作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2012, Vol. 38 ›› Issue (2): 78-81. doi: 10.3969/j.issn.1000-3428.2012.02.025

• 软件技术与数据库 • 上一篇    下一篇

基于可信计算的动态完整性度量模型

杨 蓓,吴振强,符湘萍   

  1. (陕西师范大学计算机科学学院,西安 710062)
  • 收稿日期:2011-07-18 出版日期:2012-01-20 发布日期:2012-01-20
  • 作者简介:杨 蓓(1985-),女,硕士研究生,主研方向:可信计算,网络安全;吴振强,副教授、博士;符湘萍,硕士研究生
  • 基金资助:
    国家“863”计划基金资助项目(2007AA01Z438200);陕西省自然科学基础研究计划基金资助项目(2009JM8002)

Dynamic Integrity Measurement Model Based on Trusted Computing

YANG Bei, WU Zhen-qiang, FU Xiang-ping   

  1. (School of Computer Science, Shaanxi Normal University, Xi’an 710062, China)
  • Received:2011-07-18 Online:2012-01-20 Published:2012-01-20

摘要: 静态完整性度量不能保护系统在运行过程中的完整性。为此,提出一种基于可信计算的动态完整性度量模型。在现有的完整性度量架构中引入虚拟化技术,有助于系统管理员掌握系统在运行过程中的完整性。在软件加载后,对运行中的进程行为进行监控,动态度量其完整性。分析结果表明,该模型能防止运行过程中恶意攻击破坏系统的完整性,从而提高系统安全性。

关键词: 静态完整性度量, 可信计算, 动态完整性度量, 虚拟化, 恶意攻击

Abstract: The static integrity measurement cannot ensure the integrity of system in the run-time process. This paper presents a Dynamic Integrity Measurement(DIM) model based on trusted computing. Compared with other existing measurement architectures of integrity measurement, this architecture introduces virtualization technology to help the system administrators control the integrity of system in the run-time process. It monitors the processes’ behavior in the run-time process and completes the DIM. Results prove that malicious attacks which damage to the integrity of system in the run-time process are defended against and the security of the system is improved.

Key words: static integrity measurement, trusted computing, Dynamic Integrity Measurement(DIM), virtualization, malicious attack

中图分类号: