Font Size: a A A

Research And Design Of Website Anti-tampering Architecture Based On Trusted Computing

Posted on:2021-04-06Degree:MasterType:Thesis
Country:ChinaCandidate:S J ZhangFull Text:PDF
GTID:2518306047486694Subject:Master of Engineering
Abstract/Summary:
With the rapid development of Internet technology,portals with information release and application hosting as the main business trends are playing an important role in the public domain and become an important distribution channel for policies and regulations and industry information.At the same time,due to the defect and complexity of the information system technology itself,there are security risks at the bottom of the system,which are easily attacked by malicious Trojans and network viruses.In particular,there are portals with important functions,such as government,finance,and school websites.The information on these portals is accurate,truthful and effective.However,while providing convenient information inquiry services for the public,the website itself is exposed to the complex Internet environment.Some criminals and stakeholders will use illegal means.Websites are destroyed and stolen.Among various attacks,attacks with information tampering,Trojan implantation,and reactionary slogans are the worst.It directly damages the image of the government and institutions,and even uses false information to damage the interests of enterprises and the public.In order to prevent major portals from being threatened by hacker technology and avoid infringement of social and public interests.Through research on various web content monitoring technologies,WAF-based website protection technologies,website content protection technologies,and various anti-tampering technologies,it is finally determined to use a trusted computing-based website anti-tampering architecture to solve various website security issues.This paper mainly studies website anti-tampering technology,trusted computing technology and blockchain concepts,organizes and extracts some important theories and system architecture ideas,designs website anti-tampering architecture based on trusted computing,and uses password encryption,To achieve safe data transmission,information sharing,data tamper resistance,to achieve part of the website anti-tampering system functions,completed a simple website anti-tampering system.With the help of cryptography,trusted computing technology,and blockchain concepts,the feasibility of this architecture has been verified,making hardware,application,and data trusted in the computing environment.The website anti-tampering architecture based on trusted computing is composed of trusted computing platform,blockchain technology and anti-tampering monitoring module.The trusted computing platform adopts an independent and controllable dual system architecture.The trusted platform control module(TPCM)performs trusted measurements on the hardware and software basic components such as CPU,motherboard,memory,and operating system,and provides functions such as encrypted computing and key storage Then,the Trusted Software Base(TSB)measures,judges,and controls system applications to complete the establishment of a trusted chain in the computing environment.Blockchain technology mainly uses blockchain data structures,encryption algorithms,peer-to-peer networks,and consensus algorithms to achieve encryption,verification and distributed storage of website files.The anti-tampering monitoring module adopts a triggering monitoring mechanism and introduces the support of a trusted password module to verify the accessed web page and return the result.The innovative work of this article is as follows:1.Use a trusted computing platform to implement active measurement to ensure the security of a single-node computing environment,and use a trusted password module to implement encryption algorithms and key management;2.Introduce blockchain technology to ensure data security,realize web page file encryption and digital summary uploading;3.Design and realize the integration of website anti-tampering and blockchain technology,and reliable synchronization of data between nodes.Through the research on various web content monitoring technologies,WAF-based website protection technology,website content protection technology and various anti-tamper technologies,it is concluded that the website anti-tampering technology mainly includes:external polling technology,file-driven protection technology and core.Built-in tamper-proof technology.Furthermore,the advantages,disadvantages and reliability of various technologies are compared by performance comparison,reaction time and compatibility.Finally,the tamper-resistant security architecture based on the credible computer system was chosen as the research direction of this paper.Finally,the anti-tampering monitoring system was verified by conducting system experiments.The test results are in line with expectations,which confirms the feasibility and value of this website research on tamper-proof architecture based on trusted computing.
Keywords/Search Tags:Website security, Tamper-proof, information security, cryptography, blockchain, trusted computing
Related items