CN103020533B - Based on the static remote certification method that control flow model is repeatedly measured - Google Patents
Based on the static remote certification method that control flow model is repeatedly measured Download PDFInfo
- Publication number
- CN103020533B CN103020533B CN201210587209.3A CN201210587209A CN103020533B CN 103020533 B CN103020533 B CN 103020533B CN 201210587209 A CN201210587209 A CN 201210587209A CN 103020533 B CN103020533 B CN 103020533B
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- control flow
- attribute
- static attribute
- flow model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides a kind of static remote certification method repeatedly measured based on control flow model, its method comprises: S1, service provider, according to the demand for security of user, carry out Rulemaking to the static attribute during task run, generation strategy certificate; S2, acquisition for mobile terminal strategy certificate, and implementation strategy controls; To be mobile terminal to conduct interviews control to terminal operating system based on tactful certificate and control flow model described policy control; S3, the mobile terminal static attribute to metric point multiple in task run is measured and remote proving.Carry out static attribute by the present invention repeatedly to measure and remote proving, the static attribute solving cryptographic service parts in credible calculating platform proves problem, enables checking more accurately embody system state and meets user's expection all the time.
Description
Technical field
The present invention relates to computing machine and electronic information technical field, particularly a kind of static attribute remote certification method based on control flow model BPCF many tolerance.
Background technology
Verification computation Environmental security is credible is an important goal of trust computing.Along with technical development, the security threat on mobile terminal is also continuing to increase.Research shows, only in Android platform, in monthly, 2011 just has 800,000 people's infected with malware.The security mechanisms such as traditional anti-virus, intrusion detection also all rely on the safety support of underlying operating system.Reliable computing technology passes through to computing machine from trusted root to reliable hardware, and to trusted operating system, the general safety to the whole computing system of trusted application strengthens, and reaches and guarantees the reliable object of computer security." credible " in trust computing contains safety with reliable, and " credible proof " is exactly to guarantee system " behavior meets expection all the time ".Remote proving (RemoteAttestation) is one of major function of providing of reliable computing technology, and it mainly utilizes credible platform to protect and realizes the trust authentication of server to client computing environment.The result of once measuring of the common remote certification method based on binary code integrality mostly based on start or when starting carries out remote validation, cannot meet the feature that mobile terminal seldom shuts down.Control flow model BPCF is a kind of based on user behavior security strategy, synthetic determination can be carried out to dynamic conditions such as master, object attribute, powers and functions, environment, constraints, during certain section of tasks carrying, implement stepless control, the changeable control of condition associates the novel access control model controlled with behavior.The static attribute remote certification method studied based on control flow model BPCF many tolerance is significant for checking mobile terminal computing environment secure and trusted.
Summary of the invention
(1) technical matters to be solved
The invention provides a kind of static attribute remote certification method repeatedly measured based on control flow model, solve prior art and once can only measure and carry out remote proving, the credible low problem of mobile terminal.
(2) technical scheme
The invention provides a kind of static remote certification method repeatedly measured based on control flow model, the method comprises:
S1, service provider, according to the demand for security of user, carry out Rulemaking to the static attribute during task run, generation strategy certificate;
S2, acquisition for mobile terminal strategy certificate, and implementation strategy controls; To be mobile terminal to conduct interviews control to terminal operating system based on tactful certificate and control flow model described policy control;
S3, the mobile terminal static attribute to metric point multiple in task run is measured and remote proving; Described metric point is consistent with the reference mark in control flow model.
Further, described static attribute comprises the static attribute in body attribute, object attribute and/or operating system environment.
Further, described multiple metric point comprises: the startup of process, loading, stopping and dormancy.
Further, the method also comprises: when the constraint condition in control flow check changes, and described mobile terminal is measured static attribute and the step of remote proving.
Further, described step S3 specifically comprises:
S31: specify static attribute to initiate tolerance, characteristic information extraction in mobile terminal system dominating pair of vertices strategy certificate;
S32: application proxy Agent initiates remote proving, submits characteristic information to server by security protocol;
S33: the instrument of server by with the comparison of proper characteristics information, checking characteristic information.;
Further, described step S31 also comprises: the mobile trusted module of system uses that algorithm is encrypted characteristic information, hash and signature protection.
Further, described control flow model is arranged in operating system nucleus.
(3) beneficial effect
The present invention repeatedly measures and remote proving by carrying out static attribute to body attribute ATTs, object attribute ATTo and environment CONe, the static attribute solving cryptographic service parts in credible calculating platform proves problem, enables checking more accurately embody system state and meets user's expection all the time.
Accompanying drawing explanation
Fig. 1 is the flow chart of steps of the inventive method;
Fig. 2 is the control schematic diagram of present system control flow model BPCF;
Fig. 3 is that in the specific embodiment of the invention, control flow model repeatedly measures the schematic flow sheet with remote proving.
Embodiment
Below in conjunction with the drawings and specific embodiments, the present invention is described in further details.
The invention provides a kind of static attribute remote certification method repeatedly measured based on control flow model, as shown in Figure 1, the step of the method specifically comprises:
S1, service provider, according to the demand for security of user, carry out Rulemaking to the static attribute during task run, generation strategy certificate;
S2, acquisition for mobile terminal strategy certificate, and implementation strategy controls; To be mobile terminal to conduct interviews control to terminal operating system based on tactful certificate and control flow model described policy control;
S3, mobile terminal are measured and remote proving the static attribute that process runs vacuum metrics point; Described metric point is consistent with the reference mark in control flow model.
Wherein, described service provider's generation strategy certificate, refers to and works out security strategy, i.e. tasks clear run duration by service provider according to the safety requirements of user; the rule request of static attribute, strategy is implemented certificate by trusted module and is protected rear generation strategy certificate.
Described static attribute is mainly, the static attribute of object requires the requirement with static attribute in operating system environment condition.
Described attribute refers to system body and/or object various feature interpretation in an operating system, comprises static attribute and dynamic attribute.Wherein, static attribute refers to the feature that can not change in system cloud gray model, comprises configuration, script, code integrity, data integrity etc.State refers to occur in system cloud gray model expected but uncertain system features.Such as: by increasing file " reading times " this object attribute, then can support as " certain image file can only play 10 times " this security strategy.Such as: by increasing " code integrity " this body attribute of process main body, then can support the security strategy of " only having the process meeting integrity demands could conduct interviews to particular safety file ".
Described environmental baseline refers to and the various features that operating system is in operation comprises static attribute and dynamic attribute.Wherein, static attribute refers to the feature that can not change in system cloud gray model, comprises configuration, script, code integrity, data integrity etc.Here environment is exactly that operating system is as attribute during main body in fact.Such as: " integrity detection that whether have passed operating system nucleus will be started " and, as environmental baseline, which show the current state of operating system, then can support the strategy of " only having the system of credible startup just can carry out higher level service operation ".
Wherein, described acquisition for mobile terminal strategy certificate is, service provider generate or update strategy certificate after, acquisition for mobile terminal.
Wherein, described mobile terminal implementation strategy controls, and is realize control flow model BPCF in the kernel of mobile terminal, realizes proof act on behalf of Agent in application layer, and the strategy of system strategically certificate conducts interviews control.In control flow check, the access control of main, object each time, is all the synthetic determination of system to body attribute, object attribute and environmental baseline.In the method, policy control mainly strategically in the requirement of static attribute in body attribute ATTs, object attribute ATTo and operating system environment CONe is conducted interviews control.Here control refers to whether allow access.Only have strategically requirement, after judging control, just can carry out the access of main object.
Fig. 2 is the control schematic diagram of embodiment of the present invention Systematical control flow model BPCF, and embodying the access control of master, object each time, is all the synthetic determination of system to body attribute, object attribute, environmental baseline, powers and functions condition and constraint condition.In the control flow of reality, first strategically whether body attribute is met and judge, after by judgement, then judge according to powers and functions, object attribute, environmental baseline, this order of constraint condition, finally form synthetic determination.It, by introducing time shaft, realizes the stepless control to control flow check.In the control flow of reality, result of determination the change of body attribute, object attribute, environmental baseline, powers and functions condition and constraint condition and changes, and makes last instruction character share the safety requirements of family to system action.
Control flow model BPCF solves the problem of " the operating system absenceofsubject " that traditional access control model exists, Fig. 2 embodies the working control mode of " main body is to operating system; operating system is again to object " in reality system, and in powers and functions, embody the service ability of operating system.Control flow model BPCF also solves the problem of " behavior is discontinuous to be lacked with constraint " of traditional access control model existence, embodies the continuous feature with mutually retraining of system action, and embodies the dynamic change of each attribute and condition in system.Security system based on control flow model BPCF realization can support the subscriber policy more enriched, and implements policy control more accurately, realize the protection to upper layer security mechanism and control to system action.
Wherein, access control is that whether behavior meets expection in order to determine that process can be accessed; Whether can be accessed, tolerance all needs to carry out, and tolerance and access control do not have set time order.In the system that reality realizes, considering the cost of actual metrics, can measure according to being set in some reference mark.Described mobile terminal is measured and remote proving the static attribute that process runs vacuum metrics point, be mobile terminal system for specific run process, the static attribute relevant at multiple dominating pair of vertices of control flow model carries out measuring and remote proving.These metric point are consistent with the reference mark required in security strategy, and actual, metric point can comprise process initiation, loading, dormancy and stopping etc.
Here, mobile terminal system, when measuring, carries out measuring and remote proving mainly for static attribute in the body attribute ATTs in control flow model, object attribute ATTo and operating system environment CONe.Comprise: the static attribute in body attribute ATTs is measured, such as: measure user role, program code integrality etc.; Static attribute in object attribute ATTo is measured, such as: tolerance file data integrality, assembly certificate of authority information, media file authorization message etc.; Static attribute in operating system environment condition C ONe is measured, such as: whether operating system credible startup etc., namely gathers the status flag information of these measure object.
Fig. 3 is that control flow model repeatedly measures the schematic flow sheet with remote proving, embodies this method and realize position in mobile terminal operating system.In operating system nucleus, realize control flow model BPCF, realize the stepless control based on security strategy.In operating system nucleus, realize mobile trusted module MTM, realize the PCR register of metric algorithm and preservation measurement results.Realize proof in application layer and act on behalf of Agent, and initiate remote proving by agency.Realize verification tool on the server.The step of a remote proving comprises:
Step 1: specify static attribute to initiate tolerance, characteristic information extraction in mobile terminal system dominating pair of vertices strategy certificate;
Step 2: application proxy Agent initiates remote proving, submits characteristic information to server by security protocol;
Step 3: the instrument of server by with the comparison of proper characteristics information, checking characteristic information.
Described step 1 also comprises: the mobile trusted module of system uses that algorithm is encrypted characteristic information, hash and signature protection.Can ensure like this in remote proving process can not the privacy information of leakage system.
Finally only be verified, mobile terminal could continue to execute the task.
Wherein, it is described when the constraint condition in control flow check changes, described mobile terminal is measured and remote proving static attribute, when referring to that the constraint condition CONr that mobile terminal system is specified in the security strategy of control flow model occurs, relevant static attribute is measured and remote proving.Wherein, these restriction relations comprise: triggering, dependence, restriction, merging etc.; Dependence: such as only at the specific secure vpn of connection, and after having completed the operations such as certification, just can carry out process and the transmit operation of specific file.Trigger: such as once antivirus software finds that there is virus, the wooden horse appearance of high-risk, stop the operation to critical file immediately.Opposition: certain two kinds of action can not be carried out simultaneously, such as, when QQ software is opened, can not carry out the operational processes of certain critical file.Comprise: if forbid that function write by file, then also contains all similar operations write, such as network transmission, printing etc. simultaneously.Restriction: A action can retrain some partial act of B.
The present invention can be dispatched by constraint condition CONr, static attribute can be carried out to body attribute ATTs, object attribute ATTo and environment CONe repeatedly to measure and remote proving, the static attribute solving cryptographic service parts in credible calculating platform proves problem, enables checking more accurately embody system state and meets user's expection all the time.
The static attribute that Fig. 3 embodies multiple dominating pair of vertices of control flow model are relevant simultaneously carries out measuring and remote proving, and these metric point are consistent with the reference mark required in security strategy, and actual metrics point can comprise process initiation, loading, dormancy and stopping etc.
By repeatedly tolerance and the remote proving of static attribute, also embody the tolerance to an assembly special case of operating system and the static attribute of cryptographic service parts and proof, its vacuum metrics content comprises drive software integrality, software merit rating, cryptographic service ability etc.
By the static attribute remote proving of the embodiment of the present invention to computing environment, can the effective credibility of operating system in verification computation environment.
The above is only the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the prerequisite not departing from the technology of the present invention principle; can also make some improvement and replacement, these improve and replace and also should be considered as protection scope of the present invention.
Claims (6)
1., based on the static remote certification method of repeatedly tolerance of control flow model, it is characterized in that, the method comprises:
S1, service provider, according to the demand for security of user, carry out Rulemaking to the static attribute during task run, generation strategy certificate;
S2, acquisition for mobile terminal strategy certificate, and implementation strategy controls; To be mobile terminal to conduct interviews control to terminal operating system based on tactful certificate and control flow model described policy control;
S3, the mobile terminal static attribute to metric point multiple in task run is measured and remote proving; Described metric point is consistent with the reference mark in control flow model;
Described S3 specifically comprises:
S31: specify static attribute to initiate tolerance, characteristic information extraction in multiple dominating pair of vertices strategy certificates of mobile terminal system;
S32: application proxy initiates remote proving, submits characteristic information to server by security protocol;
S33: the instrument of server by with the comparison of proper characteristics information, checking characteristic information.
2. method as claimed in claim 1, it is characterized in that, described static attribute comprises the static attribute in body attribute, object attribute and/or operating system environment.
3. method as claimed in claim 1, it is characterized in that, described metric point comprises: the startup of process, loading, stopping and dormancy.
4. method as claimed in claim 1, it is characterized in that, the method also comprises: when the constraint condition in control flow check changes, and the static attribute of described mobile terminal to metric point multiple in task run is measured and the step of remote proving.
5. method as claimed in claim 1, it is characterized in that, described S31 also comprises: the mobile trusted module of mobile terminal system uses that algorithm is encrypted characteristic information, hash and signature protection.
6. method as claimed in claim 1, it is characterized in that, described control flow model is arranged in mobile terminal operating system kernel.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210587209.3A CN103020533B (en) | 2012-12-05 | 2012-12-28 | Based on the static remote certification method that control flow model is repeatedly measured |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210518640 | 2012-12-05 | ||
| CN201210518640.2 | 2012-12-05 | ||
| CN201210587209.3A CN103020533B (en) | 2012-12-05 | 2012-12-28 | Based on the static remote certification method that control flow model is repeatedly measured |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103020533A CN103020533A (en) | 2013-04-03 |
| CN103020533B true CN103020533B (en) | 2016-01-20 |
Family
ID=47969128
Family Applications (3)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210581455.8A Active CN103023922B (en) | 2012-12-05 | 2012-12-27 | Control flow model behavior based dynamic remote attestation method |
| CN201210587209.3A Active CN103020533B (en) | 2012-12-05 | 2012-12-28 | Based on the static remote certification method that control flow model is repeatedly measured |
| CN201310153721.1A Active CN103220300B (en) | 2012-12-05 | 2013-04-27 | A kind of mobile terminal system supporting dynamic remote to prove |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210581455.8A Active CN103023922B (en) | 2012-12-05 | 2012-12-27 | Control flow model behavior based dynamic remote attestation method |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310153721.1A Active CN103220300B (en) | 2012-12-05 | 2013-04-27 | A kind of mobile terminal system supporting dynamic remote to prove |
Country Status (1)
| Country | Link |
|---|---|
| CN (3) | CN103023922B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103501303B (en) * | 2013-10-12 | 2017-02-22 | 武汉大学 | Active remote attestation method for measurement of cloud platform virtual machine |
| CN103560887B (en) * | 2013-11-04 | 2016-09-28 | 深圳数字电视国家工程实验室股份有限公司 | Intelligent terminal remote attestation method and system |
| CN105528306B (en) * | 2014-09-28 | 2019-01-25 | 宇龙计算机通信科技(深圳)有限公司 | A kind of data read-write method and dual system termi-nal of dual system termi-nal |
| CN106293495A (en) * | 2015-05-22 | 2017-01-04 | 中兴通讯股份有限公司 | The date storage method of terminal unit and terminal unit |
| CN106293905B (en) * | 2015-06-09 | 2019-03-22 | 宇龙计算机通信科技(深圳)有限公司 | Resource regulating method and device based on multi-core processor |
| CN106909835B (en) * | 2016-12-28 | 2020-02-07 | 中软信息系统工程有限公司 | Method for realizing kernel integrity measurement based on CPU (Central processing Unit) space-time isolation mechanism |
| CN108171042B (en) * | 2017-11-16 | 2021-07-30 | 中国科学院软件研究所 | Trusted execution environment-based system configuration attribute certification method and system |
| CN107835185B (en) * | 2017-11-21 | 2020-10-02 | 广州大学 | Mobile terminal security service method and device based on ARM TrustZone |
| CN114640441A (en) * | 2019-06-24 | 2022-06-17 | 华为技术有限公司 | Remote certification mode negotiation method and device |
| CN110635904B (en) * | 2019-09-16 | 2020-07-31 | 绍兴文理学院 | Remote attestation method and system for software-defined Internet of things node |
| CN112667165B (en) * | 2020-12-29 | 2023-11-17 | 湖南博匠信息科技有限公司 | Data storage system and data storage method thereof |
| CN113704754A (en) * | 2021-07-05 | 2021-11-26 | 林志威 | Remote dynamic certification method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7600261B2 (en) * | 2003-03-28 | 2009-10-06 | Hewlett-Packard Development Company, L.P. | Security attributes in trusted computing systems |
| CN101902472A (en) * | 2010-07-09 | 2010-12-01 | 北京工业大学 | Method for pushing remote declaration based on behaviors in trusted network |
| CN102760213A (en) * | 2012-06-04 | 2012-10-31 | 中国电力科学研究院 | Credible Agent based MT (Mobile Terminal) credible state monitoring method |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8510859B2 (en) * | 2006-09-26 | 2013-08-13 | Intel Corporation | Methods and arrangements to launch trusted, co-existing environments |
| CN101344903A (en) * | 2008-09-02 | 2009-01-14 | 中国科学院软件研究所 | Multi-case dynamic remote certification method based on TPM |
| CN101727545A (en) * | 2008-10-10 | 2010-06-09 | 中国科学院研究生院 | Method for implementing mandatory access control mechanism of security operating system |
| CN101477602A (en) * | 2009-02-10 | 2009-07-08 | 浪潮电子信息产业股份有限公司 | Remote proving method in trusted computation environment |
| CN101888623B (en) * | 2010-05-14 | 2012-08-22 | 东南大学 | Safety service-based mobile network safety protection method |
| CN102340398A (en) * | 2010-07-27 | 2012-02-01 | 中国移动通信有限公司 | Security policy setting and determining method, and method and device for executing operation by application program |
| CN102035837B (en) * | 2010-12-07 | 2013-06-05 | 广东金赋信息科技有限公司 | Method and system for hierarchically connecting trusted networks |
-
2012
- 2012-12-27 CN CN201210581455.8A patent/CN103023922B/en active Active
- 2012-12-28 CN CN201210587209.3A patent/CN103020533B/en active Active
-
2013
- 2013-04-27 CN CN201310153721.1A patent/CN103220300B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7600261B2 (en) * | 2003-03-28 | 2009-10-06 | Hewlett-Packard Development Company, L.P. | Security attributes in trusted computing systems |
| CN101902472A (en) * | 2010-07-09 | 2010-12-01 | 北京工业大学 | Method for pushing remote declaration based on behaviors in trusted network |
| CN102760213A (en) * | 2012-06-04 | 2012-10-31 | 中国电力科学研究院 | Credible Agent based MT (Mobile Terminal) credible state monitoring method |
Non-Patent Citations (1)
| Title |
|---|
| 《基于组件属性的远程证明》;秦宇等;《软件学报》;20090630;第20卷(第6期);第1625-1641页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103023922A (en) | 2013-04-03 |
| CN103020533A (en) | 2013-04-03 |
| CN103220300B (en) | 2016-01-20 |
| CN103220300A (en) | 2013-07-24 |
| CN103023922B (en) | 2014-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103020533B (en) | Based on the static remote certification method that control flow model is repeatedly measured | |
| Hossain et al. | {Dependence-Preserving} data compaction for scalable forensic analysis | |
| Sabt et al. | Trusted execution environment: What it is, and what it is not | |
| Zhou et al. | An ever-evolving game: Evaluation of real-world attacks and defenses in ethereum ecosystem | |
| Parno et al. | Bootstrapping trust in commodity computers | |
| US8850212B2 (en) | Extending an integrity measurement | |
| Parno et al. | Bootstrapping trust in modern computers | |
| CN113302893B (en) | Method and device for trust verification | |
| Martin | The ten-page introduction to Trusted Computing | |
| US20120204020A1 (en) | Self regulation of the subject of attestation | |
| Böck et al. | Towards more trustable log files for digital forensics by means of “trusted computing” | |
| US11659005B2 (en) | Systems and methods for self-protecting and self-refreshing workspaces | |
| TW202225965A (en) | Creating and handling workspace indicators of compromise (ioc) based upon configuration drift | |
| US20230068721A1 (en) | Method and system for dynamic testing with diagnostic assessment of software security vulnerability | |
| Beekman | Improving cloud security using secure enclaves | |
| Gallery et al. | Trusted computing: Security and applications | |
| US20230179613A1 (en) | Detecting security attacks using workspace orchestration logs | |
| Zhang et al. | Design, implementation and verification of cloud architecture for monitoring a virtual machine's security health | |
| US11586738B2 (en) | Systems and methods for evaluating security risks using a manufacturer-signed software identification manifest | |
| US11336655B2 (en) | Multilevel authorization of workspaces using certificates | |
| US20230153426A1 (en) | Hardware-based protection of application programming interface (api) keys | |
| Ozga et al. | Chors: Hardening high-assurance security systems with trusted computing | |
| Park et al. | A tiny hypervisor-based trusted geolocation framework with minimized TPM operations | |
| US20220200806A1 (en) | Trusted local orchestration of workspaces | |
| Ottenheimer et al. | Securing the virtual environment: How to defend the enterprise against attack |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |