计算机应用 ›› 2011, Vol. 31 ›› Issue (03): 767-770.DOI: 10.3724/SP.J.1087.2011.00767

• 信息安全 • 上一篇    下一篇

基于贝叶斯网络的可信平台控制模块风险评估模型

王丹,周涛,武毅,赵文兵   

  1. 北京工业大学 计算机学院,北京100022
  • 收稿日期:2010-08-30 修回日期:2010-11-16 发布日期:2011-03-03 出版日期:2011-03-01
  • 通讯作者: 王丹
  • 作者简介:王丹(1969-),女,辽宁沈阳人,教授,博士,主要研究方向:分布式计算、可信软件;周涛(1986-),男,北京人,硕士研究生,主要研究方向:可信计算、可信测评;武毅(1987-),男,北京人,硕士研究生,主要研究方向:可信计算、可信测评。
  • 基金资助:
    国家973计划项目(2007CB311106)

Risk assessment model for trusted platform control module based on Bayesian network

WANG Dan,ZHOU Tao,WU Yi,ZHAO Wen-bing   

  1. College of Computer Science, Beijing University of Technology, Beijing 100124, China
  • Received:2010-08-30 Revised:2010-11-16 Online:2011-03-03 Published:2011-03-01
  • Contact: WANG Dan

摘要: 对可信平台控制模块(TPCM)的风险进行了分析,针对其特点和风险定量评估要求,提出了基于贝叶斯网络的TPCM风险评估模型。在对影响TPCM可信性的风险识别的基础上,根据风险之间的相关性,建立了贝叶斯风险评估网络模型;基于专家评价数据,进一步运用贝叶斯网络推理工具定量评估风险的发生概率及其影响,评估风险强度并对其进行排序,以确定整个TPCM中各风险的控制优先级。最后通过实例分析验证了该模型的有效性。

关键词: 可信计算, 可信平台控制模块, 风险评估, 贝叶斯网络

Abstract: A risk assessment model based on Bayesian network was proposed. In this model, each risk event influencing the Trusted Platform Control Module (TPCM)'s trust was analyzed. According to the relation among risks, the Bayesian network evaluation model was built. According to the evaluation from expert, Bayesian network inferring method was used to evaluate the risk probability and its influence. The whole system's risk value and risk priority were determined. An example was given to verify the model's correctness and validation.

Key words: trust computing, Trusted Platform Control Module (TPCM), risk evaluation, Bayesian network

中图分类号: