Facing the increasing security issues in P2P networks,a scheme for resource sharing using trusted computing technolo-gies is proposed in this paper. We advance a RS-UCON model with decision continuity and attribute mutability to control the usage process and an architecture to illustrate how TC technolo-gies support policy enforcement with bidirectional attestation. The properties required for attestation should include not only integrity measurement value of platform and related application,but also reputation of users and access history,in order to avoid the limita-tion of the existing approaches. To make a permission,it is re-quired to evaluate both the authorization and conditions of the subject and the object in resource usage to ensure trustable re-sources to be transferred to trusted users and platform.
The method of extracting and describing the intended behavior of software precisely has become one of the key points in the fields of software behavior's dynamic and trusted authentica-tion. In this paper,the author proposes a specified measure of ex-tracting SIBDS (software intended behaviors describing sets) statically from the binary executable using the software's API functions invoking,and also introduces the definition of the struc-ture used to store the SIBDS in detail. Experimental results dem-onstrate that the extracting method and the storage structure defi-nition offers three strong properties: (i) it can describe the soft-ware's intended behavior accurately; (ii) it demands a small stor-age expense; (iii) it provides strong capability to defend against mimicry attack.
PENG Guojun PAN Xuanchen FU Jianming ZHANG Huanguo