The Research Of Automated Trust Negotiation Based On Trusted Computing Platform

It’s the premise that establishing a trust relationship between strangers in thenetwork environment to realize the sharing resources and interoperability. Automatedtrust negotiation as a new access control technology, establishing a trust relationshipbetween strangers in different security domains effectively, so as to realize thedynamic authorization. The trust negotiation must focus on considering the problemof privacy protection and how to improve negotiation efficiency. The main idea oftrusted computing is to add security chip inside the terminal platform as theunderlying root of trust, combined with other hardware, firmware and software, usingintegrity measurement step by step from bottom to top to build a chain of trust, aimedat the terminal platform become a trusted operating environment.The article first made a study of trusted computing platform, mainly including:platform architecture, each functional components of the TPM and platform principlemechanism. And then study the automated trust negotiation, including relatedconcepts and architecture of it. XML based policy language, common attacks andprevention. As the trusted PC is currently the most widely trusted computing platform,the paper presents an automated trust negotiation framework based on trusted PC.Front to rear, we described the structure and function of the trusted PC, proposed theoverall structure diagram of the framework, described the function of each module.Among them, leading into the concept of trust domain, proposed a new trustevaluation method, and described the process of trust negotiation which based on theframework completely. The typical example of ATN is applied in the ATN frameworkby this paper, we intuitively described negotiation process using two extremestrategies and adaptive strategy which mixed the trust together. Comparing timeoverhead in a variety of situations, we highlight the efficiency advantages ofnegotiation using the adaptive strategy, and give theoretical security analysis aboutthe entire negotiation framework. Finally, concluded and pointed out the researchdirections of the ATN framework model in the future.