Security Analysis For Chain Of Trust Of Trusted Computing Platform

The rapid development of Internet technology has led the information sharing into a completely new era. While the productivity has been improving greatly, it also brings great challenge to information system security. Currently, information system security is facing an austere situation, and security accidents are taking place frequently but at the same time only passive defense measures for information system are taken. These measures set up security defense at the outside of the core resources and put the protection center on them without considering endpoint security that is the origin of the problem. As we know, hardware architecture and operating system are the foundations of information security, besides cryptography and network security technologies are key technologies. In order to enhance the security level of information system, we must take actions from the bottom of the system, accompanying with the cryptography and network security technologies. Trusted Computing and Chain of Trust are the very mechanisms to solve the security problems of information system from this perspective. They have been the hot research fields, leading the development trend of information system security.At present, the researches and applications of Trusted Computing have yielded substantial achievements. Many research organizations have been taking deep researches into Trusted Computing theory and technology, but Trusted Computing itself is still in a situation which the development of technology exceeds the development of theory. This paper focuses on analyzing security of Chain of Trust for Trusted Computing Platform. Starting with security models;analyzes formally the problems that contain compliance and security of specifications for Chain of Trust; puts forwards a specific security model for Chain of Trust; investigates in integrity measurement, security model, compliance testing, security testing and applications, and conducts some customized researches which yield the following results:1. Aiming at current situation of architecture of Trusted Computing Platform that is low bandwidth, lacks symmetrical cryptogram algorithm, and does not let hardware be archor of integrity measurement. We put forward a china-specific Trusted Computing Platform architecture based on Trusted Computing Control Module by adding in several high speed bus for application requirements, importing commercial cryptogram algorithm and putting root of trusted measurement into chip, which could solve existent security problems effectively.2. Aiming at the problem that TCG specification of Chain of Trust is hard to be formalized. We advance an interactive model based on security process algebra for Chain of Trust, and abstract specification into three entities’communication. Then, we continue to bring forward an interface model for refining all inputs and outputs, and classify all of them into two levels. The Chain of Trust is treated as a composition system composed by three entities. By using non-deducibility model, we describe security properties from bisimulation semantic angle, and advance a proposition that when the relationship between set of high-level allelomorph actions and set of synchronization actions is onto function, then composition system satisfies security properties on composition.3. Aiming at the testing difficulty on gap between specification and implementation, we divide testing structure into CRTM testing, event testing and state testing. As to event testing, we reduce the testsuite by analyzing specification and get testing set for testing Trusted Computing Platform. Then, we validate the result proposed in step 2 by security testing, and approve the correctness of proposition. Finally, we also find insecure functions dependency of interface in Trust of Chain, which could let remote attenstation be danger.4. Aiming at requirements of cloud computing, we put forward a new secure bootstrap for cloud computing for letting TPM participate in judging condition context. At the same time, aiming at the problem TCG’s remote attestation is hard be to come true under cloud computing environment, combing virtulization technology, we bring forward a new scheme of remote attestation based on TPM delegation. One side, this scheme could simplify trivial of TCG’s remote attestation. On the other hand, this method could lighten burden of TPM by delegating TPM’s cryptogram functions to VMM, and enhance efficiency of service for applications.