远端非可信平台Agent完整性保护机制研究与设计

计算机应用 ›› 2009, Vol. 29 ›› Issue (11): 3001-3004.

远端非可信平台Agent完整性保护机制研究与设计

杨翠,谭成翔

同济大学计算机科学与技术系

收稿日期:2009-04-29 修回日期:2009-06-03 发布日期:2009-11-26 出版日期:2009-11-01
通讯作者: 杨翠

Research and design of Agent integrity protection mechanism on remote untrusted platform

Cui YANG,Cheng-xiang TAN

Received:2009-04-29 Revised:2009-06-03 Online:2009-11-26 Published:2009-11-01
Contact: Cui YANG

摘要/Abstract

摘要： 服务端采用Agent部署移动代码实现业务交互存在诸多安全问题。为提高软件的可信度，确保Agent在复杂运行环境中可靠运行，通过分析传统的完整性验证机制，借鉴身份认证、携证代码以及反射技术，提出对终端Agent进行完整性验证的分级保护机制，设计了互补的验证方案，实现软件行为的监控，从而提升了移动代码的可信度。

关键词: 软件完整性验证, 携证代码, 反射技术, 分级保护, 可信软件

Abstract: Plenty of security problems may occur when servers adopt Agent to deploy mobile codes so as to realize interactive storage between different business clients. In order to pursue a higher reliability of the software, and to make sure those Agents healthily running in an untrusted complex environment, after analyzing traditional integrity validating mechanism, combining I&A, PCC and reflection techniques, a new classified mechanism of enabling the integrity of trusted terminal Agents was proposed, and an efficient validating model with multiple interacting modules was designed, aiming at improving the reliability of the mobile codes by realizing its behaviors-monitoring.

Key words: software integrity protection, Proof-Carrying-Code (PCC), reflection, classified-protection, trusted software

杨翠谭成翔. 远端非可信平台Agent完整性保护机制研究与设计[J]. 计算机应用, 2009, 29(11): 3001-3004.

Cui YANG Cheng-xiang TAN. Research and design of Agent integrity protection mechanism on remote untrusted platform[J]. Journal of Computer Applications, 2009, 29(11): 3001-3004.

[1]	周登元, 李清宝, 张擂, 孔维亮. 基于虚拟机监控器的Windows剪贴板操作监控[J]. 计算机应用, 2016, 36(2): 511-515.
[2]	李洪敏万平国葛杨. 跨域引用监视器及其以数据为中心的多级安全模型[J]. 计算机应用, 2013, 33(03): 717-719.
[3]	解文冲杨英杰汪永伟代向东. 基于任务划分的防信息聚合泄密模型[J]. 计算机应用, 2013, 33(02): 408-416.
[4]	马新强 Huang Yi 李丹宁. 可信计算发展研究[J]. 计算机应用, 2009, 29(4): 920-923.