计算机工程

• 安全技术 • 上一篇    下一篇

支持进程代码修改的非传递无干扰可信模型

徐 甫   

  1. (解放军信息工程大学,郑州 450002)
  • 收稿日期:2012-09-07 出版日期:2013-11-15 发布日期:2013-11-13
  • 作者简介:徐 甫(1983-),男,博士研究生,主研方向:信息安全,可信计算
  • 基金项目:
    国家科技重大专项基金资助项目“新一代宽带无线移动通信网”(2012ZX03002003)

Intransitive Noninterference Trusted Model Supporting Process Codes Modification

XU Fu   

  1. (PLA Information Engineering University, Zhengzhou 450002, China)
  • Received:2012-09-07 Online:2013-11-15 Published:2013-11-13

摘要: 基于无干扰理论的可信模型要求进程在系统运行过程中始终不被修改,制约了可信计算平台的应用。针对该问题,扩展非传递无干扰理论,使其支持对安全域的修改,在此基础上提出一种基于非传递无干扰理论,且支持进程代码修改的可信模型,并在新理论框架下给出进程运行可信的条件,证明进程运行可信定理。分析结果表明,与现有可信模型相比,该模型在保证进程运行可信的同时允许对进程代码进行修改,提高了可信计算平台的实用性。

关键词: 可信模型, 非传递无干扰, 代码修改, 静态干扰, 动态干扰, 运行可信

Abstract: In noninterfernce theorem-based trusted model, processes are not allowed to be changed when the system is running, which restricts the application of trusted computing platform. To solve this problem, intransitive noninterfernce theorem is extended to support security domain modification. On this basis, a new trusted model based on intransitive noninterfernce theorem and supporting process codes modification is proposed. On the new theorem framework, the conditions of processes running trust are given and the theorem of processes running trust is proved. Analysis result shows that, compared with present trusted models, this model can both guarantee process running trusted and support process codes modification, which enhances the practicability of trusted computing platform.

Key words: trusted model, intransitive noninterfernce, codes modification, static interference, dynamic interference, running trusted

中图分类号: