分布式系统中的可信技术研究
文献类型:学位论文
| 作者 | 石志国 |
| 学位类别 | 博士 |
| 答辩日期 | 2008-05-30 |
| 授予单位 | 中国科学院研究生院 |
| 授予地点 | 中国科学院软件研究所 |
| 导师 | 贺也平 |
| 关键词 | 系统安全 信任管理 可信计算 匿名证书 信任模型 |
| 其他题名 | Research on Trust Technology in Distributed System Security |
| 学位专业 | 计算机软件与理论 |
| 中文摘要 | 系统平台的安全性是应用的的基础,是保证一个应用在重要领域中使用的保证。传统的系统安全理论,当推广到网络应用时,都或多或少遇到了一定困难。而在网络应用日益广泛的今天,系统安全机制如何与网络安全机制相结合,已经是一件非常关键的研究内容。本文围绕系统平台中的安全需求,从远程证明、基于时空的信任管理模型、网格平台组匿名验证算法以及匿名的自动信任协商算法四个方面,对信任管理与可信计算出现的若干关键技术展开研究,取得了以下四个方面的主要成果:第一,面向对等计算的信任度评估提出了一种新的信任管理量化模型,该模型解决了已有算法不能很好解决的信任时间衰减特性和节点联盟等问题,系统地对目前代表性的网络信任评估算法进行了总结和分析,并对当前相关的国内外研究热点作了分类,同时给出了信任相关的一些定义以及算法应该考虑的问题,并提出解决问题的模型。文中定义了信任时间矫正函数,域信任矫正函数,信任值校准函数和准确度函数,并构造了信任时间矫正算法与域矫正模型,通过推导说明本算法具有良好的时间衰减性,历史经验相关性,新入节点奖励特性和联盟特性,同时给出了一般性的信任自然衰减曲线和8种典型特征域的系数变化范围;第二,基于可信计算技术提出了一种平台访问控制算法,该算法解决了传统算法不能很好提供可靠平台身份验证的问题。基于可信计算技术中平台配置寄存器PCR提出了一个具有时间自校验功能的引用信任代理RTA模块,并将它引入到我们提出的框架中。给出了它在系统中的层次位置,同时指出了该模块包括的3个主要部分以及它们的功能。框架可以保证平台协议交换的可靠性,并能保证检测环境提供信息的可靠性。指出了该算法如何加强平台访问控制和应用程序的安全性,并说明了该算法如何增强角色访问控制RBAC和对等网络计算的安全性以及设计安全操作操作系统的网络可信路径方法;第三,基于TCG提出的可信计算技术为网格协作安全性提出一种匿名分组身份验证算法,该算法可以非常可靠的解决网格计算平台之间的身份匿名验证问题。算法使用一个硬件模块TPM解决远程的身份验证,并通过TPM机制可以提供可靠的匿名验证和平台认证功能。算法中所有涉及的验证过程都是基于匿名机制实现的,除了实现匿名验证机制以外,算法还提供一套完整标记恶意网络实体的方法。提出了网格计算中虚拟分组的匿名认证平台架构,并在此架构基础上分成5步实现匿名验证算法,然后说明了算法在一种对等计算平台的应用实例,与GT2、GT3、GT4以及信任管理进行安全性的比较;第四,为促进分布式网络环境中跨安全域的信息共享与协作,需要一种合理有效的信任协商敏感信息保护机制。TCG (Trusted Computing Group,可信计算组织)专注于从计算平台体系结构上增强其安全性。基于可信计算的匿名证书机制提出一种新的信任协商方案:匿名证书信任协商 ACTN(Anonymous Credentials based Trusted Negotiation),良好地解决了跨安全域的敏感信息保护的问题,可以有效地防止重放攻击、窜改攻击和替换攻击。使用一个硬件模块TPM进行隐私信息保护,并通过TPM模块提供可靠的匿名证书和平台认证。定义了ACTN的模型以及模型中的匿名证书,详细说明了匿名证书的基本参数以及匿名证书的创建方法,讨论了策略的安全性、委托机制以及证书链的发现机制,同时设计了协商节点的框架以及协商过程。通过实验并与TrustBuilder和COTN协商系统进行比较,表明系统具有良好的稳定性和可用性。 |
| 英文摘要 | The security of system platform is the fundamental support in important areas. We meet difficulties when the traditional system security theory applied to network system application. Nowadays, as the popularity of network application, it is a key research point how system security mechanism apply to network system. In this dissertation, research on the key technologies of trust management and trusted computing is conducted from four perspectives: remote attestation, time and locatoin based trusted management model, distributed anonymous coordination algorithm for Grid computing, scenario of trust negotiation based on TPM anonymous credentials. As a result, four principal achievements have been achieved. First, a novel quantitative network trust evaluation model for peer-to-peer computing security system is proposed. The main features of the proposed model include time decay function and entity union function. I conclude and classify the current representative algorithms of network trust evaluation systematically. And category the significant research fields of the related models and give the definition of trust related terminology. I construct a model with trust time correct function, domain trust correct function and the definition of accuracy. I prove four features of the model: time decay feature, history experience related feature, new entity award feature and union feature. At the same time, a natural trust decay curve is described and eight typical domain features are given. And also designs experiments to evaluate the correctness and performances of the proposed model, the results of the experiments are compared with Azzedin model, and the results prove the sound performance and correctness of our model. Second, a novel platform access control algorithm based on Trusted Computing technology is proposed. The main feature of our approach provides the solution of stable platform identity authentication, which can not be well solved by traditional method. A Reference Trusted Agent (RTA) with time self-attestation feature using Platform Configuration Register (PCR) in Trusted Computing specifications is introduced into our architecture. The hierarchy of RTA in the whole software and hardware system is pointed out, which consists of three main modules. The method explains the content of exchange protocol in order to build trust in mutual system platform. I make a detail description of how to enforce the security of platform access control and applications in the platform. And also give a statement of the enhancement of the security of Role-based Access control and Peer-to-Peer network computing. Furthermore, an approach of constructing network trusted path in secure operating system is addressed. Third, A novel anonymous organization authentication algorithm for Grid computing security based on Trusted Computing technology introduced by Trusted Computing Group is proposed, which can provide grid computing platform with efficient and reliable anonymous identification attestation. The mechanism of identification authentication is based on a hardware module, called trusted platform module. Including the anonymous organization attestation, the algorithm also gives us a method of tagging the rogue grid entities. Architecture of virtual organization in distributed grid system is illustrated. The anonymous organization attestation algorithm is interpreted by five steps, after the detail description, we give an example of our algorithm and compare the security mechanisms with GT2, GT3, GT4 and Trust Management. The results of experiment prove the sound performance and good security guarantee. Fourth, an effective sensitive information protection mechanism in trust negotiation is needed to promote sharing and collaboration between security domains in distributed network computing. TCG is an industry standardization body that aims is to develop and promote an open industry standard for trusted computing hardware and software building blocks to enable more secure data storage, online business practices, and online commerce transactions while protecting privacy and individual rights. The novel anonymous credentials based trusted negotiation system (ACTN) is designed and implemented based on the TPM anonymous credentials of Trusted Computing, which excellently deals with the difficulty of the protection of sensitive resources between strangers. The scenario resists the replay attacks, tampering attacks and masquerading and the mechanism is based on a hardware module, called Trusted Platform Module. The model of ACTN and the anonymous credentials are defined in detail; the parameter and the construct method of anonymous credentials are explained; the security of policy, the mechanism of delegation and the credential chain discovery are discussed; the framework of negotiation nodes and the process of negotiation are designed in addition. The results of the experiments are compared with the TrustBuilder and COTN negotiation system, and the results prove the sound performance and good security guarantee. |
| 公开日期 | 2011-03-17 |
| 源URL | [http://124.16.136.157/handle/311060/6406]  |
| 专题 | 软件研究所_基础软件国家工程研究中心_学位论文 |
| 推荐引用方式 GB/T 7714 | 石志国. 分布式系统中的可信技术研究[D]. 中国科学院软件研究所. 中国科学院研究生院. 2008. |
入库方式: OAI收割
来源:软件研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。