The Research And Application Of Integrity Protection Mechanisms For Trusted Software

In the field of security, software integrity provides a different perspective on evaluation of software’s running state. Software integrity represents software’s trustworthiness. While software is loaded from the file system into memory, software program files is integrity represent that initial state is trustworthiness, how to pass down this trust, is a great challenge for current research. The general thought, software integrity in running state includes two parts:(1) the running state of software is integrity;(2) control flow of software is integrity. The former represents:in running state, software’s code, static data, dynamic data and stack, cann’t be unauthorized modifications. The later reperesents:the runtime execution path and the software flow chart of the static code is consistent, namely the behavior of the software can not be unauthorized users by any means to change and manipulate.The software is divided into trust and untrusted, conducive to the difference between different reliability software, so the construction of software integrity protection mechanism can more targeted.Integrity protection include protection strategies and mechanisms for the protection of the content of the two part, the former to define how the system is complete, and the latter to clear the system to protect the integrity of the concrete realization way. Isolation protection mechanism and protection strategy is a common practice, namely according to the concrete system construction to protect the mechanism suitable, then on this basis the implementation of specific conservation strategies. Protection mechanism determines the integrity protection granularity and performance cost, and protection strategies are specific rules to protect the. A software is complete, is it meet the integrity protection strategy for a given. The underlying operating system kernel is trusted software system, is an important component of the trusted computing base, and credible theory, trust is to start from the trusted computing base, the establishment of a trust chain, a certification level, a level of trust, the trust is extended to the whole computer system, so as to ensure the whole the computer system is trusted. The visible and the integrity of the kernel is the integrity of the entire system.This paper mainly studies the trusted software protection mechanism, to protect the integrity of the mechanism of trusted software is discussed, and mainly introduces the related work of kernel integrity protection mechanism. According to the analysis of all kinds of software integrity protection mechanism, found that the use of the virtual machine monitor implementation reference validation mechanism is an implementation of integrity protection mechanism of the trend. Then research of virtualization technology and Xen virtual machine monitor learning, find and demonstrate the Xen virtual machine monitor is suitable for constructing kernel integrity protection reference validation mechanism.Then, this paper designs a kind of kernel integrity protection mechanism based on Xen virtual machine monitor, which is a monitoring scheme based on reference verification machine. Specifically, the non memory mapping trusted kernel expansion module and isolation in the non authority domain Xen, and authorization form the two communication mechanism to simulate the interaction process between the kernel and non authority domain by means of event channel Xen. So, it can be the intermediary between the two, in order to achieve the non trusted kernel extended to monitor any possible damage behavior of the kernel module. Finally, this paper gives the design process to achieve the feasibility of this design and verification.