In order to solve the existed problems of dynamic integrity measurement method, a dynamic integrity measurement model based on Memory Paging Mechanism is proposed in this paper. The model takes memory pages of executable subjects as measurement objects. When the pages are scheduled into memory, the measurement points are inserted, the pages are measured, and their integrities are verified. The model is able to insure the integrity and trust of each executable page and assure that the integrity of the whole executable subjects is not destroyed. To verify this model, XEN hypercall mechanism is used to acquire executable subjects’ pages scheduled into memory, and the integrity measurement and verification codes are put into hypercall handler. Accordingly, dynamic integrity measurement to executable subjects is implemented. 1. Introduction Trusted computing technology is derived from safety guidance file of Rainbow Series information system launched by the USA in 1983. In 1999, TCG firstly presented the concepts of Trusted Computing Platform (TCP) and Trusted Platform Module (TPM) and proposed the specific structure and technology route of TCP system [1]. The cores of trusted computing technology are trusted computing base and trusted chain [2, 3], and trusted measurement is a key problem of this technology [4, 5]. Trusted computing puts the integrity as a fundamental attribute of trust. The reliability of the platform is depending on whether the integrity measurement value is equal to the corresponding integrity reference value. The integrity measurement can comprise static measurement and dynamic measurement. The objects of static measurement are executable parts loaded into the platform during startup, such as BIOS, OS Loader, and operating system kernel. The objects of dynamic measurement are executable subjects, including code, data, and library file. The static measurement is a fixed sequence of single-chain process [6], and the measurement process is still unchanged when the operations of the platform change. Different from the static measurement, the process of dynamic measurement is multiple and unordered, and the time and space of object loading and running are not fixed. Obviously, the dynamic measurement is more accurate to describe and evaluate the integrity of the platform, and it can also get more attention and research [7]. Integrity Measurement Architecture (IMA) [8] is a well-known integrity measurement structure developed by IBM. Based on the measurement methods of TCG, IMA expands the content of integrity measurement and uses an
References
[1]
C. Song, W.-P. Peng, Y. Xin, S.-S. Luo, and H.-L. Zhu, “Seal-based secure boot scheme for trusted computing platform,” The Journal of China Universities of Posts and Telecommunications, vol. 17, supplement 2, pp. 16–21, 2010.
[2]
A. Nagarajan and V. Varadharajan, “Dynamic trust enhanced security model for trusted platform based services,” Future Generation Computer Systems, vol. 27, no. 5, pp. 564–573, 2011.
[3]
J. Winter and K. Dietrich, “A hijacker's guide to communication interfaces of the trusted platform module,” Computers & Mathematics with Applications, vol. 65, no. 5, pp. 748–761, 2013.
[4]
A. K. Kanuparthi, M. Zahran, and R. Karri, “Architecture support for dynamic integrity checking,” IEEE Transactions on Information Forensics and Security, vol. 7, no. 1, pp. 321–332, 2012.
[5]
D. Muthukumaran, J. Schiffman, M. Hassan, A. Sawani, V. Rao, and T. Jaeger, “Protecting the integrity of trusted applications in mobile phone systems,” Security and Communication Networks, vol. 4, no. 6, pp. 633–650, 2011.
[6]
D. Schellekens, B. Wyseur, and B. Preneel, “Remote attestation on legacy operating systems with trusted platform modules,” Electronic Notes in Theoretical Computer Science, vol. 197, no. 1, pp. 59–72, 2008.
[7]
D.-F. Li, Y.-X. Yang, L.-Z. Gu, and B. Sun, “Study on dynamic trust metric of trusted network based on state and behavior associated,” Journal on Communications, vol. 31, no. 12, pp. 12–19, 2010.
[8]
R. Sailer, X. L. Zhang, T. Jaeger, and V. Doom, “Design and implementation of a TCG based integrity measurement architecture,” in Proceedings of the 13th USENIX Security Symposium, pp. 223–238, 2004.
[9]
T. Jaeger, R. Sailer, and U. Shankar, “Prima: policy reduced integrity measurement architecture,” in Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT '06), pp. 19–28, New York, NY, USA, 2006.
[10]
X. Zhang, M. J. Covington, S. Q. Chen, and R. Sandhu, “SecureBus: towards application-transparent trusted computing with mandatory access control,” in Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS '07), pp. 117–126, New York, NY, USA, 2007.
[11]
L. Gao, X. Qin, C. Chang, and X. Chen, “A embedded system-based computing platform for tolerating untrusted component,” Geomatics and Information Science of Wuhan University, vol. 35, no. 5, pp. 626–629, 2010.
[12]
S. Stamm, N. P. Sheppard, and R. Safavi-Naini, “Implementing trusted terminals with a and SITDRM,” Electronic Notes in Theoretical Computer Science, vol. 197, no. 1, pp. 73–85, 2008.
[13]
M. Thober, J. A. Pendergrass, and C. D. Mcdonell, “Improving coherency of runtime integrity measurement,” in Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing (STC '08), pp. 51–60, New York, NY, USA, 2008.
[14]
S. Grinberg and S. Weiss, “Architectural virtualization extensions: a systems perspective,” Computer Science Review, vol. 6, no. 5-6, pp. 209–224, 2012.
