|
|||||
|
|
| 基于可信计算的终端数据分类保护 | |
| 引用本文: | 王飞,吕辉军,沈昌祥. 基于可信计算的终端数据分类保护[J]. 计算机工程, 2008, 34(4): 1-3 |
| 作者姓名: | 王飞 吕辉军 沈昌祥 |
| 作者单位: | 1. 解放军信息工程大学电子技术学院,郑州,450004 2. 国防科技大学计算机学院,长沙,410073 3. 海军计算技术研究所,北京,100036 |
| 基金项目: | 国家“863”计划基金资助项目(2002AA1Z2101) |
| 摘 要: | 根据当前的终端数据保护面临的问题,提出一种基于可信计算和DBLP模型的终端数据分类保护方案。给出在DBLP模型下主体对客体的读、写规则,以及迁移到移动介质上的客体保密原则,避免因无法实现进程隔离而带来的信息泄露。密文集客体的安全由TPM支撑的TSS接口实现密封存储保护。 |
| 关 键 词: | 可信计算 BLP模型 终端 安全 |
| 文章编号: | 1000-3428(2008)04-0001-03 |
| 收稿时间: | 2007-03-30 |
| 修稿时间: | 2007-03-30 |
Terminal Categorial Data Protection Based on Trusted Computing |
|
| WANG Fei,LV Hui-jun,SHEN Chang-xiang. Terminal Categorial Data Protection Based on Trusted Computing[J]. Computer Engineering, 2008, 34(4): 1-3 | |
| Authors: | WANG Fei LV Hui-jun SHEN Chang-xiang |
| Affiliation: | (1. School of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004; 2. School of Computer, National University of Defence Technology, Changsha 410073; 3. Naval Institute of Computing Technology, Beijing 100036) |
| Abstract: | According to the current problems of terminal data protection, this paper puts forward a kind of terminal categorial data protection scheme based on trusted computing and DBLE It gives some read or write rules based on DBLE and security principles to the objects which are written in mobile mediums. It can avoid information leak by unimplemented process isolation. The security of objects in cryptograph set is provided by TSS interfaces based on TPM. |
| Keywords: | trusted computing BLP modeI terminal security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |
| 点击此处可从《计算机工程》浏览原始摘要信息 | |
| 点击此处可从《计算机工程》下载免费的PDF全文 | |