计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (11A): 240200109-6.doi: 10.11896/jsjkx.240200109

• 交叉&应用 • 上一篇    下一篇

基于可信平台控制模块的信任评估系统研究

黄坚会1,2, 张江江1,2, 沈昌祥1,2, 张建标1,2, 王亮3   

  1. 1 北京工业大学信息学部 北京 100124
    2 可信计算北京市重点实验室 北京 100124
    3 上海算石科技有限公司 上海 201203
  • 出版日期:2024-11-16 发布日期:2024-11-13
  • 通讯作者: 张江江(jiangofyouth@163.com)
  • 作者简介:(jackweyhuang@163.com)
  • 基金资助:
    北京市自然科学基金(M21039)

Study on Trust Evaluation System Based on Trusted Platform Control Module

HUANG Jianhui1,2, ZHANG Jiangjiang1,2, SHEN Changxiang1,2, ZHANG Jianbiao1,2, WANG liang3   

  1. 1 Faculty of Information Technology,Beijing University of Technology,Beijing 100124,China
    2 Beijing Key Laboratory of Tusted Computing,Beijing 100124,China3 Shanghai Suanshi Technology CO.,LTD,Shanghai 201203,China
  • Online:2024-11-16 Published:2024-11-13
  • About author:HUANG Jianhui,born in 1979,Ph.D.His main research interests include cyberspace security and trusted computing.
    ZHANG Jiangjiang,born in 1994,Ph.D.His main research interests include cyberspace security and big data mode-ling.
  • Supported by:
    Natural Science Foundation of Beijing,China(M21039).

PDF (PC)

155

摘要: 现有的可信评估都是基于计算机软件扫描或可信模块通过本机报告或网络远程证明来实现的,这提供了本机执行环境构建过程及运行态的可信度量保障,但从网络应用角度来看,还存在着系统性的安全风险。文中提出一种在可信平台控制模块(TPCM)内部增加实现的网络节点信任评估方法来解决这个问题。该方法在双体系架构(计算+防御)下通过防御单元的TPCM来实现快速可靠的信任评估系统,评估后的可信值通过TPCM进行存储和维护。该方案既避免设备受攻击后的伪造,又释放了CPU的计算资源。通过研究基于TPCM支撑的网络节点信任评估系统,实现了轻量级计算机网络平台节点可信性的系统性评估,保障了网络的安全可信运行。

关键词: 可信平台控制模块, 信任评估, 安全可信, 动态度量, 可信计算3.0

Abstract: The existing trust assessment is based on computer software scanning or trust modules that are achieved through local reporting or remote network authentication,which solves the trust measurement guarantee for the construction process and running status of the local execution environment.However,from the perspective of network applications,there are still systemic security risks.This paper proposes a network node trust evaluation method that adds implementation within the trusted platform control module(TPCM) to address this issue.This method achieves a fast and reliable trust evaluation system under a dual architecture(computing+defense) through the TPCM of defense units,and the evaluated trust values are stored and maintained through TPCM.This scheme not only avoids device forgery after being attacked,but also frees up CPU computing resources.This paper studies a network node trust evaluation system based on TPCM support to achieve a systematic evaluation of the cre-dibility of lightweight computer network platform nodes,ensuring the safe and reliable operation of the network.

Key words: TPCM, Trust evaluation, Safe and trust, Dynamic measurement, Trusted computing 3.0

中图分类号: 

  • TP393
[1]ALWARAFY A,AL-THELAYA K A,ABDALLAH M,et al.A survey on security and privacy issues in edge-computing-assisted internet of things[J].IEEE Internet of Things Journal,2020,8(6):4004-4022.
[2]LIU L,MA Z,MENG W.Detection of multiple-mix-attack malicious nodes using perceptron-based trust in IoT networks[J].Future Generation Computer Systems,2019,101:865-879.
[3]SOUISSI I,AZZOUNA N B,SAID L B.A multi-level study ofinformation trust models in WSN-assisted IoT[J].Computer Networks,2019,151:12-30.
[4]HE Y,YU F R,WEI Z,et al.Trust management for secure cognitive radio vehicular ad hoc networks[J].Ad Hoc Networks,2019,86:154-165.
[5]LU Z,QU G,LIU Z.A survey on recent advances in vehicular network security,trust,and privacy[J].IEEE Transactions on Intelligent Transportation Systems,2018,20(2):760-776.
[6]DAS R,DASH D,SARKAR M K.HTMS:fuzzy based hierarchical trust management scheme in WSN[J].Wireless Personal Communications,2020,112(2):1079-1112.
[7]ALNASSER A,SUN H,JIANG J.Recommendation-based trust model for vehicle-to-everything(V2X)[J].IEEE Internet of Things Journal,2019,7(1):440-450.
[8]SHAYESTEH B,HAKAMI V,AKBARIA.A trust manage-ment scheme for IoT-enabled environmental health/accessibility monitoring services[J].International Journal of Information Security,2020,19(1):93-110.
[9]SHEN C X.Building Cyber Security Defense by Trusted Computing 3.0[J].Journal of Information Security Research,2017,3(4):290-298.
[10]GB/T 40650-2021.可信平台控制模块[S].北京:中国标准出版社,2021.
[11]HUANG J H,SHEN C X,XIE W L.The TPCM 3P3C Defense Architecture of Safety and Trusted Platform [J].J.Wuhan Univ.(Nat.SCI.Ed.),2018,64(2):109-114.
[12]ZHANG J,NING Z,CAO H.An Intelligent Trusted Edge Data Production Method for Distributed Internet of Things,Neural Computing and Applications[J].Neural Computing & Applications,2023,35(29):21333-21347.
[13]ZHANG J,NING Z,WAQAS R A M,et al.A Many-objective Ensemble Optimization Algorithm for the Edge Cloud Resource Scheduling Problem[J],IEEE Transactions on Mobile Computing,2023,23(2):1330-1346.
[14]SINGH J,BELLO Y,HUSSEINA R,et al.Hierarchical Security Paradigm for IoT Multiaccess Edge Computing[J].IEEE Internet Things J.,2021,8(7):5794-5805.
[15]ZHANG P,JIANG C,PANG X,et al.STEC-IoT:A Security Tactic by Virtualizing Edge Computing on IoT[J].IEEE Internet Things J.,2021,8(4):2459-2467.
[16]BASSET M A,MANOGARAN G,MOHAMED M.A Neutrosophic theory based security approach for fog and mobile-edge computing[J].Computer Networks,2019,157:122-132.
[17]ELGENDY I A,ZHANG W,TIAN Y C,et al.Resource allocation and computation offloading with data security for mobile edge computing[J].Future Generation Computer Systems,2019,100:531-541.
[18]TSAI J L,LO N W.A Privacy-Aware Authentication Schemefor Distributed Mobile Cloud Computing Services[J].IEEE Systems Journal,2017,9(3):805-815.
[19]HUANG B,LI Z,TANG P,et al.Security modeling and efficient computation offloading for service workflow in mobile edge computing[J].Future Generation Computer Systems,2019,97:755-774.
[20]AAKASH B,ZACHARY E,ZACHARY K,et al.Graph Context Encoding for Neural Source Code Summarization[J].IEEE Transactions on Software Engineering,2023,49(9):4268- 4281.
[21]HUANG J H,SHEN C X.Trusted Platform Design of Serverwith TPCM Active Defense [J].Journal of Zhengzhou University(Natural Science Edition),2019,51(3):1-6.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发