| 基于可信计算的区域边界防护模型研究与应用 |
| |
| 作者姓名: | 姚崎 |
| |
| 作者单位: | 北京天融信公司,北京,100085 |
| |
| 基金项目: | 国家“863”计划资助项目(2007AA01Z410); 北京市科委研发攻关类资助项目(Z07000100720705) |
| |
| 摘 要: | 依据信息系统等级保护安全设计技术要求的框架,提出一种基于可信计算的安全区域边界防护模型。在模型中,运用可信平台三元对等鉴别技术,解决了区域边界防护网关自身完整性鉴别问题;采用可信网络连接建立与传递技术,实现了跨区域边界网络访问的全程可信;采用区域边界代理和控制策略分布执行的方式,实现了基于主客体的区域边界自主访问控制策略。
|
| 关 键 词: | 等级保护 可信计算 可信网络连接 访问控制 |
Research and Application on Model of Secure Area Boundary Protection Based on Trusted Computing |
| |
| Authors: | YAO Qi |
| |
| Affiliation: | YAO Qi(Beijing Topsec LTD.,Beijing 100085) |
| |
| Abstract: | According to framework of 'Technical requirements of security design of the classified protection information system,a model of the security area boundary protection based on trusted computing is proposed.In the model,by using technology of Tri-element Peer Authentication in trusted platform,the problem of identification of area boundary protection gateway was solved.By using technology of establishment and transfer of trusted network connection,all of the nodes were trusted in the path of network access ac... |
| |
| Keywords: | Classified Protection Trusted Computing Trusted Network Connection Access Control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
