基于系统行为的计算平台可信证明

计算平台可信证明是可信计算研究的热点问题.但是目前一些计算平台可信证明方案存在隐私保护和可行性等方面的缺陷.基于系统行为的计算平台可信证明模型(BTAM)在可信计算环境下,根据可信行为期望策略,将平台状态证明转化为对平台历史行为序列的可信证明,有效地避免了在准确描述计算平台状态方面的难题,保证了模型实现的可行性和可扩展性,并且不会暴露证明平台的配置信息.BTAM的原型实现和实验性能分析证明了它在防范诸如计算机病毒、木马类恶意软件攻击以及避免安全策略冲突行为等方面的安全能力,以及良好的实际安全运行效率.

System Behavior Based Trustworthiness Attestation for Computing Platform

Remote attestation for trustworthiness of computing platform is a focus research work in Trusted Computing,but there exist some problems in some of today's attestation approaches.System Behavior based Trustworthiness Attestation Model(BTAM) is a trustworthiness attestation model based on system behavior of attesting computing platform in trusted computing environment.BTAM determines the trustworthiness of attesting platform by its behavior sequences against the platform behavior expectation policy,therefore it avoids the difficulties in describing the state of attesting platform,assures the feasibility and scalability in the model implementation.The prototype implementation of BTAM proves the capability of BTAM in defending malicious code such as Trojan and virus and eliminating security policy conflicted activities,and the run-time performance analysis also shows the high efficiency of BTAM in security.