Abstract:
The static integrity measurement cannot ensure the integrity of system in the run-time process. This paper presents a Dynamic Integrity Measurement(DIM) model based on trusted computing. Compared with other existing measurement architectures of integrity measurement, this architecture introduces virtualization technology to help the system administrators control the integrity of system in the run-time process. It monitors the processes’ behavior in the run-time process and completes the DIM. Results prove that malicious attacks which damage to the integrity of system in the run-time process are defended against and the security of the system is improved.
Key words:
static integrity measurement,
trusted computing,
Dynamic Integrity Measurement(DIM),
virtualization,
malicious attack
摘要: 静态完整性度量不能保护系统在运行过程中的完整性。为此,提出一种基于可信计算的动态完整性度量模型。在现有的完整性度量架构中引入虚拟化技术,有助于系统管理员掌握系统在运行过程中的完整性。在软件加载后,对运行中的进程行为进行监控,动态度量其完整性。分析结果表明,该模型能防止运行过程中恶意攻击破坏系统的完整性,从而提高系统安全性。
关键词:
静态完整性度量,
可信计算,
动态完整性度量,
虚拟化,
恶意攻击
CLC Number:
YANG Bei, TUN Zhen-Jiang, FU Xiang-Ping. Dynamic Integrity Measurement Model Based on Trusted Computing[J]. Computer Engineering, 2012, 38(2): 78-81.
杨蓓, 吴振强, 符湘萍. 基于可信计算的动态完整性度量模型[J]. 计算机工程, 2012, 38(2): 78-81.