面向可信计算平台的软件标识发布系统

针对应用软件缺乏可信性导致可信计算平台存在安全隐患的问题,提出一种以软件标识作为安全载体和验证手段的软件标识发布系统。介绍了其具体功能模块和工作流程,通过引入软件行为声明技术解决了发布之前软件来源的合法性和可信性问题,设计了一个认证协议解决了发布过程中软件的完整性问题,同时为用户提供了一种基于可信行为的最优软件推荐策略。应用事例证明本系统对进一步提高平台整体的可信性具有较高的研究意义和实用价值。...

Full description

Saved in:
Bibliographic Details
Published in计算机应用研究 Vol. 32; no. 7; pp. 2168 - 2171
Main Author 李剑飞 徐开勇 金雷 尚京
Format Journal Article
LanguageChinese
Published 信息工程大学密码工程学院,郑州,450004 2015
Subjects
可信计算
软件发布
软件可信性
软件标识
software identification
软件可信性
distribution system
software trustworthiness
可信计算
trusted computing
软件标识
软件发布
Online AccessGet full text

Cover

More Information
Summary:针对应用软件缺乏可信性导致可信计算平台存在安全隐患的问题,提出一种以软件标识作为安全载体和验证手段的软件标识发布系统。介绍了其具体功能模块和工作流程,通过引入软件行为声明技术解决了发布之前软件来源的合法性和可信性问题,设计了一个认证协议解决了发布过程中软件的完整性问题,同时为用户提供了一种基于可信行为的最优软件推荐策略。应用事例证明本系统对进一步提高平台整体的可信性具有较高的研究意义和实用价值。
Bibliography:51-1196/TP
Li Jianfei, Xu Kaiyong, Jin Lei, Shang Jing (Institute of Security Engineering, Information Engineering University, Zhengzhou 450004, China)
Aiming at the safety problems of trusted computing platform due to the Apps lack of trust, this paper presented a software identification distributing system, and introduced its function modules and workflow. Software identification acted as its safety carriers and authentication means, software behavior statement solved the problem of legitimacy and trust before distribution. It designed an authentication protocol to ensure the integrity of software during distribution, and provided a recommended strategies for choosing suitable software based on trustworthy behavior. Application examples demonstrate that the system has a higher research and practical value of enhancing the trustworthiness of the platform.
trusted computing; software identification; distribution system; software trustworthiness
ISSN:1001-3695
DOI:10.3969/j.issn.1001-3695.2015.07.061