可信计算环境安全技术研究
|
摘要
可信计算(Trusted Computing, TC)是一种基于安全芯片(Trusted Platform Module, TPM)的信息安全技术,提高系统整体的安全性。平台状态证明(Attestation of the platform)是可信计算平台必须提供的功能之一,其主要技术手段是完整性度量(Integrity Measurement)。在可信计算逐步进入人们的日常生产、生活并展开大规模应用之时,如何提高与完善可信计算平台的平台状态证明能力是一个必须妥善解决的关键性问题之一。
本论文针对上述问题,以基于可信计算的完整性度量为主要研究对象,研究和总结了可信计算相关安全技术的发展现状和未来趋势,在借鉴现有研究成果的基础上,对基于可信计算的完整性度量技术与方法及其应用、可信网络以及可信链模型进行了创新性和探索性研究,主要包括以下若干研究内容。
(1)详细研究了可信计算平台仿真环境的构建方法,提出了一种新的硬件、软件相结合的可信计算平台仿真实验环境ESW-TPM (Extended Software-TPM),用于本论文后继研究工作的实验平台;
(2)详细研究了基于可信计算的完整性度量方法,针对不同的应用环境,分别提出了基于主机的完整性度量方法和基于网络的完整性按需度量方法,以ESW-TPM为实验平台进行仿真实验及分析;
(3)详细研究了本论文的完整性度量方法的若干应用,分别提出了基于可信计算的数据封装方法、Android手机轻量级访问控制方法以及在Linux服务器通信安全方面的应用;
(4)研究了用户网络行为可信性评估技术,提出了一种无监督的用户网络行为可信性评估方法,用于评估局域网的用户网络行为的可信性;
(5)研究了基于可信计算的信任传递理论,建立了基于随机进程代数的可信链语义模型,提出了完整性度量粒度的概念,用于刻画完整性度量粒度与计算平台完整可信之间的关系以及与完整性度量性能消耗之间的关系;
(6)研究了基于可信计算的信任传递的行为特性,建立了基于Petri网的可信链模型,论证了可信链的若干行为特性。
本论文采取了从技术实践到理论研究的技术路线,对可信计算平台仿真实验环境、完整性度量及其应用、可信网络以及可信链模型进行了较深入的研究。通过硬件仿真和软件模拟的方式构建了可信计算平台仿真实验环境,在此基础上研究并提出了新的基于可信计算的完整性度量方法,研究了可信网络用户行为的可信性评估方法,提出了完整性度量粒度的概念,建立了两种可信链模型,认证了完整性度量粒度与计算平台完整可信间的关系以及基于可信计算的信任传递行为的若干特性。
Trusted Computing (TC) is a new-born information security technology with embedded security chip Trusted Platform Module, aimed at patching the security limitation of the existing computer infrastructure and promoting the security level of computing system in a whole. Attestation of the platform is one of requisite functions supported by TC, whose main point is the Integrity Measurement. With the development of TC and the extensive applications of TC in all domains, how to enhancing and improving the attestation of platform in trusted computing platform has become one key researching topic.
This dissertation analyzes the current situation and future trend of security technologies of TC, devotes to the exploring and innovating the research work of attestation of platform based on TC. Our works includes the technology of Integrity Measurement methods based on TC as well as their applications in data sealing, smart phone and Linux server, trustworthy networks and trust chain models. The main works are as follows.
(1) The method to emulating and constructing trusted computing environment is studied in detail. A novel trusted computing environment based on hardware and software ESW-TPM is proposed. It is used to provide an available experimental platform for later research works.
(2) The methods for integrity measurement based on TC are studied in detail. Two novel methods for integrity measurement are proposed to meet the different application cases, which are adaptive to Intranet and Internet respectively.
(3) Several applications of integrity measurement proposed in this dissertation are studied in detail, including the method of sealing privacy data based on TC, the light-weigte method of access control for Android smart phone and the application on the security of Linux server.
(4) The trustworthy estimation of user network behavior in local network is studied in detail. A novel method is proposed to estimate dynamically the trustworthy of network users in local network.
(5) Summarizing our works in integrity measurement as well as its applications, a semantic model of trust chain with the aid of Stochastic Process Algebra is suggested, among which the granularity of integrity measurement is proposed to depict the relationship between measurement granularity and the trustworthy of platform as well as performance consumption of integrity measurement.
(6) A trust chain model based on Petri is proposed to demonstrate several behavior features of trust transitive in TC.
This dissertation deploys our researching works mentioned above with the technology route from engineering practice to theory study. In each research phase, simulation experiment is undertaken to verify the feasibility and rationality of relevant proposal. Simulation results indicate that the proposed innovations can enhance and promote effectively the capability of the attestation of platform for computing platform.
本论文针对上述问题,以基于可信计算的完整性度量为主要研究对象,研究和总结了可信计算相关安全技术的发展现状和未来趋势,在借鉴现有研究成果的基础上,对基于可信计算的完整性度量技术与方法及其应用、可信网络以及可信链模型进行了创新性和探索性研究,主要包括以下若干研究内容。
(1)详细研究了可信计算平台仿真环境的构建方法,提出了一种新的硬件、软件相结合的可信计算平台仿真实验环境ESW-TPM (Extended Software-TPM),用于本论文后继研究工作的实验平台;
(2)详细研究了基于可信计算的完整性度量方法,针对不同的应用环境,分别提出了基于主机的完整性度量方法和基于网络的完整性按需度量方法,以ESW-TPM为实验平台进行仿真实验及分析;
(3)详细研究了本论文的完整性度量方法的若干应用,分别提出了基于可信计算的数据封装方法、Android手机轻量级访问控制方法以及在Linux服务器通信安全方面的应用;
(4)研究了用户网络行为可信性评估技术,提出了一种无监督的用户网络行为可信性评估方法,用于评估局域网的用户网络行为的可信性;
(5)研究了基于可信计算的信任传递理论,建立了基于随机进程代数的可信链语义模型,提出了完整性度量粒度的概念,用于刻画完整性度量粒度与计算平台完整可信之间的关系以及与完整性度量性能消耗之间的关系;
(6)研究了基于可信计算的信任传递的行为特性,建立了基于Petri网的可信链模型,论证了可信链的若干行为特性。
本论文采取了从技术实践到理论研究的技术路线,对可信计算平台仿真实验环境、完整性度量及其应用、可信网络以及可信链模型进行了较深入的研究。通过硬件仿真和软件模拟的方式构建了可信计算平台仿真实验环境,在此基础上研究并提出了新的基于可信计算的完整性度量方法,研究了可信网络用户行为的可信性评估方法,提出了完整性度量粒度的概念,建立了两种可信链模型,认证了完整性度量粒度与计算平台完整可信间的关系以及基于可信计算的信任传递行为的若干特性。
Trusted Computing (TC) is a new-born information security technology with embedded security chip Trusted Platform Module, aimed at patching the security limitation of the existing computer infrastructure and promoting the security level of computing system in a whole. Attestation of the platform is one of requisite functions supported by TC, whose main point is the Integrity Measurement. With the development of TC and the extensive applications of TC in all domains, how to enhancing and improving the attestation of platform in trusted computing platform has become one key researching topic.
This dissertation analyzes the current situation and future trend of security technologies of TC, devotes to the exploring and innovating the research work of attestation of platform based on TC. Our works includes the technology of Integrity Measurement methods based on TC as well as their applications in data sealing, smart phone and Linux server, trustworthy networks and trust chain models. The main works are as follows.
(1) The method to emulating and constructing trusted computing environment is studied in detail. A novel trusted computing environment based on hardware and software ESW-TPM is proposed. It is used to provide an available experimental platform for later research works.
(2) The methods for integrity measurement based on TC are studied in detail. Two novel methods for integrity measurement are proposed to meet the different application cases, which are adaptive to Intranet and Internet respectively.
(3) Several applications of integrity measurement proposed in this dissertation are studied in detail, including the method of sealing privacy data based on TC, the light-weigte method of access control for Android smart phone and the application on the security of Linux server.
(4) The trustworthy estimation of user network behavior in local network is studied in detail. A novel method is proposed to estimate dynamically the trustworthy of network users in local network.
(5) Summarizing our works in integrity measurement as well as its applications, a semantic model of trust chain with the aid of Stochastic Process Algebra is suggested, among which the granularity of integrity measurement is proposed to depict the relationship between measurement granularity and the trustworthy of platform as well as performance consumption of integrity measurement.
(6) A trust chain model based on Petri is proposed to demonstrate several behavior features of trust transitive in TC.
This dissertation deploys our researching works mentioned above with the technology route from engineering practice to theory study. In each research phase, simulation experiment is undertaken to verify the feasibility and rationality of relevant proposal. Simulation results indicate that the proposed innovations can enhance and promote effectively the capability of the attestation of platform for computing platform.
引文
[1] Trusted Computing Group. Wikipedia [EB/OL]. [2010-8-12].http://en.wikipedia. org/wiki/Trusted_Computing_Group.
[2] Trusted Computing Group. Members [EB/OL]. [2010-8-12].http://www.trusted computinggroup.org/about_tcg/tcg_members.
[3] Trusted Computing Group. Glossary [EB/OL]. [2010-8-12].http://www.trusted computinggroup.org/developers/glossary.
[4] International Standard Organization. Freely Available Standards [EB/OL]. [2010-8-12]. http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html.
[5] Algirdas A, Jean-Claude L, Brian R, etal. Basic concepts and taxonomy of dependable and secure computing. IEEE Transaction On Dependable and Secure Computing, 2004, 1(1):11?33.
[6] Microsoft Corporation. Trustworthy Computing White Paper [EB/OL]. [2010-8-15]. http://www.microsoft.com/china/mscorp/twc/twc_whitepaper.mspx.
[7] Microsoft Corporation. Trustworthy Computing [EB/OL]. [2010-8-15]. http://www.microsoft.com/about/twc/en/us/default.aspx.
[8] Trusted Computing Group. TCG Architecture Overview Version 1.4 [EB/OL]. [2010-8-15]. http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf.
[9] Trusted Computing Group. TPM Main Specification [EB/OL]. [2010-8-15]. http://www.trustedcomputinggroup.org/resources/tpm_main_specification.
[10] Trusted Computing Group. TCG Software Stack (TSS) Specification [EB/OL]. [2010-8-18]. http://www.trustedcomputinggroup.org/resources/tcg_software_stack_tss_specification.
[11] Trusted Computing Group. TNC Architecture for Interoperability Specification [EB/OL]. [2010-8-18]. http://www.trustedcomputinggroup.org/resources/tnc_architecture_for_inter operability_specification.
[12] Intel. Intel's T's Deliver New Platform Enhancements Beyond Gigahertz [EB/OL]. [2010-8-18]. http://www.intel.com/cd/corporate/techtrends/emea/eng/209708.htm.
[13] AMTEL. AT97SC3203 [EB/OL]. [2010-8-20]. http://www.atmel.com/dyn/products/ product_card.asp?part_id=3736.
[14] Winbond. Products & Technology [EB/OL]. [2010-8-20]. http://www.winbond.com.tw/ hq/enu/NewsAndEvents/News/ProductAndTechnology/2006-06-12-1.htm.
[15] Infineon. Trusted Platform Module [EB/OL]. [2010-8-20]. http://www.infineon.com/ cms/en/product/channel.html?channel=ff80808112ab681d0112ab6921ae011f.
[16] STMicroelectronics. ST19 secure smartcard ICs [EB/OL]. [2010-8-29]. http://www.st.com/ stonline/products/families/smartcard/sc_sol_ics_st19.htm.
[17]联想.安全芯片技术[EB/OL]. [2010-8-29]. http://www.lenovo.com.cn/ research/product/product_6.html.
[18] Sinosun. Sinosun TPM(SSX35) [EB/OL]. [2010-8-29]. http://www.sinosun.com.cn/ eng/product/index.asp.
[19]瑞达信息安全产业股份有限公司.瑞达J3210安全芯片[EB/OL]. [2010-8-29]. http://www.jetsec.com.cn/Html/aqxp/173952589.html.
[20]中国国家密码管理局.可信计算密码支撑平台功能与接口规范[EB/OL]. [2010-8-29]. http://www.oscca. gov.cn/Doc/6/ News_1132.htm.
[21]中国国家密码管理局.无线局域网产品使用的SMS4密码算法[EB/OL]. [2010-8-29]. http://www.oscca.gov. cn/doc/6/News_1106.htm.
[22] Paul England, Butler Lampson, John Manferdelli, etal. A Trusted Open Platform [J]. Computer, IEEE Computer Society, 2003,36(07):55-62.
[23] Frank Mayer, Karl MacMillan, David Caplan. SELinux by Example: Using Security Enhanced Linux [M]. New Jersey:Prentice Hall, 2006, 15-23.
[24] SOURCEFORGE.NET. Linux TPM Device Driver [EB/OL]. [2010-8-29]. http://tpmdd. sourceforge.net/.
[25] IBM. TrouSerS [EB/OL]. [2010-8-29]. http://trousers.sourceforge.net/.
[26] HP. HP-UX Trusted Computing Services [EB/OL]. [2010-8-29]. http://h20000. www2 .hp.com/bc/docs/support/SupportManual/c02170443/c02170443.pdf.
[27] Wave System. EMBASSY? Trust Suite [EB/OL]. [2010-8-29]. http://www.wavesys. com/products/ets.asp.
[28] NTRU. TSS Middleware Suite (TMS) [EB/OL]. [2010-8-29]. http://securityinnovation. com/products/trusted-computing/tms.shtml.
[29] Dirk Sigurdson. Open Source TSS [EB/OL]. [2010-8-29]. http://opentss.sourceforge.net/.
[30] Sirrix AG. TPM Manager [EB/OL].[2010-8-29]. http://projects.sirrix.com/trac/tpmmanager.
[31] Mpirker, rtoegl. Trusted Computing for the Java(tm) Platform. [EB/OL]. [2010-8-29]. http://trustedjava.sourceforge.net/.
[32] Sirrix AG. Trusted GRUB [EB/OL]. [2010-8-29]. http://projects.sirrix.com/trac/trustedgrub.
[33] Trusted Computing Group. TCG Workgroups [EB/OL]. [2010-8-29]. http://www.trusted computinggroup.org/about_tcg/tcg_workgroups.
[34] OPENTC. Open TC [EB/OL]. [2010-8-29]. http://www.opentc.net/.
[35] OPENTC. General activities of Open TC [EB/OL]. [2010-8-29]. http://www.opentc.net/ index.php?option=com_content&task=view&id=13&Itemid=28.
[36] Department of Defense Computer Security Center. DoD 5200.28-STD. Department of Defense Trusted Computer System Evaluation Criteria [S]. USA: DOD, December 1985.
[37] National Computer Security Center. NCSC-TG-021. Trusted Database Management System Interpretation [S]. USA: DOD, April 1991.
[38] National Computer Security Center. NCSC-TG-005. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria [S]. USA: DOD, July 1987.
[39] CEC. ITSEC. Information technology security evaluation criteria, version 1.2[S]. London: Department of Trade and Industry, 1991.
[40] Joint Technical Committee. Evaluation criteria for IT security, Draft Version 1.0[S]. 1996.
[41] The international organization for standardization and the international electro technical commission. ISO/IEC 15408-1/2/3: 1999. Information technology-Security techniques-Evaluation Criteria for IT Security[S]. USA:ISO, 1999.
[42]中国信息安全产品测评认证中心.国家标准GB/T 17859-1999.计算机信息系统安全保护等级划分准则[S].北京:中国标准出版社,1999.
[43]中国信息安全产品测评认证中心.国家标准GB/T 18336.1-2008.信息技术安全技术信息技术安全性评估准则[S].北京:中国标准出版社,2008.
[44]中国信息安全产品测评认证中心.国家标准GB/T 20272-2006.操作系统安全技术要求[S].北京:中国标准出版社,2006.
[45]中国法制出版社.2006-2020年国家信息化发展战略[M].北京:中国法制出版社,2006:12.
[46] IDC. IDC Home [EB/OL]. [2010-8-29] .http://www.idc.com.
[47]中国国家密码管理局.商用密码产品销售管理规定[EB/OL]. [2010-8-29].http://www.oscca.gov.cn/Doc/2/News_1103.htm.
[48]湖南麒麟信息工程技术有限公司.银河麒麟KylinOS [EB/OL]. [2010-8-29]. http://www.kylinos.com.cn/.
[49]周明天,谭良.可信计算及其进展[J].电子科技大学学报, 2006, 35(8):686-697.
[50] ZHANG Huanguo, LUO Jie, JIN Gang, etal. Development of Trusted Computing Research [J]. Wuhan University Journal of Natural Sciences, 2006, 11(6):1407-1413.
[51]周振柳,李铭,许榕生,等.太行安全BIOS可信体系结构与实现研究[J].计算机工程与应用, 2008,44(18):76-79.
[52]冯登国,秦宇.可信计算环境证明方法研究[J].计算机学报, 2008,31(09):1640-1652.
[53] M. Strasser, H. Stamer. A Software-Based Trusted Platform Module Emulator[C]. The First International Conference on Trusted Computing and Trust in Information Technologies. Berlin Germany: Springer, 2008, 33-47.
[54] IBM. Software TPM Introduction [EB/OL]. [2010-9-9]. http://ibmswtpm.sourceforge.net.
[55] Jiangchun Ren, Kui Dai, Zhiying Wang. Trust-enhanced alteration scenario for universal computer[C]. Proceedings of 11th Pacific Rim International Symposium on Dependable Computing. Washington DC USA: IEEE Computer Society, 2005, 275-280.
[56] Sailer R, Zhang Xiaolan, Jaeger T, et al. Design and implementation of a TCG-based integrity measurement architecture [C]. Proceedings of the 13th USENIX Security Symposium. California: ACM, 2004:223-238.
[57] Li Xiaoyong, Han Zhen, Shen Changxiang. Transitive Trust to Executables Generated During Runtime[C]. Proceedings of ICICIC2007, Washington DC:IEEE Computer Society, 2007:518-521.
[58] Yang Yang, Zhang Huanguo, Wan Li, et al. Design and Implementation of an Integrity Measurement System Based on Windows Trusted Computing Platform[C]. Proceedings of the 9th International Conference for Young Computer Scientists, Washington DC:IEEE Computer Society, 2008: 229-233.
[59]李晓勇,左晓栋,沈昌祥.基于系统行为的计算平台可信证明[J].电子学报, 2007, 35(07):1234-1239.
[60] Zhang Huanguo, Wang Fan. A behavior-based remote trust attestation model [J]. Wuhan University Journal of Natural Sciences, 2006, 11(06):1819-1822.
[61]赵佳,沈昌祥,刘吉强,等.基于无干扰理论的可信链模型[J].计算机研究与发展, 2008,45(06):578-584.
[62] Loscocco P.A., Wilson P.W., Pendergrass J.A., et al. Linux Kernel Integrity Measurement Using Contextual Inspection[C]. Proc of STC2007, New York: ACM, 2007:21-29.
[63] Sadeghi A.R, Stüble C. Property-based attestation for computing platforms: Caring about properties, not mechanisms[C]. Proceedings of New Security Paradigms Workshop, Virginia: ACM, 2004:67-77.
[64] Jaeger T, Sailer R, Shankar U. PRIMA: Policy-reduced integrity measurement architecture[C]. Proceedings of the eleventh ACM symposium on Access control models and technologies, California: ACM, 2006:19-28.
[65] Zhang Xinwen, Chen Songqing, Michael J. C., et al. SecureBus: Towards Application-Transparent Trusted Computing with Mandatory Access Control[C]. Proceedgins of ASIACCS2007, New York: ACM, 2007:117-126.
[66]李焕洲,林宏刚,张健,等.可信计算中完整性度量模型研究[J].四川大学学报(工程科学版), 2008, 40(11):150-153.
[67] Xu Min, Jiang Xuxian, Sandhu R, et al. Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection[C]. Proceedings of SACMAT’2007, New York:ACM, 2007:71-80.
[68] Kühn U, Selhorst M, Stüble C. Realizing property-based attestation and sealing with commonly available hard- and software[C]. Proceedgins of the 2007 ACM workshop on Scalable trusted computing. Alexandria: ACM, 2007:50-57.
[69]冯登国,秦宇.一种基于TCM的属性证明协议[J].中国科学:信息科学. 2010, 40(02):189-199.
[70]秦宇,冯登国.基于组件属性的远程证明[J].软件学报. 2009, 20(06):1625-1641.
[71]李尚杰,贺也平,刘冬梅,等.基于属性的远程证明的隐私性分析[J].通信学报. 2009,30(11A):146-152.
[72] Cui Yan-Li, Zhang Xing. Improving credibility of systems integrity measurement of property remote attestation[C]. 2009’Asia-Pacific Conference on Computational Intelligence and Industrial Applications, 2009, 341-344.
[73] Azab, AM, Peng Ning, Sezer EC, Xiaolan Zhang. HIMA: A Hypervisor-Based Integrity Measurement Agent [C]. 2009 Annual Computer Security Applications Conference, 2009, 461 - 470.
[74] Libo Liu, Jian Peng. Research on Distributed and Dynamic Trust Transfer and Measurement[C]. Proceedings of the 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing. Washington DC USA: IEEE Computer Society, 2009, 235-239.
[75] Jian Wang, Haihang Wang, Chengxiang Tan. RABBIF: Remote Attestation Based on Behavior and Information Flow [C]. Proceedings of the 2010 Second International Conference on Computer Engineering and Applications. Washington DC USA: IEEE Computer Society, 2010, 18-22.
[76]刘孜文,冯登国.基于可信计算的动态完整性度量架构[J].电子与信息学报. 2010, 32 (04): 875-879.
[77] Lrk5, Linux Rootkits. [EB/OL], [2008-05-13]. http://www.ossec.net/rootkits/lrk.php.
[78] Levine J.F., Grizzard J.B., Owen H.L. Detecting and categorizing kernel-level rootkits to aid future detection. Security & Privacy, IEEE Computer Society, 2006, 04(01):24-32.
[79] D. Cid. RootCheck [EB/OL]. [2010-9-23]. http://www.ossec.net/rootkits/.
[80] Stealth. Adore-ng [EB/OL]. [2008-04-30]. http://stealth.7350.org/rootkits.
[81] Berserker. Synapsys [EB/OL]. [2008-05-23]. http://www.neural-collapse.org.
[82] Karl. Xvidcap Project Home Page [EB/OL]. [2009-03-10]. http://xvidcap.sourceforge.net.
[83] XU Mingdi, HE Jian, ZHANG Bo, etal. A New Data Protecting Scheme Based on TPM. Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Washington DC USA: IEEE Computer Society, 2007: 943-947.
[84]陆建新,杨树堂,陆松年,等.可信计算中一种基于属性的封装存储方案[J].信息技术,2008,1(1):1-4.
[85]汪丹,冯登国,徐震.基于可信虚拟平台的数据封装方案[J].计算机研究与发展. 2009, 46(8):1325-1333.
[86] Google. Android Official Website. [EB/OL]. [2010-11-10]. http://www.android.com.
[87] T-Mobile. The T-Mobile G1 with Google phone Official site. [EB/OL]. [2010-11-10]. http://www.t-mobileg1.com/.
[88] Google. Android Software developing Kits 2.0. [EB/OL]. [2010-11-10]. http://developer.android.com/sdk/.
[89] Linux Kernel Organization Inc. Git. [EB/OL]. [2010-11-10]. http://android.git.kernel.org/.
[90] A. Cox. Linux: Ptrace vulnerability; 2.2.25 released [EB/OL]. [2010-11-23]. http://kerneltrap.org/node/611.
[91] P. Starzetz. Linux kernel do_mremap VMA limit local privilege escalation vulnerability. [EB/OL]. [2010-11-23].http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt.
[92] Red Hat Security Advisory. UNIRAS brief-220/04. [EB/OL]. [2010-11-23]. http://archive.cert.uni-stuttgart.de/uniras/2004/05/msg00028.html.
[93] Qaaz. Linux Kernel 2.6.17-2.6.24.1 vmsplice local root exploit. [EB/OL]. [2010-11-23]. http://www.milw0rm.com/exploits/5092.
[94] J. Edge. A privilege escalation flaw in udev. [EB/OL]. [2010-11-23]. http://lwn.net/Articles/329266/.
[95] U. Shankar, D. Wagner. Preventing secret leakage from fork (): securing privilege-separated applications. IEEE International Conference on Communications, Washington DC USA: IEEE Computer Society, 2006, 2268-2275.
[96] Y. Okazaki, I. Sato. A new intrusion detection method based on process profiling. Proceedings of the 2002 Symposium on Applications and the Internet, Washington DC USA: IEEE Computer Society, 2002, 82-90.
[97] X.Y. Zhu, Y.Q. Yu, H. Wang, B. Zeng. Intrusion detection system model based on extension detecting. Proceedings of the 2007 International Conference on Convergence Information Technology, 2007, Washington DC USA: IEEE Computer Society, 1536-1540.
[98]罗安安,林闯,王元卓,等.可信网络连接的安全量化分析与协议改进[J].计算机学报. 2009, 32(05):887-898.
[99]张俊伟,马建峰,文相在.通用可组合的可信网络连接模型和IF-T中的EAP-TNC协议[J].中国科学:信息科学, 2010,40(2):200-215.
[100]张焕国,陈璐,张立强.可信网络连接研究[J].计算机学报, 2010,33(4):706-717.
[101]林闯,彭雪海.可信网络研究[J],计算机学报, 2005,28(05):751-758.
[102]林闯,田立勤,王元卓.可信网络中用户行为可信的研究[J],计算机研究与发展, 2008,45(12):2033-2043.
[103]田立勤,林闯.可信网络中一种基于行为信任预测的博弈控制机制[J].计算机学报. 2007,30(11):1930-1938.
[104]李小勇,桂小林,毛倩,等.基于行为监控的自适应动态信任度测模型[J].计算机学报. 2009, 32(04):664-674.
[105]张润莲,武小年,周胜源,等.一种基于实体行为风险评估的信任模型[J].计算机学报. 2009, 32(04):688-698.
[106]赵洁,肖南峰,钟军锐.基于贝叶斯网络和行为日志挖掘的行为信任控制[J].华南理工大学学报(自然科学版). 2009, 37(05):94-100.
[107]冀铁果,田立勤,胡志兴,等.可信网络中一种基于AHP的用户行为评估方法[J].计算机工程与应用, 2007, 43(19):123-137.
[108] Sergios Theodoridis, Konstantinos Koutroumbas. Pattern Recognition 4th edition [M], London :Academic Press, 2009.
[109] Jiawei Han, Micheline Kamber. Data Mining: Concepts and Techniques, Second Edition [M]. CA USA: Morgan Kaufmann San Fransisco, 2007.
[110] Suykens J A K, Van Gestel T, De Brabanter J. Least squares support vector machines [M], Singapore Island: World Scientific Publishing Co Pte Lte, 2002.
[111]刘昌平,范明钰,王光卫,等.基于梯度算法的支持向量机参数优化方法,控制与决策, 2008,23(11):1291-1296.
[112] Chen Shuyi, Wen Yingyou, Zhao Hong. Modeling Trusted Computing [J]. Wuhan University Journal of Natural Sciences. 2006, 11(06): p1507-1510.
[113] Chen Shuyi, Wen Yingyou, Zhao Hong. Formal Analysis of Secure Bootstrap in Trusted Computing [C]. Proceeddings of the 4th Int Conference on Autonomic and Trusted Computing. Berlin: Springer, 2007:352-360.
[114]赵佳.可信认证关键技术研究:[博士学位论文],北京:北京交通大学, 2008, 32-37.
[115]张兴,黄强,沈昌祥.一种基于无干扰模型的信任链传递分析方法[J].计算机学报, 2010, 11(1): 74-81.
[116] Zhang Bei, Chen Chen, Zhu Jianyong. The Transfer of Trust-Chain with Damp[C]. Proceedings of IEEE Pervasive Computing and Applications. Piscataway, NJ: IEEE Computer Society, 2008, 948-952.
[117] Audun J, Simon P. Semantic Constraints for Trust Transitivity[C]. Proceedings of the 2th Asia-Pacific Conf on Conceptual Modelling. Newcastle Australian: ACM, 2005, 59-48.
[118] Huang JW, Mark SF. An Ontology of Trust: Formal Semantics and Transitivity [C]. Proceedings of the 8th Int Conf on Electronic Commerce. Fredericton, Canada: ACM, 2006, 259-270.
[119] Mohsen T, Rasool J, Morteza A. A Semantic-Aware Ontology-Based Trust Model forPervasive Computing Environments[C]. Proceedings of the 5th Int Conf on Autonomic and Trusted Computing. Berlin: Springer, 2008, 47-59.
[120] Dong Changyu, Russello G., Dulay N. Trust Transfer in Distributed Systems [C]. Proceedings of International Conference on Federation for Information Processing. Boston: Springer, 2007, 17-29.
[121] Marco C, Mogens N, Vladimiro S. A Calculus for Trust Management [C]. Proceedings of Foundations of Software Technology and Theoretical Computer Science. Berlin Heidelberg: Springer, 2004, 161-173.
[122] Mark H, David W, Trust in the Pi-Calculus [C]. Proceedings of International Conference on Principles and Practice of Declarative Programming. Florence Italy: ACM, 2001, 103-115.
[123] Massimo M, Matthew H. A Bisimulation-Based Semantic Theory of Safe Ambients [J]. ACM Transactional on Programming Languages and Systems, 2006, 28(2): 290–330.
[124] Ed B, Holger H. Process Algebra and Markov Chains [C]. Proceedings of Formal Methods and Performance Analysis. Berlin: Springer, 2001, 183-231.
[125] Milner R. Communication and Concurrency [M]. New Jersey USA: Prentice-Hall Press, 1989.
[126] Brookes SD, Hoare CAR, Roscoe AW. A Theory of Communicating Sequential Processes [J]. Journal of the Association Computing Machinery, 1984, 31(03):560-599.
[127] Allan C, Stephen G, Jane H, et al. Stochastic Process Algebras [C]. Proceedings of Formal Methods for Performance Evaluation. Berlin Heidelberg: Springer, 2007, 132-179.
[128] Plotkin GD. A structural approach to operational semantics [R]. Denmark: University of Aarhus, 1981.
[129] PRISM. Probabilistic Symbolic Model Checker [EB/OL]. [2010-5-15]. http://www.prismmodelcheck er.org.
[130] C.A. Petri. Kommunikation mit automaten. PhD thesis, Insitut für Instrumentelle Mathematik, Bonn, Germany, 1962.
[131]吴哲辉. Petri网导论[M].北京:机械工业出版社. 2006,4:188-193.
[132]袁崇义. Petri网原理与应用[M].北京:电子工业出版社. 2005, 7:84-97.
[133]杨仕平,桑楠,陈慧,等.安全关键实时操作系统时间隔离保护机制的设计与实现[J].计算机研究与发展. 2004, 41(07):7030-7038.
[134]张威. Stateflow逻辑系统建模型[M].西安:西安电子科技大学出版社. 2007,10:125-135.
[2] Trusted Computing Group. Members [EB/OL]. [2010-8-12].http://www.trusted computinggroup.org/about_tcg/tcg_members.
[3] Trusted Computing Group. Glossary [EB/OL]. [2010-8-12].http://www.trusted computinggroup.org/developers/glossary.
[4] International Standard Organization. Freely Available Standards [EB/OL]. [2010-8-12]. http://standards.iso.org/ittf/PubliclyAvailableStandards/index.html.
[5] Algirdas A, Jean-Claude L, Brian R, etal. Basic concepts and taxonomy of dependable and secure computing. IEEE Transaction On Dependable and Secure Computing, 2004, 1(1):11?33.
[6] Microsoft Corporation. Trustworthy Computing White Paper [EB/OL]. [2010-8-15]. http://www.microsoft.com/china/mscorp/twc/twc_whitepaper.mspx.
[7] Microsoft Corporation. Trustworthy Computing [EB/OL]. [2010-8-15]. http://www.microsoft.com/about/twc/en/us/default.aspx.
[8] Trusted Computing Group. TCG Architecture Overview Version 1.4 [EB/OL]. [2010-8-15]. http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf.
[9] Trusted Computing Group. TPM Main Specification [EB/OL]. [2010-8-15]. http://www.trustedcomputinggroup.org/resources/tpm_main_specification.
[10] Trusted Computing Group. TCG Software Stack (TSS) Specification [EB/OL]. [2010-8-18]. http://www.trustedcomputinggroup.org/resources/tcg_software_stack_tss_specification.
[11] Trusted Computing Group. TNC Architecture for Interoperability Specification [EB/OL]. [2010-8-18]. http://www.trustedcomputinggroup.org/resources/tnc_architecture_for_inter operability_specification.
[12] Intel. Intel's T's Deliver New Platform Enhancements Beyond Gigahertz [EB/OL]. [2010-8-18]. http://www.intel.com/cd/corporate/techtrends/emea/eng/209708.htm.
[13] AMTEL. AT97SC3203 [EB/OL]. [2010-8-20]. http://www.atmel.com/dyn/products/ product_card.asp?part_id=3736.
[14] Winbond. Products & Technology [EB/OL]. [2010-8-20]. http://www.winbond.com.tw/ hq/enu/NewsAndEvents/News/ProductAndTechnology/2006-06-12-1.htm.
[15] Infineon. Trusted Platform Module [EB/OL]. [2010-8-20]. http://www.infineon.com/ cms/en/product/channel.html?channel=ff80808112ab681d0112ab6921ae011f.
[16] STMicroelectronics. ST19 secure smartcard ICs [EB/OL]. [2010-8-29]. http://www.st.com/ stonline/products/families/smartcard/sc_sol_ics_st19.htm.
[17]联想.安全芯片技术[EB/OL]. [2010-8-29]. http://www.lenovo.com.cn/ research/product/product_6.html.
[18] Sinosun. Sinosun TPM(SSX35) [EB/OL]. [2010-8-29]. http://www.sinosun.com.cn/ eng/product/index.asp.
[19]瑞达信息安全产业股份有限公司.瑞达J3210安全芯片[EB/OL]. [2010-8-29]. http://www.jetsec.com.cn/Html/aqxp/173952589.html.
[20]中国国家密码管理局.可信计算密码支撑平台功能与接口规范[EB/OL]. [2010-8-29]. http://www.oscca. gov.cn/Doc/6/ News_1132.htm.
[21]中国国家密码管理局.无线局域网产品使用的SMS4密码算法[EB/OL]. [2010-8-29]. http://www.oscca.gov. cn/doc/6/News_1106.htm.
[22] Paul England, Butler Lampson, John Manferdelli, etal. A Trusted Open Platform [J]. Computer, IEEE Computer Society, 2003,36(07):55-62.
[23] Frank Mayer, Karl MacMillan, David Caplan. SELinux by Example: Using Security Enhanced Linux [M]. New Jersey:Prentice Hall, 2006, 15-23.
[24] SOURCEFORGE.NET. Linux TPM Device Driver [EB/OL]. [2010-8-29]. http://tpmdd. sourceforge.net/.
[25] IBM. TrouSerS [EB/OL]. [2010-8-29]. http://trousers.sourceforge.net/.
[26] HP. HP-UX Trusted Computing Services [EB/OL]. [2010-8-29]. http://h20000. www2 .hp.com/bc/docs/support/SupportManual/c02170443/c02170443.pdf.
[27] Wave System. EMBASSY? Trust Suite [EB/OL]. [2010-8-29]. http://www.wavesys. com/products/ets.asp.
[28] NTRU. TSS Middleware Suite (TMS) [EB/OL]. [2010-8-29]. http://securityinnovation. com/products/trusted-computing/tms.shtml.
[29] Dirk Sigurdson. Open Source TSS [EB/OL]. [2010-8-29]. http://opentss.sourceforge.net/.
[30] Sirrix AG. TPM Manager [EB/OL].[2010-8-29]. http://projects.sirrix.com/trac/tpmmanager.
[31] Mpirker, rtoegl. Trusted Computing for the Java(tm) Platform. [EB/OL]. [2010-8-29]. http://trustedjava.sourceforge.net/.
[32] Sirrix AG. Trusted GRUB [EB/OL]. [2010-8-29]. http://projects.sirrix.com/trac/trustedgrub.
[33] Trusted Computing Group. TCG Workgroups [EB/OL]. [2010-8-29]. http://www.trusted computinggroup.org/about_tcg/tcg_workgroups.
[34] OPENTC. Open TC [EB/OL]. [2010-8-29]. http://www.opentc.net/.
[35] OPENTC. General activities of Open TC [EB/OL]. [2010-8-29]. http://www.opentc.net/ index.php?option=com_content&task=view&id=13&Itemid=28.
[36] Department of Defense Computer Security Center. DoD 5200.28-STD. Department of Defense Trusted Computer System Evaluation Criteria [S]. USA: DOD, December 1985.
[37] National Computer Security Center. NCSC-TG-021. Trusted Database Management System Interpretation [S]. USA: DOD, April 1991.
[38] National Computer Security Center. NCSC-TG-005. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria [S]. USA: DOD, July 1987.
[39] CEC. ITSEC. Information technology security evaluation criteria, version 1.2[S]. London: Department of Trade and Industry, 1991.
[40] Joint Technical Committee. Evaluation criteria for IT security, Draft Version 1.0[S]. 1996.
[41] The international organization for standardization and the international electro technical commission. ISO/IEC 15408-1/2/3: 1999. Information technology-Security techniques-Evaluation Criteria for IT Security[S]. USA:ISO, 1999.
[42]中国信息安全产品测评认证中心.国家标准GB/T 17859-1999.计算机信息系统安全保护等级划分准则[S].北京:中国标准出版社,1999.
[43]中国信息安全产品测评认证中心.国家标准GB/T 18336.1-2008.信息技术安全技术信息技术安全性评估准则[S].北京:中国标准出版社,2008.
[44]中国信息安全产品测评认证中心.国家标准GB/T 20272-2006.操作系统安全技术要求[S].北京:中国标准出版社,2006.
[45]中国法制出版社.2006-2020年国家信息化发展战略[M].北京:中国法制出版社,2006:12.
[46] IDC. IDC Home [EB/OL]. [2010-8-29] .http://www.idc.com.
[47]中国国家密码管理局.商用密码产品销售管理规定[EB/OL]. [2010-8-29].http://www.oscca.gov.cn/Doc/2/News_1103.htm.
[48]湖南麒麟信息工程技术有限公司.银河麒麟KylinOS [EB/OL]. [2010-8-29]. http://www.kylinos.com.cn/.
[49]周明天,谭良.可信计算及其进展[J].电子科技大学学报, 2006, 35(8):686-697.
[50] ZHANG Huanguo, LUO Jie, JIN Gang, etal. Development of Trusted Computing Research [J]. Wuhan University Journal of Natural Sciences, 2006, 11(6):1407-1413.
[51]周振柳,李铭,许榕生,等.太行安全BIOS可信体系结构与实现研究[J].计算机工程与应用, 2008,44(18):76-79.
[52]冯登国,秦宇.可信计算环境证明方法研究[J].计算机学报, 2008,31(09):1640-1652.
[53] M. Strasser, H. Stamer. A Software-Based Trusted Platform Module Emulator[C]. The First International Conference on Trusted Computing and Trust in Information Technologies. Berlin Germany: Springer, 2008, 33-47.
[54] IBM. Software TPM Introduction [EB/OL]. [2010-9-9]. http://ibmswtpm.sourceforge.net.
[55] Jiangchun Ren, Kui Dai, Zhiying Wang. Trust-enhanced alteration scenario for universal computer[C]. Proceedings of 11th Pacific Rim International Symposium on Dependable Computing. Washington DC USA: IEEE Computer Society, 2005, 275-280.
[56] Sailer R, Zhang Xiaolan, Jaeger T, et al. Design and implementation of a TCG-based integrity measurement architecture [C]. Proceedings of the 13th USENIX Security Symposium. California: ACM, 2004:223-238.
[57] Li Xiaoyong, Han Zhen, Shen Changxiang. Transitive Trust to Executables Generated During Runtime[C]. Proceedings of ICICIC2007, Washington DC:IEEE Computer Society, 2007:518-521.
[58] Yang Yang, Zhang Huanguo, Wan Li, et al. Design and Implementation of an Integrity Measurement System Based on Windows Trusted Computing Platform[C]. Proceedings of the 9th International Conference for Young Computer Scientists, Washington DC:IEEE Computer Society, 2008: 229-233.
[59]李晓勇,左晓栋,沈昌祥.基于系统行为的计算平台可信证明[J].电子学报, 2007, 35(07):1234-1239.
[60] Zhang Huanguo, Wang Fan. A behavior-based remote trust attestation model [J]. Wuhan University Journal of Natural Sciences, 2006, 11(06):1819-1822.
[61]赵佳,沈昌祥,刘吉强,等.基于无干扰理论的可信链模型[J].计算机研究与发展, 2008,45(06):578-584.
[62] Loscocco P.A., Wilson P.W., Pendergrass J.A., et al. Linux Kernel Integrity Measurement Using Contextual Inspection[C]. Proc of STC2007, New York: ACM, 2007:21-29.
[63] Sadeghi A.R, Stüble C. Property-based attestation for computing platforms: Caring about properties, not mechanisms[C]. Proceedings of New Security Paradigms Workshop, Virginia: ACM, 2004:67-77.
[64] Jaeger T, Sailer R, Shankar U. PRIMA: Policy-reduced integrity measurement architecture[C]. Proceedings of the eleventh ACM symposium on Access control models and technologies, California: ACM, 2006:19-28.
[65] Zhang Xinwen, Chen Songqing, Michael J. C., et al. SecureBus: Towards Application-Transparent Trusted Computing with Mandatory Access Control[C]. Proceedgins of ASIACCS2007, New York: ACM, 2007:117-126.
[66]李焕洲,林宏刚,张健,等.可信计算中完整性度量模型研究[J].四川大学学报(工程科学版), 2008, 40(11):150-153.
[67] Xu Min, Jiang Xuxian, Sandhu R, et al. Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection[C]. Proceedings of SACMAT’2007, New York:ACM, 2007:71-80.
[68] Kühn U, Selhorst M, Stüble C. Realizing property-based attestation and sealing with commonly available hard- and software[C]. Proceedgins of the 2007 ACM workshop on Scalable trusted computing. Alexandria: ACM, 2007:50-57.
[69]冯登国,秦宇.一种基于TCM的属性证明协议[J].中国科学:信息科学. 2010, 40(02):189-199.
[70]秦宇,冯登国.基于组件属性的远程证明[J].软件学报. 2009, 20(06):1625-1641.
[71]李尚杰,贺也平,刘冬梅,等.基于属性的远程证明的隐私性分析[J].通信学报. 2009,30(11A):146-152.
[72] Cui Yan-Li, Zhang Xing. Improving credibility of systems integrity measurement of property remote attestation[C]. 2009’Asia-Pacific Conference on Computational Intelligence and Industrial Applications, 2009, 341-344.
[73] Azab, AM, Peng Ning, Sezer EC, Xiaolan Zhang. HIMA: A Hypervisor-Based Integrity Measurement Agent [C]. 2009 Annual Computer Security Applications Conference, 2009, 461 - 470.
[74] Libo Liu, Jian Peng. Research on Distributed and Dynamic Trust Transfer and Measurement[C]. Proceedings of the 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing. Washington DC USA: IEEE Computer Society, 2009, 235-239.
[75] Jian Wang, Haihang Wang, Chengxiang Tan. RABBIF: Remote Attestation Based on Behavior and Information Flow [C]. Proceedings of the 2010 Second International Conference on Computer Engineering and Applications. Washington DC USA: IEEE Computer Society, 2010, 18-22.
[76]刘孜文,冯登国.基于可信计算的动态完整性度量架构[J].电子与信息学报. 2010, 32 (04): 875-879.
[77] Lrk5, Linux Rootkits. [EB/OL], [2008-05-13]. http://www.ossec.net/rootkits/lrk.php.
[78] Levine J.F., Grizzard J.B., Owen H.L. Detecting and categorizing kernel-level rootkits to aid future detection. Security & Privacy, IEEE Computer Society, 2006, 04(01):24-32.
[79] D. Cid. RootCheck [EB/OL]. [2010-9-23]. http://www.ossec.net/rootkits/.
[80] Stealth. Adore-ng [EB/OL]. [2008-04-30]. http://stealth.7350.org/rootkits.
[81] Berserker. Synapsys [EB/OL]. [2008-05-23]. http://www.neural-collapse.org.
[82] Karl. Xvidcap Project Home Page [EB/OL]. [2009-03-10]. http://xvidcap.sourceforge.net.
[83] XU Mingdi, HE Jian, ZHANG Bo, etal. A New Data Protecting Scheme Based on TPM. Proceedings of the Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Washington DC USA: IEEE Computer Society, 2007: 943-947.
[84]陆建新,杨树堂,陆松年,等.可信计算中一种基于属性的封装存储方案[J].信息技术,2008,1(1):1-4.
[85]汪丹,冯登国,徐震.基于可信虚拟平台的数据封装方案[J].计算机研究与发展. 2009, 46(8):1325-1333.
[86] Google. Android Official Website. [EB/OL]. [2010-11-10]. http://www.android.com.
[87] T-Mobile. The T-Mobile G1 with Google phone Official site. [EB/OL]. [2010-11-10]. http://www.t-mobileg1.com/.
[88] Google. Android Software developing Kits 2.0. [EB/OL]. [2010-11-10]. http://developer.android.com/sdk/.
[89] Linux Kernel Organization Inc. Git. [EB/OL]. [2010-11-10]. http://android.git.kernel.org/.
[90] A. Cox. Linux: Ptrace vulnerability; 2.2.25 released [EB/OL]. [2010-11-23]. http://kerneltrap.org/node/611.
[91] P. Starzetz. Linux kernel do_mremap VMA limit local privilege escalation vulnerability. [EB/OL]. [2010-11-23].http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt.
[92] Red Hat Security Advisory. UNIRAS brief-220/04. [EB/OL]. [2010-11-23]. http://archive.cert.uni-stuttgart.de/uniras/2004/05/msg00028.html.
[93] Qaaz. Linux Kernel 2.6.17-2.6.24.1 vmsplice local root exploit. [EB/OL]. [2010-11-23]. http://www.milw0rm.com/exploits/5092.
[94] J. Edge. A privilege escalation flaw in udev. [EB/OL]. [2010-11-23]. http://lwn.net/Articles/329266/.
[95] U. Shankar, D. Wagner. Preventing secret leakage from fork (): securing privilege-separated applications. IEEE International Conference on Communications, Washington DC USA: IEEE Computer Society, 2006, 2268-2275.
[96] Y. Okazaki, I. Sato. A new intrusion detection method based on process profiling. Proceedings of the 2002 Symposium on Applications and the Internet, Washington DC USA: IEEE Computer Society, 2002, 82-90.
[97] X.Y. Zhu, Y.Q. Yu, H. Wang, B. Zeng. Intrusion detection system model based on extension detecting. Proceedings of the 2007 International Conference on Convergence Information Technology, 2007, Washington DC USA: IEEE Computer Society, 1536-1540.
[98]罗安安,林闯,王元卓,等.可信网络连接的安全量化分析与协议改进[J].计算机学报. 2009, 32(05):887-898.
[99]张俊伟,马建峰,文相在.通用可组合的可信网络连接模型和IF-T中的EAP-TNC协议[J].中国科学:信息科学, 2010,40(2):200-215.
[100]张焕国,陈璐,张立强.可信网络连接研究[J].计算机学报, 2010,33(4):706-717.
[101]林闯,彭雪海.可信网络研究[J],计算机学报, 2005,28(05):751-758.
[102]林闯,田立勤,王元卓.可信网络中用户行为可信的研究[J],计算机研究与发展, 2008,45(12):2033-2043.
[103]田立勤,林闯.可信网络中一种基于行为信任预测的博弈控制机制[J].计算机学报. 2007,30(11):1930-1938.
[104]李小勇,桂小林,毛倩,等.基于行为监控的自适应动态信任度测模型[J].计算机学报. 2009, 32(04):664-674.
[105]张润莲,武小年,周胜源,等.一种基于实体行为风险评估的信任模型[J].计算机学报. 2009, 32(04):688-698.
[106]赵洁,肖南峰,钟军锐.基于贝叶斯网络和行为日志挖掘的行为信任控制[J].华南理工大学学报(自然科学版). 2009, 37(05):94-100.
[107]冀铁果,田立勤,胡志兴,等.可信网络中一种基于AHP的用户行为评估方法[J].计算机工程与应用, 2007, 43(19):123-137.
[108] Sergios Theodoridis, Konstantinos Koutroumbas. Pattern Recognition 4th edition [M], London :Academic Press, 2009.
[109] Jiawei Han, Micheline Kamber. Data Mining: Concepts and Techniques, Second Edition [M]. CA USA: Morgan Kaufmann San Fransisco, 2007.
[110] Suykens J A K, Van Gestel T, De Brabanter J. Least squares support vector machines [M], Singapore Island: World Scientific Publishing Co Pte Lte, 2002.
[111]刘昌平,范明钰,王光卫,等.基于梯度算法的支持向量机参数优化方法,控制与决策, 2008,23(11):1291-1296.
[112] Chen Shuyi, Wen Yingyou, Zhao Hong. Modeling Trusted Computing [J]. Wuhan University Journal of Natural Sciences. 2006, 11(06): p1507-1510.
[113] Chen Shuyi, Wen Yingyou, Zhao Hong. Formal Analysis of Secure Bootstrap in Trusted Computing [C]. Proceeddings of the 4th Int Conference on Autonomic and Trusted Computing. Berlin: Springer, 2007:352-360.
[114]赵佳.可信认证关键技术研究:[博士学位论文],北京:北京交通大学, 2008, 32-37.
[115]张兴,黄强,沈昌祥.一种基于无干扰模型的信任链传递分析方法[J].计算机学报, 2010, 11(1): 74-81.
[116] Zhang Bei, Chen Chen, Zhu Jianyong. The Transfer of Trust-Chain with Damp[C]. Proceedings of IEEE Pervasive Computing and Applications. Piscataway, NJ: IEEE Computer Society, 2008, 948-952.
[117] Audun J, Simon P. Semantic Constraints for Trust Transitivity[C]. Proceedings of the 2th Asia-Pacific Conf on Conceptual Modelling. Newcastle Australian: ACM, 2005, 59-48.
[118] Huang JW, Mark SF. An Ontology of Trust: Formal Semantics and Transitivity [C]. Proceedings of the 8th Int Conf on Electronic Commerce. Fredericton, Canada: ACM, 2006, 259-270.
[119] Mohsen T, Rasool J, Morteza A. A Semantic-Aware Ontology-Based Trust Model forPervasive Computing Environments[C]. Proceedings of the 5th Int Conf on Autonomic and Trusted Computing. Berlin: Springer, 2008, 47-59.
[120] Dong Changyu, Russello G., Dulay N. Trust Transfer in Distributed Systems [C]. Proceedings of International Conference on Federation for Information Processing. Boston: Springer, 2007, 17-29.
[121] Marco C, Mogens N, Vladimiro S. A Calculus for Trust Management [C]. Proceedings of Foundations of Software Technology and Theoretical Computer Science. Berlin Heidelberg: Springer, 2004, 161-173.
[122] Mark H, David W, Trust in the Pi-Calculus [C]. Proceedings of International Conference on Principles and Practice of Declarative Programming. Florence Italy: ACM, 2001, 103-115.
[123] Massimo M, Matthew H. A Bisimulation-Based Semantic Theory of Safe Ambients [J]. ACM Transactional on Programming Languages and Systems, 2006, 28(2): 290–330.
[124] Ed B, Holger H. Process Algebra and Markov Chains [C]. Proceedings of Formal Methods and Performance Analysis. Berlin: Springer, 2001, 183-231.
[125] Milner R. Communication and Concurrency [M]. New Jersey USA: Prentice-Hall Press, 1989.
[126] Brookes SD, Hoare CAR, Roscoe AW. A Theory of Communicating Sequential Processes [J]. Journal of the Association Computing Machinery, 1984, 31(03):560-599.
[127] Allan C, Stephen G, Jane H, et al. Stochastic Process Algebras [C]. Proceedings of Formal Methods for Performance Evaluation. Berlin Heidelberg: Springer, 2007, 132-179.
[128] Plotkin GD. A structural approach to operational semantics [R]. Denmark: University of Aarhus, 1981.
[129] PRISM. Probabilistic Symbolic Model Checker [EB/OL]. [2010-5-15]. http://www.prismmodelcheck er.org.
[130] C.A. Petri. Kommunikation mit automaten. PhD thesis, Insitut für Instrumentelle Mathematik, Bonn, Germany, 1962.
[131]吴哲辉. Petri网导论[M].北京:机械工业出版社. 2006,4:188-193.
[132]袁崇义. Petri网原理与应用[M].北京:电子工业出版社. 2005, 7:84-97.
[133]杨仕平,桑楠,陈慧,等.安全关键实时操作系统时间隔离保护机制的设计与实现[J].计算机研究与发展. 2004, 41(07):7030-7038.
[134]张威. Stateflow逻辑系统建模型[M].西安:西安电子科技大学出版社. 2007,10:125-135.