计算机科学 ›› 2016, Vol. 43 ›› Issue (6): 146-151.doi: 10.11896/j.issn.1002-137X.2016.06.030

• 信息安全 • 上一篇    下一篇

基于可信计算平台的审计日志安全存储系统

成茂才,徐开勇   

  1. 解放军信息工程大学密码工程学院 郑州450001,解放军信息工程大学密码工程学院 郑州450001
  • 出版日期:2018-12-01 发布日期:2018-12-01
  • 基金资助:
    本文受国家自然基金项目:密码片上系统安全模型结构与验证方法研究(61072047)资助

Audit Log Secure Storage System Based on Trusted Computing Platform

CHENG Mao-cai and XU Kai-yong   

  • Online:2018-12-01 Published:2018-12-01

摘要: 针对计算机审计系统中存在的日志的安全性问题,结合TPM(Trusted Platform Module)提供的安全存储、密钥生成和密码运算功能,提出一种面向可信计算平台的审计日志安全存储系统。该系统的意义在于保证日志传输过程中和存储状态下的安全性,并对密钥的存储管理结构进行优化,解决了可信计算平台密钥管理体制中存在的密钥同步问题,从整体上增强了平台密钥管理的安全性。最后进行日志完整性认证算法的安全性分析和密钥使用的复杂度分析,通过实验表明该日志存储系统有较好的安全性和实用性。

关键词: 可信计算平台,安全审计,安全存储,密钥管理

Abstract: Aiming at the log security issues existing in computer audit system,this paper proposed an audit log security storage system,combined with the secure storage,key generation and cryptographic operation functions provided by TPM (Trusted Platform Module).The significance of this system is to ensure the security of log transfer and storage,optimize the key storage management mechanism,and solve the key synchronization problem existing in the trusted computing platform key management mechanism,which enhances key management security of platform as a whole.In the end,we analyzed the security of log integrity authentication algorithm and the complexity of key usage.Experimental result shows that this log storage system is safe and practical.

Key words: Trusted computing platform,Secure audit,Secure storage,Key management

[1] Shi Wen-chang.Development of secure operating system re-search[J].Computer Science,2002,29(6):5-12(in Chinese) 石文昌.安全操作系统研究的发展[J].计算机科学,2002,29(6):5-12
[2] Ding Li-ping,Zhou Bo-wen,Wang Yong-ji.Capture and Storage of Digital Evidence Based on Security Operating System[J].Journal of Software,2007,18(7):1715-1729(in Chinese) 丁丽萍,周博文,王永吉.基于安全操作系统的电子证据获取与存储[J].软件学报,2007,18(7):1715-1729
[3] Rashidi P,Cook D J,Holder L B,et al.Discovering activities to recognize and track in a smart environment[J].IEEE Transactions on Knowledge and Data Engineering,2011,23(4):527-539
[4] Yuan Chun-yang,He Ye-ping,Pan Xue-jian,et al.DevelopingHigh-assurance Secure Information System According to Common Criteria[J].Computer Science,2007,34(2):17-21(in Chinese) 袁春阳,贺也平,潘学俭,等.使用CC标准开发的高保证安全信息系统[J].计算机科学,2007,34(2):17-21
[5] Liu Hai-feng,Qing Si-han.Design and Realization of Auditing in Secure OS [J].Computer Research and Development,2001,38(10):1262-1268(in Chinese) 刘海峰,卿斯汉.安全操作系统审计的设计与实现[J].计算机研究与发展,2001,38(10):1262-1268
[6] Vossaert J,Lapon J,De Decker B,et al.User-centric identity management using trusted modules[J].Mathematical and Computer Modelling,2013,57(7):1592-1605
[7] Shen Chang-xiang,Zhang Huan-guo,Wang Huai-min,et al.Research and development of trusted computing [J].Chinese Science:Information Science,2010,40(2):139-166(in Chinese) 沈昌祥,张焕国,王怀民,等.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166
[8] Peng Cheng,Yang Lu-ming,Man Jun-feng.Research on Partly Tokenized Software Behavior Footprints[J].Computer Systems,2013,34(3):466-470(in Chinese) 彭成,杨路明,满君丰.带部分标记的软件行为踪迹研究[J].小型微型计算机系统,2013,34(3):466-470
[9] Sderstrm O,Moradian E.Secure Audit Log Management[J].Procedia Computer Science,2013,22:1249-1258
[10] Accorsi R,Wonnemann C,Stocker T.Towards forensic dataflow analysis of business process logs[C]∥2011 Sixth International Conference on IT Security Incident Management and IT Forensics (IMF).IEEE,2011:3-20
[11] Shen Guo-hua,Huang Zhi-qiu,Qian Ju,et al.Research on Software Trustworthiness Evaluation Model and Its Implementation[J].Computer Science and exploration,2011,5(6):553-561(in Chinese) 沈国华,黄志球,钱巨,等.软件可信评估模型及其工具实现[J].计算机科学与探索,2011,5(6):553-561
[12] Song Cheng.Research on Some Key Technologies of Trusted Computing Platform[D].Beijing:Beijing University of Posts and Telecommunications,2011(in Chinese) 宋成.可信计算平台中若干关键技术研究[D].北京:北京邮电大学,2011
[13] Yi Fei.Safe Storage with Auto-Rolling Encryption Under Linux Ooperating System[D].Shanghai:Shanghai Jiaotong University(in Chinese) 易飞.基于滚动加密在Linux文件系统下的安全存储技术[D].上海:上海交通大学,2010
[14] Qian Quan,Wang Tian-hong,et al.Cyclic Key Update Scheme Based on Sharing Group for Distributed Secure Storage[J].Journal of Shanghai University,2013,9(1):39-43(in Chinese) 钱权,王天宏,等.分布式安全存储中基于共享组的周期性密钥更新[J].上海大学学报,2013,9(1):39-43
[15] Bellare M,Yee B S.Forward Intergrity for Secure Audit Logs[D].USA:University of California,1997
[16] Tarada T,Koike H.NIGELOG:Protecting Logging Information by Hiding Multiple Backups in Directorie[C]∥Proc.of International Workshop on Electronic Commerce and Security.IEEE Press,1999:874
[17] Hommes,State S R,Engel T.A distance-based method to detect anomalous attributes in log files[C]∥Network Operations and Management Symposium (NOMS).IEEE,2012:498-501
[18] Schmidt A U,Leicher A,Brett A,et al.Tree-formed verification data for trusted platforms[J].Computers & Security,2013,32:19-35
[19] Franklin M.A survey of key evolving cryptosystems[J].International Journal of Security and Networks,2006,1(1):46-53
[20] Ma D,Tsudik G.A new approach to secure logging[C]∥Proceedings of the 22nd Annual IFTP WG 11.3 Working Confe-rence on Data and Applications Security.2008:48-63
[21] Teeter R,Alles M,Vasarhelyi M A.Remote Audit:A research framework[J].Ssm Electronic Journal,2010
[22] Huang Ning-yu,Li Shuang,Song Shi-bin.Research on SecureStorage Scheme for Public Data Platform[J].Journal of Wuhan University (Natural Science Edition),2012,8(S1):61-64(in Chinese) 黄宁玉,李爽,宋式斌.公共数据平台上数据安全存储方案研究[J].武汉大学学报(理学版),2012,8(S1):61-64
[23] Wu Xiao-ping,Zhao Bo,Zhang Huan-guo.Secure Key Management of Mobile Agent Based on TPM[J].Computer Science,2009,36(5):65-67(in Chinese) 武小平,赵波,张焕国.基于 TPM 的移动代理安全密钥管理[J].计算机科学,2009,36(5):65-67
[24] Accorsi R,Stocker T.Automated privacy audits based on pru-ning of log data[C]∥Enterprise Distributed Object Computing Conference Workshops,2008 12th.IEEE,2008:175-182

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!