| 一种通过应用程序验证TPM标准符合性的方法 |
| |
| 作者姓名: | 崔奇 石文昌 |
| |
| 作者单位: | 1. 中国科学院研究生院,北京 100049; 2. 中国科学院软件研究所,北京 100080
3. 中国人民大学DEKE教育部重点实验室信息安全组, 北京 100872 |
| |
| 摘 要: | 安全涉及系统保护与策略符合性两层意义。目前TCG尽管已经发布了可信计算的相关标准,但是缺乏标准符合性验证的规范。本文将一种验证TPM命令标准符合性的机制引入到可信计算应用程序之中,在TPM执行功能之前检验其相关命令的标准一致性。同时,本文还进一步讨论了标准符合链的思想,通过确保每个组件的标准符合性来加强整个计算平台的安全性。
|
| 关 键 词: | 可信计算组织(TCG) 可信平台模块(TPM) 标准符合性测试 标准符合链 |
An approach for compliance validation of TPM through applications |
| |
| Authors: | CUI Qi SHI Wen-Chang |
| |
| Institution: | 1. Graduate University, Chinese Academy of Sciences, Beijing 100049, China;
2. Institute of Software, Chinese Academy of Sciences, Beijing 100080, China; 3. Information Security Group, MOE Key Lab of DEKE, Renmin University, Beijing 100872, China |
| |
| Abstract: | Security involves both protection and compliance. Although the Trusted Computing Group (TCG) has defined specifications for Trusted Computing, including those of Trusted Platform Module (TPM), criteria on compliance testing is still not available. In this paper, a test mechanism checking TPM commands is instrumented into TPM applications, which will validate TPM’s conformance to specifications before its functional execution. Based on this, the initial idea of a chain of compliance is also discussed to enhance the trustworthiness of computing platforms by verifying the conformance of their components. |
| |
| Keywords: | trusted computing group (TCG) trusted platform module (TPM) compliance test chain of compliance |
|
| 点击此处可从《》浏览原始摘要信息 |
| 点击此处可从《》下载免费的PDF全文 |
|
