计算机工程
計算機工程
계산궤공정
COMPUTER ENGINEERING
2014年
1期
130-133
,共4页
嵌入式实时操作系统%可信计算%完整性度量证书%访问控制%实时调度
嵌入式實時操作繫統%可信計算%完整性度量證書%訪問控製%實時調度
감입식실시조작계통%가신계산%완정성도량증서%방문공제%실시조도
Embedded Real-time Operation System(ERTOS)%trusted computing%integrity measurement certificate%access control%real-time schedule
可信计算能有效提高嵌入式实时操作系统的安全性,但现有的可信计算技术较难满足该系统实时性和低功耗的要求。为此,提出一种基于VxWorks内核的可信计算解决方案。设计嵌入式实时可信平台模块和可信软件栈,实现基于完整性度量证书的信任链传递结构和轻量级访问控制框架。实验结果证明,可信平台模块相比SW-TPM模块平均命令执行时间节省了65.81%,轻量级访问控制框架对系统内核的性能影响也较小,可满足嵌入式实时操作系统的应用要求。
可信計算能有效提高嵌入式實時操作繫統的安全性,但現有的可信計算技術較難滿足該繫統實時性和低功耗的要求。為此,提齣一種基于VxWorks內覈的可信計算解決方案。設計嵌入式實時可信平檯模塊和可信軟件棧,實現基于完整性度量證書的信任鏈傳遞結構和輕量級訪問控製框架。實驗結果證明,可信平檯模塊相比SW-TPM模塊平均命令執行時間節省瞭65.81%,輕量級訪問控製框架對繫統內覈的性能影響也較小,可滿足嵌入式實時操作繫統的應用要求。
가신계산능유효제고감입식실시조작계통적안전성,단현유적가신계산기술교난만족해계통실시성화저공모적요구。위차,제출일충기우VxWorks내핵적가신계산해결방안。설계감입식실시가신평태모괴화가신연건잔,실현기우완정성도량증서적신임련전체결구화경량급방문공제광가。실험결과증명,가신평태모괴상비SW-TPM모괴평균명령집행시간절성료65.81%,경량급방문공제광가대계통내핵적성능영향야교소,가만족감입식실시조작계통적응용요구。
The Trusted Computing Technology(TCT) is an effective way to solve Embedded Real-time Operation System(ERTOS) security. However, the existing TCT is hard to satisfy the properties of real-time and low power consumption directly. Based on VxWorks kernel, this paper puts forward a solution of trusted computing by designing embedded real-time trusted computing module and trusted software stack, which can realize the chain of trust by using integrity measurement certificate and establish the lightweight access control architecture. Experimental results show that the average execution time of commands on trusted platform module saves 65.81%execution time compared with SW-TPM module. Lightweight access control affects the kernel by increasing few execution overhead, which can meet the ERTOS requirements of real-time and low power consumption as a whole.
