Journal of Software:2009.20(6):1625-1641

(中国科学院 软件研究所 信息安全国家重点实验室,北京 100190;中国科学院 研究生院,北京 100049)
Component Property Based Remote Attestation
QIN Yu,FENG Deng-Guo
Chart / table
Similar Articles
Article :Browse 4792   Download 4843
Received:November 26, 2007    Revised:April 02, 2008
> 中文摘要: 提出了一个组件级的细粒度属性证明方案,用于向远程依赖方证明用户平台满足某种安全属性.与现有的远程证明方案相比,组件属性远程证明具有一定的语义和属性表述性等优势.该方案不但证明粒度细和扩展性强,而且属性证书的颁发、验证和撤销实现简单;本方案以组件承诺的方法保证属性证明的真实性,采用零知识证明实现平台组件的隐私性.基于强RSA假设,在Random Oracle模型下可被证明是安全的.实现的原型系统实验结果表明,组件属性证明是一种灵活、实用、高效的证明,对系统性能没有影响.
Abstract:A fine-grained property attestation based on the components is proposed to prove that the user platform satisfies the security property predefined by remote relying party. Compared with other remote attestation schemes, CPBA (component property based attestation) has the advantage of semantic and property expression to some extent. It is not only more fine-grained and extensive, but also easier to implement issuing, verifying and revoking the property certificate. CPBA guarantees the authenticity of attestation by component commitment, and protects the privacy of platform components by zero-knowledge proof. It is proved secure in Random Oracle Model under strong RSA Assumption. The experimental result of its prototype system indicates that CPBA is a flexible, usable, highly efficient attestation, and has no influence on system performance.
文章编号:     中图分类号:    文献标志码:
基金项目:Supported by the National High-Tech Research and Development Plan of China under Grant No.2007AA01Z412 (国家高技术研究发展计划(863)) Supported by the National High-Tech Research and Development Plan of China under Grant No.2007AA01Z412 (国家高技术研究发展计划(863))
Foundation items:
Reference text:


QIN Yu,FENG Deng-Guo.Component Property Based Remote Attestation.Journal of Software,2009,20(6):1625-1641