浏览全部资源
扫码关注微信
跨平台的可信执行环境模块方案研究
Research of a trusted execution environment module for multiple platforms
- 通信学报 2014年35卷第Z2期 页码:72-85
- 作者机构:
中国科学院 软件研究所,北京100190
- 作者简介:
[ "张倩颖(1986-),女,河北三河人,中国科学院博士生,主要研究方向为网络与系统安全、可信计算。" ]
[ "赵世军(1985-),男,山东潍坊人,中国科学院博士生,主要研究方向为网络与系统安全、可信计算。" ]
[ "冯伟(1986-),男,湖北荆州人,中国科学院博士生,主要研究方向为网络与系统安全、可信计算。" ]
[ "秦宇(1979-),男,重庆人,博士,中国科学院助理研究员,主要研究方向为网络与系统安全、可信计算。" ]
[ "冯登国(1965-),男,陕西靖边人,中国科学院研究员、博士生导师,主要研究方向为网络与信息安全。" ]
- 基金信息:国家自然科学基金资助项目(91118006);国家自然科学基金资助项目(61202414);国家重点基础研究发展计划(“973计划)基金资助项目(2013CB338003)
DOI:10.3969/j.issn.1000-436x.2014.z2.011
中图分类号: TP309-
网络出版日期:2014-11,
纸质出版日期:2014-11-30
- 稿件说明:
移动端阅览
张倩颖, 赵世军, 冯伟, 等. 跨平台的可信执行环境模块方案研究[J]. 通信学报, 2014,35(Z2):72-85.
Qian-ying ZHANG, Shi-jun ZHAO, Wei FENG, et al. Research of a trusted execution environment module for multiple platforms[J]. Journal on communications, 2014, 35(Z2): 72-85.
张倩颖, 赵世军, 冯伟, 等. 跨平台的可信执行环境模块方案研究[J]. 通信学报, 2014,35(Z2):72-85. DOI: 10.3969/j.issn.1000-436x.2014.z2.011.
Qian-ying ZHANG, Shi-jun ZHAO, Wei FENG, et al. Research of a trusted execution environment module for multiple platforms[J]. Journal on communications, 2014, 35(Z2): 72-85. DOI: 10.3969/j.issn.1000-436x.2014.z2.011.
摘要
摘 要:针对现有TPM、MTM等可信计算模块不能跨平台使用,未考虑算法、协议、功能更新等问题,提出一种基于硬件的可信执行环境模块(TEEM
trusted execution environment module)架构,该架构利用ARM TrustZone技术构建一个运行在硬件安全隔离环境中的可信计算模块。该模块能够为多种平台提供可信计算功能,具备较强的移动性和便携性,并且允许用户根据需要灵活地配置、升级模块的功能和算法。设计并实现了基于TEEM架构的原型系统,原型系统的安全性分析和性能测试结果表明,TEEM能够为用户提供一个安全、稳定、高效的可信执行环境。
Abstract
The current TPM
MTM and other trusted computing modules don’t take into account the variety of platforms and the update of the inside algorithms
protocols and functions.A hardware trusted execution environment module (TEEM) architecture
which uses ARM TrustZone technology to build a trusted computing module running in a secure isolated environment is designed.Proposed module not only supports variety of platforms
but also has strong mobility and portability.Moreover
it allows configuring and updating functions and algorithms of the module flexibly.A prototype system is implemented and its performance is tested.By analyzing the security of the system and the measurement results
it is shown that TEEM provides users with a safe
stable
efficient trusted execution environment.
关键词
Keywords
references
冯登国 , 秦宇 , 汪丹 , 等 . 可信计算技术研究 [J ] . 计算机研究与发展 , 2011 , 48 ( 8 ): 1332 - 1349 .
FENG D G , QIN Y , WANG D , et al . Research on trusted computing technology [J ] . Journal of Computer Research and Development , 2011 , 48 ( 8 ): 1332 - 1349 .
Trusted Computing Group . TPM main specification version 1.2 [EB/OL ] . http://www.trustedcomputinggroup.org,2014 http://www.trustedcomputinggroup.org,2014 .
Trusted Computing Group-Mobile Phone Work Group . TCG mobile trusted module specification version 1.0 [EB/OL ] . http://www.trustedcomputinggroup.org,2014 http://www.trustedcomputinggroup.org,2014 .
国家密码管理局 . 可信计算密码支撑平台功能与接口规范 [EB/OL ] . http://www.oscca.gov.cn/UpFile/File64.PDF,2014 http://www.oscca.gov.cn/UpFile/File64.PDF,2014 .
State Cryptography Administration . Functionality and interface specification of cryptographic support platform for trusted computing [EB/OL ] . http://www.oscca.gov.cn/UpFile/File64.PDF,2014 http://www.oscca.gov.cn/UpFile/File64.PDF,2014 .
Trusted Computing Group . Trusted platform module library [EB/OL ] . http://www.trustedcomputinggroup.org,2014 http://www.trustedcomputinggroup.org,2014 .
HAN L , LIU J , ZHANG D , et al . A portable TPM scheme for general-purpose trusted computing based on EFI [A ] . Proceedings of the 5th International Conference on Multimedia Information Networking and Security [C ] . Beijing,China , 2009 . 140 - 143 .
ZHANG D , HAN Z , YAN G . A portable TPM based on USB key [A ] . Proceedings of the 17th ACM Conference on Computer and Communications Security [C ] . Chicago,USA , 2010 . 750 - 752 .
EKBERG JE , BUGIEL S . Trust in a small package:minimized MRTM software implementation for mobile secure environments [A ] . Proceedings of the 4th ACM Workshop on Scalable Trusted Computing [C ] . Chicago,USA , 2009 . 9 - 18 .
DIETRICH K . An integrated architecture for trusted computing for java enabled embedded devices [A ] . Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing [C ] . Alexandria,USA , 2007 . 2 - 6 .
DIETRICH K , WINTER J . Towards customizable,application specific mobile trusted modules [A ] . Proceedings of the 5th ACM Workshop on Scalable Trusted Computing [C ] . Chicago,USA , 2010 . 31 - 40 .
WINTER J . Trusted computing building blocks for embedded linux-based ARM trustzone platforms [A ] . Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing [C ] . Alexandria,USA , 2008 . 21 - 30 .
SANTOS N , RAJ H , SAROIU S , et al . Using ARM trustzone to build a trusted language runtime for mobile applications [A ] . Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems [C ] . Salt Lake City,UT,USA , 2014 . 67 - 80 .
WU C , ZHOU Y , PATEL K , et al . AirBag:boosting smartphone resistance to malware infection [A ] . Proceedings of the 21th Annual Network and Distributed System Security Symposium [C ] . San Diego,California,USA , 2014 .
GILAD Y , HERZBERG A , TRACHTENBERG A . Securing smartphones:a micro-TCB approach [J ] . IEEE Pervasive Computing Magazine , 2014 .
EISENBARTH T , GÜNEYSU T , PAAR C , et al . Reconfigurable trusted computing in hardware [A ] . Proceedings of the 2nd ACM Workshop on Scalable Trusted Computing [C ] . Alexandria,USA , 2007 . 15 - 20 .
SCHELLEKENS D , TUYLS P , PRENEEL B . Embedded trusted computing with authenticated non-volatile memory [A ] . Proceedings of the 1st International Conference on Trusted Computing and Trust in Information Technologies [C ] . Villach,Austria , 2008 . 60 - 74 .
ARENO M , PLUSQUELLIC J . Securing trusted execution environments with PUF generated secret key [A ] . Proceedings of the 11th IEEE International Conference on Trust,Security and Privacy in Computing and Communications [C ] . Liverpool,UK , 2012 . 1188 - 1193 .
BERGER S , CACERES R , GOLDMAN KA , et al . vTPM:virtualizing the trusted platform module [A ] . Proceedings of the 15th Conference on USENIX Security Symposium [C ] . Vancouver,Canada , 2006 . 305 - 320 .
ENGLAND P , LOESER J . Para-virtualized TPM sharing [A ] . Proceedings of the 1st International Conference on Trusted Computing and Trust in Information Technologies [C ] . Villach,Austria , 2008 . 119 - 132 .
STUMPF F , ECKERT C . Enhancing trusted platform modules with hardware-based virtualization techniques [A ] . Proceedings of the 2nd Second International Conference on Emerging Security Information,Systems and Technologies [C ] . Cap Esterel,France , 2008 . 1 - 9 .
CHEN C , RAJ H , SAROIU S , et al . cTPM:a cloud TPM for cross-device trusted applications [A ] . Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation [C ] . Seattle,WA,USA , 2014 . 187 - 201 .
Trusted Computing Group . TCG software stack (TSS) specification version 1.2 [EB/OL ] . http://www.trustedcomputinggroup.org,2014 http://www.trustedcomputinggroup.org,2014 .
TPM Emulator . Software-based TPM emulator [EB/OL ] . http://tpmemulator.berlios.de,2014 http://tpmemulator.berlios.de,2014 .
Lynn B . PBC library–the pairing-based cryptography library [EB/OL ] . http://crypto.stanford.edu/pbc,2014 http://crypto.stanford.edu/pbc,2014 .
IBM’s software TPM . IBM software trusted platform module [EB/OL ] . http://ibmswtpm.sourceforge.net,2014 http://ibmswtpm.sourceforge.net,2014 .
Digia . Qt product [EB/OL ] . http://qt.digia.com/Product,2014 http://qt.digia.com/Product,2014 .
Thesycon . USB CDC/ACM class driver for Windows 8,7,Vista,XP [EB/OL ] . http://www.thesycon.de/eng/usb_cdcacm.shtml,2014 http://www.thesycon.de/eng/usb_cdcacm.shtml,2014 .
0
浏览量
0
下载量
0
CSCD
- 网络PDF下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
AI问答
鸿云智能
中文
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:151733