CMM :Credential Migration Management system based on trusted computing in CGSP

In grid computing environment, grid users often need to authorize remote computers acting as original users’ identity. But the original user may be under the risk of information leakage and identity abused for sending his credential to remote computing environment. Existing grid security practice has few means to enforce the security of credential delivery. Trusted Computing (TC) technology can be added to grid computing environment to enhance the grid security. With TC using an essential in-platform (trusted) third party, Trusted Platform Module (TPM), we can use TC to protect the user credential. In this paper we present credential migration management (CMM) system, which is a part of Daonity project, to manifest migrating credential in security between different computers with TPM.     

一种新的用户登录可信认证方案的设计与实现

用户登录身份认证是建立操作系统可信性中一个非常重要的环节。操作系统采用口令、智能卡、USBKEY,甚至还采用了指纹、虹膜等认证方式来确认用户的身份,除了存在密码容易被遗忘、猜测、截获等一系列安全隐患外,还存在身份信息的存储安全和单向认证问题。基于可信计算联盟的规范,分析了操作系统用户登录传统认证方式的缺陷,提出了一种新的用户登录认证方式：基于可信平台模块(TPM)的用户登录可信认证。该认证方式是利用PC机USB接口外接TPM,将用户的身份信息、相关的密钥信息等存储在TPM中,并利用USBKEY技术、动态的口令技术来确保用户身份的真实可信。该认证方式克服了操作系统用户登录传统认证方式的缺陷,支持双向认证,为计算机获得更高的安全保障,进一步建立可信计算环境提供了基础。     

Design and implementation of a portable TPM scheme for general-purpose trusted computing based on EFI

In today’s globalized digital world, network-based, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user.     

身份证实证书在可信计算中的应用

证书体系在可信计算中具有基础支撑作用,它参与完成了信任传递的整个过程。该文研究身份证实证书（AIK）的内容、产生和其他证书的关系,分析其在远端主机证明的作用和过程。用可信计算技术和AIK证书加强安全套接层（SSL）协议的方法和步骤解决SSL协议中无法验证服务器程序真实性的问题。     

基于可信平台的IED远程安全通信的设计

在分析变电站通信安全需求的基础上,把可信计算平台（TPM）置入到变电站自动化的智能电子设备IED中,提出以TPM芯片为硬件基础、以远程认证为手段的远程通信安全解决方案,建立一种嵌入TPM平台的网络安全模型,这种模型通过增加TCG功能,对可信平台进行完整性认证,并对远程通信进行身份认证的方法,为企业信息系统和网络安全提供全面的安全服务。     

一种针对TPM的抗重放攻击方案

可信平台模块（Trusted Platform Module,TPM）是可信计算技术的核心。可信计算平台需要TPM的可信测量能力、可信存储能力和可信报告能力,向用户证实平台是可信的。然而当前人们主要关心TPM的实现以及其上的应用开发,却很少讨论TPM本身的安全性。这样一方面很难使人们相信TPM本身是安全的,另一方面也不能很好的将TPM应用到安全领域中。对用户和TPM交互时所遵循的重要协议——对象无关授权协议OIAP进行分析,证明了该协议会受到重放攻击并提出了相应的解决方案。     

可信计算在VPN中的应用

对虚拟专用网VPN进行了研究。VPN使用户远程办公成为可能,但是VPN不能认证主机的配置,入侵者通过有VPN访问权限的主机获得非法的访问权限,使得终端不安全,同时相应的使网络接入也不安全。可以利用可信计算技术解决这些问题,其中可信平台模块通过绑定密钥认证VPN完整性,而可信网络连接认证网络连接安全性,以确保终端、网络接入和通信的安全可信。     

基于应用π演算的可信平台模块的安全性形式化分析

可信平台模块(trusted platform module,TPM)是信息安全领域热点研究方向可信计算的关键部件,其安全性直接影响整个可信计算平台的安全性,需要对其进行安全性验证.针对已有工作对TPM规范中多类安全性问题进行形式化建模与验证过程中所存在的不足,从分析TPM和使用者的交互过程出发,使用应用π演算对TPM进行形式化建模,把TPM规范中定义的各实体行为特性抽象成为进程的并发安全性问题,在讨论并发进程中机密性、认证性和弱机密性的基础上,对交互模型进行安全性论证,提出并使用自动定理证明工具验证了对应安全属性的改进方案.     

Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.     

A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks

Wireless sensor network (WSN) can be deployed in any unattended environment. With the new developed IoT (Internet of Things) technology, remote authorized users are allowed to access reliable sensor nodes to obtain data and even are allowed to send commands to the nodes in the WSN. Because of the resource constrained nature of sensor nodes, it is important to design a secure, effective and lightweight authentication and key agreement scheme. The gateway node (GWN) plays a crucial role in the WSN as all data transmitted to the outside network must pass through it. We propose a temporal-credential-based mutual authentication scheme among the user, GWN and the sensor node. With the help of the password-based authentication, GWN can issue a temporal credential to each user and sensor node. For a user, his/her temporal credential can be securely protected and stored openly in a smart card. For a sensor node, its temporal credential is related to its identity and must privately stored in its storage medium. Furthermore, with the help of GWN, a lightweight key agreement scheme is proposed to embed into our protocol. The protocol only needs hash and XOR computations. The results of security and performance analysis demonstrate that the proposed scheme provides relatively more security features and high security level without increasing too much overhead of communication, computation and storage. It is realistic and well adapted for resource-constrained wireless sensor networks.     

嵌入式终端远程可信升级设计

将可信计算技术应用到嵌入式系统中,是一条有效解决嵌入式终端设备安全问题的新思路。基于TPM构建嵌入式可信终端,采用TPM的身份鉴别、数字签名、完整性度量技术进行系统升级,核心模块的升级更新和应用程序的升级更新设计,并解决了升级过程意外中断、远程升级传输误码等关键性技术问题。     

SOA环境中的跨域认证方案研究

鉴于现在的网络越来越复杂,其中,用户数量大、服务类型多、安全机制不统一的特点决定了SOA环境中异构多域的情况,给出了一种基于模糊理论的信任管理方法,并将该方法与证书转换服务结合起来提出了一种 SOA 环境中的跨域认证方案,在该方案中,用户域使用信任管理方法来保证安全性,服务域结合信任管理与证书认证来保证安全性,并且用户可以透明地访问采用不同底层安全机制的域中服务,实现安全跨域认证。分析表明,该方案具有安全与普适的优势,可以满足SOA环境下身份认证的需求。     

基于可信计算的网格行为信任模型研究

网格环境中的信任问题是网格计算发展过程中必须解决的一个重要问题。网格实体间的信任可以分为身份信任和行为信任两种，其中行为信任关注的是更广泛意义上的可信性问题，具有动态性和不确定性等特点，实体可以根据彼此之间的交互经验动态更新实体间的信任关系。而可信计算技术是为应对计算机安全问题而提出的一种底层的、整体的解决方案。该文以可信计算平台为基础，提出了一种网格环境中的行为信任模型，并对行为信任进行量化评估，最后对该模型中的几个关键问题进行了分析。     

基于可信移动平台的直接匿名证明方案研究

可信平台模块(trusted platform module, TPM)采用的直接匿名证明(direct anonymous attestation, DAA)方法实现了对平台身份的匿名远程证明.然而对于具有匿名远程证明高需求的移动平台,目前仍然没有通用高效的DAA解决方案框架.针对上述问题,提出了一种适用于可信移动平台的DAA方案框架,框架充分考虑了移动应用背景,结合若干基于椭圆曲线的DAA(ECC-DAA)方案重新设计,首次提出匿名凭证嵌入和再次获取凭证功能,符合TPM 2.0技术和接口标准规范.给出了基于TrustZone安全技术和TPM Emulator实现的可信移动平台体系结构.对4种ECC-DAA方案和3种椭圆曲线进行了对比、实现和分析,实验表明,框架能够良好兼容DAA方案和曲线,具有较高的计算速度.     

一种基于可信计算的VPN接入认证方案

平台安全性在远程访问企业资源显得越来越重要.目前VPN客户端认证在对终端用户身份和平台身份认证的同时,尚未很好地保证终端平台的安全性,使得终端平台成为入侵者获得非法访问权限的途径.通过采用智能卡和可信平台模块相结合的方案,提高了终端平台身份认证的安全性,确保网络接入和通信的安全可信.     

一种面向网格计算的分布式匿名协作算法

基于TCG提出的可信计算技术为网格协作安全性提出一种匿名分组身份验证算法,该算法可以非常可靠地解决网格计算平台之间的身份匿名验证问题.算法使用一个硬件模块TPM解决远程的身份验证,并通过TPM机制可以提供可靠的匿名验证和平台认证功能.算法中所有涉及的验证过程都是基于匿名机制实现的,除了实现匿名验证机制以外,算法还提供一套完整标记恶意网络实体的方法.提出了网格计算中虚拟分组的匿名认证平台架构,并在此架构基础上分成5步实现匿名验证算法,然后说明了算法在一种对等计算平台的应用实例,与GT2,GT3,GT4以及信任管理进行安全性的比较,并设计一个实验评价其性能.     

利用可信计算技术改善云计算的安全性

云计算影响了互联网上世界上任何地方远程服务器处理、数据存储和共享的方式。这种共享多种分布式资源方式,使得安全问题更加复杂化。本文分析了云计算环境下的安全服务,通过整合可信计算环境来建立云计算系统。可信计算平台模式可以提高云计算的安全性。可信计算模式重要的安全服务包括加密,认证,完整性和保密性等都可以用在云计算系统中。     

TNC在等级保护中的应用研究

信息安全等级保护工作是维护基础信息网络与重要信息系统安全的根本保障,尤其对保护我国政府信息系统的安全具有重要意义。访问控制和身份鉴别在信息系统等级保护的基本技术要求中占有重要地位,针对传统网络接入控制机制的不足,文章提出了基于终端完整性度量的政府远程办公网络系统安全解决方案,设计了一种基于可信网络连接TNC（Trusted Network Connection）的安全接入认证协议。通过安全分析表明,该方案能够确保政府远程办公终端自身的完整性和安全性,从而构建政府远程办公网络系统的可信计算环境,保证整个政府办公网络系统应用环境的安全。     

基于教育区块链与无证书签名的身份认证方案

针对当前教育资源共享安全性低和身份认证困难的问题, 提出了一种区块链技术与无证书签名相结合的可跨域身份认证方案, 将无证书签名技术的高安全性、无密钥托管问题等优点应用到区块链的分布式网络中, 实现了身份认证过程中用户安全、跨域认证、恶意用户可追溯、注册信息不可篡改. 首先, 基于教育区块链与无证书签名的身份认证方案是建...     

Automatically constructing trusted cluster computing environment

Trusted Computing is a technology proposed by the Trusted Computing Group (TCG) to solve security problems in computers. A lot of work has been conducted to support Trusted Computing for individual computers; however little has been done for distributed systems (e.g., clusters). If malicious or unqualified applications are deployed on cluster nodes, users may obtain forged results or their data may be leaked out. In this paper, a methodology of the Trusted Cluster Computing (TCC) is proposed to automatically construct user-trustable cluster computing environments. User-specified applications are downloaded from user-specified locations and automatically and dynamically deployed on cluster nodes. To reduce the dynamic-deployment overhead, a novel Heuristics-based Overhead-Reducing (HOR) replacement strategy is also proposed. A highly configurable simulator has been implemented to perform a series of simulations. The simulation results demonstrate that the HOR can produce Average Speedup with up to 14% (light workload), 10% (medium workload), 8% (heavy workload) higher than that of LRU-based strategies, with a typical setting of the Average Ratio of Deployment time to Execution time (ARDE) being 0.2.