关键词: 可信计算, 行为动态认证, 认证度量行为信息基, Merkle哈希树, 可信平台模块

Abstract: To improve the flexibility and efficiency of remote attestation, behavior dynamic attestation was proposed based on Merkle Hash tree. The process of creating AM_AIB tree was designed. The client measured and calculated current root Hash value which was signed by Trusted Platform Module (TPM), and then transmitted it to server-side for certification. If it was consistent with Hash value of server-side, the behavior was supposed to be credible. The model of Attestation Measurement Action Information Base (AM_AIB) could also be designed in different granularity according to the characteristics of behavior. The experimental results show the proposed method can improve the time performance and protect the privacy of platform. It is flexible and it also can overcome the static feature based on attribute verification and ensure that the platform application software runs credibly.

Key words: trusted computing, behavior dynamic attestation, Attestation Measurement Action Information Base(AM_AIB), Merkle Hash tree, Trusted Platform Module (TPM)