| 一个动态可信应用传递模型的研究 |
| |
| 引用本文: | 李晓勇,沈昌祥.一个动态可信应用传递模型的研究[J].华中科技大学学报(自然科学版),2005,33(Z1):310-312. |
| |
| 作者姓名: | 李晓勇 沈昌祥 |
| |
| 作者单位: | 1. 北京交通大学,信息安全体系结构研究中心,北京,100044
2. 海军计算技术研究所,北京,100841 |
| |
| 基金项目: | 国家重点基础研究发展计划资助项目(G1999035801) |
| |
| 摘 要: | 由于终端平台上的应用具有多样性和无序性等特点,系统可信引导的单一链式验证机制并不适用于操作系统到应用之间的可信传递.为此,提出一种动态可信应用传递模型(DATTM),在保持应用装载的灵活性基础上,着重考虑了应用之间的权限隔离问题,最大程度地实现最小特权和按需即知等安全基本原则,进一步改善了系统度量和策略执行的效率和安全问题.
|
| 关 键 词: | 可信计算 可信传递 软件限制策略 |
| 文章编号: | 1671-4512(2005)S1-0310-03 |
| 修稿时间: | 2005年7月13日 |
Research to a dynamic application transitive trust model |
| |
| Li Xiaoyong,Shen Changxiang.Research to a dynamic application transitive trust model[J].JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE,2005,33(Z1):310-312. |
| |
| Authors: | Li Xiaoyong Shen Changxiang |
| |
| Institution: | Li Xiaoyong Shen Changxiang Doctoral Candidate,Information Security Architecture Center,Beijing Jiaotong University,Beijing 100044,China. |
| |
| Abstract: | As the applications on terminal systems have a character of variety and unstability,the mono-chain of trust verification in system bootstrap is not fit to the trust transition from OS to applications.In this paper,we present a DATTM(dynamic application transitive trust model) which focuses on the separation of the privileges of different applications in addition to the flexibility of the applications loading.DATTM can achieve the security goal of "least privileges" and "need-to-know",further improve the security effectiveness and efficiency. |
| |
| Keywords: | trusted computing transitive trust software limitation policy |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
