摘要 随着互联网中各种计算资源间互操作性的不断加强,传统的方法已经不能很 好地解决当前计算机系统面临的安全问题。终端安全是保证整个计算机系统与网 络安全的基础,可信计算与 Java 智能卡技术从解决终端安全入手,成为当前信息 安全领域中两个重要的研究热点。 可信度量机制是可信计算技术的核心与关键。但是,由于当前复杂操作系统 与应用程序无法被有效度量,同时缺少基于可信计算技术的安全操作系统,因此, 信任链无法真正被传递,可信计算与可信度量技术在实际应用中面临着诸多技术 难题。 本文在对现有可信度量机制以及 Java 智能卡技术分析和研究的基础上,首 先,利用可信平台模块模拟器(tpmemulator)和软件协议栈(TrouSers)仿真软 件包构建了可信度量仿真环境,深入分析了可信完整性度量与报告机制的详细数 据流向与实现流程;然后,设计开发了可信度量远程证明应用程序对其进行了测 试与验证;最终,本文将可信度量机制与 Java 智能卡技术相结合构建了 Java 智 能卡可信平台,并在平台中设计与实现了基于 Java 智能卡的可信度量方案,提出 了 Java 智能卡可信平台远程证明通信机制,简化了原计算机环境度量计算复杂 性,提高了关键应用程序的可信性。 关键词:可信计算 可信度量 完整性 Java 智能卡 Abstract With the rapid development of interoperability among different computing resources in the Internet, the security problems can not be easily resolved by the traditional methods. It turns out that the security of terminal is more important because it is the essence of the Internet. Trusted Computing and Java Smart Card technologies are focusing on the security of terminal and becoming the main research directions in the field of information security. The Trusted Measurement Mechanism is the core and basis of Trusted Computing. However, the current operating systems and applications can not be effectively measured and the trusted chain can not be transferred because of the complexity of operating systems and the lack of credible operating systems based on Trusted Computing technology. As a result, the current Trusted Computing and Trusted Measurement technology is facing the difficulties in practical use. In this paper, based on the analysis and research of current Trusted Measurement Mechanism and Java Smart Card technologies, a Trusted Measurement simulation environment is established by using Trusted Platform Module emulator (tpmemulator) and TCG Software Stack (TrouSers) open s
