基于信息流的可信操作系统度量架构

doi:10.7523/j.issn.2095-6134.2009.4.014

中国科学院大学学报 ›› 2009, Vol. 26 ›› Issue (4): 522-529.DOI: 10.7523/j.issn.2095-6134.2009.4.014

基于信息流的可信操作系统度量架构

胡浩^1,2,3, 张敏^2,3, 冯登国²

1. 中国科学技术大学电子工程与信息科学系，合肥 230027;
2. 中国科学院软件研究所信息安全国家重点实验室，北京 100190;
3. 信息安全共性技术国家工程研究中心，北京 100190

收稿日期:2009-02-20 修回日期:2009-04-07 发布日期:2009-07-15
通讯作者: 胡浩
基金资助:
国家科技支撑计划(2006BAH02A02)和国家高技术研究发展计划(863)(2006AA01Z454,2007AA01Z412)资助 

Information-flow-based measurement architecture of trusted operating system

HU Hao^1,2,3, ZHANG Min^2,3, FENG Deng-Guo²

1. Department of Electronic Engineering and Information Science, University of Science and Technology of China, Hefei 230027, China;
2. State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China;
3. National Engineering Research Center of Information Security, Beijing 100190, China

Received:2009-02-20 Revised:2009-04-07 Published:2009-07-15

摘要/Abstract

摘要：

将信息流和可信计算技术结合,可以更好地保护操作系统完整性.但现有的可信计算度量机制存在动态性和效率方面的不足,而描述信息流的Biba完整性模型在应用时又存在单调性缺陷.本文将两者结合起来,基于Biba模型,以可信计算平台模块TPM为硬件信任根,引入信息流完整性,并提出了可信操作系统度量架构:BIFI.实验表明,BIFI不仅能很好地保护信息流完整性,而且对现有系统的改动很少,保证了效率.

关键词: 操作系统完整性, 信息流, 可信计算, 完整性度量

Abstract:

We are motivated to provide better protection for operating system integrity with the help of information flow integrity and trusted computing. Traditional measurement based on trusted computing is poor in dynamic measurement and efficiency, while Biba fails in practical application because of its monotonic behavior. In this paper, we design an information flow integrity architecture called BIFI based on classical integrity model Biba with TPM as root of trust. Experiments show that BIFI protects information flow integrity effectively with only a few changes to existing systems.

Key words: operating system integrity, information flow, trusted computing, integrity measurement

中图分类号:

TP309

胡浩, 张敏, 冯登国. 基于信息流的可信操作系统度量架构[J]. 中国科学院大学学报, 2009, 26(4): 522-529.

HU Hao, ZHANG Min, FENG Deng-Guo. Information-flow-based measurement architecture of trusted operating system[J]. , 2009, 26(4): 522-529.

参考文献

[1] Trusted Computing Group. TPM Specification Version 1.2, Revision 103. http://www.trustedcomputinggroup.org, March 2007.

[2] Sailer R,Zhang X L,Jaeger T,et al. Design and implementation of a TCG-based integrity measurement architecture //Proceedings of the 13th USENIX Security Symposium, 2004. San Diego,2004.

[3] Jaeger T, Sailer R, Shankar U. PRIMA: policy-reduced integrity measurement architecture //Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies SACMAT. 2006.

[4] Biba K J. Integrity considerations for secure computer systems. Technical Report MTR-3153 .Mitre Corporation, Mitre Corp, Bedford MA, 1975.

[5] Timothy F. Lomac: Low water-mark integrity protection for cots environments //Proceedings of the 2000 IEEE Symposium on Security and Privacy. Washington DC, USA: IEEE Computer Society,2000.

[6] Guttman J, Herzog A, Ramsdell J. Information flow in operating systems: Eager formal methods //Workshop on Issues in the Theory of Security. 2003.

[7] Jedidiah R C, S Felix W U. Minos: Architectural support for protecting control data
[J]. ACM Transactions on Architecture and Code Optimization, 2006,3(4):359-389.

[8] Neil V, Matthew J B, Jonathan C,et al.RIFLE: An architectural framework for user-centric information-flow security //Proceedings of the 37th International Symposium on Microarchitecture, 2004.

[9] Clark D D,Wilson D R. A comparison of commercial and military computer security policies //Proceedings of the 1987 IEEE Symposium on Security and Privacy. 1987.

[10] Huang Q, Shen C X, Chen Y L, et al. Secrecy/integrity union MLS policy based on trusting computing
[J]. Computer Engineering and Applications, 2006, 42(10): 15-18 (in Chinese). 黄强,沈昌祥,陈幼蕾,等. 基于可信计算的保密和完整性统一安全策略 .计算机工程与应用,2006,42(10):15-18.

[11] Sean W S. Outbound authentication for programmable secure coprocessors //Proceedings of the 7th European Symposium on Research in Computer Security.London:Springer-Verlag,2002.

[12] Dieter G. Computer Security
[M].London:John Wiley & Sons Press,1999.

[13] National Security Agency. Security-Enhanced Linux(SELinux). http://www.nsa.gov/selinux, 2001.

[14] Jaeger T, Sailer R, Zhang X L. Analyzing integrity protection in the SELinux example policy //Proceedings of the 12th USENIX Security Symposium. USENIX,2003.

[15] Kuhn U, Selhorst M, Stuble C. Realizing property-based attestation and sealing with commonly available hard-and software //Proceedings of 2nd ACM Workshop on Scalable Trusted Computing. 2007.

[16] Feng DG, Qin Y. Research on attestation method for trust computing environment
[J]. Chinese Journal of Computers,2008,31(9):1640-1652(in Chinese). 冯登国, 秦宇. 可信计算环境证明方法研究
[J]. 计算机学报, 2008,31(9):1640-1652.

[17] Dalton C, Plaquin D, Weidner W,et al.Trusted virtual platforms: a key enabler for converged client devices
[J]. ACM SIGOPS Operating Systems Review,2009,43(1): 36-43.

基于信息流的可信操作系统度量架构

Information-flow-based measurement architecture of trusted operating system

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 6

编辑推荐

Metrics

本文评价

访问统计

联系我们

[1]	李艳, 孙阳, 陈雯. 反身性视角下信息流空间建构与网络韧性分析：以长三角百度用户热点搜索为例[J]. 中国科学院大学学报, 2021, 38(1): 62-72.
[2]	吴敬征, 武延军, 武志飞, 杨牧天, 罗天悦, 王永吉. 基于有向信息流的Android隐私泄露类恶意应用检测方法[J]. 中国科学院大学学报, 2015, 32(6): 807-815.
[3]	李凤海, 张佰龙, 杜皎, 宋衍, 李爽. 一种基于可信计算的涉密文件抗丢失技术[J]. 中国科学院大学学报, 2015, 32(5): 714-720.
[4]	沈丽红, 徐震. 基于可信计算平台的电子现金技术[J]. 中国科学院大学学报, 2009, 26(5): 712-719.
[5]	徐震, 沈丽红, 汪丹. 一种可配置的可信引导系统[J]. 中国科学院大学学报, 2008, 25(5): 626-630.
[6]	崔奇, 石文昌. 一种通过应用程序验证TPM标准符合性的方法[J]. 中国科学院大学学报, 2008, 25(5): 657-664.