BBACIMA:A Trustworthy Integrity Measurement Architecture through Behavior-Based TPM Access Control

来源 :Wuhan University Journal of Natural Sciences | 被引量 : 0次 | 上传用户:linkageldap
下载到本地 , 更方便阅读
声明 : 本文档内容版权归属内容提供方 , 如果您对本文有版权争议 , 可与客服联系进行内容授权或下架
论文部分内容阅读
Two limitations of current integrity measurement ar-chitectures are pointed out: ① a reference value is required for every measured entity to verify the system states,as is impractical however; ② malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture,BBACIMA,through enforcing behavior-based access control for trusted platform module (TPM). BBACIMA introduces a TPM reference monitor (TPMRM) to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based ac-cess control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR (platform configuration register) operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement architec-tures. Two limitations of current integrity measurement ar-chitectures are pointed out: ① a reference value is required for every measured entity to verify the system states, as is impractical however; ② malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture, BBACIMA, through enforcing behavior-based access control for trusted platform module (TPM). BBACIMA introduces a TPM reference monitor (TPMRM) to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based ac- cess control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR (platform configuration register) operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement ar chitec-tures.
其他文献
蜜罐技术应用于计算机网络安全领域,源自军事上的伪装和欺骗思想,是一个将入侵行为引向预定区域的系统,起到保护真实系统的作用。分析研究了蜜罐技术的基本原理及其优缺点,并
在世界范围内 ,网络经济正在如火如荼地兴起 ,它对传统经济提出了严重挑战 ,正在迅速地改变着世界。正如300年前的工业革命把人与机器和工厂结合在一起那样 ,电子网络与经济的结
今年“五一”长假着实让人惬意了一把,令许多部门猝不及防,倍感压力。十一长假又至,如何唱好“假日经济”这台大戏,不少有识之士纷纷献计献策,指点假日经济。本文作者正是针对这些
随机膛压是引信机构性能和强度可靠性设计的基本数据。所以很有必要寻找一个火炮膛压曲线随机模拟的实用方法。文中在分析产生随机膛压的各种方法的基础上,提出了从实测膛压出
综合传感器系统(ISS)是美国空军赖特实验室进行的先进一体化航空电子设备计划,F-22飞机上航空电子设备设计运用了ISS计划直接技术前身.ISS将用为数和种类都不多的模块实现综
本文根据机动目标的特点,采用机动目标“当前”统计模型及均值与方差自适应滤波算法实现目标跟踪。大量的数字仿真结果表明,该方法能很好地跟踪目标,性能令人满意。 Accordi
肠易激综合征(irritable bowel syndrome,IBS)是反复发作的腹痛或不适,最近3个月内每个月至少有3d出现症状,合并以下2条或多条:(1)排便后症状缓解。(2)发作时伴有排便频率改
伴随当前Web2.0的发展和网络在企业日常业务经营中所发挥的巨大作用,网络性能受到前所未有的挑战。链路的负载均衡和高效利用成为企业IT运维部门当前急需解决的重要问题之一。    对此,我们特别走访了Radware资深网络专家,请他们给我们谈谈链路负载均衡设备选购的几点建议。    链路负载均衡需求分析    一般企业的总部都有两个外网出口,需要解决如下问题:  ☆当一条链路故障时,如何自动快速切换
本文根据电波传播及通信的理论,利用了现有的实测参数图表,分析并估算了×××电台进行数据传输的实际能力,即最大有效数传距离和抗噪声干扰性能.所得的数值及结论与实际条件
推荐理由:关注星星家庭,减轻成长负担。记者接到广东省佛山市一些自闭症儿童家长反映,因为孩子无法到普通幼儿园接受学前教育,在申请学前教育补贴时被拒之门外。记者向当地教