h to the optimization of Hash Tree.This approach efficiently utilizes the locality pattem of memory accessing to quicken the checking processes of integrity.At the same time,it eliminates the influence to performance incurred by the excessive pollution of on—chip caches,because the buffer used by it can be untrusted and can be placed out ofprocessor. 2)For the protection of the shared memory of symmetric multi—processor system,it builds a distributed protecting structure,which distributes protecting processes to them together.To reduce the performance processor and MCH to achieve security by 第1lI页 inllucnce of pl‘otecting,it combines OTP enaryption and timcstamp verification effectively;consequently.such secnl icy scheme can realize thai system bus n-ansaction has low encryption latency,integrity verilying is low cost、and the design of MCI 1 is light-weight.3)Basing on the secul’ity ol、memory、it makes lhrlher investigation Oil tile protection of peripheral devices,and brings forward hard disk integrity verification mechanism with online mode and sector level.Checking sectors directly gives unified low level protecting mechanism to disk storage devices(including file systems).It adopts an optimizing method basing OIl【)ne special structure of Hash Trec.Mdch Call not only optimmize t11e checking processes of integtit5:,but also lhcilitates tile operation of time crucial consistency recovery4)TO protect the security of remote data in the network storage architecture,it gives a protection method that relies 011 trustworthil)’holding secret k<y‘information associated with data blocks.Such method is applicable to many application cases. and achieves data protection processes with low cost compared with other similar systems.5)Additionally、it studics a powerful attacking case implemented with the help of some sophisticated simulators,To circumvent such potential threat against security,it puts lbrward a method,which relies on the behavior characters of processoL to judge the real existence of physical processorsKeywor ds.Confidemiality,Integrity.Memory/Storage System,Memory,Disk.Remote Storage,Hash Tree,OTP Encryption,Simulator,Timing 第lV贞 图索引图3 1.存储器J下确性榆布器模型………………………………….图3 2.使用Hash函数h的Hash村构造于被保护的存储器空l刈之上蚓3.3.检查代价随存储器块尺、J不同而变化的情况(I)………….矧3.4检查代价随存储器块尺寸不同而变化的情况(11)…………..削3.5.检查代价随存储器块尺寸不同而变化的情况(111)………….1到3.6检查代价随分支数不同而变化的情况………………………图3.7.具体考虑的系统存储器完整性校验范例…………………..幽3.8. 个2元(2.ary)基本Hash树………………………………图3.9带有热访问窗口的IIash树,H、v-H7Free…………………….图3.10.具体采用的Hash树结构………………………………………吲3.1 1.基于HW-H11tee的存储器完警性校验逻辑…………………一图3.12.1:同应用各自的性能比较…………………………………….图3.13.访问窗口宽度对性能的影响………………………………….图3.14.增加异步校验事务队列长度后的性能………………………..图3.15.特殊设计后实施校验的性能………………………………….幽4.1 MP系统。
p共享存储器的保护模型……………………………图4.2.MP系统中共享存储器安全的逻辑组成………………………图4.3.共享存储器保护的性能模拟………………………………….图5.1.本地磁糯:的保护模型………………………………………….1到5.2.本地磁盘卜所创建的特殊结构ttash树……………………一图5.3.实现磁盘完整性保护的逻辑模块…………………………….图5.4.磁盘完整性检验机制的性能模拟……………………………幽6,1.所考虑的远程数据存储的保护模型…………………………图6.2.保护远程非可信服务器卜所存储数据的机密性与完整性….图6.3.使用小的Flash盘来保护人的磁盘……………………………. 碱孙如弛 弭”∞甜档∞巧”硒卯∞趴斟%眄 ∞ 吣m幽7.1.真实处理器证明的过程………………………………………..图7.2.不同证明体的归一化识别率…………………………………. n坦 第iv贞 第1章绪言 机密性和完整性是维护计算机系统中数据安全的两个最基本属性。
本章首先阐述了研究的对象、目标与意义;然后,对当前的研究背景与相关技术作了简要描述与评价。
在此基础上
上一篇:
轻型龙门铣床XKQ2010×30毕业设计说明书
下一篇:
多年来只想说一句,我不怪你