基于无干扰的云计算环境行为可信性分析
|
摘要
云安全是目前云计算研究的热点之一.作为云安全基础的可信计算,目前仍存在一些关键问题有待解决,这使得云安全事实上是有缺陷的.针对可信计算中的动态行为可信度量问题,本文提出了一种基于无干扰的云环境行为可信性分析方法.首先,基于可信计算组织TCG(Trusted Computing Group)和学术界对于"可信"的定义,给出了行为可信的判定等式.进一步地,建立了基于状态递归等价的行为可信的充要条件,解决了目前尚没有有效的行为可信性验证方法的问题目前没有见到类似结论.最后,本文给出了实验示例,证明了方法是有效的.
Nowadays,cloud computing has been widely applied in our daily life.Security and privacy of cloud computing has become the hot topic in academia and industry.According to the definition by NIST(National Institute of Standards and Technology),cloud computing generally comprises three parts,which are IaaS(Infrastructure-as-a-Service),PaaS(Platform-as-a-Service) and SaaS(Software-as-a-Service).In order to protect the security of IaaS,PaaS and SaaS,researchers introduced trusted computing,and leveraged trusted computing to resolve some security and privacy problems in cloud computing,such as identification authentication,security storage,privacy preserving,and malware defense and so on.Unfortunately,though trusted computing is the fundamental supporting technology for cloud security,trusted computing itself still has some key issues to be addressed,where trust measurement is a representative one.Trust measurement,according to the definition of TCG(Trusted Computing Group),refers to dynamically determining the observation consistency between a real behavior,sayα,and its expected behavior,sayβ.If both of the behaviors are observed consistent,i.e.,an attacker can learn nothing by observing system state transitions caused by the aforementioned two behaviorsα andβ,we say the behaviorαis trusted,otherwise not.Note that trust measurement is the critical technology of trusted computing,and trusted computing is also the supporting technology of cloud security,it is therefore naturally for trust measurement to be the foundation of cloud security.However,there are few practical works of trust measurement so far,which makes cloud computing defacto flawed.To address the issue of trust measurement in cloud computing,a noninterference-based analysis approach was proposed.Initially,we presented a determination equation of behavior trust.With respect to what is trust,mainstream academic community mainly focuses on three properties,i.e.expected behavior consistency,confidentiality and integrity.We therefore discussed in detail the meaning of the determination equation according to the above three properties.Next,a recursive form of necessary and sufficient condition for verifying whether the given determination equation holds or not was presented.Since the necessary and sufficient condition is recursive(based on a equivalence relation upon system states),it is easy to design an automated verification algorithm of behavior trust.Compared with our work,existing works are mostly based on the"unwinding theorem",whereas it is hardly to construct an automated verification algorithm based on"unwinding theorem".As a result,few works for automated verification of behavior trust have been proposed thus far.Therefore,our work could be the first step towards bridging the gap between the theoretical analysis and practical application of noninterference-based trust measurement,and to the best of our knowledge,we are the first to propose a practical noninterference-based approach for verifying behavior trust in a cloud computing system.Finally,a buffer overflow mitigation approach was described to illustrate our approach.We firstly gave the expected behavior specifications,and then monitored whether a process deviated from the behavior specifications during its running.If the monitored process never deviated,the process was trusted,otherwise not.Different from existing works,our approach is completely behavior trust-oriented.Experimental results showed that our approach was effective.
Nowadays,cloud computing has been widely applied in our daily life.Security and privacy of cloud computing has become the hot topic in academia and industry.According to the definition by NIST(National Institute of Standards and Technology),cloud computing generally comprises three parts,which are IaaS(Infrastructure-as-a-Service),PaaS(Platform-as-a-Service) and SaaS(Software-as-a-Service).In order to protect the security of IaaS,PaaS and SaaS,researchers introduced trusted computing,and leveraged trusted computing to resolve some security and privacy problems in cloud computing,such as identification authentication,security storage,privacy preserving,and malware defense and so on.Unfortunately,though trusted computing is the fundamental supporting technology for cloud security,trusted computing itself still has some key issues to be addressed,where trust measurement is a representative one.Trust measurement,according to the definition of TCG(Trusted Computing Group),refers to dynamically determining the observation consistency between a real behavior,sayα,and its expected behavior,sayβ.If both of the behaviors are observed consistent,i.e.,an attacker can learn nothing by observing system state transitions caused by the aforementioned two behaviorsα andβ,we say the behaviorαis trusted,otherwise not.Note that trust measurement is the critical technology of trusted computing,and trusted computing is also the supporting technology of cloud security,it is therefore naturally for trust measurement to be the foundation of cloud security.However,there are few practical works of trust measurement so far,which makes cloud computing defacto flawed.To address the issue of trust measurement in cloud computing,a noninterference-based analysis approach was proposed.Initially,we presented a determination equation of behavior trust.With respect to what is trust,mainstream academic community mainly focuses on three properties,i.e.expected behavior consistency,confidentiality and integrity.We therefore discussed in detail the meaning of the determination equation according to the above three properties.Next,a recursive form of necessary and sufficient condition for verifying whether the given determination equation holds or not was presented.Since the necessary and sufficient condition is recursive(based on a equivalence relation upon system states),it is easy to design an automated verification algorithm of behavior trust.Compared with our work,existing works are mostly based on the"unwinding theorem",whereas it is hardly to construct an automated verification algorithm based on"unwinding theorem".As a result,few works for automated verification of behavior trust have been proposed thus far.Therefore,our work could be the first step towards bridging the gap between the theoretical analysis and practical application of noninterference-based trust measurement,and to the best of our knowledge,we are the first to propose a practical noninterference-based approach for verifying behavior trust in a cloud computing system.Finally,a buffer overflow mitigation approach was described to illustrate our approach.We firstly gave the expected behavior specifications,and then monitored whether a process deviated from the behavior specifications during its running.If the monitored process never deviated,the process was trusted,otherwise not.Different from existing works,our approach is completely behavior trust-oriented.Experimental results showed that our approach was effective.
引文
[1]Lin Chuang,Su Wen-Bo,Meng Kun,et al.Cloud computing security:Architecture,mechanism and modeling.Chinese Journal of Computers,2013,36(9):1765-1784(in Chinese)(林闯,苏文博,孟坤等.云计算安全:架构、机制与模型评价.计算机学报,2013,36(9):1765-1784)
[2]Feng Deng-Guo,Zhang Min,Zhang Yan,et al.Study on cloud computing security.Journal of Software,2011,22(1):71-83(in Chinese)(冯登国,张敏,张妍等.云计算安全研究.软件学报,2011,22(1):71-83)
[3]Yu Neng-Hai,Hao Zhuo,Xu Jia-Jia,et al.Review of cloud computing security.Acta Electronica Sinica,2013,41(2):371-381(in Chinese)(俞能海,郝卓,徐甲甲等.云安全研究进展综述.电子学报,2013,41(2):371-381)
[4]Zhang Yu-Qing,Wang Xiao-Fei,Liu Xue-Feng,et al.Survey on cloud computing security.Journal of Software,2016,27(6):1328-1348(in Chinese)(张玉清,王晓菲,刘雪峰等.云计算环境安全综述.软件学报,2016,27(6):1328-1348)
[5]Takabi H,Joshi J B D,Ahn G J.Security and privacy challenges in cloud computing environments.IEEE Security and Privacy Magazine,2010,8(6):24-31
[6]Bacon J,Eyers D,Pasquier T F J M,et al.Information flow control for secure cloud computing.IEEE Transactions on Network and Service Management,2014,11(1):76-89
[7]Xiao Yuan,Zhang Xiao-Kuan,Zhang Yin-Qian,et al.One bit flips,one cloud flops:Cross-VM row hammer attacks and privilege escalation//Proceedings of the 2016USENIX Security Symposium.Austin,USA,2016:19-35
[8]Schuster F,Costa M,Fournet C,et al.VC3:Trustworthy data analytics in the cloud using SGX//Proceedings of the2015IEEE Symposium on Security and Privacy.Oakland,USA,2015:38-54
[9]Bindschaedler V,Naveed M,Pan Xiao-Rui,et al.Practicing oblivious access on cloud storage:The gap,the fallacy and the new way forward//Proceedings of the 2015Computer and Communications Security.New York,USA,2015:837-849
[10]Varadarajan V,Zhang Ying-Qian,Ristenpart T,et al.Aplace vulnerability study in multi-tenant public clouds//Proceedings of the 2015 USENIX Security Symposium.Washington DC,USA,2015:913-928
[11]Garrison W C,Shull A,Myers S,et al.On the practicality of cryptographically enforcing dynamic access control policies in the cloud//Proceedings of the 2016IEEE Symposium on Security and Privacy.Oakland,USA,2016:819-838
[12]Xiong Jin-Bo,Yao Zhi-Qiang,Ma Jian-Feng,et al.Actionbased multilevel access control for structured document.Journal of Computer Research and Development,2013,50(7):1399-1408(in Chinese)(熊金波,姚志强,马建峰等.基于行为的结构化文档多级访问.计算机研究与发展,2013,50(7):1399-1408)
[13]Zeng Wen,Koutny M,Watson P,et al.Formal verification of secure information flow in cloud computing.Journal of Information Security and Applications,2016,27-28:103-116
[14]Zhang Lei,Chen Xing-Shu,Liu Liang,et al.Trusted domain hierarchical model based on noninterference theory.Journal of China Universities of Posts and Telecommunications,2015,22(4):7-16
[15]Ding Yan,Wang Huai-Min,Shi Pei-Chang,et al.Trusted cloud service.Chinese Journal of Computers,2015,38(1):133-149(in Chinese)(丁滟,王怀民,史佩昌等.可信云服务.计算机学报,2015,38(1):133-149)
[16]Li Hui,Sun Wen-Hai,Li Feng-Hua,et al.Secure and privacy-preserving data storage service in public cloud.Journal of Computer Research and Development,2014,51(7):1397-1409(in Chinese)(李晖,孙文海,李凤华等.公共云存储服务数据安全及隐私保护技术综述.计算机研究与发展,2014,51(7):1397-1409)
[17]Yang Bo,Feng Deng-Guo,Qin Yu,et al.Secure access scheme of cloud services for trusted mobile terminals using TrustZone.Journal of Software,2016,27(6):1366-1383(in Chinese)(杨波,冯登国,秦宇等.基于TrustZone的可信移动终端云服务安全接入方案.软件学报,2016,27(6):1366-1383)
[18]Feng Deng-Guo,et al.Trusted Computing——Theory and Practice.Beijing:Tsinghua University Press,2013(in Chinese)(冯登国等.可信计算——理论与实践.北京:清华大学出版社,2013)
[19]Feng Deng-Guo,Qin Yu,Wang Dan,et al.Research on trusted computing technology.Journal of Computer Research and Development,2011,48(8):1332-1349(in Chinese)(冯登国,秦宇,汪丹等.可信计算技术研究.计算机研究与发展,2011,48(8):1332-1349)
[20]Shen Chang-Xiang,Zhang Huan-Guo,Wang Huai-Min,et al.Research on trusted computing and its development.SCIENCE CHINA Information Sciences,2010,53(3):405-433
[21]Zhang Huan-Guo,Yan Fei,Fu Jian-Ming,et al.Research on theory and key technology of trusted computing platform security testing and evaluation.SCIENCE CHINA Information Sciences,2010,53(3):434-453
[22]Sailer R,Zhang X,Jaeger T,et al.Design and implementation of a TCG-based integrity measurement architecture//Proceedings of the 2004USENIX Security Symposium.San Diego,USA,2004:16-32
[23]Schiffman J,Moyer T,Shal C,et al.Justifying integrity using a virtual machine verifier//Proceedings of the 2009Annual Computer Security Applications Conference.Honolulu,USA,2009:83-92
[24]Xu Wen-Juan,Ahn Gail-Joon,Hu Hong-Xin.DR@FT:Efficient remote attestation framework for dynamic systems//Proceedings of the 2010European Conference on Research in Computer Security.Wroclaw,Poland,2014:182-198
[25]Armknecht F,Sadeghi A R,Schulz S.A security framework for the analysis and design of software attestation//Proceedings of the 2013ACM Conference on Computer and Communications Security.Berlin,Germany,2013:1-12
[26]Zhang Xing,Chen You-Lei,Shen Chang-Xiang.Noninterference trusted model based on processes.Journal on Communications,2009,30(3):6-11(in Chinese)(张兴,陈幼雷,沈昌祥.基于进程的无干扰可信模型.通信学报,2009,30(3):6-11)
[27]Zhang Xing,Huang Qiang,Shen Chang-Xiang.A formal method based on noninterference for analyzing trust chain of trusted computing platform.Chinese Journal of Computers,2010,33(1):74-81(in Chinese)(张兴,黄强,沈昌祥.一种基于无干扰模型的信任链传递分析方法.计算机学报,2010,33(1):74-81)
[28]Qin Xi,Chang Chao-Wen,Shen Chang-Xiang,et al.Research on trusted terminal computer model tolerating untrusted components.Acta Electronica Sinica,2011,39(4):1-6(in Chinese)(秦晰,常朝稳,沈昌祥等.容忍非信任组件的可信终端模型研究.电子学报,2011,39(4):1-6)
[29]Xu Ming-Di,Zhang Huan-Guo,Zhao Heng,et al.Security analysis on trust chain of trusted computing platform.Chinese Journal of Computers,2010,33(7):1165-1176(in Chinese)(徐明迪,张焕国,赵恒等.可信计算平台信任链安全性分析.计算机学报,2010,33(7):1165-1176)
[30]Murray T,Matichuk D,Brassil M,et al.seL4:From general purpose to a proof of information flow enforcement//Proceedings of the 2013IEEE Security and Privacy Symposium.Oakland,USA,2013:415-249
[31]Murray T,Matichuk D,Brassil M,et al.Noninterference for operating system kernels//Proceedings of the 2012International Conference on Certified Programs and Proofs.Kyoto,Japan,2012:126-142
[32]Dam M,Guanciale R,Khakpour N,et al.Formal verification of information flow security for a simple ARM-based separation kernel//Proceedings of the 2013 ACM Conference on Computer and Communications Security.Berlin,Germany,2013:223-234
[33]Zhao Bo,Dai Zhong-Hua,Xiang Shuang,et al.Model constructing method for analyzing the trusty of cloud.Journal of Software,2016,27(6):1349-1365(in Chinese)(赵波,戴忠华,向騻等.一种云平台可信性分析模型建立方法.软件学报,2016,27(6):1349-1365)
[34]Shi Yong,Guo Yu,Liu Ji-Qiang,et al.Trusted cloud tenant separation mechanism supporting transparency.Journal of Software,2016,27(6):1538-1548(in Chinese)(石勇,郭煜,刘吉强等.一种透明的可信云租户隔离机制研究.软件学报,2016,27(6):1538-1548)
[35]Eggert S,van der Meyden R,Schnoor H,et al.The complexity of intransitive noninterference//Proceedings of the IEEE Symposium on Security and Privacy.Oakland,USA,2011:196-211
[36]Hadj-Alouane N N,Lafrance S,Lin Feng,et al.On the verification of intransitive noninterference in multilevel security.IEEE Transactions on Systems,Man,and CyberneticsPart B:Cybernetics,2005,35(5):948-958
[37]Rushby J.Noninterference,transitivity,and channel-control security.SRI International,Menlo Park,USA:Technical Report CSL-92-02,1992
[38]Zhou Cong-Hua,Liu Zhi-Feng,Wu Hai-Ling,et al.Symbolic algorithmic verification of intransitive generalized noninterference.SCIENCE CHINA Information Sciences,2012,55(7):1650-1665
[39]Liu Ke,Shan Zhi-Guang,Wang Ji,et al.Overview on major research plan of trustworthy software.Science Foundation in China,2008,22(3):145-151(in Chinese)(刘克,单志广,王戟等.“可信软件基础研究”重大研究计划综述.中国科学基金,2008,22(3):145-151)
[40]Zhang Fan,Chen Shu,Sang Yong-Xuan,et al.Noninterference model for integrity.Journal on Communications,2011,32(10):78-85(in Chinese)(张帆,陈曙,桑永宣等.完整性条件下无干扰模型.通信学报,2011,32(10):78-85)
[41]Xu Ming-Di.Security Analysis of Trusted Chain of Trusted Computing Platform[Ph.D.dissertation].Wuhan University,Wuhan,2009(in Chinese)(徐明迪.可信计算平台信任链安全性分析[博士学位论文].武汉大学,武汉,2009)
[42]Shacham H.The geometry of innocent flesh on the bone:Return-into-libc without function calls(on the x86)//Proceedings of the 14th ACM Conference on Computer and Communications Security.Alexandria,USA,2007:552-561
[43]Bosman E,Bos H.Framing signals-A return to portable shellcode//Proceedings of the 2014 IEEE Symposium on Security and Privacy.Oakland,USA,2014:243-258
(1)Cloud Computing Synopsis and Recommendations.http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-146.pdf
[2]Feng Deng-Guo,Zhang Min,Zhang Yan,et al.Study on cloud computing security.Journal of Software,2011,22(1):71-83(in Chinese)(冯登国,张敏,张妍等.云计算安全研究.软件学报,2011,22(1):71-83)
[3]Yu Neng-Hai,Hao Zhuo,Xu Jia-Jia,et al.Review of cloud computing security.Acta Electronica Sinica,2013,41(2):371-381(in Chinese)(俞能海,郝卓,徐甲甲等.云安全研究进展综述.电子学报,2013,41(2):371-381)
[4]Zhang Yu-Qing,Wang Xiao-Fei,Liu Xue-Feng,et al.Survey on cloud computing security.Journal of Software,2016,27(6):1328-1348(in Chinese)(张玉清,王晓菲,刘雪峰等.云计算环境安全综述.软件学报,2016,27(6):1328-1348)
[5]Takabi H,Joshi J B D,Ahn G J.Security and privacy challenges in cloud computing environments.IEEE Security and Privacy Magazine,2010,8(6):24-31
[6]Bacon J,Eyers D,Pasquier T F J M,et al.Information flow control for secure cloud computing.IEEE Transactions on Network and Service Management,2014,11(1):76-89
[7]Xiao Yuan,Zhang Xiao-Kuan,Zhang Yin-Qian,et al.One bit flips,one cloud flops:Cross-VM row hammer attacks and privilege escalation//Proceedings of the 2016USENIX Security Symposium.Austin,USA,2016:19-35
[8]Schuster F,Costa M,Fournet C,et al.VC3:Trustworthy data analytics in the cloud using SGX//Proceedings of the2015IEEE Symposium on Security and Privacy.Oakland,USA,2015:38-54
[9]Bindschaedler V,Naveed M,Pan Xiao-Rui,et al.Practicing oblivious access on cloud storage:The gap,the fallacy and the new way forward//Proceedings of the 2015Computer and Communications Security.New York,USA,2015:837-849
[10]Varadarajan V,Zhang Ying-Qian,Ristenpart T,et al.Aplace vulnerability study in multi-tenant public clouds//Proceedings of the 2015 USENIX Security Symposium.Washington DC,USA,2015:913-928
[11]Garrison W C,Shull A,Myers S,et al.On the practicality of cryptographically enforcing dynamic access control policies in the cloud//Proceedings of the 2016IEEE Symposium on Security and Privacy.Oakland,USA,2016:819-838
[12]Xiong Jin-Bo,Yao Zhi-Qiang,Ma Jian-Feng,et al.Actionbased multilevel access control for structured document.Journal of Computer Research and Development,2013,50(7):1399-1408(in Chinese)(熊金波,姚志强,马建峰等.基于行为的结构化文档多级访问.计算机研究与发展,2013,50(7):1399-1408)
[13]Zeng Wen,Koutny M,Watson P,et al.Formal verification of secure information flow in cloud computing.Journal of Information Security and Applications,2016,27-28:103-116
[14]Zhang Lei,Chen Xing-Shu,Liu Liang,et al.Trusted domain hierarchical model based on noninterference theory.Journal of China Universities of Posts and Telecommunications,2015,22(4):7-16
[15]Ding Yan,Wang Huai-Min,Shi Pei-Chang,et al.Trusted cloud service.Chinese Journal of Computers,2015,38(1):133-149(in Chinese)(丁滟,王怀民,史佩昌等.可信云服务.计算机学报,2015,38(1):133-149)
[16]Li Hui,Sun Wen-Hai,Li Feng-Hua,et al.Secure and privacy-preserving data storage service in public cloud.Journal of Computer Research and Development,2014,51(7):1397-1409(in Chinese)(李晖,孙文海,李凤华等.公共云存储服务数据安全及隐私保护技术综述.计算机研究与发展,2014,51(7):1397-1409)
[17]Yang Bo,Feng Deng-Guo,Qin Yu,et al.Secure access scheme of cloud services for trusted mobile terminals using TrustZone.Journal of Software,2016,27(6):1366-1383(in Chinese)(杨波,冯登国,秦宇等.基于TrustZone的可信移动终端云服务安全接入方案.软件学报,2016,27(6):1366-1383)
[18]Feng Deng-Guo,et al.Trusted Computing——Theory and Practice.Beijing:Tsinghua University Press,2013(in Chinese)(冯登国等.可信计算——理论与实践.北京:清华大学出版社,2013)
[19]Feng Deng-Guo,Qin Yu,Wang Dan,et al.Research on trusted computing technology.Journal of Computer Research and Development,2011,48(8):1332-1349(in Chinese)(冯登国,秦宇,汪丹等.可信计算技术研究.计算机研究与发展,2011,48(8):1332-1349)
[20]Shen Chang-Xiang,Zhang Huan-Guo,Wang Huai-Min,et al.Research on trusted computing and its development.SCIENCE CHINA Information Sciences,2010,53(3):405-433
[21]Zhang Huan-Guo,Yan Fei,Fu Jian-Ming,et al.Research on theory and key technology of trusted computing platform security testing and evaluation.SCIENCE CHINA Information Sciences,2010,53(3):434-453
[22]Sailer R,Zhang X,Jaeger T,et al.Design and implementation of a TCG-based integrity measurement architecture//Proceedings of the 2004USENIX Security Symposium.San Diego,USA,2004:16-32
[23]Schiffman J,Moyer T,Shal C,et al.Justifying integrity using a virtual machine verifier//Proceedings of the 2009Annual Computer Security Applications Conference.Honolulu,USA,2009:83-92
[24]Xu Wen-Juan,Ahn Gail-Joon,Hu Hong-Xin.DR@FT:Efficient remote attestation framework for dynamic systems//Proceedings of the 2010European Conference on Research in Computer Security.Wroclaw,Poland,2014:182-198
[25]Armknecht F,Sadeghi A R,Schulz S.A security framework for the analysis and design of software attestation//Proceedings of the 2013ACM Conference on Computer and Communications Security.Berlin,Germany,2013:1-12
[26]Zhang Xing,Chen You-Lei,Shen Chang-Xiang.Noninterference trusted model based on processes.Journal on Communications,2009,30(3):6-11(in Chinese)(张兴,陈幼雷,沈昌祥.基于进程的无干扰可信模型.通信学报,2009,30(3):6-11)
[27]Zhang Xing,Huang Qiang,Shen Chang-Xiang.A formal method based on noninterference for analyzing trust chain of trusted computing platform.Chinese Journal of Computers,2010,33(1):74-81(in Chinese)(张兴,黄强,沈昌祥.一种基于无干扰模型的信任链传递分析方法.计算机学报,2010,33(1):74-81)
[28]Qin Xi,Chang Chao-Wen,Shen Chang-Xiang,et al.Research on trusted terminal computer model tolerating untrusted components.Acta Electronica Sinica,2011,39(4):1-6(in Chinese)(秦晰,常朝稳,沈昌祥等.容忍非信任组件的可信终端模型研究.电子学报,2011,39(4):1-6)
[29]Xu Ming-Di,Zhang Huan-Guo,Zhao Heng,et al.Security analysis on trust chain of trusted computing platform.Chinese Journal of Computers,2010,33(7):1165-1176(in Chinese)(徐明迪,张焕国,赵恒等.可信计算平台信任链安全性分析.计算机学报,2010,33(7):1165-1176)
[30]Murray T,Matichuk D,Brassil M,et al.seL4:From general purpose to a proof of information flow enforcement//Proceedings of the 2013IEEE Security and Privacy Symposium.Oakland,USA,2013:415-249
[31]Murray T,Matichuk D,Brassil M,et al.Noninterference for operating system kernels//Proceedings of the 2012International Conference on Certified Programs and Proofs.Kyoto,Japan,2012:126-142
[32]Dam M,Guanciale R,Khakpour N,et al.Formal verification of information flow security for a simple ARM-based separation kernel//Proceedings of the 2013 ACM Conference on Computer and Communications Security.Berlin,Germany,2013:223-234
[33]Zhao Bo,Dai Zhong-Hua,Xiang Shuang,et al.Model constructing method for analyzing the trusty of cloud.Journal of Software,2016,27(6):1349-1365(in Chinese)(赵波,戴忠华,向騻等.一种云平台可信性分析模型建立方法.软件学报,2016,27(6):1349-1365)
[34]Shi Yong,Guo Yu,Liu Ji-Qiang,et al.Trusted cloud tenant separation mechanism supporting transparency.Journal of Software,2016,27(6):1538-1548(in Chinese)(石勇,郭煜,刘吉强等.一种透明的可信云租户隔离机制研究.软件学报,2016,27(6):1538-1548)
[35]Eggert S,van der Meyden R,Schnoor H,et al.The complexity of intransitive noninterference//Proceedings of the IEEE Symposium on Security and Privacy.Oakland,USA,2011:196-211
[36]Hadj-Alouane N N,Lafrance S,Lin Feng,et al.On the verification of intransitive noninterference in multilevel security.IEEE Transactions on Systems,Man,and CyberneticsPart B:Cybernetics,2005,35(5):948-958
[37]Rushby J.Noninterference,transitivity,and channel-control security.SRI International,Menlo Park,USA:Technical Report CSL-92-02,1992
[38]Zhou Cong-Hua,Liu Zhi-Feng,Wu Hai-Ling,et al.Symbolic algorithmic verification of intransitive generalized noninterference.SCIENCE CHINA Information Sciences,2012,55(7):1650-1665
[39]Liu Ke,Shan Zhi-Guang,Wang Ji,et al.Overview on major research plan of trustworthy software.Science Foundation in China,2008,22(3):145-151(in Chinese)(刘克,单志广,王戟等.“可信软件基础研究”重大研究计划综述.中国科学基金,2008,22(3):145-151)
[40]Zhang Fan,Chen Shu,Sang Yong-Xuan,et al.Noninterference model for integrity.Journal on Communications,2011,32(10):78-85(in Chinese)(张帆,陈曙,桑永宣等.完整性条件下无干扰模型.通信学报,2011,32(10):78-85)
[41]Xu Ming-Di.Security Analysis of Trusted Chain of Trusted Computing Platform[Ph.D.dissertation].Wuhan University,Wuhan,2009(in Chinese)(徐明迪.可信计算平台信任链安全性分析[博士学位论文].武汉大学,武汉,2009)
[42]Shacham H.The geometry of innocent flesh on the bone:Return-into-libc without function calls(on the x86)//Proceedings of the 14th ACM Conference on Computer and Communications Security.Alexandria,USA,2007:552-561
[43]Bosman E,Bos H.Framing signals-A return to portable shellcode//Proceedings of the 2014 IEEE Symposium on Security and Privacy.Oakland,USA,2014:243-258
(1)Cloud Computing Synopsis and Recommendations.http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-146.pdf
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |