码的完整性信息.这个假设在云用户实际使用时往往是不可能的.所以该文提出了一种将虚拟可信根vTPM和可信审计技术结合起来的用户可信运行环境构建与审计机制.对于体系结构栈中可事先固定的、在启动和运行时不变的组件,通过vTPM作可信根保证可信启动;对于运行过程中变化的、无法事先确定的组件,文中提出了一种可信审计的方法,即对用户虚拟机的运行态环境进行证据收集和证据审计,监测实际使用中用户运行环境的可信性.若用户运行环境处于不可信状态,则及时通知用户采取相应措施.最后文中基于该可信机制的原型系统对其有效性和性能代价进行定量测试和评价,实验结果表明:该机制针对典型的不可信威胁是有效的,且引入的性能代价对用户实际使用的影响可以忽略. 展开更多
关键词 云计算 可信审计 虚拟可信平台模块 可信计算
下载PDF
上一页 1 2 15 下一页 到第
使用帮助 返回顶部