Dissertation
Dissertation > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security

Property-based Remote Attestation System on Trusted Platform

Author YanWenBo
Tutor HanZongFen
School Huazhong University of Science and Technology
Course Computer Software and Theory
Keywords Trusted Platform Remote attestation Set of attributes Attribute certificate Credible assessment
CLC TP393.08
Type Master's thesis
Year 2007
Downloads 210
Quotes 7
Download Dissertation

With the rapid development of the Internet and the height of the popularity of the computer, resource sharing and collaboration in the network environment plays an increasingly important role in the production and life. Before collaboration need to be confident that the real credibility of the the remote platform hardware and software configuration to ensure that the remote host's behavior in a desired range. Now, however, the use of passwords and PKI technology-based access control and authentication security mechanisms did not consider the above objectives; TCG organization defined simple remote attestation mechanism attempts to solve such problems, but based on the metric, there is a management and version forcibly control the defects difficult to practical application. In response to these problems, the Trusted Platform attribute-based remote attestation system PRAS (Property-based Remote Attestation System on Trusted Platform) property policy mechanism is introduced into the remote attestation. For the remote host, the user is not only concerned about whether a hardware or software configuration and measure cares more about the possibility of providing some security-related attributes. In order to confirm the legitimacy of the property, the PRAS system also introduces the attribute certificate, the authority of the center of the property authoritative center and platform identity. Attribute certificate is used to identify a legitimate set of attributes; authoritative center of platform identity is responsible for issuing the certificate of the platform identity; property authoritative center responsible for issuing the certificate of platform or application properties. In order to timely detection of changes to the platform or application (legal or illegal), PRAS system uses the signal asynchronous processing technology designed property set dynamic monitoring mechanism to ensure that the latest state of the attribute certificate issued reflects the platform or application. Attribute certificate issued by a Trusted Platform Seal / UNSEAL encryption mechanism and platform state is bound to ensure their safety. Before to prove the credibility of the platform or application to credible form of judgment strategy to define the security needs of the target, and then based on the custom policy assessment of the credibility of the attribute certificate and, thus confirming been shown to target credibility . In addition, the the PRAS System Trusted Platform Module TPM chip data transfer protocol-based design, enhanced data transmission security in a networked environment. Trusted Platform based on the Linux operating system, to take the programming language C, Java, JSP, etc. PRAS system, and the system was tested. The test results show that the PRAS system can detect illegal tampering of grid service, upgrade / rollback legitimate and credible assessment strategy to play a role in the proof. PRAS system has been tampered with in the detection grid service, upgrade / rollback accuracy rate from 0.97 to 0.99, and the average service time of the client tends to 14.8s. The stress tests show that the maximum number of requests for the the PRAS server can handle per second from 16 to 18, has a strong processing capacity.

Related Dissertations
More Dissertations