终端可信接入与远程证明技术研究
|
摘要
随着互联网技术的不断发展,网络安全问题日益突出,近年来如何有效地构建可信网络已成为业界研究和关注的热点之一。然而几乎所有的攻击事件都是从终端发起的,因此研究基于终端的网络连接控制尤为重要。可信网络连接(Trust Network Connect,TNC)理论是在保障终端硬件安全的基础上,将原有的信任链扩展到网络,从而整体提高网络的可信性和可靠性。本课题所研究的终端可信接入和远程证明技术亦是可信网络连接相关理论的研究重点。终端可信接入技术的深入研究可以保证终端主机的个体安全,而远程证明机制研究则是使将终端可信延伸至网络环境中,保证整个网络环境的可信,两者的相互融合进一步保证网络的整体可信。论文充分研究课题的相关背景知识,分析和改进现有的研究所存在的不足,引用和借鉴有效的专业理论知识,为构建一种可实现的可信网络提供有效的理论支持。文中所作的具体工作主要包括以下三个方面:
首先,在可信网络连接体系结构下,结合终端完整性度量,对终端引入“稳定度”概念,即通过对终端接入结果和其历史接入记录的实时分析计算出终端的“稳定度”,进而提出一种可行的基于接入终端稳定度的可信网络修复方案。与已有的基于完整性验证的修复技术相比,该方案能及时发现和选择性修复不满足可信网络安全策略的终端修复属性,为终端用户提供及时可靠的修复服务。实验结果表明:利用该方案能有效保证终端安全性与稳定性,同时能有效快速修复失败接入终端。
其次,针对现有可信计算组织定义的远程证明机制证明过程复杂和隐私泄漏的不足,通过使用基于双线性映射的BBS+签名算法和属性证书机制代替平台配置信息的方式,提出了一种基于双线性映射和属性证书的远程证明方案(bilinear mapping and property-based attestation,BMPBA)。与已有的远程证明方案相比,BMPBA方案更好地降低了平台配置信息易泄露的风险,其使用的签名方案具有密钥与签名长度短和计算效率高的优点,从而提高了远程证明机制的运行效率。分析结果表明:利用该方案能够高效率地实现平台间的远程证明,并能较好地保证平台证明的安全性、正确性和不可伪造性。
最后,设计并实现了TNC测试环境。与此同时,测试环节详细制定有效的网络安全策略,并进行相应的功能性测试,之后的仿真实验证明了引入终端稳定度概念的实质意义。
With the continuous development of Internet technology, network security has became more and more important, how to build a trusted network effectively is the most concerned issue in recent years. Since almost all of the attacks are started from the terminal, the research on network connection control based on terminal is particularly important. Trust Network Connect is to extend trust chain to the network on the premise that terminal’s hardware security is well protected, so the entire network can be credible and reliable. Trusted terminal access and remote attestation are key issues in the field of Trust Network Connect. The former technology could ensure the individual safety of terminal while the latter could extend trust and the combination of them would ensure the credibility of the entire network. In this paper, we study the drawbacks of existing mechanisms and propose an effective theory to build a trusted network, main work can be concluded into the following three parts:
Firstly, to improve the effectiveness of control and remediation of failure access terminals in trusted network, a novel remediation scheme is proposed in this paper. Based on the introduction of a definition of stability of access terminals and the employment of the architecture of trusted network connect (TNC), the proposed remediation scheme can not only realize a dynamic control on terminal’s behaviors but also support a trustworthy remediation. Simulation results demonstrate that the proposed scheme is more effective compared with static and integrity-based remediation scheme and significantly improve the speed of remediation.
Secondly, since TCG-defined remote attestation is not sufficient for complicated attestation and privacy leaks, a bilinear mapping and property-based attestation scheme named BMPBA was proposed through using BBS+ signature based on bilinear mapping and property-based certificate instead of platform configuration information. Compared with the current remote attestation scheme, the risk of leaking platform configuration information could be better reduced; meanwhile the efficiency of remote attestation could be improved because of the shorter key and higher computing speed. The analysis shows that remote attestation between platforms could be efficiently implemented by using BMPBA, and the security, validity and enforceability of platform attestation also could be guaranteed.
Finally, a TNC test environment is designed and implemented in this paper, meanwhile we formulate an effective network security strategy and have some correspondent functional test. The simulation result on terminal stability index shows that the introduction of terminal stability has a profound significance.
首先,在可信网络连接体系结构下,结合终端完整性度量,对终端引入“稳定度”概念,即通过对终端接入结果和其历史接入记录的实时分析计算出终端的“稳定度”,进而提出一种可行的基于接入终端稳定度的可信网络修复方案。与已有的基于完整性验证的修复技术相比,该方案能及时发现和选择性修复不满足可信网络安全策略的终端修复属性,为终端用户提供及时可靠的修复服务。实验结果表明:利用该方案能有效保证终端安全性与稳定性,同时能有效快速修复失败接入终端。
其次,针对现有可信计算组织定义的远程证明机制证明过程复杂和隐私泄漏的不足,通过使用基于双线性映射的BBS+签名算法和属性证书机制代替平台配置信息的方式,提出了一种基于双线性映射和属性证书的远程证明方案(bilinear mapping and property-based attestation,BMPBA)。与已有的远程证明方案相比,BMPBA方案更好地降低了平台配置信息易泄露的风险,其使用的签名方案具有密钥与签名长度短和计算效率高的优点,从而提高了远程证明机制的运行效率。分析结果表明:利用该方案能够高效率地实现平台间的远程证明,并能较好地保证平台证明的安全性、正确性和不可伪造性。
最后,设计并实现了TNC测试环境。与此同时,测试环节详细制定有效的网络安全策略,并进行相应的功能性测试,之后的仿真实验证明了引入终端稳定度概念的实质意义。
With the continuous development of Internet technology, network security has became more and more important, how to build a trusted network effectively is the most concerned issue in recent years. Since almost all of the attacks are started from the terminal, the research on network connection control based on terminal is particularly important. Trust Network Connect is to extend trust chain to the network on the premise that terminal’s hardware security is well protected, so the entire network can be credible and reliable. Trusted terminal access and remote attestation are key issues in the field of Trust Network Connect. The former technology could ensure the individual safety of terminal while the latter could extend trust and the combination of them would ensure the credibility of the entire network. In this paper, we study the drawbacks of existing mechanisms and propose an effective theory to build a trusted network, main work can be concluded into the following three parts:
Firstly, to improve the effectiveness of control and remediation of failure access terminals in trusted network, a novel remediation scheme is proposed in this paper. Based on the introduction of a definition of stability of access terminals and the employment of the architecture of trusted network connect (TNC), the proposed remediation scheme can not only realize a dynamic control on terminal’s behaviors but also support a trustworthy remediation. Simulation results demonstrate that the proposed scheme is more effective compared with static and integrity-based remediation scheme and significantly improve the speed of remediation.
Secondly, since TCG-defined remote attestation is not sufficient for complicated attestation and privacy leaks, a bilinear mapping and property-based attestation scheme named BMPBA was proposed through using BBS+ signature based on bilinear mapping and property-based certificate instead of platform configuration information. Compared with the current remote attestation scheme, the risk of leaking platform configuration information could be better reduced; meanwhile the efficiency of remote attestation could be improved because of the shorter key and higher computing speed. The analysis shows that remote attestation between platforms could be efficiently implemented by using BMPBA, and the security, validity and enforceability of platform attestation also could be guaranteed.
Finally, a TNC test environment is designed and implemented in this paper, meanwhile we formulate an effective network security strategy and have some correspondent functional test. The simulation result on terminal stability index shows that the introduction of terminal stability has a profound significance.
引文
[1]刘巍伟,韩臻,沈昌祥.基于终端行为的可信网络连接控制方案[J].通信学报,2009,30(11): 127-134.
[2]张焕国,陈璐,张立强.可信网络连接研究[J].计算机学报,2010,33(4):706-717.
[3] Sailer R, Zhang XL, Jaeger T, Doorn LV. Design and implementation of a TCG-based integrity measurement architecture. In: Proc. of the 13th Usenix Security Symp. San Diego: Usenix Press, 2004.16-16.
[4] Smith S. Trusted Computing Platforms-Design and Applications. New York: Springer-Verlag, 2005.193-194.
[5] Seshadri A, Perrig A, Doorn LV, Khosla P. SWATT: Software-Based attestation for embedded devices. In: Proc. of the IEEE Security &Privacy Conf. Oakland: IEEE Press, 2004.272-282.
[6] Garfinkel T, Rosenblum M, Boneh D. Flexible OS support and applications for trusted computing. In: Proc.of the 9th Workshop on Hot Topics in, Operating Systems (HotOS IX). Hawaii: Usenix Association, 2003.25-25.
[7] Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In: Proc. of the USENIX Virtual Machine Research and Technology Symp. San Jose: Usenix Press, 2004.29-41.
[8] Poritz J, Schunter M, Herreweghen EV, Waidner M. Property attestation—Scalable and privacy-friendly security assessment of peer computers. IBM Research Report, RZ 3548,2004.
[9] Sadeghi A, Stüble C. Property-Based attestation for computing platforms: Caring about properties, not mechanisms. In: Proc. of the New Security Paradigms Workshop. Nova Scotia: ACM Press, 2004.67-77.
[10] Blaze, M., Feigenbaum, J., Lacy, J. Decentralized trust management, Proceedings of the 17th Symposium on Security and Privacy, Oakland, CA: IEEE Computer Society Press, 1996. 164-173.
[11] Abdul-Rahman, A., Hailes, S. A distributed trust model. In: Proceedings of the 1997 New Security Paradigms Workshop. Cumbria, UK: ACM Press, 1998. 48-60.
[12] Abdul-Rahman, A., Hailes, S. Using recommendations for managing trust in distributed systems. In: Proceedings of the IEEE Malaysia International Conference on Communication’97 (MICC’97). Kuala Lumpur: IEEE Press, 1997. http://citeseer.nj.nec.com/ 360414.html.
[13] Yahalom, R., Klein, B., Beth, T. Trust relationships in secure systems—a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy. IEEE Press, 1993. 50-164.
[14] Beth, T., Borcherding, M., Klein, B. Valuation of trust in open network. In: Gollmann, D., ed. Proceedings of the European Symposium on Research in Security. Brighton: Springer-Verlag, 1994. 3-18.
[15] JC Laprie. Dependable computing and fault tolerance:concepts and terminology[C]. In:Proc 15th IEEE Int Symposium On Fault-Tolerant Computing(FTCS-15 ), Ann Arbor, Michigan, 1985: 2-11.
[16] Dependable Computing for Critical Applications (Dependable Computing and Fault-Tolerant Systems)by Algirdas Avizienis and J. C. Laprie (Hardcover - April 1991).
[17] The Information Technology Security Evaluation Criteriaversion 1.2, 1991.
[18] Trusted Computing Group. TCG specification architecture overview revision1.2 [EB/OL],http://www.trustedcomputinggroup.org/home,2004-04-30.
[19] TCG Specification Architecture Overview , Version1. 2 [ EB/OL] , http://www.trustedcomputinggroup.org/.
[20]林闯,彭雪海.可信网络研究[J].计算机学报,2005, 28(5):751-758.
[21]林闯,田立勤,王元卓.可信网络中用户行为可信的研究[J].计算机研究与发展,2008,45(12):2033-2043.
[22]罗军舟,韩志耕,王良民.一种可信可控的网络体系及协议结构[J].计算机学报,2009,32(3):391-404.
[23]周彦伟,吴振强,叶建财,种惠芳.新的可信网络框架研究[J].计算机应用,2009,29(9):2355-2365.
[24]田立勤,林闯.可信网络中一种基于行为信任预测的博弈控制机制[J].计算机学报,2007,30(11):1930-1938.
[25]李熊达,何利.基于自动信任协商的可信网络研究[J].计算机技术与发展,2009,19(9):150-154.
[26]陈磊.可信网络连接TNC的程序行为检测研究[D].太原,太原理工大学,2010.
[27] Cisco Company. Cisco network admission control [EB/OL].http://www.cisco.com, 2006.
[28] Microsoft Corporation. Network access protection platform architecture[EB/OL], http://www.microsoft.com, 2006.
[29] Trusted Computing Group.TCG Specification architecture overview specification revision1.2 [EB/OL], https://www. trustedcomputinggroup.org, 2003.
[30] Trusted Computing Group. Trusted network connect architecture for Interoperability, specification version1.3 [EB/OL]. http:∥www. trustedcomputinggroup.org/tnc/, 2008.
[31] Trusted Computing Group. Open standards for integrity based network access control[EB/OL].http:∥www.trustedcomputinggroup.org/tnc/. 2005.
[32] Juniper Product. http://cn.juniper.net/products/ua/.
[33] Huawei Product. http://www.huawei.com.
[34]李鸿培.可信网络架构概述.北京天融信公司,2005-11.
[35] Microsoft.Network Access Pretection Platform Architecture. http://www.microcoft.com/ windowsserver2003/technologies/networking/nap/default.mspx.June2004.
[36] Microsoft.Introduction to Network Access Protection. http://www.microcoft.com/ windowsserver2003/technologies/networking/nap/default.mspx.June2004.
[37]方群,吉逸,吴国新,赵生慧,吴鹏.一种基于行程编码的P2P网络动态信任模型[J].软件学报,2009,20(6): 1602-1616.
[38]梅芳,刘衍珩,王健,朱建启.基于可信网络的修复建模与实现[J].计算机研究与发展,2009,46 (增刊):328-331.
[39]王健,刘衍珩,张瀛戈,梅芳.一种新的可信修复网络模型及其实现[J].解放军理工大学学报,2008,9(5):470-474.
[40]罗安安,林闯,王元卓,邓法超,陈震.可信网络连接的安全量化分析与协议改进[J].计算机学报,2009,32(5):887-898.
[41]沈昌祥,张焕国,王怀民等.可信计算的研究与发展[J].中国科学,2010,40(2):139-166.
[42]刘伟,杨林,戴浩,侯滨.一种新的网络接入控制方法及其认证会话性能分析[J].计算机学报,2007,30(10):1806-1812.
[43] Trusted Computing Group, TCG Infrastructure Working Group Reference Architecture for Interoperability [S].2005.
[44]秦宇,冯登国.基于组件属性的远程证明[J].软件学报,2009,20(6): 1625-1641.
[45] Chen LQ, Landfermann R, Lohr H, Stüble C. A protocol for property-based attestation. In: Proc. of the 1st ACM Workshop on Scalable Trusted Computing. Nova Scotia: ACM Press, 2006.7-16.
[46]赵佳,韩臻,刘吉强,章睿.基于可信密码模块的远程证明协议[J].北京交通大学学报,2010,34(2): 33-37.
[47]刘吉强,赵佳,赵勇.可信计算中远程自动匿名证明的研究[J].计算机学报,2009,32(7): 1304-1310.
[48]于爱民,初晓博,冯登国.基于可信芯片的终端平台匿名身份建立方法研究[J].计算机学报,2010,33(9): 1703-1712.
[49]颜文波.可信平台中基于属性的远程证明系统[D].武汉,华中科技大学,2007.
[50] Au Man H, Susilo Willy, Mu Yi. Constant size dynamic-TAA // Prisco Roberto D, Yung Moti. Security and Cryptography for Networks. Berlin: Springer, 2006: 111-125.
[51] Camenisch Jan, Stadler Markus. Efficient group signature schemes f or large groups // Kaliski Burton S. Advances in Cryptology. Berlin: Springer, 1997: 410-424.
[52] Boneh Dan, Franklin Matt. Identity based encryption from the Weil pairing// Kilian Joe. Advances in Cryptology. Berlin: Springer, 2001: 213-229.
[53]秦宇,冯登国.基于组件属性的远程证明[J].软件学报,2009,20(6): 1625-1641.
[54]于爱民,冯登国,汪丹.基于属性的远程证明模型[J].通信学报,2010,31(8):1-8.
[55]李尚杰,贺也平,刘冬梅,袁春阳.基于属性的远程证明的隐私性分析[J].通信学报,2009,30(11A):146-152.
[56]王丹,魏进锋,周晓东.远程证明安全协议的设计与验证[J].通信学报,2009,30(11A):29-36.
[57]施光源,公备,冯聿梦.一种远程证明协议转换模型及通用安全协议研究[J].计算机应用研究,2010,27(6):2309-2320.
[58]余荣威,王丽娜,匡波.面向远程证明的安全协议设计方法[J].通信学报,2008,29(10):19-25.
[59]杨力,马建峰,裴庆祺,马卓.直接匿名的无线网络可信接入认证方案[J].通信学报,2010,31(5):98-104.
[60]沈平.远程证明在P2P网络中的应用研究[D].大连,大连理工大学,2010.
[2]张焕国,陈璐,张立强.可信网络连接研究[J].计算机学报,2010,33(4):706-717.
[3] Sailer R, Zhang XL, Jaeger T, Doorn LV. Design and implementation of a TCG-based integrity measurement architecture. In: Proc. of the 13th Usenix Security Symp. San Diego: Usenix Press, 2004.16-16.
[4] Smith S. Trusted Computing Platforms-Design and Applications. New York: Springer-Verlag, 2005.193-194.
[5] Seshadri A, Perrig A, Doorn LV, Khosla P. SWATT: Software-Based attestation for embedded devices. In: Proc. of the IEEE Security &Privacy Conf. Oakland: IEEE Press, 2004.272-282.
[6] Garfinkel T, Rosenblum M, Boneh D. Flexible OS support and applications for trusted computing. In: Proc.of the 9th Workshop on Hot Topics in, Operating Systems (HotOS IX). Hawaii: Usenix Association, 2003.25-25.
[7] Haldar V, Chandra D, Franz M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In: Proc. of the USENIX Virtual Machine Research and Technology Symp. San Jose: Usenix Press, 2004.29-41.
[8] Poritz J, Schunter M, Herreweghen EV, Waidner M. Property attestation—Scalable and privacy-friendly security assessment of peer computers. IBM Research Report, RZ 3548,2004.
[9] Sadeghi A, Stüble C. Property-Based attestation for computing platforms: Caring about properties, not mechanisms. In: Proc. of the New Security Paradigms Workshop. Nova Scotia: ACM Press, 2004.67-77.
[10] Blaze, M., Feigenbaum, J., Lacy, J. Decentralized trust management, Proceedings of the 17th Symposium on Security and Privacy, Oakland, CA: IEEE Computer Society Press, 1996. 164-173.
[11] Abdul-Rahman, A., Hailes, S. A distributed trust model. In: Proceedings of the 1997 New Security Paradigms Workshop. Cumbria, UK: ACM Press, 1998. 48-60.
[12] Abdul-Rahman, A., Hailes, S. Using recommendations for managing trust in distributed systems. In: Proceedings of the IEEE Malaysia International Conference on Communication’97 (MICC’97). Kuala Lumpur: IEEE Press, 1997. http://citeseer.nj.nec.com/ 360414.html.
[13] Yahalom, R., Klein, B., Beth, T. Trust relationships in secure systems—a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy. IEEE Press, 1993. 50-164.
[14] Beth, T., Borcherding, M., Klein, B. Valuation of trust in open network. In: Gollmann, D., ed. Proceedings of the European Symposium on Research in Security. Brighton: Springer-Verlag, 1994. 3-18.
[15] JC Laprie. Dependable computing and fault tolerance:concepts and terminology[C]. In:Proc 15th IEEE Int Symposium On Fault-Tolerant Computing(FTCS-15 ), Ann Arbor, Michigan, 1985: 2-11.
[16] Dependable Computing for Critical Applications (Dependable Computing and Fault-Tolerant Systems)by Algirdas Avizienis and J. C. Laprie (Hardcover - April 1991).
[17] The Information Technology Security Evaluation Criteriaversion 1.2, 1991.
[18] Trusted Computing Group. TCG specification architecture overview revision1.2 [EB/OL],http://www.trustedcomputinggroup.org/home,2004-04-30.
[19] TCG Specification Architecture Overview , Version1. 2 [ EB/OL] , http://www.trustedcomputinggroup.org/.
[20]林闯,彭雪海.可信网络研究[J].计算机学报,2005, 28(5):751-758.
[21]林闯,田立勤,王元卓.可信网络中用户行为可信的研究[J].计算机研究与发展,2008,45(12):2033-2043.
[22]罗军舟,韩志耕,王良民.一种可信可控的网络体系及协议结构[J].计算机学报,2009,32(3):391-404.
[23]周彦伟,吴振强,叶建财,种惠芳.新的可信网络框架研究[J].计算机应用,2009,29(9):2355-2365.
[24]田立勤,林闯.可信网络中一种基于行为信任预测的博弈控制机制[J].计算机学报,2007,30(11):1930-1938.
[25]李熊达,何利.基于自动信任协商的可信网络研究[J].计算机技术与发展,2009,19(9):150-154.
[26]陈磊.可信网络连接TNC的程序行为检测研究[D].太原,太原理工大学,2010.
[27] Cisco Company. Cisco network admission control [EB/OL].http://www.cisco.com, 2006.
[28] Microsoft Corporation. Network access protection platform architecture[EB/OL], http://www.microsoft.com, 2006.
[29] Trusted Computing Group.TCG Specification architecture overview specification revision1.2 [EB/OL], https://www. trustedcomputinggroup.org, 2003.
[30] Trusted Computing Group. Trusted network connect architecture for Interoperability, specification version1.3 [EB/OL]. http:∥www. trustedcomputinggroup.org/tnc/, 2008.
[31] Trusted Computing Group. Open standards for integrity based network access control[EB/OL].http:∥www.trustedcomputinggroup.org/tnc/. 2005.
[32] Juniper Product. http://cn.juniper.net/products/ua/.
[33] Huawei Product. http://www.huawei.com.
[34]李鸿培.可信网络架构概述.北京天融信公司,2005-11.
[35] Microsoft.Network Access Pretection Platform Architecture. http://www.microcoft.com/ windowsserver2003/technologies/networking/nap/default.mspx.June2004.
[36] Microsoft.Introduction to Network Access Protection. http://www.microcoft.com/ windowsserver2003/technologies/networking/nap/default.mspx.June2004.
[37]方群,吉逸,吴国新,赵生慧,吴鹏.一种基于行程编码的P2P网络动态信任模型[J].软件学报,2009,20(6): 1602-1616.
[38]梅芳,刘衍珩,王健,朱建启.基于可信网络的修复建模与实现[J].计算机研究与发展,2009,46 (增刊):328-331.
[39]王健,刘衍珩,张瀛戈,梅芳.一种新的可信修复网络模型及其实现[J].解放军理工大学学报,2008,9(5):470-474.
[40]罗安安,林闯,王元卓,邓法超,陈震.可信网络连接的安全量化分析与协议改进[J].计算机学报,2009,32(5):887-898.
[41]沈昌祥,张焕国,王怀民等.可信计算的研究与发展[J].中国科学,2010,40(2):139-166.
[42]刘伟,杨林,戴浩,侯滨.一种新的网络接入控制方法及其认证会话性能分析[J].计算机学报,2007,30(10):1806-1812.
[43] Trusted Computing Group, TCG Infrastructure Working Group Reference Architecture for Interoperability [S].2005.
[44]秦宇,冯登国.基于组件属性的远程证明[J].软件学报,2009,20(6): 1625-1641.
[45] Chen LQ, Landfermann R, Lohr H, Stüble C. A protocol for property-based attestation. In: Proc. of the 1st ACM Workshop on Scalable Trusted Computing. Nova Scotia: ACM Press, 2006.7-16.
[46]赵佳,韩臻,刘吉强,章睿.基于可信密码模块的远程证明协议[J].北京交通大学学报,2010,34(2): 33-37.
[47]刘吉强,赵佳,赵勇.可信计算中远程自动匿名证明的研究[J].计算机学报,2009,32(7): 1304-1310.
[48]于爱民,初晓博,冯登国.基于可信芯片的终端平台匿名身份建立方法研究[J].计算机学报,2010,33(9): 1703-1712.
[49]颜文波.可信平台中基于属性的远程证明系统[D].武汉,华中科技大学,2007.
[50] Au Man H, Susilo Willy, Mu Yi. Constant size dynamic-TAA // Prisco Roberto D, Yung Moti. Security and Cryptography for Networks. Berlin: Springer, 2006: 111-125.
[51] Camenisch Jan, Stadler Markus. Efficient group signature schemes f or large groups // Kaliski Burton S. Advances in Cryptology. Berlin: Springer, 1997: 410-424.
[52] Boneh Dan, Franklin Matt. Identity based encryption from the Weil pairing// Kilian Joe. Advances in Cryptology. Berlin: Springer, 2001: 213-229.
[53]秦宇,冯登国.基于组件属性的远程证明[J].软件学报,2009,20(6): 1625-1641.
[54]于爱民,冯登国,汪丹.基于属性的远程证明模型[J].通信学报,2010,31(8):1-8.
[55]李尚杰,贺也平,刘冬梅,袁春阳.基于属性的远程证明的隐私性分析[J].通信学报,2009,30(11A):146-152.
[56]王丹,魏进锋,周晓东.远程证明安全协议的设计与验证[J].通信学报,2009,30(11A):29-36.
[57]施光源,公备,冯聿梦.一种远程证明协议转换模型及通用安全协议研究[J].计算机应用研究,2010,27(6):2309-2320.
[58]余荣威,王丽娜,匡波.面向远程证明的安全协议设计方法[J].通信学报,2008,29(10):19-25.
[59]杨力,马建峰,裴庆祺,马卓.直接匿名的无线网络可信接入认证方案[J].通信学报,2010,31(5):98-104.
[60]沈平.远程证明在P2P网络中的应用研究[D].大连,大连理工大学,2010.