匿名通信系统若干理论及应用研究
|
摘要
近年来,作为通信与信息传播的途径媒介,Internet技术迅速发展并被广泛应用。根据国内外调查机构的民意测验表明:用户在使用Internet时感到的最大障碍是担心自身隐私遭泄露,而且在一些特殊的应用领域内(如电子医疗、电子现金、电子商务和电子投票等),用户身份隐私的保护程度是评估整个系统安全性能的重要因素之一,为此提出保护用户隐私的匿名技术。但匿名技术在广泛研究和应用的同时,暴漏出:对匿名用户的操作缺乏监督、控制及出现问题(如非法用户的匿名访问,合法用户出现恶意匿名行为等)时没有相应的解决措施及应对策略的缺点与不足,同时匿名通信系统(如洋葱路由系统)缺乏对接入用户的安全性检测机制。由此可见匿名通信系统具有可控差、安全性弱的缺点与不足;相关网络环境(如移动互联网、无线局域网、普适计算等)下匿名通信模型的研究已成为当前研究的热点。本文在匿名通信技术理论、匿名通信模型实现、可控可信匿名通信方案和移动互联网下可信匿名通信模型等方面进行了相关研究,具体研究内容为:
(1)随着可信计算(Trusted Computing, TC)的深入研究,PC机和计算机网络的安全性均有大幅度提高,但是匿名技术与可信计算的融合度却比较低,缺乏基于可信计算的匿名通信方案的研究。针对匿名通信系统可控性差、安全性弱的缺点与不足,提出可控可信的匿名通信方案,为用户提供可撤销的匿名服务,该方案引入身份认证管理中心完成用户基于群签名技术的身份注册;链路嵌套加密机制确保通信过程的匿名性;目标主机与身份认证管理中心间的追踪机制实现对用户恶意匿名行为的控制;节点服务器保存管理整个系统的所有可信节点,并实时更新,同时将不再可信的节点移出系统;基于可信平台模块的完整性度量机制、信任链传递、远程证明和匿名认证等技术确保了可控可信匿名通信方案的可信性、安全性和可靠性,为接入该通信系统的用户提供可控匿名服务的同时,使用户得到更安全的保护。通过对方案的安全性、可信性、匿名性、效率等方面的分析与仿真,表明可控可信的匿名通信方案具有较好的安全性、可控性与可信性,可满足未来互联网环境下大规模部署可控匿名通信系统的需要。
(2)可信计算组织(Trusted Computing Group, TCG)移动可信模块(Moblie Trusted Model, MTM)相关规范的发布,确保了移动终端自身的安全性,但MTM芯片的推广导致移动终端通信方式的改变,为满足用卢对移动终端匿名通信过程的需求,提出了移动互联网下可信移动平台(Trusted Mobile Platform, TMP)可信匿名通信模型,该模型包含TMP可信匿名接入机制和TMP可信匿名通信机制。可信匿名接入机制在服务域中引入策略决策者管理本域的TMP及Internet服务提供商,定义了TMP的两种接入模式——本域服务和跨域接入,并详细介绍各模式的具体工作流程,其中将跨域接入模式定义为漫游服务和资源请求两种场景。可信匿名接入机制安全实现了移动互联网下TMP的可信接入,同时具有实用、高效的特点;可信匿名通信机制实现通信双方间的匿名通信,且中间节点可根据前驱节点的签密及签名信息验证转发数据的完整性,可根据路由鉴别信息验证转发路由的真实性。分析表明通信机制在实现通信匿名的同时具有安全性与可信性,满足移动互联网下TMP匿名通信过程的安全需求。
(3)针对Linux环境下用户访问网络时的隐私保护问题,设计实现了匿名浏览软件,软件基于Tor匿名通信技术来保护用户隐私信息的安全,软件的集成化使匿名服务相对简单,方便普通用户的使用。该软件启动后,终端发送的数据包是经过封装的加密数据,测试结果表明该软件对用户的网络地址等隐私信息进行了隐藏,即该软件能对用户的隐私信息提供有效的保护。
(4)基于可信平台模块(Trusted Platform Model, TPM)的相关模拟软件TPM-Emulator设计开发了完整性验证模型来实现可信平台接入过程的完整性验证。该模型为今后基于TPM-Emulator进行模型证实可信匿名接入认证协议提供了一定的研究基础。
Internet is developing rapidly and accepted widely as an important means of communication and information dissemination. Meanwhile the issues of security and privacy of Internet become increasingly critical. According to domestic and international investigation, users'significant concern is their privacies while surfing on the Internet. Furthermore, in some special application fields (such as E-health, E-cash, E-commerce or E-voting), the protection degree of private information is one of the most important criteria to evaluate the overall system security. In order to solve these problems, anonymity technology was proposed to protect user's privacy. However, while there are extensive researches and applications of anonymity, the shortcomings and deficiencies of anonymity, such as the lack of supervision, control and solving measures, have already emerged. Accordingly, the anonymous communication system has an obvious disadvantage of controlability and security. In addition, the anonymous communication model in related network environment (such as e Internet, Wireless Local Area Network, Ubiquitous Computing, etc.) has focus on the maturation and development of network environment. In conclusion, this paper not only focuses on theory and application of anonymous communication model, moreover, but probes into the controllable and trusted anonymous communication scheme and the trusted of anonymous communication model for mobile Internet.
The research content is as follow:
(1) With the deep research on trusted computing, the security of PC and network has been improved greatly. Nevertheless the integration of anonymous technology and trusted computing is not so well and lacks the research on anonymous communication scheme based on trusted computing. Therefore, a controllable and trusted anonymous communication scheme is proposed in this paper, providing revocable anonymous service for the users. The scheme introduces Authentication Management Center to complete the users'identity registration based on the group signature, the encryption mechanism of layer upon layer to guarantee the anonymity of communication, the feedback mechanism between the target host and the AMC to control the user vicious anonymous behaviors, the node server to preserve and manage all the trusted nodes by renewing at times and removing the untrusted nodes, and the technologies of integrity measurement mechanism, transitive trusted chain, remote authentication and Direct Anonymous Attestation to assure the credibility, security and dependability of the communication system, the model of which provides the controllable anonymous services and advanced security protection for the users.
(2) The publication of TCG MTM standard ensures the safety of mobile terminals, but its promotion results in the changes of communication on mobile terminals. So this thesis proposes an access mechanism to trusted mobile platform (mobile terminals with MTM chips, TMP) on mobile Internet. This mechanism introduces TMP and Internet ISP of strategy decider management field, defines an extended service set as a service field, and defines two visit mode of TMP on mobile Internet-self field service and cross field access. The progress of each mode is described in details. Cross field access mode is defined as roaming service and resource request. The trusted evaluation system of TMP access mechanism is specifically described. Universal combinational safe mode is used to analyze the safety of the two TMP access. The analysis shows that this mechanism brings about trusted TMP access on mobile Internet and is safe, practical and high efficient.
(3) The integrated anonymous browser based on Linux and Tor is designed to protect the privacy of users'information, the broswer of which could offer privacy protection under Linux circumstance.The integration of software makes the anonymous service simple and convenient for users. The test shows that data packets sent through Tor by browser have been encrypted and the users'identity information has been concealed. It protects users'privacy effectively.
(4) The trusted anonymous access authentication protocol was proved in this article based on TPM-Emulator which is simulation software of security chip Trusted Platform Model. This provement provides a basis for further model provement research
(1)随着可信计算(Trusted Computing, TC)的深入研究,PC机和计算机网络的安全性均有大幅度提高,但是匿名技术与可信计算的融合度却比较低,缺乏基于可信计算的匿名通信方案的研究。针对匿名通信系统可控性差、安全性弱的缺点与不足,提出可控可信的匿名通信方案,为用户提供可撤销的匿名服务,该方案引入身份认证管理中心完成用户基于群签名技术的身份注册;链路嵌套加密机制确保通信过程的匿名性;目标主机与身份认证管理中心间的追踪机制实现对用户恶意匿名行为的控制;节点服务器保存管理整个系统的所有可信节点,并实时更新,同时将不再可信的节点移出系统;基于可信平台模块的完整性度量机制、信任链传递、远程证明和匿名认证等技术确保了可控可信匿名通信方案的可信性、安全性和可靠性,为接入该通信系统的用户提供可控匿名服务的同时,使用户得到更安全的保护。通过对方案的安全性、可信性、匿名性、效率等方面的分析与仿真,表明可控可信的匿名通信方案具有较好的安全性、可控性与可信性,可满足未来互联网环境下大规模部署可控匿名通信系统的需要。
(2)可信计算组织(Trusted Computing Group, TCG)移动可信模块(Moblie Trusted Model, MTM)相关规范的发布,确保了移动终端自身的安全性,但MTM芯片的推广导致移动终端通信方式的改变,为满足用卢对移动终端匿名通信过程的需求,提出了移动互联网下可信移动平台(Trusted Mobile Platform, TMP)可信匿名通信模型,该模型包含TMP可信匿名接入机制和TMP可信匿名通信机制。可信匿名接入机制在服务域中引入策略决策者管理本域的TMP及Internet服务提供商,定义了TMP的两种接入模式——本域服务和跨域接入,并详细介绍各模式的具体工作流程,其中将跨域接入模式定义为漫游服务和资源请求两种场景。可信匿名接入机制安全实现了移动互联网下TMP的可信接入,同时具有实用、高效的特点;可信匿名通信机制实现通信双方间的匿名通信,且中间节点可根据前驱节点的签密及签名信息验证转发数据的完整性,可根据路由鉴别信息验证转发路由的真实性。分析表明通信机制在实现通信匿名的同时具有安全性与可信性,满足移动互联网下TMP匿名通信过程的安全需求。
(3)针对Linux环境下用户访问网络时的隐私保护问题,设计实现了匿名浏览软件,软件基于Tor匿名通信技术来保护用户隐私信息的安全,软件的集成化使匿名服务相对简单,方便普通用户的使用。该软件启动后,终端发送的数据包是经过封装的加密数据,测试结果表明该软件对用户的网络地址等隐私信息进行了隐藏,即该软件能对用户的隐私信息提供有效的保护。
(4)基于可信平台模块(Trusted Platform Model, TPM)的相关模拟软件TPM-Emulator设计开发了完整性验证模型来实现可信平台接入过程的完整性验证。该模型为今后基于TPM-Emulator进行模型证实可信匿名接入认证协议提供了一定的研究基础。
Internet is developing rapidly and accepted widely as an important means of communication and information dissemination. Meanwhile the issues of security and privacy of Internet become increasingly critical. According to domestic and international investigation, users'significant concern is their privacies while surfing on the Internet. Furthermore, in some special application fields (such as E-health, E-cash, E-commerce or E-voting), the protection degree of private information is one of the most important criteria to evaluate the overall system security. In order to solve these problems, anonymity technology was proposed to protect user's privacy. However, while there are extensive researches and applications of anonymity, the shortcomings and deficiencies of anonymity, such as the lack of supervision, control and solving measures, have already emerged. Accordingly, the anonymous communication system has an obvious disadvantage of controlability and security. In addition, the anonymous communication model in related network environment (such as e Internet, Wireless Local Area Network, Ubiquitous Computing, etc.) has focus on the maturation and development of network environment. In conclusion, this paper not only focuses on theory and application of anonymous communication model, moreover, but probes into the controllable and trusted anonymous communication scheme and the trusted of anonymous communication model for mobile Internet.
The research content is as follow:
(1) With the deep research on trusted computing, the security of PC and network has been improved greatly. Nevertheless the integration of anonymous technology and trusted computing is not so well and lacks the research on anonymous communication scheme based on trusted computing. Therefore, a controllable and trusted anonymous communication scheme is proposed in this paper, providing revocable anonymous service for the users. The scheme introduces Authentication Management Center to complete the users'identity registration based on the group signature, the encryption mechanism of layer upon layer to guarantee the anonymity of communication, the feedback mechanism between the target host and the AMC to control the user vicious anonymous behaviors, the node server to preserve and manage all the trusted nodes by renewing at times and removing the untrusted nodes, and the technologies of integrity measurement mechanism, transitive trusted chain, remote authentication and Direct Anonymous Attestation to assure the credibility, security and dependability of the communication system, the model of which provides the controllable anonymous services and advanced security protection for the users.
(2) The publication of TCG MTM standard ensures the safety of mobile terminals, but its promotion results in the changes of communication on mobile terminals. So this thesis proposes an access mechanism to trusted mobile platform (mobile terminals with MTM chips, TMP) on mobile Internet. This mechanism introduces TMP and Internet ISP of strategy decider management field, defines an extended service set as a service field, and defines two visit mode of TMP on mobile Internet-self field service and cross field access. The progress of each mode is described in details. Cross field access mode is defined as roaming service and resource request. The trusted evaluation system of TMP access mechanism is specifically described. Universal combinational safe mode is used to analyze the safety of the two TMP access. The analysis shows that this mechanism brings about trusted TMP access on mobile Internet and is safe, practical and high efficient.
(3) The integrated anonymous browser based on Linux and Tor is designed to protect the privacy of users'information, the broswer of which could offer privacy protection under Linux circumstance.The integration of software makes the anonymous service simple and convenient for users. The test shows that data packets sent through Tor by browser have been encrypted and the users'identity information has been concealed. It protects users'privacy effectively.
(4) The trusted anonymous access authentication protocol was proved in this article based on TPM-Emulator which is simulation software of security chip Trusted Platform Model. This provement provides a basis for further model provement research
引文
[1]Claessens J, Diaz C, Goemans C. Revocable anonymous access to the internet[C]. In Internet Research:Electronic Networking Application and Policy. January 2003.13-25.
[2]杨天翔.网络隐私权保护:国际比较分析与借鉴[J].上海商学院学报.2007,8(4):41-44.
[3]苏秦,李钊,崔艳武等.网络消费者行为影响因素分析及实证研究[J].系统工程.2007,25(2):1-6.
[4]Stefaan Seys, Claudia Diaz, Bart DeWin. Anonymity and Privacy in Electronic Services Deliverable 2-Requirement study of different applications [ER/OL] [2009-7-5]. https://www.cosic.esat.kuleuven.ac.be/apes.
[5]Claudia Diaz. Anonymity and Privacy in Electronic Services [D]. Ph.D. thesis. Katholieke University Leuven. December 2005.
[6]赵福祥.网络匿名连接中的安全可靠性技术研究[D].西安,西安电子科技大学.2001.
[7]赵福祥,王育民,王常杰.可靠洋葱路由方案的设计与实现[J].计算机学报.2001,24(5):463-467.
[8]Stefan.K, Rolf.W, Hannes. Revocable Anonymity[C]. Proceeding of ETRICS 2006,Freiburg, Germany,June 6-9,2006.LNCS 3995, Springer-Verlag, Heidelberg 2006:206-220.
[9]吴艳辉,王伟平,陈建二.匿名通信研究综述[J].小型微型计算机系统.2007.28(4):583-588.
[10]J.Claessens, C.Diaz, C.Goemans, etc. Revocable anonymous access to the Internet [J]. Journal of Internet Research.2003.13 (4):242-258.
[11]罗军舟,韩志耕,王良民.一种可信可控的网络体系及协议结构[J].计算机学报.2009,32(3):391-404.
[12]吴振强,周彦伟,乔子芮.一种可控可信的匿名通信方案[J].计算机学报.2010,33(9):1686-1702.
[13]马建峰,吴振强.无线局域网安全体系结构[M].北京:高等教育出版社.2008,165-P199.
[14]金纯. IEE802.11无线局域网(第2版)[M].北京:电子工业出版社.2004,56-105.
[15]吴振强,周彦伟,乔子芮.移动互联网下可信移动平台接入机制[J].通信学报.2010,31(10):158-169.
[16]Trusted Computing Group. Trusted Computing Platform Alliance (TCPA) main specification version 1.1b [EB/OL]. [2010-02]. https://www.Trustedcomputing group.org/.
[17]Trusted Computing Group. TPM main part 1 design principles specification version 1.1 [EB/OL]. [2010-05]. https://www. Trustedcomputinggroup.org/.
[18]Trusted Computing Group. TPM Main Specification version 1.2 [EB/OL]. [2010-10]. https://www.trustedcomputinggroup.org/.
[19]Trusted Computing Group:TCG Specification Architecture Overview [EB/OL]. [2010-05]. https://www.trustedcomputinggroup.org/
[20]Trusted Computing Group. TPM specification version 1.2 Part1 Design Principes, Revisionl03 [EB/OL]. [2010-05]. https://www.trustedcomputinggroup.org/
[21]Trusted Computing Group:TPM specification version 1.2 Part2 TPM Structures, Revision 103 [EB/OL]. [2010-10]. https://www.trustedcomputinggroup.org/
[22]Trusted Computing Group:TPM specification version 1.2 Part3 TPM Commands, Revision103 [EB/OL]. [2010-10]. https://www.trustedcomputinggroup.org/
[23]Trusted Computing Group:TCG Storage Architecture Core Specification [EB /OL]. [2010-05]. https://www.trustedcomputinggroup.org/.
[24]杨元原.一种混合的Tor通信系统方案[D].西安,西安:西安电子科技大学.2007.
[25]吴振强,杨波.基于葱头路由技术和MPLS的隐匿通信模型[J].西安电子科技大学学报.2002,29(4):513-517.
[26]周彦伟,吴振强,江景祥,王宁.基于Tor的Internet集成匿名浏览系统设计与实现[J].信息与电子工程.2009.7(3):235-239.
[27]Anonymous.Tor概述[EB/OL]. [2008-05-20]. http://tor.eff.org.
[28]周彦伟,吴振强,叶建财等.新的可信网络框架研究[J].计算机应用.2009.29,(9):2355-2359,2365
[29]林闯,雷蕾.下一代互联网体系结构研究[J].计算机学报.2007,5(30):694-711.
[30]张宏科,苏伟.新网络体系基础研究—一体化网络与普适服务[J].电子学报.2007,35(4):593-598.
[31]戴江山,肖军模.一种基于可控网络的攻击源定位方法[J].南京理工大学学报.2005,3(29):356-359.
[32]Greenberg A, Hjalmtysson G, Maltz D A et al. A clean slate 4D approach to network control and management. ACM SIGCOMM Computer Communication Review.2005,35 (5):41-54
[33]Trusted Computing Group. TCG mobile trusted module specification version 1.0 [EB/OL]. Oregon:TCG,2007. https://www. trustedcomputinggroup.org.
[34]Trusted Computing Group. TCG mobile reference architecture version 1.0 [EB/OL]. Oregon:TCG,2007. https://www.trustedcomputinggroup.org.
[35]TMP. Trusted mobile platform hardware architecture description [EB/OL]. http: //www. trustedmobile.org/
[36]OMTP. Open mobile terminal platform group [EB/OL]. London:OMTP,2007. http://www.omtp.org/.
[37]邢黎,祝跃飞,王美琴.可信移动平台及其验证机制的研究[J],计算机工程与设计.2008,(29)3:1080-1082,1085.
[38]郑宇,何大可,何明星.基于可信计算的移动终端用户认证方案[J].计算机学报.2006,29(8):1255-1264.
[39]陈书义,闻英友,赵宏.基于可信计算的移动平台设计方案[J].东北大学学报(自然科学版).2008,29(8):1096-1099.
[40]李建,何永忠,沈昌祥等.基于可信移动平台的跨身份标志域访问模型[J].计算机应用研究.2009 26(1):321-324.
[41]李建,何永忠,沈昌祥等.可信移动平台身份管理框架[J].计算机应用研究.200925(12):3711-3714.
[42]李建,何永忠,周正等.可信移动平台软件安全载入策略模型研究[J].计算机工程.2009 35(2):148-150.
[43]李洁,吴振强,于璐等.一种改进的直接匿名认证方案[J].计算机应用.2009,29(2):364-366,397.
[44]周彦伟,吴振强,蒋李.分布式网络环境下的跨域匿名认证机制[J].计算机应用,2010,30(8):2120-2124.
[45]杨超,曹春杰,马建峰.通用可组合的Mesh网络认证协议[J],西安电子科技大学学报(自然科学版).2007,34(5):814-817.
[46]Goldwasser S, Micali S, Rivest R. A Digital Signature Scheme Secure against Adaptive Chosen-message Attacks [J]. SIAM Journal on Computing,1998,17(2): 281-308.
[47]曹春杰,杨超,马建峰. WLAN Mesh漫游接入认证协议[J],计算机研究与发展,2009,46(7):1102-1108.
[48]吴振强.匿名技术的抗攻击性研究[J].陕西师范大学学报(自然科学版)2004,32(1):29-32.
[49]张婕,吴振强,霍成义等.一种移动互联网络匿名认证协议[J].计算机工程与应用.2008,44(13):80-83,109.
[50]JIANG Yi xin, LIN Chuang. Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks [J].IEEE Transations on Wireless Communications,2006,5(9):1-8.
[51]Reiter M K, Rubin A D. Crowds:anonymity for web transactions. ACM Transactions on Information and System Security,1998,1 (1):62-92.
[52]Software-based TPM Emulator. [EB/OL]. http://tpm-emulator.berlios.de/.
[53]TPM Emulator. [EB/OL]. [2011-02]. http://developer.berlios.de/projects/tpm-emulator/.
[54]Ubuntu Home. Ubuntu中如何安装JDK[EB/OL]. [2011-02]. http://www.ubuntuhome com/ubuntul0-04-jdk.html.
[55]如何在最新的ubuntu10.10中安装jdk-6u22. [EB/OL]. [2011-02]. http://blog.csdn.net/gupeng_2009/archive/2010/11/27/6039528.aspx.
[2]杨天翔.网络隐私权保护:国际比较分析与借鉴[J].上海商学院学报.2007,8(4):41-44.
[3]苏秦,李钊,崔艳武等.网络消费者行为影响因素分析及实证研究[J].系统工程.2007,25(2):1-6.
[4]Stefaan Seys, Claudia Diaz, Bart DeWin. Anonymity and Privacy in Electronic Services Deliverable 2-Requirement study of different applications [ER/OL] [2009-7-5]. https://www.cosic.esat.kuleuven.ac.be/apes.
[5]Claudia Diaz. Anonymity and Privacy in Electronic Services [D]. Ph.D. thesis. Katholieke University Leuven. December 2005.
[6]赵福祥.网络匿名连接中的安全可靠性技术研究[D].西安,西安电子科技大学.2001.
[7]赵福祥,王育民,王常杰.可靠洋葱路由方案的设计与实现[J].计算机学报.2001,24(5):463-467.
[8]Stefan.K, Rolf.W, Hannes. Revocable Anonymity[C]. Proceeding of ETRICS 2006,Freiburg, Germany,June 6-9,2006.LNCS 3995, Springer-Verlag, Heidelberg 2006:206-220.
[9]吴艳辉,王伟平,陈建二.匿名通信研究综述[J].小型微型计算机系统.2007.28(4):583-588.
[10]J.Claessens, C.Diaz, C.Goemans, etc. Revocable anonymous access to the Internet [J]. Journal of Internet Research.2003.13 (4):242-258.
[11]罗军舟,韩志耕,王良民.一种可信可控的网络体系及协议结构[J].计算机学报.2009,32(3):391-404.
[12]吴振强,周彦伟,乔子芮.一种可控可信的匿名通信方案[J].计算机学报.2010,33(9):1686-1702.
[13]马建峰,吴振强.无线局域网安全体系结构[M].北京:高等教育出版社.2008,165-P199.
[14]金纯. IEE802.11无线局域网(第2版)[M].北京:电子工业出版社.2004,56-105.
[15]吴振强,周彦伟,乔子芮.移动互联网下可信移动平台接入机制[J].通信学报.2010,31(10):158-169.
[16]Trusted Computing Group. Trusted Computing Platform Alliance (TCPA) main specification version 1.1b [EB/OL]. [2010-02]. https://www.Trustedcomputing group.org/.
[17]Trusted Computing Group. TPM main part 1 design principles specification version 1.1 [EB/OL]. [2010-05]. https://www. Trustedcomputinggroup.org/.
[18]Trusted Computing Group. TPM Main Specification version 1.2 [EB/OL]. [2010-10]. https://www.trustedcomputinggroup.org/.
[19]Trusted Computing Group:TCG Specification Architecture Overview [EB/OL]. [2010-05]. https://www.trustedcomputinggroup.org/
[20]Trusted Computing Group. TPM specification version 1.2 Part1 Design Principes, Revisionl03 [EB/OL]. [2010-05]. https://www.trustedcomputinggroup.org/
[21]Trusted Computing Group:TPM specification version 1.2 Part2 TPM Structures, Revision 103 [EB/OL]. [2010-10]. https://www.trustedcomputinggroup.org/
[22]Trusted Computing Group:TPM specification version 1.2 Part3 TPM Commands, Revision103 [EB/OL]. [2010-10]. https://www.trustedcomputinggroup.org/
[23]Trusted Computing Group:TCG Storage Architecture Core Specification [EB /OL]. [2010-05]. https://www.trustedcomputinggroup.org/.
[24]杨元原.一种混合的Tor通信系统方案[D].西安,西安:西安电子科技大学.2007.
[25]吴振强,杨波.基于葱头路由技术和MPLS的隐匿通信模型[J].西安电子科技大学学报.2002,29(4):513-517.
[26]周彦伟,吴振强,江景祥,王宁.基于Tor的Internet集成匿名浏览系统设计与实现[J].信息与电子工程.2009.7(3):235-239.
[27]Anonymous.Tor概述[EB/OL]. [2008-05-20]. http://tor.eff.org.
[28]周彦伟,吴振强,叶建财等.新的可信网络框架研究[J].计算机应用.2009.29,(9):2355-2359,2365
[29]林闯,雷蕾.下一代互联网体系结构研究[J].计算机学报.2007,5(30):694-711.
[30]张宏科,苏伟.新网络体系基础研究—一体化网络与普适服务[J].电子学报.2007,35(4):593-598.
[31]戴江山,肖军模.一种基于可控网络的攻击源定位方法[J].南京理工大学学报.2005,3(29):356-359.
[32]Greenberg A, Hjalmtysson G, Maltz D A et al. A clean slate 4D approach to network control and management. ACM SIGCOMM Computer Communication Review.2005,35 (5):41-54
[33]Trusted Computing Group. TCG mobile trusted module specification version 1.0 [EB/OL]. Oregon:TCG,2007. https://www. trustedcomputinggroup.org.
[34]Trusted Computing Group. TCG mobile reference architecture version 1.0 [EB/OL]. Oregon:TCG,2007. https://www.trustedcomputinggroup.org.
[35]TMP. Trusted mobile platform hardware architecture description [EB/OL]. http: //www. trustedmobile.org/
[36]OMTP. Open mobile terminal platform group [EB/OL]. London:OMTP,2007. http://www.omtp.org/.
[37]邢黎,祝跃飞,王美琴.可信移动平台及其验证机制的研究[J],计算机工程与设计.2008,(29)3:1080-1082,1085.
[38]郑宇,何大可,何明星.基于可信计算的移动终端用户认证方案[J].计算机学报.2006,29(8):1255-1264.
[39]陈书义,闻英友,赵宏.基于可信计算的移动平台设计方案[J].东北大学学报(自然科学版).2008,29(8):1096-1099.
[40]李建,何永忠,沈昌祥等.基于可信移动平台的跨身份标志域访问模型[J].计算机应用研究.2009 26(1):321-324.
[41]李建,何永忠,沈昌祥等.可信移动平台身份管理框架[J].计算机应用研究.200925(12):3711-3714.
[42]李建,何永忠,周正等.可信移动平台软件安全载入策略模型研究[J].计算机工程.2009 35(2):148-150.
[43]李洁,吴振强,于璐等.一种改进的直接匿名认证方案[J].计算机应用.2009,29(2):364-366,397.
[44]周彦伟,吴振强,蒋李.分布式网络环境下的跨域匿名认证机制[J].计算机应用,2010,30(8):2120-2124.
[45]杨超,曹春杰,马建峰.通用可组合的Mesh网络认证协议[J],西安电子科技大学学报(自然科学版).2007,34(5):814-817.
[46]Goldwasser S, Micali S, Rivest R. A Digital Signature Scheme Secure against Adaptive Chosen-message Attacks [J]. SIAM Journal on Computing,1998,17(2): 281-308.
[47]曹春杰,杨超,马建峰. WLAN Mesh漫游接入认证协议[J],计算机研究与发展,2009,46(7):1102-1108.
[48]吴振强.匿名技术的抗攻击性研究[J].陕西师范大学学报(自然科学版)2004,32(1):29-32.
[49]张婕,吴振强,霍成义等.一种移动互联网络匿名认证协议[J].计算机工程与应用.2008,44(13):80-83,109.
[50]JIANG Yi xin, LIN Chuang. Mutual Authentication and Key Exchange Protocols for Roaming Services in Wireless Mobile Networks [J].IEEE Transations on Wireless Communications,2006,5(9):1-8.
[51]Reiter M K, Rubin A D. Crowds:anonymity for web transactions. ACM Transactions on Information and System Security,1998,1 (1):62-92.
[52]Software-based TPM Emulator. [EB/OL]. http://tpm-emulator.berlios.de/.
[53]TPM Emulator. [EB/OL]. [2011-02]. http://developer.berlios.de/projects/tpm-emulator/.
[54]Ubuntu Home. Ubuntu中如何安装JDK[EB/OL]. [2011-02]. http://www.ubuntuhome com/ubuntul0-04-jdk.html.
[55]如何在最新的ubuntu10.10中安装jdk-6u22. [EB/OL]. [2011-02]. http://blog.csdn.net/gupeng_2009/archive/2010/11/27/6039528.aspx.