基于无干扰理论的可信链模型  被引量：29

作　　者：赵佳[1] 沈昌祥[1] 刘吉强[1] 韩臻[1] 

机构地区：[1]北京交通大学计算机与信息技术学院,北京100044

出　　处：《计算机研究与发展》2008年第6期974-980,共7页Journal of Computer Research and Development

基　　金：国家“九七三”重点基础研究发展规划基金项目(2007CB307101);国家“八六三”高技术研究发展计划基金项目(2007AA01Z410,20060101Z4015)~~

摘　　要：可信计算的相关研究已成为当前国内外信息安全方面的研究热点和趋势之一.可信计算技术也成为构建安全计算机系统行之有效的新技术.目前可信计算理论的发展滞后于技术的发展,针对可信计算中可信链传递缺乏理论模型的问题,将无干扰理论引入到可信计算领域,提出了计算机系统可信的基本理论.从动态的角度建立了基于无干扰理论的可信链模型,并对该模型进行了形式化描述和验证,而且实现了基于Linux操作系统内核的可信启动过程.其实现思路对于可信计算理论的发展和应用具有很好的参考价值.The traditional information security systems, such as firewall, intrusion detection and antivirus, are all preventing attacks from the outside. But these methods can＇t meet the various security requirements. Therefore, experts appeal to solve the problems from the inner. Under this background, TCG proposed the conception of trusted computing. It aims to improve the security on the terminals. At present, trusted computing and its related researches are the focus and trend of information security in inland and oversea. Trusted computing is the foundation of the security, and it may solve the insecure problem caused by the platform of hardware in PC. Trust chain starts from the trust root. TCG introduces the idea of the trusted into the computing environment, but there is still not the formalized uniform description. Trusted computing is still a technology but not a theory, and the basic theory model has not been established. Noninterference theory is introduced into the domain of trusted computing to construct the trusted chain theoretic model. The basic theory of the computing trusted is proposed and a noninterference-based trusted chain model is built from the dynamic point of view, and then the model is formalized and verified. Finally, the process of start up based on Linux operating system kernel is implemented. The implementation provides a good reference for the development and aoolication of the trusted computing theory as well.

关 键 词：可信计算 可信计算平台 可信链 无干扰理论 可信根 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]