摘要
可信动态度量为保障可信计算平台的可靠运行提供了重要支撑.根据系统的可靠性、可用性、信息和行为安全性,提出了可信度量要达到的目标.当前的可信度量集中在可信功能度量上,基于交互式马尔可夫链增加性能特征指标度量,即在预期行为描述模型中,运用变迁系统模型描述功能预期,通过将体现在可靠性上的路径概率与预期的关联,获取完成特定行为功能在时间特征上的预期,用于性能特征指标的度量.所构建的功能与性能特征预期用于对系统运行时证据实施相应的功能与性能上的可信性验证.基于交互式马尔可夫链的动态度量模型,从性能角度完善了对可靠性的保障,更全面地确保了系统的可信.
Trusted computing ensures trustworthiness of a platform through extending the trust boundary from the root to the whole platform. Trusted measurement is invoked before the trust boundary is extended from one entity to including another. Static measurement, which takes place at startup, cannot ensure runtime trustworthiness, and therefore dynamic trusted measurement is indispensable to guarantee a computer platform to run dependably. According to dependability, availability and security of information and behavior, targets of trusted measurement are established. In present schemes of dynamic trusted measurement, the measurement of functionality is focused on, whereas dependability cannot be guaranteed without the measurement of performance. Based on interactive Markov chains (IMC), the measurement of performance feature besides function feature is introduced. In the expected behavior description, the function expectation is described through a model of transition system and the performance expectation is described through relating path probability indicating dependability to the time expectation in which a certain specific behavior function is achieved. By comparing the runtime evidence of a platform with a specific expectation, trusted verification on a combination of functionality and performance is achieved. The trusted dynamic measurement model based on IMC ensures dependability in the feature of performance besides function and guarantees trustworthiness of a platform across the board.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2011年第8期1464-1472,共9页
Journal of Computer Research and Development
基金
国家“九七三”重点基础研究发展计划基金项目(2007CB311100)
国家“八六三”高技术研究发展计划基金项目(2009AA012437)
“核高基”国家科技重大专项基金项目(2010ZX01037-001-001)
关键词
可信计算
可信动态度量
交互式马尔可夫链
功能度量
性能度量
trusted computing
trusted dynamic measurement
interactive Markov chains
functionality measurement
performance measurement
