| With cloud computing, mobile Internet platform, wireless communication technology and Internet business rapid development and widely applications, These applications provide a great convenience and endless business opportunities to us, all of these have changed our lives greatly, but at the same time, these changes also bring a variety of network security issues, having hindered the further development of Internet technology. In this context, the trusted computing has emerged, which can improve computer security level from before the software level to the hardware level, the trusted computing can greatly enhance the computer privacy protection of the Internet and anti-outside attack performance.As a branch of trusted computing, remote attestation mainly focused on solving the issue of "trust", that is the mutual authentication problem during communication between computers. Up to now, remote attestation program has a variety of classifications, mainly including:binary remote attestation program, property-based remote attestation program, based attributes and module attribute-based remote attestation program. The principle of binary remote attestation program to verify the computer credibility is relying on trusted platform configuration information PCR. Though this kind of verification is very simple, however, it can leak computer hardware and software information. The second option will make judgement on the correctness of user platform attribute certificate by using convert configuration into attributes. The real-time difference and attribute certificate credibility of this program is very low. The module attribute-based remote attestation program can narrow the prove range, but there are a lot of safety and efficiency deficiencies of the program. Based these program’s features, an improved module attribute-based remote attestation protocol has been proposed, the following three aspects are the keys for the improved program:1. The thesis summarizes and analyzes the existing binary remote attestation program, property-based remote attestation program and module attribute-based remote attestation program, and points out the strengths and weaknesses of existing programs.2. The thesis proposes an improved remote attestation protocol based module attribute of remote attestation program. The new protocol uses blind signcryption of self-certified public key algorithm to replace the original signcryption signature and encryption process, and improve the safety and efficiency of the program.3. A realization of a prototype model of the protocol is given, the module mechanism, computing process and operating efficiency of each component in this model is analyzed. |
PDF Full Text Request