论文信息 - An Integrity Protection Model for the Keys of Trusted Platform Module

An Integrity Protection Model for the Keys of Trusted Platform Module

The trusted computing group (TCG) has set down and issued Trusted Platform Module (TPM) specification, and the security of the trusted computing system relies on the security of TPM. In this paper, the relationship between the keys inside TPM and TPM users has been established by analyzing the access control mechanism of TPM. The fact that a malignant user of a child key can break the integrity of the parent key has been found. Without changes of the physical TPM structure, a security model of protecting the integrity of the inner key of TPM has been set up. This model introduces BIBA in addition to the original access control mechanism of the inner keys of TPM. Both the integrity security constraint and the access control mechanism have been implemented to enhance the security of the trusted computing system.

Huanguo Zhang | Shiwei Xu

[1] K. J. Bma. Integrity considerations for secure computer systems , 1977 .

[2] D. Elliott Bell. Secure Computer Systems: A Refinement of the Mathematical Model , 1974 .

[3] Timothy Fraser,et al. LOMAC: Low Water-Mark integrity protection for COTS environments , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[4] Zhenfu Cao,et al. Survey of information security , 2007, Science in China Series F: Information Sciences.

[5] Stefan Berger,et al. vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[6] Ahmad-Reza Sadeghi,et al. Reconfigurable trusted computing in hardware , 2007, STC '07.

[7] Shen Chang-xiang,et al. Secrecy/Integrity Union MLS Policy Based on Trusting Computing , 2006 .