云计算环境信任链系统安全性理论研究

项目名称： 云计算环境信任链系统安全性理论研究

项目编号： No.61502438

项目类型： 青年科学基金项目

立项/批准年度： 2016

项目学科： 自动化技术、计算机技术

项目作者： 徐明迪

作者单位： 中国船舶重工集团公司第七〇九所

项目金额： 21万元

中文摘要： 可信系统信任链是保证云计算环境安全的根本前提，但国内外尚没有对可信云信任链系统安全性进行全面深入的理论分析，这将影响现有开放系统的实际应用。.本项目拟以无干扰理论和组合安全理论为基础，围绕云计算环境下信任链安全性分析理论与实践展开研究。(1)针对非传递无干扰理论下的信任链可信度量理论问题，研究信任链真实执行与预期执行的一致性判定方法，建立可信计算信任链数学模型和验证方法。(2)针对基于组合安全理论的信任链多系统复合安全属性验证问题，通过构造可组合的信息流模型，给出云计算环境下多系统信任链安全属性验证方法。(3)针对云计算环境下DRTM信任链安全形式化分析问题，通过基于StatVerif演算的动态度量技术安全形式化建模、分析与验证，解决DRTM实际应用系统的设计安全性问题。.基于以上研究，将初步建立可信云平台下信任链安全性分析理论，并探索模型的实际应用。

中文关键词： 可信云信任链；无干扰理论；组合安全理论

英文摘要： The security of chain of trust is the premise of security of cloud computing. However, there is no in-depth researches on security analysis for chain of trust of trusted cloud, which will affect the application of existing open systems such as cloud platform, virtualization platform..This project will research on theory and practice for chain of trust of cloud computing system based on non-interference theory and composition security theory. (1) As for issue of trusted measurement based on non-transistor non-interference model for chain of trust, this project will research the determination method between real behavior and expected behavior, and establish mathematical model and verification way. (2) As to problem of modelling security properties for multi-components in chain of trust system, this project will construct composiable information-flow model and put forward the verification method for security features of chain of trust in cloud computing system. (3) As for the flaw of DRTM chain of trust in cloud computing system, this project will solve the design security problem for DRTM system by using StatVerif calculus..Based on above work, this project will set up security analysis theory of chain of trust in trusted cloud computing system, and explore how to convert models to realistic application.

英文关键词： chain of trust of trusted cloud;non-interference theory;composition security theory