| 基于可信计算平台的接入认证模型和OIAP授权协议的研究与应用 |
| |
| 引用本文: | 肖政,韩英,刘小杰,华东明,侯紫峰.基于可信计算平台的接入认证模型和OIAP授权协议的研究与应用[J].小型微型计算机系统,2007,28(8):1397-1401. |
| |
| 作者姓名: | 肖政 韩英 刘小杰 华东明 侯紫峰 |
| |
| 作者单位: | 1. 中国科学院,计算技术研究所,北京,100080;中国科学院,研究生院,北京,100039
2. 中国科学院,计算技术研究所,北京,100080;联想研究院,北京,100085 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 在参考现有认证技术的基础上,提出了一种基于可信计算平台的可信接入认证模型.利用此模型可以及时发现待接入设备是否是安全可信,然后进行正确处理.在确定接入的设备是安全可信后,考虑到下一步此设备需要使用认证授权协议OIAP向服务资源发出申请,但是OIAP协议本身存在基于口令机制的缺陷,为此本文还提出增强OIAP协议安全性的方法.在"八六三"项目"可信计算系统平台"中的实际应用证明上述的模型和方法的有效性,并展现了其良好的应用前景.
|
| 关 键 词: | 可信计算平台 网络可信接入 安全协议 身份认证 可信平台模块 |
| 文章编号: | 1000-1220(2007)08-1397-05 |
| 修稿时间: | 2005-12-29 |
Research and Application of a Trusted Attestation Model and OIAP Protocol Based on Trusted Computing Platform |
| |
| XIAO Zheng,HAN Ying,LIU Xiao-jie,HUA Dong-ming,HOU Zi-feng.Research and Application of a Trusted Attestation Model and OIAP Protocol Based on Trusted Computing Platform[J].Mini-micro Systems,2007,28(8):1397-1401. |
| |
| Authors: | XIAO Zheng HAN Ying LIU Xiao-jie HUA Dong-ming HOU Zi-feng |
| |
| Abstract: | In this paper, taking into account existing attesting and authentication technology,a trusted connection attestion model based on trusted computing platform is presented. The attesting method can find whether the attested devices are safe and trusted,then can take the proper measurement. Considering when the attested devices are trusted, the device will send requirement to service resoure using OIAP protocol, but the protocol has password flaw by itself, so a strengthening security method is emphatically proposed. The applications of them to 863 project"a Trusted Computing Platform System "show the efficiency of the above model and mothod, also indicate that they will have a good future for implementation. |
| |
| Keywords: | trusted computing platform network trusted connection security protocol identity authentication trusted platform module |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
