Towards a Source-Code Oriented Attestation  被引量:1

Towards a Source-Code Oriented Attestation

在线阅读下载全文

作  者:Ruan Anbang Shen Qingni Wang Li Qin Chao Gu Liang Chen Zhong 

机构地区:[1]School of Software and Microelectronics, Peking University, Beijing 102600, China [2]Network and Information Security Laboratory, Institute of Software, School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China [3]Key Laboratory of High Confidence Software Technologies of the Ministry of Education, Peking University, Beijing 100871, China [4]First Research Institute of Ministry of Public Security of China, Beijing 100048, China

出  处:《China Communications》2009年第4期82-87,共6页中国通信(英文版)

基  金:This work is under support of National Natural Science Foundation of China under grant No. 60873238.

摘  要:The Binary-based attestation (BA) mechanism presented by the Trusted Computing Group can equip the application with the capability of genuinely identifying configurations of remote system. However, BA only supports the attestation for specific patterns of binary codes defined by a trusted party, mostly the software vendor, for a particular version of a software. In this paper, we present a Source-Code Oriented Attestation (SCOA) framework to enable custom built application to be attested to in the TCG attestation architecture. In SCOA, security attributes are bond with the source codes of an application instead of its binaries codes. With a proof chain generated by a Trusted Building System to record the building procedure, the challengers can determine whether the binary interacted with is genuinely built from a particular set of source codes. Moreover, with the security attribute certificates assigned to the source codes, they can determine the trustworthiness of the binary. In this paper, we present a TBS implementation with virtualization.

关 键 词:remote attestation trusted building system VIRTUALIZATION source-code 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象