Research and Implementation of Active Dynamic Measurement Based on TPCM

doi:10.3969/j.issn.1671-1122.2016.06.004

Abstract

Abstract:

In order to measurement and control the operating system, China has proposed a parallel dual system architecture based on trusted platform control module (TPCM). But limited to hardware design and manufacturing capabilities, it is difficult to fully achieve the short term. This paper simplified the dual system architecture based on current hardware foundation, while retain the ability of initiative measurement. Design and implement an Active dynamic measurement mechanism based on trusted platform control module. Ensure trusted software base (TSB) in the full life cycle can be protect by TPCM, Effectively solve TSB’s own safety and security in running system. In this paper, made the formalize proof to the active dynamic mechanism, analysis the various aspects may be attacked and gave solutions, implement and tested the core technology too.

Key words: active measurement, dynamic measurement, trusted platform control module (TPCM), trusted software base (TSB)

CLC Number:

TP309

Jiansheng TIAN, Jing ZHAN. Research and Implementation of Active Dynamic Measurement Based on TPCM[J]. Netinfo Security, 2016, 16(6): 22-27.

Figures/Tables 6

References 14

[1]	Apple Inc. iOS Security Write Paper [EB/OL]. Apple Inc. , 2015.
[2]	张兴. 无干扰可信模型及可信平台体系结构实现研究[D]. 郑州:解放军信息工程大学,2009.
[3]	Microsoft Corporation. windows8-1-hardware-cert-requirements-system [EB/OL]., .
[4]	沈昌祥,张焕国,冯登国,等. 信息安全综述[J]. 中国科学(E 辑), 2007,37(2):129-150.
[5]	王冠. TPCM及可信平台主板标准[J]. 中国信息安全, 2015(2):66-68.
[6]	郭颖. 基于可信平台控制模块的主动度量方法[J]. 清华大学学报自然科学版,2012(52): 1465-1473.
[7]	王新成,孙宏,蔡吉仁,等. 基于TPM芯片的计算机安全启动系统设计[J]. 计算机工程与应用,2005,1(3):22-25.
[8]	庄琭,蔡勉,沈昌祥. 基于交互式马尔可夫链的可信动态度量研究[J]. 计算机研究与发展,2011,48(8):51-53.
[9]	辛思远,操作系统可信证明体系结构与模型研究[D]. 郑州:解放军信息工程大学,2012.
[10]	GB/T 29827-2013 信息安全技术可信计算可信平台主板功能接口[S]. 北京:国家密码管理局,2013.
[11]	沈昌祥,陈兴蜀.基于可信计算构建纵深防御的信息安全保障体系[J].四川大学学报(工程科学版). 2014(1):1-7.
[12]	RYAN R, JIANG Xuxian, XU Dongyan.2009. Multi-aspect Profiling of Kernel Rootkit Behavior[C]//ACM. Proceedings of the 4th ACM European conference on Computer systems (EuroSys '09), August 3-5, 2009, NweYok, USA. NewYork: Springer, 2009:47-60.
[13]	HAMDI YAHYAOUI, AISHA Al-Mutairi. A Feature-based Trust Sequence Classification Algorithm[J]. Information Sciences, 328(20):455-484.
[14]	ISO/IEC 11889-1:2009 Information technology -- Trusted Platform Module[S]. USA:Trusted Computing Group of ISO org, 2013.

[1]	Zhiyan ZHAO, Xiaomo JI. Research on the Intelligent Fusion Model of Network Security Situation Awareness [J]. Netinfo Security, 2020, 20(4): 87-93.
[2]	Min LIU, Shuhui CHEN. Research on VoLTE Traffic Based on Association Fusion [J]. Netinfo Security, 2020, 20(4): 81-86.
[3]	Lingyu BIAN, Linlin ZHANG, Kai ZHAO, Fei SHI. Ethereum Malicious Account Detection Method Based on LightGBM [J]. Netinfo Security, 2020, 20(4): 73-80.
[4]	Yifeng DU, Yuanbo GUO. A Dynamic Access Control Method for Fog Computing Based on Trust Value [J]. Netinfo Security, 2020, 20(4): 65-72.
[5]	Zhizhou FU, Liming WANG, Ding TANG, Shuguang ZHANG. HBase Secondary Ciphertext Indexing Method Based on Homomorphic Encryption [J]. Netinfo Security, 2020, 20(4): 55-64.
[6]	Rong WANG, Chunguang MA, Peng WU. An Intrusion Detection Method Based on Federated Learning and Convolutional Neural Network [J]. Netinfo Security, 2020, 20(4): 47-54.
[7]	Xiaoli DONG, Shuai SHANG, Jie CHEN. Impossible Differential Attacks on 9-Round Block Cipher Rijndael-192 [J]. Netinfo Security, 2020, 20(4): 40-46.
[8]	Chun GUO, Changqing CHEN, Guowei SHEN, Chaohui JIANG. A Ransomware Classification Method Based on Visualization [J]. Netinfo Security, 2020, 20(4): 31-39.
[9]	Lu CHEN, Yajie SUN, Liqiang ZHANG, Yun CHEN. A Scheme of Measurement for Terminal Equipment Based on DICE in IoT [J]. Netinfo Security, 2020, 20(4): 21-30.
[10]	Jinfang JIANG, Guangjie HAN. Survey of Trust Management Mechanism in Wireless Sensor Network [J]. Netinfo Security, 2020, 20(4): 12-20.
[11]	Jianwei LIU, Yiran HAN, Bin LIU, Beiyuan YU. Research on 5G Network Slicing Security Model [J]. Netinfo Security, 2020, 20(4): 1-11.
[12]	Peng LIU, Qian HE, Wangyang LIU, Xu CHENG. CP-ABE Scheme Supporting Attribute Revocation and Outsourcing Decryption [J]. Netinfo Security, 2020, 20(3): 90-97.
[13]	Yubo SONG, Ming FAN, Junjie YANG, Aiqun HU. Multipath Solution and Blocking Method of Network Attack Traffic Based on Topology Analysis [J]. Netinfo Security, 2020, 20(3): 9-17.
[14]	Tengfei WANG, Manchun CAI, Tianliang LU, Ting YUE. IPv6 Network Attack Source Tracing Method Based on iTrace_v6 [J]. Netinfo Security, 2020, 20(3): 83-89.
[15]	Yi ZHANG, Hongyan LIU, Hequn XIAN, Chengliang TIAN. A Cloud Storage Encrypted Data Deduplication Method Based on Authorization Records [J]. Netinfo Security, 2020, 20(3): 75-82.