摘要
可信计算的主要功能由TPM完成.TPM的对象访问授权协议是TPM在可信计算平台中安全运行的基础.本文根据TPM对象访问授权模型,在对OIAP和OSAP协议及在虚拟化环境中存在的安全漏洞进行分析的基础上,提出一种新的对象访问授权协议,并通过形式化的安全分析,证明新协议可以解决虚拟域间共享授权数据而引起的安全问题,并能够抵抗重放攻击和中间人攻击.
The main function of trusted computing is done by TPM.The security working of TPM in trusted computing platform is based on the object access authorization protocol of TPM.Based on the object access authorization model for TPM,this paper analyses OIAP and OSAP and their vulnerability in virtualization environment.A new object access authorization protocol is proposed in this paper.Through the formal analysis,the new protocol can be proved to resolve the problem brought by the shared authdata among the virtual domains,and to resist the replay attack and man in the middle attack.
出处
《小型微型计算机系统》
CSCD
北大核心
2012年第7期1450-1456,共7页
Journal of Chinese Computer Systems
基金
国家"八六三"高技术研究发展计划项目(2007AA01Z479)资助
