| 一种可信计算平台及信任链传递验证方法 |
| |
| 引用本文: | 刘毅,毛军捷.一种可信计算平台及信任链传递验证方法[J].信息安全与通信保密,2012(2):45-47. |
| |
| 作者姓名: | 刘毅 毛军捷 |
| |
| 作者单位: | 1. 海军计算技术研究所,北京,100841
2. 中国信息安全测评中心,北京,100085 |
| |
| 摘 要: | 信任链是可信计算机系统的重要部分,它保证计算机系统从可信源头至系统各组件的可信,但存在信任链建立过程的信任度逐层衰减问题。文中通过可信平台控制模块授权CPU进行链式度量,同时TPCM尾随CPU对信任链进行实时的、随机的和分块的度量,然后在平台信任链中嵌入检查点,统计并检查各块运行时间,从而判断各信任节点是否被篡改。该方法提高了信任链建立和验证的实时性,尤其可以防御针对信任链的时间差攻击。
|
| 关 键 词: | 可信平台控制模块 信任链 信任传递 |
A Trusted Computing Platform and Trust Chain Transfer Validation Method |
| |
| LIU Yi,MAO Jun-jie.A Trusted Computing Platform and Trust Chain Transfer Validation Method[J].China Information Security,2012(2):45-47. |
| |
| Authors: | LIU Yi MAO Jun-jie |
| |
| Institution: | 1Computing Technology Research Institute of Navy, Beijing 100141, China; 2China Information Technology Security Evaluation Center, Beijing 100085, China) |
| |
| Abstract: | Trust chain, as an important part of trusted computing system, guarantees the trust of computer system from root of trust to various system components, while the trust exhibits a trend of gradual attenuation during the process of trust chain establishment. In this paper, TPCM authorizes CPU to do chain measuring while itself randomly measures the components of the chain in real time. Then the checkpoints are insert to platform trust chain, and the running time of all blocks are checked and recorded so as to find if the trusted nodes are tampered. This method could improve the real-time performance in establishing and validating the trust chain, and in particular, could resist TOCTOU attack against the trust chain. |
| |
| Keywords: | trusted platform control module trust chain trust transfer |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
