摘要
尽管近年来为移动终端实现完整性证明做出了许多努力,嵌入式平台上轻量级的完整性度量与证明机制仍是一个开放问题.本文利用ARM TrustZone的最高安全权限来实现可信的完整性度量组件,提出了一种支持动态更新的TrustZone安全域完整性度量方案.针对基于二进制完整性度量机制无法解决竞争条件缺陷带来的TOC-TOU攻击问题,构建了一种基于探针机制的系统内核与用户程序完整性动态监测模型ProbeIMA,实现了在系统运行的完整生命周期中动态检测系统与用户程序的完整性变更.安全性分析和实验结果表明ProbeIMA能够有效防御TOC-TOU攻击,满足预期的安全需求.并且,所提方案具备更好的通用性与较小的性能损失.
Despite the many efforts made in recent years to achieve integrity attestation for mobile terminals,the lightweight integrity measurement and attestation mechanism for mobile embedded platforms remains as an open issue.This paper presents an integrity measurement scheme that runs in the ARM TrustZone security domain.To solve the TOC-TOU attack caused by the race condition defect of the binary integrity measurement mechanism,this paper proposes ProbeIMA,a dynamic monitoring model for system kernel and user program's integrity based on the probe mechanism,to achieve dynamic detection integrity modify during the whole life cycle of system operation.An experiment and security analysis proves that ProbeIMA can effectively defend against TOC-TOU attacks and meet expected security requirements.Moreover,the solution proposed in this paper has better versatility and less performance loss.
作者
汪自旺
庄毅
晏祖佳
WANG Zi-wang;ZHUANG Yi;YAN Zu-jia(College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2021年第11期2422-2427,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61572253)资助
航空科学基金项目(2016ZC52030)资助.
关键词
移动安全
完整性度量
动态更新
度量机制
mobile security
integrity measurement
dynamic update
measurement mechanism
