基于平台完整性的接入控制技术研究
|
摘要
目前网络一些新的安全问题逐步严重。这其中首当其冲的就是僵尸网络,据CNCERT(国家计算机网络应急技术处理协调中心)的统计数据,2009年,CNCERT监测到境内被僵尸网络控制的主机IP共83.7万余个。但这仅仅是冰山的一角。有更多的僵尸主机潜伏在网络中,构成极大威胁。
僵尸网络的猖獗,很大的一个原因是因为用户终端系统比较薄弱。因此对端点的统一管理、控制已经成为安全防护技术的一个热点。本文所研究的接入控制技术就是一种代表性的端点防护方案。其基本思路是,网络服务器对要求接入网络的端点进行安全评估,评估的依据是根据客户端代理所搜集到的平台信息(反病毒软件安装情况、操作系统补丁情况等等)。
在对端点进行安全状态评估的时候,平台完整性作为一种特殊的安全状态,开始变得越来越重要。所谓平台完整性即被评估端点的软硬件平台不被改动,从而防止在根本上被攻击者所掌握。这种技术由于可信计算的普及,开始变得有实际应用的可能。本论文的研究成果围绕基于平台完整性认证的接入控制技术展开,主要结合了电信场景下家庭基站对平台完整性认证的需求,可以分为三个方面的工作:
1.电信设备可信环境的研究
可信环境主要用来保证发送给服务器验证的平台完整性认证信息的真实性和完整性。这部分内容可以细分为两个方面:
提出适合于电信设备(家庭基站)的TrE(安全环境)逻辑架构。该架构参考TCG的可信平台技术体系,结合Femtocell家庭基站片上系统的特点,使得该架构能够满足现网中在Femtocell上实现安全存储、安全启动、远程平台完整性认证三个具体技术,基本满足3GPP对TrE的技术需求。
对基于TrustZone技术的TrE实现、基于TPM的TrE实现进行了探讨。从家庭基站片上系统硬件结构的角度,初步研究了实现TrE逻辑功能的物理方式。并给出了简要的安全性和可行性分析。
2.远程平台完整性认证协议的研究
平台完整性信息需要通过相应的协议传送到远端的服务器进行验证,这其中包括一系列的认证方式与认证消息,以及对现网认证协议的适配。具体的技术点是:
提出一种安全增强的平台完整性认证模式。首先,本文分析了现有远程平台完整性认证协议是一个对现有远程认证协议(TLS-Attestation)的安全问题,主要是其不能防范MiTM (Man in The Middle,中间人攻击)攻击,因为认证过程中的SSL/TLS握手协议和里面承载的平台完整性认证信息是独立的。根据这个安全缺陷,本文提出一种安全增强的认证模式,通过引入TPM的Quote操作,把远程完整性认证协议和SSL/TLS握手协议集成到了一块,它可以防止攻击者把自己的恶意代码配置仿冒成正常的配置信息。
设计适用于电信设备的远程完整性认证协议。本文介绍了在LTE电信网场景下,家庭基站所面临的安全威胁,并且阐述其对接入控制的需求。由于电信设备基于嵌入式的设计,与开放的PC架构大不相同,因此对其接入控制主要集中在认证其平台完整性。本文分别从家庭基站需要度量的内容、以及完整性信息如何传送给服务器端两个方面进行了相应的协议设计和适配。其中的部分成果已经作为TCG组织TNC工作组的标准开发项目"IF-M for Telecom"。
3.网络侧接入控制联动技术研究
为了更好地对终端进行接入控制,网络侧可以引入设备的联动,从而使得对终端状态的认知更加全面。具体的技术点如下:
提出一种基于角色的安全设备联动通用模型。该模型把网络侧设备的联动问题抽象成设备之间“安全相关信息的交换”,以及“设备的互操作”,把设备分为“检测者”、“决策者”、“执行者”三类。并根据目前已有的联动协议(多是基于厂方自我封闭的协议)提出制定通用的联动协议具体实施思路。这部分内容已经成为CCSA(中国通信行业标准化联盟)安全工作组的“安全联动框架”研究项目成果。
提出一种检测者内部分级决策机制。通过把检测者的检测策略分成“固化”和“非固化”两种级别,一定程度上可以缓解检测者(如IDS)误报率较高的问题。
Information networks are evolving rapidly while the security problem is becoming more and more serious. Among all kinds of security threats, Botnet is emerging obviously these years. As reported by the CNCERT, there had been 837 thousand of IP addresses controlled by Botnet in China in 2009. The amount is just like a corner of iceberg floating on the surface, there must be far more controlled bots hidden underground.
The vulnerability of user endpoints is one of the main reasons leveraging the spread of Botnet and because of which the endpoint security management has became a hotspot among various security technologies. The endpoint access control technology researched in this paper is one vital component of endpoint security management solution. The basic idea of access control is that the server decide whether the endpoints could be authorized to access to the network based on the evaluation of the security status collected from the endpoints such as anti-virus software installation, OS patches installation and so on.
One of the security status which is called Platform Integrity is emerging as a necessary attestation in some scenarios. Platform integrity means that the hardware or software of the platform are not modified so that it can prevent attackers to hack the system from the root. Applying this mechanism to real networks has been leveraged by the development of trusted computing technologies. The research of this paper focus on the access control technology based on platform integrity attestation and it can be divided into three aspects of work:
1. Research on trusted environment(TrE) in telecommunication device
The TrE is mainly used to guarantee the authenticity and integrity of the platform integrity information which should be sent to the server for validation. Detailed research is described as the following:
Proposed a logical architecture of TrE suitable for telecommunication devices. According to the technical requirement of TrE proposed by 3GPP relative standard, this paper proposed a lightweight trusted platform architecture based on TCG trusted model and concept. The proposed architecture can fit the technical requirement of secure storage, secure boot and remote platform integrity attestation.
Analyzed the TrE implementation based on TPM and TrustZone technologies. Did research on TrE physical implementation on SoC(System on Chip) built in Home Base Station and did brief analysis on security and feasibility.
2. Research on remote platform attestation protocols
The platform integrity information needs to be sent to the server through proper protocols. The process contains authentication schema and detailed message content. Adaptation of current protocols to encapsulate the platform integrity is also needed.
Proposed a security enhanced remote platform integrity attestation schema. This paper analyzed the MiTM(Man in The Middle) security problem of current remote integrity attestation protocol(TLS-Attestation). Since the SSL/TLS handshake protocol is independent from platform integrity attestation information, it is possible for attackers to make a MiTM. This paper proposed an security enhanced attestation schema to integrate the remote platform integrity attestation protocol and the SSL/TLS handshake protocol through TPM_Quote operation.
Designed remote platform integrity attestation protocol suitable for telecommunication device. This paper introduces security threats of home base station in LTE scenario and describes the requirement of platform integrity attestation. The protocol design covers integrity measurement content and integrity information transmission. Part of the protocol design has been adopted by TCG organization as a future program called "IF-M for Telecom".
3. Research on device collaboration for access control
The network side can get more informative real-time status of endpoints and a more flexible control schema through collaboration. This paper describes several typical current mechanisms of security device collaboration and summarizes the collaboration models. And then a role-based security collaboration framework is introduced to classify the security devices into sensors, analyzers and executors. Based on the framework, a Two-Tiered policy mechanism is proposed to improve collaboration effect between sensors and executors. This part of work has been adopted by CCSA(China Communication Standard Association) as a research report.
僵尸网络的猖獗,很大的一个原因是因为用户终端系统比较薄弱。因此对端点的统一管理、控制已经成为安全防护技术的一个热点。本文所研究的接入控制技术就是一种代表性的端点防护方案。其基本思路是,网络服务器对要求接入网络的端点进行安全评估,评估的依据是根据客户端代理所搜集到的平台信息(反病毒软件安装情况、操作系统补丁情况等等)。
在对端点进行安全状态评估的时候,平台完整性作为一种特殊的安全状态,开始变得越来越重要。所谓平台完整性即被评估端点的软硬件平台不被改动,从而防止在根本上被攻击者所掌握。这种技术由于可信计算的普及,开始变得有实际应用的可能。本论文的研究成果围绕基于平台完整性认证的接入控制技术展开,主要结合了电信场景下家庭基站对平台完整性认证的需求,可以分为三个方面的工作:
1.电信设备可信环境的研究
可信环境主要用来保证发送给服务器验证的平台完整性认证信息的真实性和完整性。这部分内容可以细分为两个方面:
提出适合于电信设备(家庭基站)的TrE(安全环境)逻辑架构。该架构参考TCG的可信平台技术体系,结合Femtocell家庭基站片上系统的特点,使得该架构能够满足现网中在Femtocell上实现安全存储、安全启动、远程平台完整性认证三个具体技术,基本满足3GPP对TrE的技术需求。
对基于TrustZone技术的TrE实现、基于TPM的TrE实现进行了探讨。从家庭基站片上系统硬件结构的角度,初步研究了实现TrE逻辑功能的物理方式。并给出了简要的安全性和可行性分析。
2.远程平台完整性认证协议的研究
平台完整性信息需要通过相应的协议传送到远端的服务器进行验证,这其中包括一系列的认证方式与认证消息,以及对现网认证协议的适配。具体的技术点是:
提出一种安全增强的平台完整性认证模式。首先,本文分析了现有远程平台完整性认证协议是一个对现有远程认证协议(TLS-Attestation)的安全问题,主要是其不能防范MiTM (Man in The Middle,中间人攻击)攻击,因为认证过程中的SSL/TLS握手协议和里面承载的平台完整性认证信息是独立的。根据这个安全缺陷,本文提出一种安全增强的认证模式,通过引入TPM的Quote操作,把远程完整性认证协议和SSL/TLS握手协议集成到了一块,它可以防止攻击者把自己的恶意代码配置仿冒成正常的配置信息。
设计适用于电信设备的远程完整性认证协议。本文介绍了在LTE电信网场景下,家庭基站所面临的安全威胁,并且阐述其对接入控制的需求。由于电信设备基于嵌入式的设计,与开放的PC架构大不相同,因此对其接入控制主要集中在认证其平台完整性。本文分别从家庭基站需要度量的内容、以及完整性信息如何传送给服务器端两个方面进行了相应的协议设计和适配。其中的部分成果已经作为TCG组织TNC工作组的标准开发项目"IF-M for Telecom"。
3.网络侧接入控制联动技术研究
为了更好地对终端进行接入控制,网络侧可以引入设备的联动,从而使得对终端状态的认知更加全面。具体的技术点如下:
提出一种基于角色的安全设备联动通用模型。该模型把网络侧设备的联动问题抽象成设备之间“安全相关信息的交换”,以及“设备的互操作”,把设备分为“检测者”、“决策者”、“执行者”三类。并根据目前已有的联动协议(多是基于厂方自我封闭的协议)提出制定通用的联动协议具体实施思路。这部分内容已经成为CCSA(中国通信行业标准化联盟)安全工作组的“安全联动框架”研究项目成果。
提出一种检测者内部分级决策机制。通过把检测者的检测策略分成“固化”和“非固化”两种级别,一定程度上可以缓解检测者(如IDS)误报率较高的问题。
Information networks are evolving rapidly while the security problem is becoming more and more serious. Among all kinds of security threats, Botnet is emerging obviously these years. As reported by the CNCERT, there had been 837 thousand of IP addresses controlled by Botnet in China in 2009. The amount is just like a corner of iceberg floating on the surface, there must be far more controlled bots hidden underground.
The vulnerability of user endpoints is one of the main reasons leveraging the spread of Botnet and because of which the endpoint security management has became a hotspot among various security technologies. The endpoint access control technology researched in this paper is one vital component of endpoint security management solution. The basic idea of access control is that the server decide whether the endpoints could be authorized to access to the network based on the evaluation of the security status collected from the endpoints such as anti-virus software installation, OS patches installation and so on.
One of the security status which is called Platform Integrity is emerging as a necessary attestation in some scenarios. Platform integrity means that the hardware or software of the platform are not modified so that it can prevent attackers to hack the system from the root. Applying this mechanism to real networks has been leveraged by the development of trusted computing technologies. The research of this paper focus on the access control technology based on platform integrity attestation and it can be divided into three aspects of work:
1. Research on trusted environment(TrE) in telecommunication device
The TrE is mainly used to guarantee the authenticity and integrity of the platform integrity information which should be sent to the server for validation. Detailed research is described as the following:
Proposed a logical architecture of TrE suitable for telecommunication devices. According to the technical requirement of TrE proposed by 3GPP relative standard, this paper proposed a lightweight trusted platform architecture based on TCG trusted model and concept. The proposed architecture can fit the technical requirement of secure storage, secure boot and remote platform integrity attestation.
Analyzed the TrE implementation based on TPM and TrustZone technologies. Did research on TrE physical implementation on SoC(System on Chip) built in Home Base Station and did brief analysis on security and feasibility.
2. Research on remote platform attestation protocols
The platform integrity information needs to be sent to the server through proper protocols. The process contains authentication schema and detailed message content. Adaptation of current protocols to encapsulate the platform integrity is also needed.
Proposed a security enhanced remote platform integrity attestation schema. This paper analyzed the MiTM(Man in The Middle) security problem of current remote integrity attestation protocol(TLS-Attestation). Since the SSL/TLS handshake protocol is independent from platform integrity attestation information, it is possible for attackers to make a MiTM. This paper proposed an security enhanced attestation schema to integrate the remote platform integrity attestation protocol and the SSL/TLS handshake protocol through TPM_Quote operation.
Designed remote platform integrity attestation protocol suitable for telecommunication device. This paper introduces security threats of home base station in LTE scenario and describes the requirement of platform integrity attestation. The protocol design covers integrity measurement content and integrity information transmission. Part of the protocol design has been adopted by TCG organization as a future program called "IF-M for Telecom".
3. Research on device collaboration for access control
The network side can get more informative real-time status of endpoints and a more flexible control schema through collaboration. This paper describes several typical current mechanisms of security device collaboration and summarizes the collaboration models. And then a role-based security collaboration framework is introduced to classify the security devices into sensors, analyzers and executors. Based on the framework, a Two-Tiered policy mechanism is proposed to improve collaboration effect between sensors and executors. This part of work has been adopted by CCSA(China Communication Standard Association) as a research report.
引文
[1]2009年中国互联网网络安全报告,国家互联网应急响应中心,www.ccert.org
[2]闵应骅,“前进中的可信计算”,中国传媒科技,2005.9
[3]Microsoft Corporation. Introduction to Network Access Protection.http://technet. microsoft.com/en-us/network/cc984252.aspx,Feb.2008
[4]Cisco Systems, INC. Network Admission Control Introduction. http://www. cisco.com/en/US/netsol/ns466/networking_solutions_package.html,2007
[5]TCG Specification:"TNC Architecture for Interoperability", https://www. trustedcomputinggroup.org/specs/TNC/TNC_Architecture_v12_r4.pdf, May 2007
[6]TCG Specification:"TNC IF-M Security:Bindings to CMS", In Public Review, February 2008
[7]TCG Specification:"TNC IF-T:Protocol bindings for Tunneled EAP Methods", https://www.trustedcomputinggroup.org/specs/TNC/TNC_IFT_v1_1_r10.pdf, May 2007
[8]TCG Specification:"TNC IF-TNCCS:TLV Binding", In Public Review, February 2008.
[9]TCG Specification:"TNC IF-TNCCS:Protocol Bindings for SoH", https://www. trustedcomputinggroup.org/specs/TNC/IF-TNCCS-SOH_v1.0_r8.pdf, May 2007.
[10]TCG Specification:"TNC IF-IMC", https://www. trustedcomputinggroup.org/specs/TNC/TNC_IFIMCv1_2_r8.pdf, October 2006.
[11]TCG Specification:"TNC IF-IMV", https://www. trustedcomputinggroup.org/specs/TNC/TNC_IFIMV_v1_2_r8.pdf, October 2006.
[12]TCG Specification:TNC IF-MAP binding for SOAP. www. trustedcomputinggroup.org
[13]TCG:TCG Specification Architecture Overview. TCG Specification Version 1.2, The Trusted Computing Group (TCG), Portland, Oregon, USA (April 2003)
[14]TCG:TPM Main, Part 1:Design Principles. TCG Specification Version 1.2 Revision94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006).
[15]TCG Infrastructure Working Group, Reference Architecture for Interoperability
[16]Trusted Mobile Platform Protocol Specification Document. Revision 1.00.5 April,2004
[17]TCG PC Client Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/pcclientwg/
[18]TCG Compliance Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/compliance_pc-tpm
[19]TCG Hard copy Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/hc_wg/
[20]TCG Peripheral Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/peripheralwg/
[21]TCG Server Specific Group, https://members.trustedcomputinggroup.org/apps /org/workgroup/Serverwg/
[22]TCG TSS Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/tsswg/
[23]TCG Storage Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/storagewg/
[24]IETF NEA Workgroup http://www.ietf.org/dyn/wg/charter/nea-charter.html
[25]TCG Infrastructure Workgroup, Integrity Management Architecture
[26]TCG:TPM Main, Part 2:TPM Data Structures. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006).
[27]王志威,刘云,LTE技术发展与研发管理,北京林业大学学报(社会科学版),2009.12,Vol8
[28]郎为民,焦巧,胡东华,刘建中,LTE无线接口协议体系结构研究,数据通信,2010.1
[29]徐霞艳,3GPP3G家庭基站标准化进展,电信科学,2009年4期
[30]郑志斌,吴昊,陈璟,家庭基站安全机制研究,电信科学,2009年4期
[31]张尼、张智江、张范、裴小燕,家庭基站设备认证机制研究,移动通信,2009.07
[32]3GPP TS33.820
[33]张曼晋 桂文明 苏涤生 王飞 韩银和 李华伟 李晓维,从终端到网络的可信计算技术,信息技术快报
[34]孙勇,终端可信计算安全技术研究,北京邮电大学博士论文,2006
[35]Network Access Protection Platform Architecture, Microsoft Corperation, Feb.2008
[36]Peinado M, Chen Y, England P, et al. NGSCB:A trusted open system[C]. Springer,2004.
[37]Zeichick A. Isolation and Protection:Intel's LaGrande Vision for Trusted Virtualization, Nov.22,2005[Z].2006.
[38]Peinado M, England P, Chen Y. An overview of NGSCB[J]. Trusted computing. 2005:115.
[39]England P, Lampson B, Manferdelli J, et al. A trusted open platform[J]. COMPUTER-IEEE COMPUTER SOCIETY-.2003,36(7):55-63.
[40]Stam N. Inside Intel's Secretive'LaGrande'Project[J]. LaGrande Overview and Technical Insights, ExtremeTech, Sept.2003,19.
[41]Sibin K C, Smijesh P S. LA-Grande Technology for Safer Computing[J]. Computer.2006.
[42]Srage J, Azema J. M-Shield mobile security technology [J]. TI White pape r http:/ /focus. ti. com/pdfs/wtbu/ti mshield whitepaper. pdf.2005.
[43]ARM Ltd. TrustZone Technology Overview http://www.arm.com/products/esd /trustzone_home.html.
[44]Suh G E, Clarke D, Gassend B, et al. AEGIS:architecture for tamper-evident and tamper-resistant processing[C]. ACM,2003.
[45]Suh G E, O D C, Devadas S. AEGIS:A single-chip secure processor[J]. Information Security Technical Report.2005,10(2):63-73.
[46]Allen R, Garlan D. A case study in architectural modelling:The AEGIS system[C]. IEEE Computer Society,1996.
[47]ARM.Trustzoneapispecification,June2006. PRD29-USGC-000089,v2.0
[48]ARMLtd. ARM1176JZF-STechnicalReference Manual,Revision:r0p7. http://infocenter.arm.com/help/topic/com.arm.doc. di0301g/DDI0301G_armll76jzfs_r0p7_trm.pdf,2008.
[49]X.Zhang,O.Aciicmez,andJ.-P.Seifert.Atrusted mobile phone reference architecture via secure kernel.In STC'07:Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages7-14,NewYork, NY,USA,2007.ACM
[50]T.Alves and D.Felton. TrustZone:Integrated Hardware and Software Security-EnablingTrusted Computing in Embedded Systems. http://www.arm.com/pdfs/TZ_Whitepaper.pdf, July 2004
[51]Winter J. Trusted computing building blocks for embedded linux-based ARM trustzone platforms[C]. ACM,2008.
[52]Claussen H, Ho L T, Samuel L G. An overview of the femtocell concept[J]. Bell Labs Technical Journal.2008,13(1):221-245.
[53]Claussen H, Alcatel-lucent S. Performance of macro-and co-channel femtocells in a hierarchical cell structure [C].2007.
[54]Chandrasekhar V, Andrews J G, Gatherer A. Femtocell networks:a survey[J]. IEEE Communications Magazine.2008,46(9):59-67.
[55]Cummins T, Byrne E, Brannick D, et al. An IEEE 1451 standard transducer interface chip with 12-b ADC, two12-b DAC's,10-kB flash EEPROM, and 8-b microcontroller [J]. IEEE Journal of Solid-State Circuits.1998,33(12): 2112-2120.
[56]Semiconductor H. Open NAND flash interface specification[R]. Technical Report Revision 1.0. ONFi Workgroup, http://www. onfi. org,2006.
[57]Jinqiu X, Chuanyang L I, Yi F, et al. Design of FPGA Initialization Configure System at High Speed with LPC Bus [J] Computer Engineering.2005,13.
[58]Trusted Platform Module[EB/OL]. http://www.infineon.com/cms/en/product/ channel.html?channel=ff80808112ab681d0112ab6921ae011f.2009.
[59]F. Stumpf, O. Tafreschi, P. Roder, and C. Eckert. A Robust Integrity Reporting Protocol for Remote Attestation. In Second Workshop on Advances in Trusted Computing (WATC'06 Fall), Tokyo, Japan, November 2006.
[60]Y. Gasmi, A.-R. Sadeghi, P. Stewin, M. Unger, and N. Asokan. Beyond secure channels. In STC'07:Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 30-40, New York, NY, USA,2007. ACM.
[61]TCG:TPM Main, Part 1:Design Principles. TCG Specification Version 1.2 Revision94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006).
[62]Trusted Computing Group:TNC IF-T:Protocol Bindings for Tunneled EAP Methods Specification Version 1.1. Technical report, TCG,2008.
[63]Reiner Sailer, Xiaolan Zhang, Trent Jaeger and Leendert van Doom, "Design and Implementation of a TCG-Based Integrity Measurement Architecture", In Thirteenth Usenix Security Symposium, pages 223-238, August 2004.
[64]T. Dierks, E.Rescorla. "The Transport Layer Security(TLS) Protocol Version 1.1", Technical report, IETF Network Working Group, April 2006.
[65]Sailer, R., van Doom, L., Ward, J.P.:The role of TPM in Enterprise Security. Datenschutz und Datensicherheit (DuD) (2004).
[66]Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leendert van Doom, "Attestation-based Policy Enforcement for Remote Access", In Proceedings of the 11th ACM conference on Computer and Communications Security, October 2004.
[67]H. Maruyama, T. Nakamura, S. Munetoh, Y. Funaki, Y. Yamashita, "Linux with TCPA Integrity Measurement", IBM Research Report, Tokyo Research Laboratory, Japan, Jan.2003.
[68]Balfe, S., Lakhani, A.D., Paterson, K.G:Trusted computing:Providing security for peer-to-peer networks. In:Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing (P2P'05). (2005).
[69]Chen J C, Wang Y P. Extensible authentication protocol (EAP) and IEEE 802.1 x: tutorial and empirical experience[J]. IEEE communications magazine.2005, 43(12)
[70]Davies J. RADIUS Protocol Security and Best Practices[J]. Microsoft Corporation, January.2002.
[71]Kaufman C. RFC 4306:Internet key exchange (ikev2) protocol[J]. Internet Society.2005.
[72]http://seclab.cs.ucdavis.edu/seminars/IKEv2.ppt
[73]Li Gong. Enclaves:Enabling Secure. Collaboration Over the Internet. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL.15, NO.3, APRIL 1997
[74]Meharouech Sourour, Bouhoula Adel, Abbes Tarek. Collaboration between Security Devices toward improving Network Defense. Seventh IEEE/ACIS International Conference on Computer and Information Science
[75]Tolone W, Ahn G J, Pai T, et al. Access control in collaborative systems[J]. ACM Computing Surveys (CSUR).2005,37(1):41.\
[76]D. Greer, D.W. Bustard. Collaborative risk management.2002 IEEE SMC WA1B4
[77]J. Garcia-Alfaro, M.A.Jaeger, G.Muhl, I.Barrera, J.Borrell. Distributed Exchange of Alerts for the Detection of Coordinated Attacks. Communication Networks and Services Research Conference 2008 IEEE DOI 10.1109/CNSR.2008.70
[78]Cantor S, Hodges J, Kemp J, et al. Liberty ID-FF Architecture Overview[J]. Wason, Thomas (Herausgeber):Liberty Alliance Project Version.2004,1.
[79]Cantor S, Kemp J. Liberty ID-FF Protocols and Schema Specification[J]. Version. 2003,183:12-16.
[80]Bidou R. Security Operation Center Concepts & Implementation [J]. http://www. iv2-technologies.com/images/Iv2-WP-SOCConcept.pdf, Accessed on March. 2007,16.
[81]De C J. Single sign-on architectures [J]. Infrastructure Security.2002:40-58.
[82]TOPSEC www.topsec.com
[83]SAOP www.digitalchina.com
[84]OPSEC SDK Documents.www.opsec.com
[85]Neusoft Press Release, Network Alert Protocol, http://www.neusoft.com /en/news/html//20051029/2153191819.html
[86]郑志彬.净化虚拟网络空间 缔造和谐信息世界—华为新技术在防DDOS攻击领域发挥重要作用[J].信息网络安全.2008(007).
[87]Debar H, Curry D, Feinstein B. RFC4765:The Intrusion Detection Message Exchange Format (IDMEF)[Z]. IETF,2006.
[88]Feinstein B, Matthews G, White J. The intrusion detection exchange protocol (IDXP)[J]. Network Working Group, Internet Draft, draft-ietf-idwg-beep-idxp-02. 2002.
[89]T E, Rose M. Using the Simple Object Access Protocol (SOAP) in Blocks Extensible Exchange Protocol (BEEP)[R]. RFC 3288,2002.
[90]Stevens W R, Wright G R. TCP/IP illustrated (vol.2):the implementation[M]. Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA,1995.
[91]Bray T, Paoli J, Sperberg-mcqueen C M, et al. Extensible markup language (XML) 1.0[J]. W3C recommendation.2000,6.
[92]Vulnerabilities C. Exposures (CVE)[J]. Web site."The Key to Information Sharing" URL:http://cve.mitre.org/docs/docs2000/key_to_info_shar.pdf.2009.
[93]Rohse M. Vulnerability naming schemes and description languages:CVE, Bugtraq, AVDL and VulnXML[J]. SANS GSEC PRACTICAL.2003.
[94]Myers J. Simple authentication and security layer (SASL)[Z]. RFC 2222, October 1997,1997.
[95]Agarwal P, Adhya S K, Thirunarayanan S, et al. SYSTEMS AND METHODS FOR FINE GRAIN POLICY DRIVEN CLIENTLESS SSL VPN ACCESS[Z]. Google Patents,2009.
[96]Zhang J, Zhang Y, Tian Y, et al. CPK-based fast authentication method in Mobile IPv6 networks[C].2008.
[97]Jia-fa Z, Tao M, Yi-fa L I. Comparison and Analysis of PKI, CPK and IBC[J]. Journal of Information Engineering University.2005.
[2]闵应骅,“前进中的可信计算”,中国传媒科技,2005.9
[3]Microsoft Corporation. Introduction to Network Access Protection.http://technet. microsoft.com/en-us/network/cc984252.aspx,Feb.2008
[4]Cisco Systems, INC. Network Admission Control Introduction. http://www. cisco.com/en/US/netsol/ns466/networking_solutions_package.html,2007
[5]TCG Specification:"TNC Architecture for Interoperability", https://www. trustedcomputinggroup.org/specs/TNC/TNC_Architecture_v12_r4.pdf, May 2007
[6]TCG Specification:"TNC IF-M Security:Bindings to CMS", In Public Review, February 2008
[7]TCG Specification:"TNC IF-T:Protocol bindings for Tunneled EAP Methods", https://www.trustedcomputinggroup.org/specs/TNC/TNC_IFT_v1_1_r10.pdf, May 2007
[8]TCG Specification:"TNC IF-TNCCS:TLV Binding", In Public Review, February 2008.
[9]TCG Specification:"TNC IF-TNCCS:Protocol Bindings for SoH", https://www. trustedcomputinggroup.org/specs/TNC/IF-TNCCS-SOH_v1.0_r8.pdf, May 2007.
[10]TCG Specification:"TNC IF-IMC", https://www. trustedcomputinggroup.org/specs/TNC/TNC_IFIMCv1_2_r8.pdf, October 2006.
[11]TCG Specification:"TNC IF-IMV", https://www. trustedcomputinggroup.org/specs/TNC/TNC_IFIMV_v1_2_r8.pdf, October 2006.
[12]TCG Specification:TNC IF-MAP binding for SOAP. www. trustedcomputinggroup.org
[13]TCG:TCG Specification Architecture Overview. TCG Specification Version 1.2, The Trusted Computing Group (TCG), Portland, Oregon, USA (April 2003)
[14]TCG:TPM Main, Part 1:Design Principles. TCG Specification Version 1.2 Revision94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006).
[15]TCG Infrastructure Working Group, Reference Architecture for Interoperability
[16]Trusted Mobile Platform Protocol Specification Document. Revision 1.00.5 April,2004
[17]TCG PC Client Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/pcclientwg/
[18]TCG Compliance Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/compliance_pc-tpm
[19]TCG Hard copy Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/hc_wg/
[20]TCG Peripheral Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/peripheralwg/
[21]TCG Server Specific Group, https://members.trustedcomputinggroup.org/apps /org/workgroup/Serverwg/
[22]TCG TSS Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/tsswg/
[23]TCG Storage Workgroup, https://members.trustedcomputinggroup.org/apps /org/workgroup/storagewg/
[24]IETF NEA Workgroup http://www.ietf.org/dyn/wg/charter/nea-charter.html
[25]TCG Infrastructure Workgroup, Integrity Management Architecture
[26]TCG:TPM Main, Part 2:TPM Data Structures. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006).
[27]王志威,刘云,LTE技术发展与研发管理,北京林业大学学报(社会科学版),2009.12,Vol8
[28]郎为民,焦巧,胡东华,刘建中,LTE无线接口协议体系结构研究,数据通信,2010.1
[29]徐霞艳,3GPP3G家庭基站标准化进展,电信科学,2009年4期
[30]郑志斌,吴昊,陈璟,家庭基站安全机制研究,电信科学,2009年4期
[31]张尼、张智江、张范、裴小燕,家庭基站设备认证机制研究,移动通信,2009.07
[32]3GPP TS33.820
[33]张曼晋 桂文明 苏涤生 王飞 韩银和 李华伟 李晓维,从终端到网络的可信计算技术,信息技术快报
[34]孙勇,终端可信计算安全技术研究,北京邮电大学博士论文,2006
[35]Network Access Protection Platform Architecture, Microsoft Corperation, Feb.2008
[36]Peinado M, Chen Y, England P, et al. NGSCB:A trusted open system[C]. Springer,2004.
[37]Zeichick A. Isolation and Protection:Intel's LaGrande Vision for Trusted Virtualization, Nov.22,2005[Z].2006.
[38]Peinado M, England P, Chen Y. An overview of NGSCB[J]. Trusted computing. 2005:115.
[39]England P, Lampson B, Manferdelli J, et al. A trusted open platform[J]. COMPUTER-IEEE COMPUTER SOCIETY-.2003,36(7):55-63.
[40]Stam N. Inside Intel's Secretive'LaGrande'Project[J]. LaGrande Overview and Technical Insights, ExtremeTech, Sept.2003,19.
[41]Sibin K C, Smijesh P S. LA-Grande Technology for Safer Computing[J]. Computer.2006.
[42]Srage J, Azema J. M-Shield mobile security technology [J]. TI White pape r http:/ /focus. ti. com/pdfs/wtbu/ti mshield whitepaper. pdf.2005.
[43]ARM Ltd. TrustZone Technology Overview http://www.arm.com/products/esd /trustzone_home.html.
[44]Suh G E, Clarke D, Gassend B, et al. AEGIS:architecture for tamper-evident and tamper-resistant processing[C]. ACM,2003.
[45]Suh G E, O D C, Devadas S. AEGIS:A single-chip secure processor[J]. Information Security Technical Report.2005,10(2):63-73.
[46]Allen R, Garlan D. A case study in architectural modelling:The AEGIS system[C]. IEEE Computer Society,1996.
[47]ARM.Trustzoneapispecification,June2006. PRD29-USGC-000089,v2.0
[48]ARMLtd. ARM1176JZF-STechnicalReference Manual,Revision:r0p7. http://infocenter.arm.com/help/topic/com.arm.doc. di0301g/DDI0301G_armll76jzfs_r0p7_trm.pdf,2008.
[49]X.Zhang,O.Aciicmez,andJ.-P.Seifert.Atrusted mobile phone reference architecture via secure kernel.In STC'07:Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages7-14,NewYork, NY,USA,2007.ACM
[50]T.Alves and D.Felton. TrustZone:Integrated Hardware and Software Security-EnablingTrusted Computing in Embedded Systems. http://www.arm.com/pdfs/TZ_Whitepaper.pdf, July 2004
[51]Winter J. Trusted computing building blocks for embedded linux-based ARM trustzone platforms[C]. ACM,2008.
[52]Claussen H, Ho L T, Samuel L G. An overview of the femtocell concept[J]. Bell Labs Technical Journal.2008,13(1):221-245.
[53]Claussen H, Alcatel-lucent S. Performance of macro-and co-channel femtocells in a hierarchical cell structure [C].2007.
[54]Chandrasekhar V, Andrews J G, Gatherer A. Femtocell networks:a survey[J]. IEEE Communications Magazine.2008,46(9):59-67.
[55]Cummins T, Byrne E, Brannick D, et al. An IEEE 1451 standard transducer interface chip with 12-b ADC, two12-b DAC's,10-kB flash EEPROM, and 8-b microcontroller [J]. IEEE Journal of Solid-State Circuits.1998,33(12): 2112-2120.
[56]Semiconductor H. Open NAND flash interface specification[R]. Technical Report Revision 1.0. ONFi Workgroup, http://www. onfi. org,2006.
[57]Jinqiu X, Chuanyang L I, Yi F, et al. Design of FPGA Initialization Configure System at High Speed with LPC Bus [J] Computer Engineering.2005,13.
[58]Trusted Platform Module[EB/OL]. http://www.infineon.com/cms/en/product/ channel.html?channel=ff80808112ab681d0112ab6921ae011f.2009.
[59]F. Stumpf, O. Tafreschi, P. Roder, and C. Eckert. A Robust Integrity Reporting Protocol for Remote Attestation. In Second Workshop on Advances in Trusted Computing (WATC'06 Fall), Tokyo, Japan, November 2006.
[60]Y. Gasmi, A.-R. Sadeghi, P. Stewin, M. Unger, and N. Asokan. Beyond secure channels. In STC'07:Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 30-40, New York, NY, USA,2007. ACM.
[61]TCG:TPM Main, Part 1:Design Principles. TCG Specification Version 1.2 Revision94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006).
[62]Trusted Computing Group:TNC IF-T:Protocol Bindings for Tunneled EAP Methods Specification Version 1.1. Technical report, TCG,2008.
[63]Reiner Sailer, Xiaolan Zhang, Trent Jaeger and Leendert van Doom, "Design and Implementation of a TCG-Based Integrity Measurement Architecture", In Thirteenth Usenix Security Symposium, pages 223-238, August 2004.
[64]T. Dierks, E.Rescorla. "The Transport Layer Security(TLS) Protocol Version 1.1", Technical report, IETF Network Working Group, April 2006.
[65]Sailer, R., van Doom, L., Ward, J.P.:The role of TPM in Enterprise Security. Datenschutz und Datensicherheit (DuD) (2004).
[66]Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leendert van Doom, "Attestation-based Policy Enforcement for Remote Access", In Proceedings of the 11th ACM conference on Computer and Communications Security, October 2004.
[67]H. Maruyama, T. Nakamura, S. Munetoh, Y. Funaki, Y. Yamashita, "Linux with TCPA Integrity Measurement", IBM Research Report, Tokyo Research Laboratory, Japan, Jan.2003.
[68]Balfe, S., Lakhani, A.D., Paterson, K.G:Trusted computing:Providing security for peer-to-peer networks. In:Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing (P2P'05). (2005).
[69]Chen J C, Wang Y P. Extensible authentication protocol (EAP) and IEEE 802.1 x: tutorial and empirical experience[J]. IEEE communications magazine.2005, 43(12)
[70]Davies J. RADIUS Protocol Security and Best Practices[J]. Microsoft Corporation, January.2002.
[71]Kaufman C. RFC 4306:Internet key exchange (ikev2) protocol[J]. Internet Society.2005.
[72]http://seclab.cs.ucdavis.edu/seminars/IKEv2.ppt
[73]Li Gong. Enclaves:Enabling Secure. Collaboration Over the Internet. IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL.15, NO.3, APRIL 1997
[74]Meharouech Sourour, Bouhoula Adel, Abbes Tarek. Collaboration between Security Devices toward improving Network Defense. Seventh IEEE/ACIS International Conference on Computer and Information Science
[75]Tolone W, Ahn G J, Pai T, et al. Access control in collaborative systems[J]. ACM Computing Surveys (CSUR).2005,37(1):41.\
[76]D. Greer, D.W. Bustard. Collaborative risk management.2002 IEEE SMC WA1B4
[77]J. Garcia-Alfaro, M.A.Jaeger, G.Muhl, I.Barrera, J.Borrell. Distributed Exchange of Alerts for the Detection of Coordinated Attacks. Communication Networks and Services Research Conference 2008 IEEE DOI 10.1109/CNSR.2008.70
[78]Cantor S, Hodges J, Kemp J, et al. Liberty ID-FF Architecture Overview[J]. Wason, Thomas (Herausgeber):Liberty Alliance Project Version.2004,1.
[79]Cantor S, Kemp J. Liberty ID-FF Protocols and Schema Specification[J]. Version. 2003,183:12-16.
[80]Bidou R. Security Operation Center Concepts & Implementation [J]. http://www. iv2-technologies.com/images/Iv2-WP-SOCConcept.pdf, Accessed on March. 2007,16.
[81]De C J. Single sign-on architectures [J]. Infrastructure Security.2002:40-58.
[82]TOPSEC www.topsec.com
[83]SAOP www.digitalchina.com
[84]OPSEC SDK Documents.www.opsec.com
[85]Neusoft Press Release, Network Alert Protocol, http://www.neusoft.com /en/news/html//20051029/2153191819.html
[86]郑志彬.净化虚拟网络空间 缔造和谐信息世界—华为新技术在防DDOS攻击领域发挥重要作用[J].信息网络安全.2008(007).
[87]Debar H, Curry D, Feinstein B. RFC4765:The Intrusion Detection Message Exchange Format (IDMEF)[Z]. IETF,2006.
[88]Feinstein B, Matthews G, White J. The intrusion detection exchange protocol (IDXP)[J]. Network Working Group, Internet Draft, draft-ietf-idwg-beep-idxp-02. 2002.
[89]T E, Rose M. Using the Simple Object Access Protocol (SOAP) in Blocks Extensible Exchange Protocol (BEEP)[R]. RFC 3288,2002.
[90]Stevens W R, Wright G R. TCP/IP illustrated (vol.2):the implementation[M]. Addison-Wesley Longman Publishing Co., Inc. Boston, MA, USA,1995.
[91]Bray T, Paoli J, Sperberg-mcqueen C M, et al. Extensible markup language (XML) 1.0[J]. W3C recommendation.2000,6.
[92]Vulnerabilities C. Exposures (CVE)[J]. Web site."The Key to Information Sharing" URL:http://cve.mitre.org/docs/docs2000/key_to_info_shar.pdf.2009.
[93]Rohse M. Vulnerability naming schemes and description languages:CVE, Bugtraq, AVDL and VulnXML[J]. SANS GSEC PRACTICAL.2003.
[94]Myers J. Simple authentication and security layer (SASL)[Z]. RFC 2222, October 1997,1997.
[95]Agarwal P, Adhya S K, Thirunarayanan S, et al. SYSTEMS AND METHODS FOR FINE GRAIN POLICY DRIVEN CLIENTLESS SSL VPN ACCESS[Z]. Google Patents,2009.
[96]Zhang J, Zhang Y, Tian Y, et al. CPK-based fast authentication method in Mobile IPv6 networks[C].2008.
[97]Jia-fa Z, Tao M, Yi-fa L I. Comparison and Analysis of PKI, CPK and IBC[J]. Journal of Information Engineering University.2005.