摘要: 针对直接匿名认证(DAA)方案只提供单域认证的局限性,提出一种基于动态信任值的DAA跨域认证机制,通过将信任关系量化为[0,1]之间的信任值,并对域间信任值与信任阈值进行比较来实现可信平台模块(TPM)用户的跨域访问。实验结果表明,该机制能减小跨域认证时TPM的工作负载,节省DAA认证的时间开销,并给出信任值的变化范围。
关键词:
直接匿名认证,
可信平台模块,
动态信任值,
跨域认证
Abstract: Aiming at the limitation of single-domain authentication provided by Direct Anonymous Attestation(DAA), a dynamic trust-based cross-domain authentication mechanism of DAA is proposed, which quantizes trust relation to trust value between 0 and 1, realizes cross-domain authentication by comparing trust value with expectation value. Experimental result proves the mechanism can effectively diminish the workload of Trusted Platform Module(TPM) and reduce the time expense on DAA authentication, and the variety of trust value is given.
Key words:
Direct Anonymous Attestation(DAA),
Trusted Platform Module(TPM),
dynamic trust value,
cross-domain authentication
中图分类号:
蒋李, 吴振强, 王海燕, 种惠芳. 基于动态信任值的DAA跨域认证机制[J]. 计算机工程, 2010, 36(11): 156-158.
JIANG Li, TUN Zhen-Jiang, WANG Hai-Yan, CHONG Hui-Fang. Cross-domain Authentication Mechanism of DAA Based on Dynamic Trust Value[J]. Computer Engineering, 2010, 36(11): 156-158.