%0 Journal Article
%T Research on Dynamic Integrity Measurement Model Based on Memory Paging Mechanism
%A Chaowen Chang
%A Xin Chen
%A Shuai Wang
%A Qinghai Xiao
%J Discrete Dynamics in Nature and Society
%D 2014
%I Hindawi Publishing Corporation
%R 10.1155/2014/478985
%X In order to solve the existed problems of dynamic integrity measurement method, a dynamic integrity measurement model based on Memory Paging Mechanism is proposed in this paper. The model takes memory pages of executable subjects as measurement objects. When the pages are scheduled into memory, the measurement points are inserted, the pages are measured, and their integrities are verified. The model is able to insure the integrity and trust of each executable page and assure that the integrity of the whole executable subjects is not destroyed. To verify this model, XEN hypercall mechanism is used to acquire executable subjects’ pages scheduled into memory, and the integrity measurement and verification codes are put into hypercall handler. Accordingly, dynamic integrity measurement to executable subjects is implemented. 1. Introduction Trusted computing technology is derived from safety guidance file of Rainbow Series information system launched by the USA in 1983. In 1999, TCG firstly presented the concepts of Trusted Computing Platform (TCP) and Trusted Platform Module (TPM) and proposed the specific structure and technology route of TCP system [1]. The cores of trusted computing technology are trusted computing base and trusted chain [2, 3], and trusted measurement is a key problem of this technology [4, 5]. Trusted computing puts the integrity as a fundamental attribute of trust. The reliability of the platform is depending on whether the integrity measurement value is equal to the corresponding integrity reference value. The integrity measurement can comprise static measurement and dynamic measurement. The objects of static measurement are executable parts loaded into the platform during startup, such as BIOS, OS Loader, and operating system kernel. The objects of dynamic measurement are executable subjects, including code, data, and library file. The static measurement is a fixed sequence of single-chain process [6], and the measurement process is still unchanged when the operations of the platform change. Different from the static measurement, the process of dynamic measurement is multiple and unordered, and the time and space of object loading and running are not fixed. Obviously, the dynamic measurement is more accurate to describe and evaluate the integrity of the platform, and it can also get more attention and research [7]. Integrity Measurement Architecture (IMA) [8] is a well-known integrity measurement structure developed by IBM. Based on the measurement methods of TCG, IMA expands the content of integrity measurement and uses an
%U http://www.hindawi.com/journals/ddns/2014/478985/