共查询到20条相似文献,搜索用时 230 毫秒
1.
基于可信计算平台的信任链传递研究进展 总被引:7,自引:0,他引:7
信任链传递问题是可信计算的基本问题.阐述了信任链传递在技术与理论方面的最新研究进展.通过分析信任链传递的技术方案、可信测量技术、信任链理论和信任链的可信度度量理论,提出了值得研究的理论与技术方向,包括:以可信静态测量、可信动态测量技术等为代表的信任链传递关键技术,以信任链层次理论模型、信任链传递中的信任损失度量理论和软件的动态可信度度量理论等为代表的基础理论. 相似文献
2.
一种可信软件设计方法及可信性评价 总被引:2,自引:0,他引:2
针对可信计算组织TCG(Trusted Computing Group)的信任链无法保障软件运行时动态可信的问题,对该信任链进行扩充,引入对软件运行时动态可信性的检测,提出了可信引擎驱动的可信软件信任链模型,并在此基础上提出了一种可信软件设计方法及可信性评价策略.通过引入描述软件可信行为轨迹的可信视图,在可信软件检查点处植入检查点传感器,将软件可信性融入软件设计中.通过对软件的完整性度量以及运行过程中软件行为轨迹的监测,实现软件的可信性保障.实验分析表明:采用该方法设计的软件能够有效地检测软件异常,并且成功检测软件异常的能力明显优于基于TCG信任链的软件. 相似文献
3.
4.
5.
为将可信计算技术更有效应用于嵌入式系统,结合链式与星型信任结构,提出了一种带数据恢复功能的混合式信任结构,可降低链式结构的信任损失,减轻星型结构中可信平台模块(TPM)的计算负担.在此基础上构建并实现了一种嵌入式可信平台,以内置可信度量核心根(CRTM)的嵌入式TPM作为信任根,并在其内部设计了双端口内存作为与嵌入式处理器间的通信接口.该平台在启动过程中通过CRTM验证启动程序及操作系统的完整性,利用操作系统动态拦截和验证应用程序的完整性,并在发现完整性度量值被修改时启动数据恢复功能,从而有效保证了嵌入式系统软件组件的完整性和可信启动. 相似文献
6.
基于QEMU的虚拟可信平台模块的设计与实现 总被引:1,自引:0,他引:1
针对可信计算机系统信任链传递过程中的安全性缺陷,提出了在虚拟机中进行信任链传递的虚拟机穿越技术,并在QEMU虚拟机中实现了虚拟可信平台模块。虚拟可信平台模块通过采用信息代理的实现方式并利用虚拟机的封闭性和隔离性为可信计算机系统信任链传递提供了一个安全、高效和透明环境。通过KnoppixLinux分析和比较了QEMU虚拟机中实现的虚拟可信平台模块和Xen中基于可信平台模拟器的虚拟可信平台模块。 相似文献
7.
基于国产处理器的可信系统研究与实现 总被引:1,自引:1,他引:0
根据可信计算组织TCG的可信计算规范,结合信任链的思想,基于国产处理器龙芯2F以及可信平台模块TPM,设计了基于龙芯处理器的可信计算平台,包括可信系统硬件层、可信BootLoader层和可信操作系统层,并设计了整个系统的启动程序,建立信任链,实现基于国产处理器的可信系统构建。 相似文献
8.
可信网络中用户行为可信的研究 总被引:24,自引:0,他引:24
目前网络安全受到严重的挑战,国际研究表明网络安全正向着网络可信方向发展,未来网络安全是增加行为可信的可信网络,它主要包括服务提供者的可信、网络信息传输的可信和终端用户的可信.通过研究用户的行为信任,不仅可以减少或避免与恶意用户交往,而且因为服务提供者与用户之间建立了互信,从而提高了它们合作完成任务的可能性,降低了因不信任带来的监控和防范等额外开销,所以对用户行为可信的研究不仅可以提高网络的安全性而且也可以提高网络的性能.以可信网络中用户行为可信研究为核心,提出了面向可信网络的用户行为信任的评估、预测与控制架构,包括行为信任的可靠评估;满足不同安全与性能需求的灵活的信任预测;基于信任与风险、利益得失的系统访问博弈决策:基于信任的动态的资源访问控制和以信任预防为主,实时监控为辅的异常行为的监控与防范等.并把这些用户行为可信管理机制进行有效组合,实现了动态控制与静态控制,信任与风险的统一,为可信网络的进一步研究提供基础. 相似文献
9.
一种可信终端运行环境远程证明方案 总被引:4,自引:2,他引:2
可信终端的远程证明无论是基于二进制的证明方案还是基于属性的证明方案,针对的均是终端的静态环境,反映的是终端的软件配置结构,并不能证明终端运行环境的真正可信.针对这一问题,提出了一种终端可信环境远程证明方案.针对静态环境,该方案考虑了满足可信平台规范的信任链以及相关软件配置的可信属性证明;针对动态环境,该方案考虑了终端行为的可信属性证明.并分别给出了信任链、平台软件配置和终端行为等属性证明的可信性判定策略和算法,以及终端运行环境远程证明的综合性判定策略和算法.另外,在Windows 平台上,设计和实现了该方案中的两个核心实体:证明代理和验证代理,并设计了证明代理和验证代理之间的通信协议.最后,介绍了该方案在Windows 平台上的一个典型应用案例以及证明代理在该应用实例中的性能开销.应用实例验证了该方案的可行性. 相似文献
10.
针对嵌入式终端的安全问题日益突出以及嵌入式终端信任链传递不完整等问题,结合可信计算的思想,提出了自底向上的和自顶向下的嵌入式可信终端信任链传递模型.基于该模型,以linux嵌入式系统平台为原型,设计了启动可信,操作系统加载可信以及应用程序的加载可信.可以较好地解决目前嵌入式终端面临的安全问题. 相似文献
11.
A static API birthmark for Windows binary executables 总被引:1,自引:0,他引:1
Seokwoo Choi Author Vitae Heewan Park Author Vitae Author Vitae Taisook Han Author Vitae 《Journal of Systems and Software》2009,82(5):862-873
A software birthmark is the inherent characteristics of a program extracted from the program itself. By comparing birthmarks, we can detect whether a program is a copy of another program or not. We propose a static API birthmark for Windows executables that utilizes sets of API calls identified by a disassembler statically. By comparing 49 Windows executables, we show that our birthmark can distinguish similar programs and detect copies. By comparing binaries generated by various compilers, we also demonstrate that our birthmark is resilient. We compare our birthmark with a previous Windows dynamic birthmark to show that it is more appropriate for GUI applications. 相似文献
12.
13.
14.
Nebenzahl D. Sagiv M. Wool A. 《Dependable and Secure Computing, IEEE Transactions on》2006,3(1):78-90
Stack smashing is still one of the most popular techniques for computer system attack. In this work, we present an anti-stack-smashing defense technique for Microsoft Windows systems. Our approach works at install-time, and does not rely on having access to the source-code: The user decides when and which executables to vaccinate. Our technique consists of instrumenting a given executable with a mechanism to detect stack smashing attacks. We developed a prototype implementing our technique and verified that it successfully defends against actual exploit code. We then extended our prototype to vaccinate DLLs, multithreaded applications, and DLLs used by multithreaded applications, which present significant additional complications. We present promising performance results measured on SPEC2000 benchmarks: Vaccinated executables were no more than 8 percent slower than their un-vaccinated originals. 相似文献
15.
Yanfang Ye Dingding Wang Tao Li Dongyi Ye Qingshan Jiang 《Journal in Computer Virology》2008,4(4):323-334
The proliferation of malware has presented a serious threat to the security of computer systems. Traditional signature-based
anti-virus systems fail to detect polymorphic/metamorphic and new, previously unseen malicious executables. Data mining methods
such as Naive Bayes and Decision Tree have been studied on small collections of executables. In this paper, resting on the
analysis of Windows APIs called by PE files, we develop the Intelligent Malware Detection System (IMDS) using Objective-Oriented
Association (OOA) mining based classification. IMDS is an integrated system consisting of three major modules: PE parser,
OOA rule generator, and rule based classifier. An OOA_Fast_FP-Growth algorithm is adapted to efficiently generate OOA rules
for classification. A comprehensive experimental study on a large collection of PE files obtained from the anti-virus laboratory
of KingSoft Corporation is performed to compare various malware detection approaches. Promising experimental results demonstrate
that the accuracy and efficiency of our IMDS system outperform popular anti-virus software such as Norton AntiVirus and McAfee
VirusScan, as well as previous data mining based detection systems which employed Naive Bayes, Support Vector Machine (SVM)
and Decision Tree techniques. Our system has already been incorporated into the scanning tool of KingSoft’s Anti-Virus software.
A short version of the paper is appeared in [33]. The work is partially supported by NSF IIS-0546280 and an IBM Faculty Research
Award. The authors would also like to thank the members in the anti-virus laboratory at KingSoft Corporation for their helpful
discussions and suggestions. 相似文献
16.
17.
A file system for system programming in ubiquitous computing 总被引:1,自引:0,他引:1
Christian Decker Till Riedel Michael Beigl Albert Krohn 《Personal and Ubiquitous Computing》2007,11(1):21-31
In Ubiquitous computing, small embedded sensor and computing nodes are the main enabling technologies. System programming for such small embedded systems is a challenging task involving various hardware components with different characteristics. This paper presents a file system which organizes all computational and sensory functionality of a sensor node as resources in a uniform name space. It further provides a lightweight and uniform access model for all these resources. This mechanism forms an abstraction from different hardware, makes functions re-useable and simplifies the development on such systems. With ParticleFS a concrete file system implementation on a sensor node platform is shown. Application cases demonstrate sensor logging, an interactive shell, executables, a pipe mechanism and remote access capabilities of the ParticleFS. 相似文献
18.
Windows CE.NET是模块化抢先式多任务实时嵌入式操作系统。嵌入式操作系统,以其紧凑、高效、可裁减等优点适用于硬件资源受限的各种工业监控系统中。本文在分析Windows CE.NET嵌入式实时操作系统的体系结构、系统特点的基础上,介绍了基于Windows CE.NET的嵌入式随钻数据监测系统的总体结构、硬件平台和软件系统。 相似文献
19.
20.
详细介绍了一个语音识别开发工具包SRDK(SpeechRecognitionDevelopmentkits)。该工具包可以方便地完成语音识别的各种任务,并且可以用来对语音识别技术进行研究。SRDK的特点是:ANSIC编写,便于向嵌入式系统进行移植;模块化良好,可以任意拆分组合;内置状态捆绑、训练中的剪枝、段长后处理、SSE(StreamingSingle-InstructionMultiple-DataExtensions)指令集的使用等多种先进技术等。已经使用SRDK开发出实用的语音识别系统。 相似文献