Component Property Based Remote Attestation

Abstract

PDF HTML阅读 XML下载 导出引用 引用提醒 基于组件属性的远程证明 DOI: 作者: 作者单位: 作者简介: 通讯作者: 中图分类号: 基金项目: Supported by the National High-Tech Research and Development Plan of China under Grant No.2007AA01Z412 (国家高技术研究发展计划(863)) Component Property Based Remote Attestation Author: Affiliation: Fund Project: 摘要 | 图/表 | 访问统计 | 参考文献 | 相似文献 | 引证文献 | 资源附件 | 文章评论 摘要:提出了一个组件级的细粒度属性证明方案,用于向远程依赖方证明用户平台满足某种安全属性.与现有的远程证明方案相比,组件属性远程证明具有一定的语义和属性表述性等优势.该方案不但证明粒度细和扩展性强,而且属性证书的颁发、验证和撤销实现简单;本方案以组件承诺的方法保证属性证明的真实性,采用零知识证明实现平台组件的隐私性.基于强RSA假设,在Random Oracle模型下可被证明是安全的.实现的原型系统实验结果表明,组件属性证明是一种灵活、实用、高效的证明,对系统性能没有影响. Abstract:A fine-grained property attestation based on the components is proposed to prove that the user platform satisfies the security property predefined by remote relying party. Compared with other remote attestation schemes, CPBA (component property based attestation) has the advantage of semantic and property expression to some extent. It is not only more fine-grained and extensive, but also easier to implement issuing, verifying and revoking the property certificate. CPBA guarantees the authenticity of attestation by component commitment, and protects the privacy of platform components by zero-knowledge proof. It is proved secure in Random Oracle Model under strong RSA Assumption. The experimental result of its prototype system indicates that CPBA is a flexible, usable, highly efficient attestation, and has no influence on system performance. 参考文献 相似文献 引证文献