| 一种可信远程证明通信机制的设计与实现 |
| |
| 引用本文: | 彭彦,鞠磊,方勇,邱一凡. 一种可信远程证明通信机制的设计与实现[J]. 通信技术, 2009, 42(4): 102-104 |
| |
| 作者姓名: | 彭彦 鞠磊 方勇 邱一凡 |
| |
| 作者单位: | 1. 西安电子科技大学,陕西,西安,710071;北京电子科技学院,北京,100070
2. 北京电子科技学院,北京,100070 |
| |
| 摘 要: | 现有远程证明实现方法从度量静态二进制代码、平台配置文件到安全策略监控来衡量目标平台的可信性,但这些方法灵活性和可行性不强,对可信平台客户端配置要求较高且尚未成熟。文中利用IMA机制改进了传统TCG远程证明方案,增加了度量的灵活性,减小了可信平台客户端压力;同时加入了密钥托管机制,解决了可信计算密钥托管和恢复问题。
|
| 关 键 词: | 远程证明 密钥托管 完整性度量方案 |
Design and Implementation of Remote Attestation |
| |
| PENG Yan,JU Le,FANG Yong,Qiu Yi-fan. Design and Implementation of Remote Attestation[J]. Communications Technology, 2009, 42(4): 102-104 |
| |
| Authors: | PENG Yan JU Le FANG Yong Qiu Yi-fan |
| |
| Affiliation: | PENG Yan, JU Le, FANG Yong, Qiu Yi-fan ((1)Xidian University, Xian Shaanxi 710071, China; (2)Beijing Electronic Science and Technology Institute, Beijing, 100070, China) |
| |
| Abstract: | Existing approaches for realization of the remote attestation measure the trustworthiness of a target platform from its binaries, configurations, properties or security policies. However, the flexibility and feasibility of these methods is still not good and not mature. Moreover, it requires very high capability of trusted platform client. By using IMA, the traditional TCG remote attestation is improved. The new architecture has increased the flexibility of the measurement, reduced the pressure of the trusted platform client; and by adding the key escrow mechanism, solved the key escrow and restoration problem in TCG. |
| |
| Keywords: | remote attestation: key escrow: integrity measurement architecture |
| 本文献已被 维普 万方数据 等数据库收录! |
|
