面向高安全等级要求的可信计算平台环境测评方法研究

项目名称： 面向高安全等级要求的可信计算平台环境测评方法研究

项目编号： No.61272452

项目类型： 面上项目

立项/批准年度： 2013

项目学科： 自动化技术、计算机技术

项目作者： 严飞

作者单位： 武汉大学

项目金额： 81万元

中文摘要： 建设自主可控、一体化、高安全军事信息系统，构建信息化体系作战能力，是国家的科技强军战略。重要军事信息系统直接关系到国防安全和战争胜负。确保军事信息系统的可信性，成为确保我国国防安全的重大战略需求。 本课题以军事信息系统为应用背景，研究面向高安全等级要求的可信计算平台环境测评方法：针对高安全可信计算环境非功能性测评需求多样性特点，研究可信平台嵌入式组件与信任链度量结构的测试需求模型，建立明确的测试目标模型；围绕高安全可信计算环境的实际应用需求，研究面向安全性的测试用例最小覆盖生成技术、代码最小化测试方法、可信属性融合的Fuzzing测试方法以及综合性评估方法，并建立相应实验系统。 通过研究将在高安全等级要求的可信计算平台环境测评方面取得一批理论与技术成果，推动相关科学问题的解决，为提升我国信息安全保障能力、推进重要军事信息系统的建设做出贡献。本课题团队具有良好的工作基础，可以确保项目的成功。

中文关键词： 可信计算；测试与评估；高等级安全；虚拟化；

英文摘要： The construction of the military information system with independence, controllability and high security is the national defense strategy, which decides the outcome of a war. Since the important role which the military information system played, the Trust, means security and dependability, becomes a vital goal that any military information system should pay special attention to during the development and maintenance process. As trusted computing platform is a practical assurance technique for the trust of military information system, the testing and evaluation methods are proposed here. The first, a research of formal requirement models, including that of trusted platform module and the chain of trust in trusted computing platform, is proposed to solve the test goal's diversity for non-functional testing, which would help security testing definitely. The second, a minimal test coverage method for security testing, a code simplification testing method, a trust attribute oriented fuzzing method and a synthesis evaluation method are brought forward to satisfy the practical requirement in military trusted computing testing. And the third, an experimental testing system would be built for verifying the correctness of the above models and methods and making tests on practical systems. With this proposal being accepted

英文关键词： Trusted computing；test and evaluation；high level security；virtualization；