基于可信计算的动态完整性度量架构
doi: 10.3724/SP.J.1146.2009.00408
TPM-Based Dynamic Integrity Measurement Architecture
-
摘要: 该文提出一种基于可信计算的操作系统动态度量架构(DIMA),帮助管理员动态地检查系统中进程和模块的完整性。相对于以往的各种操作系统度量架构,该架构能按需对系统中活动的进程或模块进行动态实时的完整性度量与监控,基本解决了其他架构难以避免的TOC-TOU问题,特别是针对某些直接对运行中的进程的攻击有很好的效果。另外,DIMA实现了对对象细粒度度量由度量整个文件实体细分为度量代码、参数、堆栈等等。最后给出了基于Linux操作系统的动态度量原型实现,在实现中使用了基于可信平台模块(TPM)作为架构的信任源点,测试结果表明DIMA能够实现预定目标且有良好的性能。Abstract: This paper presents a TPM-based architecture DIMA (Dynamic Integrity Measurement Architecture), which helps the administrators check the integrity of the processes and modules dynamically. Compares with other measurement architectures, DIMA uses a new mechanism to provide dynamic measurement of the running processes and kernel modules. Some attacks to running processes which use to be invisible to other integrity measurement architectures can be now detected. In this case, DIMA solves the TOC-TOU problem which always bothers others before. In addition, instead of measuring the whole file on the hard disk, the object is divided into some small pieces: code, parameter, stack and so on to make a fine-grained measurement result. Finally, the DIMA implementation using Trust Computing Module (TPM) is discussed and the performance data is presented.
计量
- 文章访问数: 5094
- HTML全文浏览量: 303
- PDF下载量: 3716
- 被引次数: 0