Research On Software Trustworthiness Based On Virtualized Frusted Platform

Trusted computing technology from the hardware structure layer effectively improves the security of the computer which has become one of the new hot spots in new hotspot in the field of information security. With rapid development and wide application of virtualization technology, it is the most effective solution of trusted computing to combine virtualization technology and trusted computing technolohy in industry. But, there are still some problems in the development of virtualized trusted platform.Firstly, the lack of trust chain extension of the physical platform to a virtual platform can not ensure the trustworthiness of the virtual client systems.Secondly, theoretical researches are behind technical practice. There are not yet generally accepted software measurement models founded based on virtual trusted platform.In order to solve above problems, a two-stage strategy virtualized trusted system measurement model-TSVTMM is proposed. Based on the model, the integrity measurement method for the software trustworthiness properties is proposed;TCG standard data sealing is improved and the solution of data sealing for the trust software integrity measurement list(TSIML) is proposed; The dynamical trusted evaluation of the software behavior is proposed based on the actual demand of TCG dynamic measurement;The new construction method of the membership function KDFSVM based on fuzzy theory and fuzzy support vector machine FSVM is proposed in order to improve prediction accuracy and recognition rate of the software behavior.The followings are main research results and innovations:(1) In order to solve TCG trust chain extension can not ensure the trustworthiness of the virtual client system,the two-stage strategy virtualized trusted system measurement model-TSVTMM is proposed.There are two phases of integrity measurement and dynamic trusted evaluation based on loading and running of the software,and loading and running of the software is controlled in different ways and strategies.In integrity measurement phase,the integrity of the trusted attribute information of the software is verified.In dynamic trusted evaluation stage,the software behavior is evaluated by monitoring the actual behavior,dynamic analysis and trend forecasting.TCG trust chain extends to TSVTMM to ensure own security of TSVTMM.This model is easy to implement,and it has good scalability.(2) In order to solve the problem of the platform configuration update, the new solution of data sealing is proposed.Standard sealing relatively invariable virtualized underlying states combines with property sealing variable guest virtual machine states.This method solves the problem of the repeated sealing because of frequent changes of the guest virtual machine.(3) Starting from trustworthiness of the software behavior, according to actual demands of dynamic measurement, the method of dynamic trusted evaluation of the software behavior is proposed. The behavior traces are measured during the software running, and it is judged wether the actual behavior is as expected according to the trusted strategy. The granularity of the mechanism of trustworthiness is refined to the level of software behavior. Experimental results show that the method has a good performance on pattern learning, recognition, and projection of the software behavior under conditions of limited samples.(4) In order to improve the accuracy of recognition of fuzzy support vector machine (FSVM) to the software behavior, the new construction method of fuzzy membership function KDFSVM is proposed based on fuzzy theory. The method improve the traditional distance fuzzy membership DFSVM by introducing the tightness of each sample point p and p, which is the proportion of k nearest neighbor belonging to the same class, to construct the membership function. Experimental results show that the KDFSVM improves the classification accuracy rate of the Software behavior significantly.In short, the research on software trustworthiness based on virtualized trusted platform can promote a healthy development of virtualization technology and trusted computing technology.