Trustworthiness Evidence Collection Mechanism of Running Dynamic Environment of Trusted Terminal

TAN Liang; CHEN Ju; ZHOU Ming-tian

doi:10.3969/j.issn.0372-2112.2013.01.015

您当前的位置：

首页 >

文章列表页 >

Trustworthiness Evidence Collection Mechanism of Running Dynamic Environment of Trusted Terminal

更新时间：2025-07-16

- Trustworthiness Evidence Collection Mechanism of Running Dynamic Environment of Trusted Terminal
- Acta Electronica Sinica Vol. 41, Issue 1, Pages: 77-85(2013)
- 作者机构：
  
  1. 四川师范大学计算机学院,四川,成都,610068
  2. 中国科学院计算技术研究所,北京,100190
  3. 电子科技大学计算机科学与工程学院,四川,成都,610054
  4. 四川师范大学计算机学院四川成都,610068
  5. 中国科学院计算技术研究所北京,100190
  6. 电子科技大学计算机科学与工程学院四川成都,610054
- 作者简介：
- 基金信息：
  
  National Natural Science Foundation of China (No.60970113);Youth Science and Technology Foundation of Sichuan Province (No.2011JQ0038)
- DOI：10.3969/j.issn.0372-2112.2013.01.015
  CLC： TP309
- Published：2013
- 稿件说明：
移动端阅览
TAN Liang, CHEN Ju, ZHOU Ming-tian. Trustworthiness Evidence Collection Mechanism of Running Dynamic Environment of Trusted Terminal[J]. Acta Electronica Sinica, 2013, 41(1): 77-85.
DOI：

TAN Liang, CHEN Ju, ZHOU Ming-tian. Trustworthiness Evidence Collection Mechanism of Running Dynamic Environment of Trusted Terminal[J]. Acta Electronica Sinica, 2013, 41(1): 77-85. DOI： 10.3969/j.issn.0372-2112.2013.01.015.

摘要

可信计算的链式度量机制不容易扩展到终端所有应用程序

因而可信终端要始终保证其动态运行环境的可信仍然困难.为了提供可信终端动态运行环境客观、真实、全面的可信证据

提出了可信终端动态运行环境的可信证据收集机制.首先

在可信终端的应用层引入一个可信证据收集代理

并将该代理作为可信平台模块(trusted platform module

简称TPM)链式度量机制的重要一环

利用TPM提供的度量功能保证该代理可信;然后通过该代理收集可信终端的内存、CPU、网络端口、磁盘文件、策略配置数据和进程等的运行时状态信息

并利用TPM提供的可信存储功能

保存这些状态信息作为终端运行环境的可信证据

并保障可信证据本身的可信性.该可信证据收集机制具有良好的可扩展性

为支持面向不同应用的信任评估模型提供基础.在Windows平台中实现了一个可信证据收集代理的原型

并以一个开放的局域网为实验环境来分析可信证据收集代理所获取的终端动态运行环境可信证据以及可信证据收集代理在该应用实例中的性能开销.该应用实例验证了该方案的可行性.

Abstract

Chain measurement mechanism of trusted computing don't easily extend to all applications in the terminal

so it is difficult for the terminal to always maintenance trust of the dynamic running environment of the terminal.To collect trustworthiness evidence in an objective

genuine and comprehensive way

this paper proposes a trustworthiness evidence collection mechanism of trusted terminal running dynamic environment.Firstly

a trusted evidence collection agent

whose creditability is assured by the measurement function of trusted platform module (TPM)

is introduced by an application system in the terminal

the main function of which is collecting the information of the terminal dynamic running environment including memory

process

CPU

port of net

disk files

configure data and so on

and saving those evidences in Database or files by TPM.This mechanism has good scalability for various trustworthiness evaluation models.This paper also implements a prototype of the agent in Windows platform

and analyses the performance of agent in a local network distributed computing environment.This application demonstrates the feasibility of this mechanism.

关键词

Keywords

references

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Research on Multilevel Security Model Based on Trustworthy State and Its Application

Survey on Chain of Trust of Trusted System

Related Author

FONT

ZHOU Ming-tian

LIU Zhen

TAN Liang

Verdana

FONT face

LI Xiao-yong

WANG Shi-hua

Related Institution

School of Computer Science and Engineering,University.of Electronic Science and Technology.,Chengdu,,China

Institute of Computing Technology,Chinese Academy of Sciences

Key Lab of Visualization in Scientific Computing and Virtual Reality of Sichuan,College of Computer,Sichuan Normal University

Beijing Jiaotong UniversityBeijing 100044China

Sichuan UniversityChengdu 610065China

⁰