操作系统内核的动态信度量模型.docVIP

操作系统内核的动态可信度量模型 摘要:动态可信度量是可信计算的研究热点和难点，针对由操作系统内核动态性所引起的可信度量困难问题，提出一种操作系统内核的动态可信度量模型，使用动态度量变量描述和构建系统动态数据对象及其关系，对内核内存进行实时数据采集，采用语义约束描述内核动态数据的动态完整性，通过语义约束检查验证内核动态数据是否维持其动态完整性。给出了模型的动态度量性质分析与证明，模型能够有效地对操作系统内核的动态数据进行可信度量，识别对内核动态数据的非法篡改。 关键词:可信计算；可信度量；动态度量；操作系统内核；远程证明 dynamic trusted measurement model of operating system kernel xin si.yuan1*, zhao yong2, liao jian.hua3, wang ting4 1．institute of electronic technology, information engineering university, zhengzhou henan 450004，china； 2．college of computer science，beijing university of technology，beijing 100124，china； 3．school of electronics engineering and computer science, peking university, beijing 100871, china； 4． unit 65047 of pla，shenyang liaoning 100805，chinaabstract: dynamic trusted measurement is a hot and difficult research topic in trusted computing. aim at the measurement difficulty problem invoked by the dynamic nature of operating system kernel a dynamic trusted kernel measurement (dtkm) model is proposed, dynamic measurement variable (dmv) is presented to describe and construct dynamic data objects and their relations, and the method of semantic constraint is proposed to measure the dynamic integrity of kernel components.in dtkm, the collection of memory data is implemented in real time, and the dynamic integrity is verified by checking whether the constructed dmv is consistent with semantic constraints which are defined based on the security semantic. formal analysis and application examples show that dtkm can effectively implement dynamic measurement of the kernel and detect the illegal modification of the kernel dynamic data. dynamic trusted measurement is a hot and difficult research topic in trusted computing. concerning the measurement difficulty invoked by the dynamic nature of operating system kernel, a dynamic trusted kernel measurement (dtkm) model was proposed. dynamic measurement variable (dmv) was presented to describe and construct dynamic data objects and their relations, and the method of se