摘要: 证书体系在可信计算中具有基础支撑作用,它参与完成了信任传递的整个过程。该文研究身份证实证书(AIK)的内容、产生和其他证书的关系,分析其在远端主机证明的作用和过程。用可信计算技术和AIK证书加强安全套接层(SSL)协议的方法和步骤解决SSL协议中无法验证服务器程序真实性的问题。
关键词:
可信计算,
身份证实证书,
远端证明,
安全套接层协议
Abstract: One of the Trusted Computing Group(TCG) infrastructure is credential system, which participates in trusted chain of transmission process. Attestation identity credential’s type, the full definition and the relationship to other credential are discussed. Its application on remote attestation is studied. Based on the study, the way to improve the security of Secure Socket Layer(SSL) protocol using trusted computing and AIK credential is put forward for solving the application’s attestation on SSL server.
Key words:
trusted computing,
attestation identity credential,
remote attestation,
Secure Socket Layer(SSL) protocol
中图分类号:
周雁舟;刘文清;朱智强. 身份证实证书在可信计算中的应用[J]. 计算机工程, 2009, 35(3): 21-22,7.
ZHOU Yan-zhou; LIU Wen-qing; ZHU Zhi-qiang. Application of Attestation Identity Credential in Trusted Computing[J]. Computer Engineering, 2009, 35(3): 21-22,7.