利用DTE技术的证明系统安全域模型研究

A DTE-based Security Domain Model for the Attestation System

导出

摘要为了解决证明系统中存在的完整性保护不足的问题,对完整性策略和保护机制进行了研究,提出了一种基于DTE技术的证明系统安全域模型。该模型将证明系统按照功能特性划分为若干安全域,并且定义了模型变量以及安全规则。同时,为了确保不同域之间能够安全传输,在模型中引入了可信管道的概念。给出了安全域模型的实现方法和管道协议,并对管道协议进行了安全性分析和证明。 In order to solve the problem of lacking protection of integrity in the attestation system,we study the integrity policies and protection mechanism,and present a DTE-based security domain model for the attestation system.The model separates the attestation system into several security domains according to the different functional features,and defines its variables and security regulations related to the attestation system.At the same time,in order to ensure secure transmission between domains,the concept of trusted pipeline is proposed in the model.Finally we give the implementation of the security domain model and the pipeline protocol,and analyze and prove the security of the pipeline protocol.

作者施光源公备冯聿梦岳少园

机构地区北京工业大学计算机学院北京万集科技有限责任公司

出处《武汉大学学报（信息科学版）》 EI CSCD 北大核心 2010年第5期537-541,共5页 Geomatics and Information Science of Wuhan University

基金国家863计划资助项目(2006AA01Z440 2009AA012437) 国家973计划资助项目(2007CB311100) 核安全与仿真技术国防重点学科实验室开放研究基金资助项目(HEUFN0801) 北京工业大学博士创新基金资助项目(bcx-2009-066)

关键词证明系统安全域可信管道 attestation system security domain trusted pipeline

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献9

1Sadeghi A R, Stuble C. Property-based Attestation for Computing Platforms: Caring about Properties, not Mechanisms[C].The 2004 Workshop on New Security Paradigms, Nova Scotia, Canada, 2004.
2Haldar V, Chandra D,Franz M. Semantic Remote Attestation-a Virtual Machine Directed Approach to Trusted Computing[C].The 3rd Virtual Machine Research and Techonolgy Symposium USENIX, San Jose, California, 2004.
3Sailer R, Zhang Xiaolan, Jaeger T, et al. Design and Implementation of a TCG-based Integrity Measurement Architecture[C]. The 13th Conference on USENIX Security Symposium, Berkeley, CA, USA, 2004.
4Li Xiaoyong, Shen Changxiang, Zuo Xiaodong. An Efficient Attestation for Trustworthiness of Computing Platform[C]. Intelligent Information Hiding and Multimedia Signal Processing, Pasadena, CA, USA, 2006.
5何建波,郭新,卿斯汉.一种基于TE技术实现Clark-Wilson模型的方法[J].电子学报,2008,36(2):216-223. 被引量：2
6季庆光,卿斯汉,贺也平.基于DTE技术的完整性保护形式模型[J].中国科学（E辑）,2005,35(6):570-587. 被引量：4
7卿斯汉,李丽萍,何建波,沈晴霓.基于DTE策略的安全域隔离Z形式模型[J].计算机研究与发展,2007,44(11):1881-1888. 被引量：6
8Hallyn S E, Kearns P. Domain and Type Enforcement for Linux[C]. The 4th Annual Linux Showcase & Conference, Atlanta, Georgia,2000.
9Badger L, Sterne D F, Sherman D L, et al. Haghighat, TA Domain and Type Enforcement UNIX Prototype TTT[C]. The 5th USENIX UNIX Security Symposium, Salt Lake City, Utah, 1995.

二级参考文献63

1LIANGBin SHIWenchang SUNYufang SUNBo.An Approach to Enforcing Clark-Wilson Model in Role-based Access Control Model[J].Chinese Journal of Electronics,2004,13(4):596-599. 被引量：2
2Jueneman R R. Integrity controls for military and commercial applications. Fourth Aerospace Computer Security Applications Conference. Florida: IEEE Computer Society Press, 1988. 298～322.
3Ruthberg Z G, Polk W T. Report of the Invitational Workshop on Data Integrity. National Institute of Standards and Technology, September 1989. NIST Special Publication 500-168.
4Mayfield T, Boore J M, Welke S R. Integrity-oriented control objectives: proposed revisions to the trusted computer systems evaluation criteria (TCSEC, DoD5200.28.STD), IDA document D-967, prepared for National Security Agency (U. S.), available at http:∥www.mirrors.wiretapped.net/security/info/reference /ncsc-publications/C-TR- 111-91 .pdf.
5Information Technology-Security Techniques-Evaluation Criteria for IT Security - Part 2: Security Functional Requirements. ISO/IEC 15408-2, 1999, International Standards Organization.
6Abrams M D, Joyce M V. Trusted system concepts. Computers and Security, 1995, 14(1): 45～56.
7Bell D E. Modeling the "multipolicy machine", in Proceedings of the 1994 ACM SIGSAC on New Security Paradigms Workshop, August 1994, Little Compton, RI USA. 2～9.
8Mayfield T, Roskos J E, Welke S R, et al. Integrity in Automated Information Systems. NCSC Technical Report. National Computer Security Center, 1991.
9Sandhu R S. On five definitions of data integrity. In: Proceedings of the IFIP WG11.3 Workshop on Database Security, Alabama: Lake Guntersville, 1993.
10LaPadula L J. Rule-set modelling of a trusted computer system. In: Abrams M D, Jajodia S, Podell H J,eds. Information Security: An Integrated Collection of Essays. Los Alamitos: IEEE Computer Society Press, 1995.

共引文献9

1申翀,马季兰.BLP安全模型的改进设计方案[J].太原理工大学学报,2008,39(S2):201-203.
2唐柳英,卿斯汉.混合RBAC-DTE策略的多角色管理[J].计算机学报,2006,29(8):1419-1426. 被引量：13
3唐成华,余顺争.基于安全保障能力的网络安全策略评估[J].武汉大学学报（理学版）,2009,55(1):109-112. 被引量：1
4陈银镜,蔡勉,司丽敏,郭颖.基于DTE策略的安全域可信隔离模型[J].中国电子商情（通信市场）,2010(5):86-93.
5徐钦桂,刘桂雄,高富荣.面向测量应用的软件保护模型[J].计算机应用,2011,31(4):970-974.
6龚雷,赵勇.应用安全支撑平台体系结构与实现机制研究[J].计算机工程与设计,2011,32(7):2217-2220. 被引量：2
7王雷.一种强制访问控制机制的审计方法[J].网络安全技术与应用,2013(2):13-15. 被引量：1
8袁春阳,许俊峰,朱春鸽.一种可确保完整性策略有效性的可信恢复模型[J].计算机研究与发展,2014,51(2):360-372. 被引量：2
9王帅丽,孙磊,韩静丹,徐宁,王泽武.面向Android隐私保护机制的多域隔离模型设计[J].计算机工程,2017,43(10):134-140. 被引量：1

1赵阳,刘明芳,林曦君.基于KVM共享内存的虚拟可信管道的建立方法[J].计算机安全,2013(3):9-12. 被引量：1
2李勇,李光,沈昌祥.可信管道模型研究[J].计算机工程与应用,2011,47(26):70-73.
3JI Qingguang,QING Sihan,HE Yeping.A formal model for integrity protection based on DTE technique[J].Science in China(Series F),2006,49(5):545-565. 被引量：4
4刘欢笑.免疫机制在计算机网络入侵检测中的应用研究[J].电脑知识与技术,2014,10(9X):6293-6295. 被引量：7
5曹洺嘉.广域网安全预警系统探析[J].硅谷,2013,6(20):3-4.
6张玮,杨善林,刘婷婷.基于CART和自适应Boosting算法的移动通信企业客户流失预测模型[J].中国管理科学,2014,22(10):90-96. 被引量：17
7陈银镜,蔡勉,司丽敏,郭颖.基于DTE策略的安全域可信隔离模型[J].中国电子商情（通信市场）,2010(5):86-93.
8卿斯汉,李丽萍,何建波,沈晴霓.基于DTE策略的安全域隔离Z形式模型[J].计算机研究与发展,2007,44(11):1881-1888. 被引量：6
9孙瑜,陈亚莎,张兴,刘毅.基于无干扰理论的安全保障方法[J].山东大学学报（理学版）,2011,46(9):28-34.
10季庆光,卿斯汉,贺也平.基于DTE技术的完整性保护形式模型[J].中国科学（E辑）,2005,35(6):570-587. 被引量：4

武汉大学学报（信息科学版）

2010年第5期

浏览历史

内容加载中请稍等...

利用DTE技术的证明系统安全域模型研究

参考文献9

二级参考文献63

共引文献9

相关作者

相关机构

相关主题

浏览历史