The theory and practice in the evolution of trusted computing 被引量：5

The theory and practice in the evolution of trusted computing

下载PDF

导出

摘要 Trusted computing(TC)is an emerging technology to enhance the security of various computing platforms by a dedicated secure chip(TPM/TCM),which is widely accepted by both the industrial and academic world.This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work.In theory,we focus on protocol design and security analysis.We have proposed the first ECDAA protocol scheme based on q-SDH assumption,which highlights a new way to design direct anonymous attestation scheme.In technical evolution,we discuss the key technologies of trust chain,trusted network connection and TC testing and evaluation.We break through several key technologies such as trusted boot,OS measurement and remote attestation,and implement a TC system from TPM/TCM to network.We also design and implement a testing and evaluation system of TC platform,which is the first one put into practical application in China.Finally,with the rapid development of cloud computing and mobile applications,TC is moving toward some new directions,such as the trust in cloud and mobile environments,new TPM standard,and flexible trust execution environment trust establishment method. Trusted computing （TC） is an emerging tech- nology to enhance the security of various computing plat- forms by a dedicated secure chip （TPM/TCM）, which is widely accepted by both the industrial and academic world. This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work. In theory, we focus on protocol design and security analysis. We have proposed the first ECDAA protocol scheme based on q-SDH assumption, which highlights a new way to design direct anonymous attestation scheme. In technical evolu- tion, we discuss the key technologies of trust chain, trusted network connection and TC testing and evaluation. We break through several key technologies such as trusted boot, OS measurement and remote attestation, and imple- ment a TC system from TPM/TCM to network. We also design and implement a testing and evaluation system of TC platform, which is the first one put into practical application in China. Finally, with the rapid development of cloud computing and mobile applications, TC is moving toward some new directions, such as the trust in cloud and mobile environments, new TPM standard, and flexible trust execution environment trust establishment method.

作者 Dengguo Feng Yu Qin Wei Feng Jianxiong Shao

机构地区 Trusted Computing and Information Assurance Laboratory State Key Laboratory of Computer Science

出处《Chinese Science Bulletin》 SCIE EI CAS 2014年第32期4173-4189,共17页

基金 supported by the National BasicResearch Program of China(2013CB338003) the National Natural Science Foundation of China(91118006 and 61202414)

关键词可信计算 TCM 计算平台移动应用 TPM 安全芯片安全分析匿名认证 Trusted computing ； TPM ； TCMDirect anonymous attestation ； Trusted networkconnection ； Trust chain

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献5

1常德显,冯登国,秦宇,张倩颖.基于扩展LS^2的可信虚拟平台信任链分析[J].通信学报,2013,34(5):31-41. 被引量：10
2李昊,胡浩,陈小峰.可信密码模块符合性测试方法研究[J].计算机学报,2009,32(4):654-663. 被引量：10
3Qin Yu,Zhao Shijun,Zhang Qianying.Formal Analysis of Trusted Platform Module Commands for Compromising User Key[J].China Communications,2012,9(10):91-102. 被引量：2
4陈小峰,冯登国.一种多信任域内的直接匿名证明方案[J].计算机学报,2008,31(7):1122-1130. 被引量：23
5陈小峰.可信平台模块的形式化分析和测试[J].计算机学报,2009,32(4):646-653. 被引量：25

二级参考文献53

1易国洪,卢炎生.基于EFSM模型的等价类测试[J].计算机科学,2007,34(1):281-284. 被引量：7
2黄亮,冯登国,张敏.一个基于安全模型的测试用例生成工具[J].中国科学院研究生院学报,2007,24(3):300-306. 被引量：2
3Matthew Barrett. Towards an open trusted computing framework [M. S. dissertation]. University of Auckland, Auckland, 2005
4Bruschi Danilo, Cavallaro Lorenzo, Lanzi Andrea, Monga Mattia. Replay attack in TCG specification and solution// Proceedings of the 21th Annual Computer Security Application Conference (ACSAC). Tucson, AZ, USA, 2005: 127- 137
5Sadeghi Ahmad Reza, Selhorst Marcel, Stuble Christian,Wachsmann Christian, Winandy Marcel. TCG Inside?-A note on TPM specification compliance//Proceedings of the 1st ACM Workshop on Scalable Trusted Computing (STC' 06). Virginia, USA, 2006:1-10
6Fujiwara S, Bochmann G V, Khendek F, Amalou M, Ghedamsi A. Test selection based on finite state models. IEEE Transactions on Software Engineering, 1991, 17(6): 591- 603
7Guerrouat Abdelaziz, Richter Harald. Reuse of test generation methods for embedded systems. Clausthal University of Technology, 2005
8Bourhfir C, Dssouli R, Aboulhamid E M. Automatic test generation for EFSM-based systems. The Journal of Real- Time Systems, 1989, 1(1): 27- 60
9Petrenko A, Boroday S, Groz R. Confirming configurations in EFSM testing. IEEE Transactions on Software Engineering, 2004, 30(1): 29-42
10Celine Bigot, Alain Faivre, Christophe Gaston, Julien Simon. Automatic Test Generation on a (U)SIM Smart Card. LNCS 3928, 2006:345-360

共引文献58

1彭新光,丁鹏飞.基于ELGamal签名的直接匿名认证协议[J].保密科学技术,2011(5):65-68.
2沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学：信息科学,2010,40(2):139-166. 被引量：260
3张焕国,严飞,傅建明,徐明迪,杨飏,何凡,詹静.可信计算平台测评理论与关键技术研究[J].中国科学：信息科学,2010,40(2):167-188. 被引量：13
4甄鸿鹄,陈越,谭鹏许,郭渊博.基于非对称双线性对的直接匿名认证方案[J].通信学报,2010,31(S1):37-43. 被引量：2
5宋扬,李立新,周雁舟,沈平.DAA协议的安全性分析及改进[J].计算机工程与设计,2010,31(1):26-29. 被引量：1
6贾士民,李健航,刘锋,郑必可.清华同方TST系统信任机制和实现[J].信息网络安全,2010(2):32-33.
7SHEN ChangXiang,ZHANG HuanGuo,WANG HuaiMin,WANG Ji,ZHAO Bo,YAN Fei,YU FaJiang,ZHANG LiQiang,XU MingDi.Research on trusted computing and its development[J].Science China(Information Sciences),2010,53(3):405-433. 被引量：39
8ZHANG HuanGuo,YAN Fei,FU JianMing,XU MingDi,YANG Yang,HE Fan,ZHAN Jing.Research on theory and key technology of trusted computing platform security testing and evaluation[J].Science China(Information Sciences),2010,53(3):434-453. 被引量：11
9甄鸿鹄,陈越,郭渊博.一种基于DAA的强匿名性门限签名方案[J].电子与信息学报,2010,32(3):693-699.
10徐士伟,张焕国,肖瑾瑜,严飞.基于中国邮递员问题的可信平台模块测试序列生成优化研究[J].武汉大学学报（理学版）,2010,56(2):138-142.

同被引文献45

1孟小峰,王雷霞,刘俊旭.人工智能时代的数据隐私、垄断与公平[J].大数据,2020,6(1):35-46. 被引量：21
2卢文雄,王浩宇.基于同源策略的移动应用细粒度隐私保护技术[J].大数据,2020,6(1):23-34. 被引量：3
3王平,张玉书,何兴,仲盛.基于安全压缩感知的大数据隐私保护[J].大数据,2020,6(1):12-22. 被引量：3
4孙慧中,杨健宇,程祥,苏森.一种基于随机投影的本地差分隐私高维数值型数据收集算法[J].大数据,2020,6(1):3-11. 被引量：4
5沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学：信息科学,2010,40(2):139-166. 被引量：260
6张焕国,罗捷,金刚,朱智强,余发江,严飞.可信计算研究进展[J].武汉大学学报（理学版）,2006,52(5):513-518. 被引量：119
7YU Fajiang ZHANG Huanguo.Design and Implementation of a Bootstrap Trust Chain[J].Wuhan University Journal of Natural Sciences,2006,11(6):1449-1452. 被引量：1
8SHEN ChangXiang,ZHANG HuangGuo,FENG DengGuo,CAO ZhenFu,HUANG JiWu.Survey of information security[J].Science in China(Series F),2007,50(3):273-298. 被引量：41
9FENG Deng-guo. Trusted computing theory and practice[M]. Beijing: Tsinghua University Press, 2013.
10ASOKAN N, EKBERG J E, KOSTIAINEN K, et al. Mobile trusted computing[J]. Proceedings of the IEEE, 2014, 102(8) 1189-1206.

引证文献5

1Dengguo Feng.Preface[J].Chinese Science Bulletin,2014,59(32):4161-4162.
2杨霞,雷林,吴新勇,吴开均,桑楠.采用数字签名技术的可信启动方法研究[J].电子科技大学学报,2016,45(3):448-452. 被引量：7
3王群,李馥娟.可信计算技术及其进展研究[J].信息安全研究,2016,2(9):834-843. 被引量：8
4王健宗,孔令炜,黄章成,陈霖捷,刘懿,卢春曦,肖京.联邦学习隐私保护研究进展[J].大数据,2021,7(3):130-149. 被引量：20
5刘国杰,张建标,杨萍,李铮.基于TPCM的容器云可信环境研究[J].网络与信息安全学报,2021,7(4):164-174. 被引量：1

二级引证文献36

1张伶俐,张功萱,王天舒,程翔.嵌入式系统可信虚拟化技术的研究与应用[J].计算机工程与科学,2016,38(8):1654-1660. 被引量：5
2侯伟超,李婧,刘海洁,郑驰.基于可信计算的分布式存储的数据保护方法[J].信息安全研究,2017,3(4):339-343.
3郁湧,陈长赓,刘强,刘嘉熹.基于构件的软件系统信任链模型和信任关系分析[J].信息网络安全,2018(3):8-13. 被引量：1
4刘银平.数字签名技术及其发展动态[J].办公室业务,2018,0(10):177-177.
5黄凡帆,周霆,张灯.面向IMA的操作系统信息安全保证技术研究[J].航空计算技术,2018,48(4):112-114. 被引量：1
6杨子怡,李亚晖,王中华.基于机载嵌入式可信计算平台的高安全防护系统[J].航空计算技术,2018,48(5):174-177. 被引量：4
7金小俊,吴军,薛冒杰,白光伟.MSN下族内可信蚁群机会路由改进算法[J].计算机工程与设计,2020,41(7):1884-1891.
8周敦凯.基于可信计算的嵌入式系统安全设计[J].自动化与仪器仪表,2020(10):81-84. 被引量：4
9徐万山,张建标,袁艺林,李铮.基于BMC的服务器可信启动方法研究[J].信息网络安全,2021(5):67-73. 被引量：6
10何金军,王旭,邹俊.等保2.0下可信计算研究与测评探讨[J].网络安全技术与应用,2021(7):5-7. 被引量：1

1王喜文.工业4.0:智能工业[J].物联网技术,2013,3(12):3-4. 被引量：60
2陈鹏.浅谈虚拟化技术进化[J].信息系统工程,2010,23(4):102-103. 被引量：6
3魔力神靴：边走边网聊[J].新闻周刊,2004(35):72-72.
4高秉雄.采用系统新战略的发展[J].管理观察,1994,0(4):45-45.
5袁外.脱下监管的靴子[J].信息方略,2014,0(11):14-14.
6宋滟泓.4G牌照靴子落地通信设备商全面布局忙[J].IT时代周刊,2013(24):44-45.
7梁晨光.硬盘、内存、闪存，路在何方？存储技术进化无止境[J].微型计算机,2008(7):95-98.
82012显示技术进化三大超薄面板技术成新趋势[J].建筑玻璃与工业玻璃,2013(1):38-38.
9“AI＋医疗”：人工智能落地的第一只靴子？[J].智能城市,2017,3(3):24-25.
10不管靴子掉不掉下来我们都注定不自由[J].数字商业时代,2012(4):10-10.

Chinese Science Bulletin

2014年第32期

浏览历史

内容加载中请稍等...