The theory and practice in the evolution of trusted computing  被引量：5

作　　者：Dengguo Feng Yu Qin Wei Feng Jianxiong Shao 

机构地区：[1]Trusted Computing and Information Assurance Laboratory,Institute of Software, Chinese Academy of Sciences [2]State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences

出　　处：《Chinese Science Bulletin》2014年第32期4173-4189,共17页

基　　金：supported by the National BasicResearch Program of China(2013CB338003);the National Natural Science Foundation of China(91118006 and 61202414)

摘　　要：Trusted computing(TC)is an emerging technology to enhance the security of various computing platforms by a dedicated secure chip(TPM/TCM),which is widely accepted by both the industrial and academic world.This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work.In theory,we focus on protocol design and security analysis.We have proposed the first ECDAA protocol scheme based on q-SDH assumption,which highlights a new way to design direct anonymous attestation scheme.In technical evolution,we discuss the key technologies of trust chain,trusted network connection and TC testing and evaluation.We break through several key technologies such as trusted boot,OS measurement and remote attestation,and implement a TC system from TPM/TCM to network.We also design and implement a testing and evaluation system of TC platform,which is the first one put into practical application in China.Finally,with the rapid development of cloud computing and mobile applications,TC is moving toward some new directions,such as the trust in cloud and mobile environments,new TPM standard,and flexible trust execution environment trust establishment method.Trusted computing （TC） is an emerging tech- nology to enhance the security of various computing plat- forms by a dedicated secure chip （TPM/TCM）, which is widely accepted by both the industrial and academic world. This paper attempts to sketch the evolution of TC from the view of our theoretical and engineering work. In theory, we focus on protocol design and security analysis. We have proposed the first ECDAA protocol scheme based on q-SDH assumption, which highlights a new way to design direct anonymous attestation scheme. In technical evolu- tion, we discuss the key technologies of trust chain, trusted network connection and TC testing and evaluation. We break through several key technologies such as trusted boot, OS measurement and remote attestation, and imple- ment a TC system from TPM/TCM to network. We also design and implement a testing and evaluation system of TC platform, which is the first one put into practical application in China. Finally, with the rapid development of cloud computing and mobile applications, TC is moving toward some new directions, such as the trust in cloud and mobile environments, new TPM standard, and flexible trust execution environment trust establishment method.

关 键 词：可信计算 TCM 计算平台 移动应用 TPM 安全芯片 安全分析 匿名认证 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]