Research on trusted computing technology

Jisuanji Yanjiu yu Fazhan/Computer Research and Development

Volumn 48, Issue 8, 2011, Pages 1332-1349

  Feng, Dengguo ^a   Qin, Yu ^a   Wang, Dan ^a   Chu, Xiaobo ^a  

^a INSTITUTE OF SOFTWARE   (China)

Author keywords

Remote attestation; TCM; TPM; Trust chain; Trusted computing; Trusted computing testing and evaluation

Indexed keywords

REMOTE ATTESTATION; TCM; TPM; TRUST CHAIN; TRUSTED COMPUTING;

AUTOMATIC TEST PATTERN GENERATION; INDUSTRY; NETWORK SECURITY; RESEARCH; SOCIETIES AND INSTITUTIONS; SPECIFICATIONS;

INFORMATION TECHNOLOGY;

EID: 80052675629     PISSN: 10001239     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Review

References (85)

1. China Internet Network Information Center. 2005 Survay report of Chinese internet security [EB/OL]. 2005. [2011-01-25]. http://www.cnnic.net.cn
2. Common Criteria Project Sponsoring Organisation. Common criteria for information technology security evaluation. ISO/IEC International Standard 15408 version 2.1[S]. Genevese: Common Criteria Project Sponsoring Organisation, 1999
3. Avizienis A, Laprie J C, Randell B, et al. Basic concepts of dependable and secure computing[J]. IEEE Trans on Dependable and Secure Computing, 2004, 1(1): 11-33
4. Trusted Computing Group. TCG specification architecture overview, version 1.2 [EB/OL]. 2003. [2011-01-25]. https://www.trustedcomputinggroup.org
5. China State Password Administration Committee. Technic specification of cryptographic supporting platform for trusted computing [EB/OL]. 2007. [2011-01-25]. http://www.oscca.gov.cn/ (in Chinese)
6. Trusted Computing Group. TPM main specification, version 1.2 [EB/OL]. 2003. [2011-01-25]. https://www.trustedcomputinggroup.org
7. Microsoft. Security model for the next-generation secure computing base [EB/OL]. 2002. [2011-01-25]. http://www.microsoft.com/resources/ngscb/ documents/ngscb_security_model.doc
8. Intel. Trusted execution technology architecture overview [EB/OL]. 2003. [2011-01-25]. http://www.intel.com/technology/security/arch-overview.pdf
9. Petroni NJr, Fraser T, et al. Copilot-A coprocessor-based kernel runtime integrity monitor [C] //Proc of the 13th Conf on USENIX Security Symposium. Berkeley: USENIX, 2004: 179-194
10. Seshadri A, Luk M, Shi E, et al. Pioneer: Verifying code integrity and enforcing untampered code execution on legacy systems[C] //Proc of the 12th ACM Symp on Operating Systems Principles. New York: ACM, 2005: 1-16
11. Sailer R, Zhang Xiaolan, Jaeger T, et al. Design and implementation of a TCG-based integrity measurement architecture [C] //Proc of USENIX Security'04. Berkeley: USENIX, 2004: 223-238
12. Jaeger T, Sailer R, Shankar U. PRIMA: Policy-reduced integrity measurement architecture [C] //Proc of the 11th ACM Symp on Access Control Models and Technologies. New York: ACM, 2006: 19-28
13. Shi E, Perrig A, Doorn L V. BIND: A fine-grained attestation service for secure distributed systems [C] //Proc of the 2005 IEEE Symp on Security and Privacy. Los Alamitos, CA: IEEE Computer Society, 2005: 154-168
14. Peng Guojun, Pan Xuanchen, Zhang Huanguo, et al. Dynamic trustiness authentication framework based on software's behavior integrity [C] //Proc of the 9th Int Conf for Young Computer Scientists (ICYCS 2008). Los Alamitos, CA: IEEE Computer Society, 2008: 2283-2288
15. Xu Ziyao, He Yeping, Deng Lingli. An integrity assurance mechanism for run-time programs [C] //Proc of Information Security and Cryptology. Berlin: Springer, 2009: 389-405
16. Loscocco PA, Wilson PW, Pendergrass JA, et al. Linux kernel integrity measurement using contextual inspection [C] //Proc of the 2nd ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007: 21-29
17. Azab AM, Ning P, Sezer EC, Zhang X. HIMA: A hypervisor-based integrity measurement agent [C] //Proc of the 2009 Annual Computer Security Applications Conf. Los Alamitos, CA: IEEE Computer Society, 2009: 461-470
18. Azab AM, Ning Peng, Wang Zhi, et al. HyperSentry: Enabling stealthy in-context measurement of hypervisor integrity [C] //Proc of the 17th ACM Conf on Computer and Communications Security. New York: ACM, 2010: 38-49
19. Berger S, Cáceres R, Goldman K A, et al. vTPM: Virtualizing the trusted platform module [C] //Proc of the 15th USENIX Security Symposium. Berkeley: USENIX, 2006: 305-320
20. Sadeghi AR, Stüble C, Winandy M. Property-based TPM virtualization [C] //Proc of the 11th Int Conf on Information Security. Berlin: Springer, 2008: 1-16
21. Camenisch J, Lysyanskaya A. A signature scheme with efficient protocols[C] //Proc of 3rd Int Conf Security in Communication Networks. Berlin: Springer, 2003: 268-289
22. Brickel E, Camenisch J, Chen L. Direct anonymous attestation[C] //Proc of the ACM Conf on Computer and Communications Security. New York: ACM, 2004: 132-145
23. He Ge, Tate SR. A direct anonymous attestation scheme for embedded devices [C] //Proc of Public Key Cryptography. Berlin: Springer, 2007: 16-30
24. Camenisch J, Lysyanskaya A. Signature schemes and anonymous credentialsfrom bilinear maps [C] //Proc of CRYPTO 2004. Berlin: Springer, 2004: 56-72
25. Brickel E, Chen Liqun, Li Jiangtao. A new direct anonymous attestation scheme from bilinear maps [C] //Proc of Trusted Computing-Challenges and Applications. Berlin: Springer, 2008: 166-178
26. Boneh D, Boyen X. Short signatures without random oracles [C] //Proc of EUROCRYPT 2004. Berlin: Springer, 2004: 56-73
27. Chen Xiaofeng, Feng Dengguo. Direct anonymous attestation for next generation TPM[J]. Journal of Computers, 2008, 43(50): 43-50
28. Chen Liqun, Morrissey P, Smart N P. DAA: Fixing the pairing based protocols, PB 2009/198[R/OL]. 2009. [2009-05-20]: http://eprint.iacr.org/2009/198
29. Chen Liqun. A DAA scheme using batch proof and verification [C] //Proc of the 3rd Int Conf on Trust and Trustworthy Computing. Berlin: Springer, 2010: 166-180
30. Chen Liqun, Page D, Smart N P. On the design and implementation of an efficient DAA scheme [C] //Proc of Smart Card Research and Advanced Application Conf CARDIS 2010. Berlin: Springer, 2010: 223-238
31. Sailer R, Doorn V L, Ward J P. The Role of TPM in Enterprise Security, PB RC23363[R]. New York: IBM, 2004
32. Poritz J, Schunter M, Herreweghen E V, et al. Property attestation scalable and privacy friendly security assessment of peer computer, PB RZ3548[R]. New York: IBM, 2004
33. Sadeghi A R, Stüble C. Property-based attestation for computing platforms: Caring about properties, not Mechanisms [C] //Proc of the 2004 Workshop on New Security Paradigms. New York: ACM, 2004: 67-77
34. Chen Liqun, Landfermann R, Löhr H, et al. A protocol for property-based attestation [C] //Proc of the 2006 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2006: 7-16
35. Kühn U, Selhorst M, Stüble C. Realizing property-based attestation and sealing with commonly available hard-and software [C] //Proc of the 2007 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007: 50-57
36. Chen Liqun, Lohr H, Manulis M, et al. Property-based Attestation without a Trusted Third Party [C] //Proc of the 11th Int Conf on Information Security. Berlin: Springer, 2008: 31-46
37. Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing [C] //Proc of USENIX Virtual Machine Research and Technology Symp. Berkeley: USENIX, 2004: 29-41
38. Seshadri A, Perrig A, Doorn L V, et al. SWATT: Software-based attestation for embedded devices [C] //Proc of the IEEE Security & Privacy Conf. Los Alamitos, CA: IEEE Computer Society, 2004: 272-282
39. Li Xiaoyong, Zuo Xiaodong, Shen Changxiang. System behavior based trusteworthiness attestation for computing platform[J]. Acta Electronica Sinica, 2007, 35(7): 1234-1239 (in Chinese)
40. Neumann P G. Principled assuredly trustworthy composable architectures [EB/OL]. 2004. [2011-01-25]. http://www.csl.sri.com/neumann/chats4.html.
41. Ellison R J, Moore A P. Trustworthy Refinement through Intrusion-Aware Design (TRIAD), PB ADA414865[R]. Pittsburgh: Software Engineering Institute, 2002
42. Lin Chuang, Peng Xuemei. Research on trusted network[J]. Chinese Journal of Computer, 2005, 28: 751-758 (in Chinese)
43. Cisco System. Network admission control (NAC) executive overview [EB/OL]. 2009. [2011-01-25]. http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns171/ ns466/ns617/net_implementation_white_paper0900aecd8051fc24.pdf
44. Microsoft Corporation. Network access protection platform architecture[EB/OL]. 2008. [2011-01-25]. http://download.microsoft.com/download/3/9/f/ 39ff0ca3-56d1-4d93-af46-98f92134d040/NAPArch.doc
45. Trusted Computing Group. TNC architecture for interoperability [EB/OL]. [2011-01-25]. http://www.trustedcomputinggroup.org/resources/ tnc_architecture_for_interoperability_specification
46. Zhang Huanguo, Chen Lu, Zhang Liqiang. Research on trusted network connection[J]. Chinese Journal of Computer, 2010, 33(4): 706-717 (in Chinese)
47. Goldman K, Perez R, Sailer R. Linking remote attestation to secure tunnel endpoints [C] //Proc of the 2006 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2006: 21-24
48. Gasmi Y, Sadeghi A R, Stewin P, et al. Beyond secure channels[C] //Proc of the 2007 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007: 30-40
49. Armknecht F, Gasmi Y, Sadeghi A R, et al. An efficient implementation of trusted channels based on openssl [C] //Proc of the 2008 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2008: 41-50
50. Sadeghi A R, Selhorst C, Stüble C, et al. TCG inside?-A note on TPM specification compliance [C] //Proc of the 2006 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2006: 47-56
51. Cui Qi, Shi Wenchang. An approach for compliance validation of TPM through applications[J]. Journal of the Graduate School of the Chinese Academy of Sciences. 2008, 25(5): 649-656 (in Chinese)
52. Zhang Huanguo, Yan Fei, Fu Jianming, et al. Research on theory and key technology of trusted computing platform security testing and evaluation[J]. Science in China: Series F Information Sciences, 2010, 53(3): 434-453 (in Chinese)
53. Trusted Computing Group. TCG certification program announcement [EB/OL]. [2011-01-25]. http: //www.infineon.com/cms/en/corporate/press/news/ releases/2009/INFCCS200912-015.html; http: //www.trustedcomputinggroup.org/certification
54. Trusted Computing Group. Protection profile of PC client specific trusted platform module TPM Family 1.2 [EB/OL]. [2011-01-25]. http: //www.trustedcomputinggroup.org/resources/tpm_12_protection_profile/
55. Trusted Computing Group. Security conformance evaluation of the infineon TPM confirmed by common criteria certificate [EB/OL]. [2011-01-25]. http://www.infineon.com/cms/en/corporate/ press/news/releases/2009/INFCCS200912-015.html
56. Bruschi D, Cavallaro L, Lanzi A, et al. Replay attack in TCG specification and solution [C] //Proc of the 21st Annual Computer Security Applications Conf. Los Alamitos, CA: IEEE Computer Society, 2005: 438-453
57. Chen Liqun, Ryan M. Attack. Solution and verification for shared authorisation data in TCG TPM [C] //Proc of the 6th Workshop on Formal Aspects in Security and Trust. Berkeley: USENIX, 2005: 201-216
58. Backes M, Maffei M, Unruh D. Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol [C] //Proc of the 2008 IEEE Symp on Security and Privacy. Los Alamitos, CA: IEEE Computer Society, 2008: 202-215
59. Datta A, Franklin J, Garg D, et al. A logic of secure systems and its application to trusted computing [C] //Proc of the 2009 IEEE Symp on Security and Privacy. Los Alamitos, CA: IEEE Computer Society, 2009: 221-236
60. Chen Xiaofeng, Feng Dengguo. Model checking of trusted cryptographic module[J]. Journal on Communications, 2010, 31(1): 59-65 (in Chinese)
61. Chen Jun. Security analysis and application of trusted platform module[D]. Beijing: Institute of Computing Technology, Chinese Academy of Science, 2006 (in Chinese)
62. Wang Dan, Feng Dengguo. Trustworthiness-based trust chain model [C] //Proc of the 7th China Conf on Information and Communications Security. Beijing: Science Press, 2010: 1-5 (in Chinese)
63. Nie Xiaowei, Feng Denguo. Modified security model based on dynamic trusted degree[J]. Journal on Communications, 2008, 29(10): 37-44 (in Chinese)
64. Liu Ziwen, Feng Dengguo. TPM-based dynamic integrity measurement architecture[J]. Journal of Electronics & Information Technology, 2010, 32(4): 875-879 (in Chinese)
65. Hu Hao, Feng Dengguo. BIFI: Architectural support for information flow integrity measurement[C] //Proc of 2008 Int Conf on Computer Science and Software Engineering. Los Alamitos, CA: IEEE Computer Society, 2008: 605-609
66. Qin Yu, Feng Dengguo, Liu Chunyong. TPM context manager and dynamic configuration management for trusted virtualization platform[J]. Wuhan University Journal of Natural Sciences, 2008, 13(5): 1-8
67. Chen Xiaofeng, Feng Dengguo. Direct anonymous attestation based on bilinear maps[J]. Journal of Software, 2010, 21(8): 2070-2078 (in Chinese)
68. Chen Xiaofeng, Feng Dengguo. A new direct anonymous attestation from bilinear maps [C] //Proc of The 2008 Int Symp on Trusted Computing. Los Alamitos, CA: IEEE Computer Society, 2008: 2308-2313
69. Feng Dengguo, Xu Jing, Chen Xiaofeng. An efficient direct anonymous attestation scheme with forward security[J]. WSEAS Transas on Communications, 2009, 10(8): 1076-1085
70. Chen Xiaofeng, Feng Dengguo. A direct anonymous attestation scheme in multi-domain environment[J]. Chinese Journal of Computers, 2008, 31(7): 1122-1130 (in Chinese)
71. Feng Dengguo, Qin Yu. A property-based attestation protocol for TCM[J]. Science in China: Series F Information Sciences, 2010, 53(3): 454-464 (in Chinese)
72. Qin Yu, Feng Dengguo, Xu Zhen. An anonymous property-based attestation protocol from bilinear maps [C] //Proc of Int Conf on Computational Science and Engineering. Los Alamitos, CA: IEEE Computer Society, 2009: 732-738
73. Qin Yu, Feng Dengguo. Component property-based remote attestation[J]. Journal of Software, 2009, 20(6): 1625-1641 (in Chinese)
74. Yu Aimin, Chu Xiaobo, Feng Dengguo. Research of platform anonymous identity management based on trusted chip[J]. Chinese Journal of Computers, 2010, 33(9): 1-10 (in Chinese)
75. Wang Dan, Feng Dengguo, Xu Zhen. An approach to data sealing based on trusted virtualization platform[J]. Journal of Computer Research and Development, 2009, 46(8): 1325-1333 (in Chinese)
76. Li Hao, Qin Yu, Feng Dengguo. Research on virtual monotonic counters using trusted platform module[J]. Journal of Computer Research and development, 2011, 48(3): 415-422 (in Chinese)
77. Chu Xiaobo, Qin Yu. A distributed usage control system based on trusted computing[J]. Chinese Journal of Computers, 2010, 33(1): 93-102 (in Chinese)
78. Li Hao, Hu Hao. UCFS: Building a usage controlled file system with a trusted platform module[C] //Proc of the 1st Chinese Conf on Trust Computing Theory and Practice. Beijing: Tsinghua University Press, 2009: 10-23
79. Yu Aimin, Feng Dengguo, Liu Ren. TBDRM: A TPM-based secure DRM architecture [C] //Proc of Int Conf on Computational Science and Engineering. Los Alamitos, CA: IEEE Computer Society, 2009: 671-677
80. Hu Hao, Li Hao, Feng Dengguo. L-UCON: Towards layered access control with UCON [C] //Proc of Int Conf on Computational Science and Engineering. Los Alamitos, CA: IEEE Computer Society, 2009: 823-829
81. Chen Xiaofeng. The formal analysis and testing of trusted platform module[J]. Chinese Journal of Computers, 2009, 32(4): 27-34 (in Chinese)
82. Li Hao, Hu Hao, Chen Xiaofeng. Research on compliant testing method of trusted cryptography module[J]. Chinese Journal of Computers, 2009, 32(4): 1-10 (in Chinese)
83. Chinese Association for Cryptologic Research. China Report on Advances in Cryptography, 2008[M]. Beijing: Publishing House of Electronics Industry, 2009 (in Chinese)
84. Shen Changxiang, Zhang huanguo, Feng Dengguo, et al. A survey of information security[J]. Science in China: Series F Information Sciences, 2007, 50(3): 273-298 (in Chinese)
85. Feng Dengguo. Security Protocol-Theory and Practice [M]. Beijing: Tsinghua University Press, 2011 (in Chinese)