| 一种面向安全SOC的可信体系结构 |
| |
| 引用本文: | 童元满,陆洪毅,王志英,戴葵.一种面向安全SOC的可信体系结构[J].华中科技大学学报(自然科学版),2008,36(11). |
| |
| 作者姓名: | 童元满 陆洪毅 王志英 戴葵 |
| |
| 作者单位: | 国防科学技术大学计算机学院 |
| |
| 基金项目: | 国家自然科学基金资助项目 |
| |
| 摘 要: | 提出了面向安全SOC的可信体系结构,以解决其面临的诸多安全问题,可信体系结构的核心是安全域划分和安全审核硬件单元.安全域包括可信基、安全OS、可信应用以及非可信应用,各不同安全域具有静态和动态隔离性;安全SOC中的安全规则最终由安全审核单元在硬件层面来保障.在可信体系结构基础上,讨论了怎样进行安全扩展以获得更全面的安全性,即抗旁路攻击、物理攻击、防止芯片被复制伪造以及因被盗而造成安全危害.
|
| 关 键 词: | 信息安全 可信计算 体系结构 单片系统 安全域 安全审核 |
A trusted computing architecture for secure SOC |
| |
| Tong Yuanman Lu Hongyi Wang Zhiying Dai Kui.A trusted computing architecture for secure SOC[J].JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE,2008,36(11). |
| |
| Authors: | Tong Yuanman Lu Hongyi Wang Zhiying Dai Kui |
| |
| Abstract: | The trusted computing architecture for secure system on chip(SOC) is presented to solve some complicated issues of information security.The keys of trusted computing architecture are security zones and security auditing module.The security zones include trusted base,secure operating system,trusted application and un-trusted application.The different security zones are statically and dynamically isolated.The predefined security rules are assured by security auditing module.Based on the architecture,the extension of the architecture is presented to resist side channel attacks and physical attacks and to avoid the risk of being fabricated and purloined. |
| |
| Keywords: | information security trusted computing system on chip(SOC) architecture security zone security auditing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
