云计算环境下的虚拟机可信度量模型

为了解决云计算环境下虚拟机可信度量方法存在的并发性和安全性问题,提出了一种树形可信度量模型.根据云计算环境的特点将度量过程分离,一方面采用基于完整性的方式来度量管理域的可信性,另一方面采用基于系统行为的方式来度量用户域的可信性,解决了传统度量模型难以并发度量的问题,提高了度量模型的可扩展性.结合系统调用截获和虚拟机内省技术,实现了可信度量原型系统,并通过实验评测系统的有效性和相关性能.实验结果表明,树形可信度量模型能够有效验证虚拟机的可信度.     

基于变量间依赖关系的软件可信度量模型

针对软件交互行为的动态可信度量问题,提出一种基于变量间依赖关系的动态度量模型.从输入数据对软件可信性的影响入手,利用程序静态分析和切片技术提取出关于输入信息的前向切片以及切片中各语句可赋值的变量集合,并以切片集合中的语句作为度量对象,以该语句可赋值的变量集合作为软件在该度量点处的行为预期模型.在程序动态运行过程中动态监视软件在度量点处的实际行为是否符合预期,实现可信动态度量.相应的试验结果表明,模型实现了设计目标.     

基于AHP的安卓应用安全信用指数度量方法

在Android移动应用市场上,由于Android系统的高度开放性和广泛普及性,Android应用面临着被恶意注入、二次打包等严重安全风险。传统Android软件安全度量技术的度量精度可确定软件的安全等级,但无法满足软件信用精确度量和安全指数排序的现实需求。针对上述问题,该文通过对Android软件逆向分析,根据不同权限安全等级划分,给定安全范围内的安全系数,引入层次分析法(analytic hierarchy process,AHP)评估模型,对Android软件进行初步安全评分。同时结合Android软件的认证强度和第三方应用市场上的违规记录,再次使用AHP综合度量软件的最终安全信用指数。实验结果表明:该度量方法有效可行,可在精度允许的范围内,精确度量Android软件的安全信用指数。     

基于快速移动节点的Ad hoc网络可信度模型及可信路由协议

由于目前广泛应用的路由协议大都是假设网络中的节点是可以信任和相互协作的,对于安全的问题考虑不多,而网络中某些节点很容易被俘获而成为恶意节点,使得现有的路由协议变得十分脆弱,针对这一问题,提出了基于快速移动节点的可信度模型FATM,以及基于快速移动节点的可信路由协议FARP,通过网络中的快速移动节点辅助一般节点进行可信度的计算和更新,并在可信模型建立之后选择可信度较高的路由进行通信。最后采用OPNET对FATM模型进行了仿真,仿真结果表明基于快速移动节点的可信度模型的安全性更高,并且节省了一般节点的能量和空间开销,具有较好的网络适应性及可扩展性。     

效能评估可信度的客观度量方法

针对目前装备系统效能评估可信度无法客观度量的问题,提出了一种客观度量评估可信度方法。该方法从评估数据、评估模型及单样本分类置信度3个方面描述评估可信度。在计算评估数据可信度方面,通过分析评估数据的不确定性确定评估数据的可信度;在计算评估模型可信度方面,将模式分类准确率转化为评估模型可信度度量指标;在计算单样本分类置信度方面,根据不同类别样本在高维空间的分布关系,给出了适用多数分类算法的分类置信度计算方法;进一步通过可信度传播模型将以上3个方面进行综合,得到综合评估可信度。对雷达抗干扰效能评估可信度的仿真结果表明:该方法不使用专家经验知识,能够客观度量效能评估的可信度,其结果不受评估主体影响,解决了不同专家对同一装备给出的效能评估可信度不同的问题;与现有主观方法相比,准确率提高了10%。     

一种基于置信度的软件构件可信性度量模型

软件构件在测试过程中存在空间局限性以及测试环境的单一性,需要根据系统运行的状态来对构件的可信性进行评估。通过引入置信度的模型对构件的可信度进行评价,给出一个构件可信的度量模型。在度量模型中采用三角模糊数层次分析法确定运行状态对置信度的影响权重。仿真结果表明,该模型能够有效地度量构件的可信度。     

一种基于证据的软件可信性度量模型

为更全面系统地度量软件的可信性,根据客户对软件不同的主观需求将软件的可信性建立在各类证据之上,建立了一个基于证据的度量模型。模型根据系统安全保证的成功经验将可信性度量分成三个阶段,并对每个阶段定义相应的软件可信声明。通过可信架构分析,围绕可信声明收集建立证据和论据。综合收集到的信息,使用目标结构化表示法(goal-structuring notation, GSN)生成软件可信案例,由案例中声明是否被充分证明作为标准来度量软件的可信性。     

基于软核结构的软件复杂性分析与度量

针对大规模软件的复杂性难以度量和控制,以致严重影响了软件质量的问题,提出了一种基于软件基础结构的软件复杂性度量方法.通过对软核结构的提取和扩展操作,对软件结构中节点的继承深度进行了分析,从继承关系的角度对软件结构的复杂性进行度量.根据节点的继承深度与入度的关系,提出一种软件结构缺陷的检测方法,该方法可以在软件设计阶段及时检测出软件结构中的缺陷,以减少日后软件测试与维护的开销.     

六西格玛在软件过程改进中的应用

将六西格玛及其方法工具与软件过程结合起来,建立了软件过程度量过程模型,将相关的方法工具引入到具体的度量方法中,使得企业在实际中,既可以设计出具有持续改进能力的软件过程度量流程,又有可以具体操作的度量方法工具.以软件需求为例将六西格玛设计引入软件过程中,从新设计软件需求过程,有效地提高了软件需求质量.研究不但给软件企业软件过程管理的具体实施提供了理论支持,并提供了一套很好的工具方法,具有实用价值.     

软件网络中结构洞与紧密度的研究

针对传统的软件度量方法已不能对大型软件进行有效度量的问题,以学科交叉融合为背景、以量化软件度量为目标,主要研究了复杂网络中的结构洞、紧密度.通过对这两个特征量的计算、统计,与软件网络中的度进行关系拟合,可查看在软件网络中,度与结构洞之间的相关性呈幂函数曲线,度与紧密度的相关性呈梯形分布.因此将其作为参考特征量引入到软件网络中,对软件网络中的节点依赖程度和中心化程度进行量化.     

Architecture of Trusted PC

This paper, focusing on the trusted computing group＇s standards, explained the key concept of trusted compuling and provided the architecture of trusted PC. It built trust bottom-up by starting with trusted hardware and adding layers of trusted software. It is a system-level solution available to all applications running on the member platforms. This solution reduces the security burden on applications and thus simplifies application programming.     

BBACIMA： A Trustworthy Integrity Measurement Architecture through Behavior-Based TPM Access Control

Two limitations of current integrity measurement architectures are pointed out： （1） a reference value is required for every measured entity to verify the system states, as is impractical however; （2） malicious user can forge proof of inexistent system states. This paper proposes a trustworthy integrity measurement architecture, BBACIMA, through enforcing behavior-based access control for trusted platform module （TPM）. BBACIMA introduces a TPM reference monitor （TPMRM） to ensure the trustworthiness of integrity measurement. TPMRM enforces behavior-based access control for the TPM and is isolated from other entities which may be malicious. TPMRM is the only entity manipulating TPM directly and all PCR （platform configuration register） operation requests must pass through the security check of it so that only trusted processes can do measurement and produce the proof of system states. Through these mechanisms malicious user can not enforce attack which is feasible in current measurement architectures.     

Implementing Operating System Support for Extended Trusted Path in TPM-Capable Environments

Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of trusted platform module （TPM） technologies, and to support TPM capabilities in operating systems, the paper extended the scope of the conventional trusted path to cover the situation in which a user communicates with software residing on a remote host. The paper combined the concept of operating system support for trusted path with that for TPM platforms, and proposed the architecture of an extended trusted path mechanism in operating system with considerations on TPM-capable platforms support. As part of the author＇s research in secure operating systems, the work of the paper was carried out with Linux as an experimental prototype system. The research result shows that TPM capabilities can strengthen extended trusted path mechanisms of operating systems.     

Trustworthiness Technologies of DDSS

The most significant strategic development in information technology over the past years has been ＂trusted computing＂ and trusted computers have been produced. In this paper trusted mechanisms adopted by PC is imported into distributed system, such as chain of trust, trusted root and so on. Based on distributed database server system （DDSS）, a novel model of trusted distributed database server system （TDDSS） is presented ultimately. In TDDSS role-based access control, two-level of logs and other technologies are adopted to ensure the trustworthiness of the system.     

A Separated Domain-Based Kernel Model for Trusted Computing

This paper fist gives an investigation on trusted computing on mainstream operation system （OS）. Based on the observations, it is pointed out that Trusted Computing cannot be achieved due to the lack of separation mechanism of the components in mainstream OS. In order to provide a kind of separation mechanism, this paper proposes a separated domain-based kernel model （SDBKM）, and this model is verified by non-interference theory. By monitoring and simplifying the trust dependence between domains, this model can solve problems in trust measurement such as deny of service （DoS） attack, Host security, and reduce the overhead of measurement.     

可信模块与强制访问控制结合的安全防护方案

基于可信计算思想,通过在现有移动终端中加入移动可信计算模块,并在核心网中加入安全服务提供者和安全软件提供商,构架了面向移动终端的统一安全防护体系,为用户提供安全服务.该方案有效利用了移动终端操作系统的特性,将基于角色的访问控制与可信验证相结合,实现了高效的可信链传递,使没有授权证书的非法软件和非法进程不能在系统中运行,...     

一种基于可信网络连接的度量模型

可信网络连接是构建可信网络环境的关键问题.通过对可信网络的架构和基本流程的分析,提出一种Z形式化方法对可信网络连接的理想化度量模型,并对可信网络连接的发展进行了展望.     

An Improved Grid Security Infrastructure by Trusted Computing

Current delegation mechanism of grid security infrastructure （GSI） can＇t satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.     

A Trusted Host＇s Authentication Access and Control Model Faced on User Action

The conception of trusted network connection （TNC） is introduced, and the weakness of TNC to control user＇s action is analyzed. After this, the paper brings out a set of secure access and control model based on access, authorization and control, and related authentication protocol. At last the security of this model is analyzed. The model can improve TNC＇s security of user control and authorization.