Establishment And Implementation Of A Trusted Computing Dynamic Integrity Measurement Model

With the popularization of network information technology, information security situation has become more serious. Although many research institutions continue to introduce a variety of methods to fend off network attacks, not the terminal security. Because a lot of security risks are from the terminal, so we protect the terminal by the trusted computing ideas. The trusted Computing extends the trust boundaries to the whole of the computing platform, or even the entire network by integrity measurement method based on a trusted root. Currently Integrity Measurement theory and implementation focused on the static integrity measurement, the dynamic integrity measurement is lack of mathematical models and technical concepts.This paper analyzes the characteristics of the current mathematical model of the dynamic integrity measurement, establishing multistage dynamic integrity measurement model based on information flow, describing the model rules and theorems based on formal language. Then the paper designs a method of the dynamic integrity measurement, giving the organization chart and the implementation process of the measurement method. Finally, the paper implements buffer overflow attacks and prototype system, and the effect to prevent system buffer overflow attacks was experimentally verified.(1) The paper offers a dynamic integrity measurement model based on information flow multistage to solve the problem that is lack of the mathematical model of the dynamic integrity measurement. The model uses the classic information flow integrity policy, and gives the system’s integrity measurement processing rules to solve the problem when the information flow integrity policy is destroyed, This dynamic integrity measurement model is more secure and easier to use than the conventional model.(2) Because the current dynamic measurement methods cannot effectively ensure data integrity and has the widespread TOU-TOC problem, this paper proposes a integrity measurement method based on the page-based protection and control of the dynamic execution, which adopted memory pages writing protection and the NX bit inspection techniques to discover potentially malicious modification this method is useful for ensuring the integrity of the code page and eliminating possible security issues. For another, the paper uses the write-protect to solve the TOU-TOC problem when the integrity measurement is running.(3)The paper proposes the level of protection mechanism against the buffer overflow attacks. It makes use of address space randomization technique to reduce the success rate of buffer overflow attacks, and uses the dynamic integrity measurement methods, to reduce the effects of the buffer overflow attacks.