可信平台模块自动化测试研究

可信平台模块自动化测试研究

詹静1,2 张焕国1,2,3

1(武汉大学计算机学院武汉 430072) 2(武汉大学空天信息安全与可信计算教育部重点实验室武汉 430072) 3(武汉大学软件工程国家重点实验室武汉 430072) (jingzhan_whu@yahoo.com.cn)

出版日期: 2009-11-15

Automated Testing of the Trusted Platform Module

Zhan Jing1,2 and Zhang Huanguo1,2,3

1(School of Computer Science, Wuhan University, Wuhan 430072) 2(Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education, Wuhan University, Wuhan 430072) 3(State Key Laboratory of Software Engineering, Wuhan University, Wuhan 430072)

Online: 2009-11-15

摘要/Abstract

摘要： 可信平台模块(trusted platform module，TPM)是信息安全领域新发展趋势可信计算的关键部件，对其进行规范符合性测试非常有必要.由于传统测试方法与经验无法满足精确、易被机器处理的测试要求，状态机理论可为符合性测试的正确性提供理论基础，但易于产生状态爆炸问题.因此，基于TPM规范进行了一致性测试建模，提出相应策略提高测试效率，建立了TPM自动化测试工具.该工具能基于数据库自动生成测试用例，根据状态图进行一致性测试或自定义测试，达到过程可视化的效果.针对待测试产品得出了较为全面一致性结论和基本安全分析，为今后的可信产品安全性测试打下基础.

关键词: 可信计算, 可信平台模块, 自动化测试工具, 一致性测试, 状态机建模

Abstract: Trusted computing is a new paradigm to improve client security on today’s general architecture platforms and it uses a hardware chip as a key component, called trusted platform module (TPM) to achieve the goal. As there are already many related products on the market, it is very necessary to have conformance testing. However, traditional testing methods and experiences can’t meet the testing requirements in a form that make product evaluation to be precisely and automatically processed by machines. A conformance testing model based on the state machine theory is proposed as a solid foundation for testing correctness. Furthermore, related testing strategies based on specification are proposed in order to deal with the state space explosion problem which is a major obstacle reducing practicality of the state machine theory based testing methods. Automated testing tool is also designed and implemented correspondingly to improve the efficiency and accuracy. The tool can generate test suits automatically based on database and customize testing sequences based on the state graph according to user’s requirements. It can achieve process visualization and testing results for the conformance testing that can be used by future security evaluation on trusted computing platform products.

Key words: trusted computing, trusted platform module (TPM), automated testing tool, conformance testing, state machine model

詹静, 张焕国,. 可信平台模块自动化测试研究[J]. .

Zhan Jing, and Zhang Huanguo,. Automated Testing of the Trusted Platform Module[J]. .

	作者相关文章
	詹静
	张焕国

[1]	杨波1,2 冯登国1 秦宇1 张倩颖1,2 奚瓅1,2 郑昌文3. 基于可信移动平台的直接匿名证明方案研究[J]. 计算机研究与发展, 2014, 51(7): 1436-1445.
[2]	周彦伟1,2 杨启良3 杨波2 吴振强1,2. 一种安全性增强的Tor匿名通信系统[J]. 计算机研究与发展, 2014, 51(7): 1538-1546.
[3]	谭良, 孟伟明, 周明天,. 一种优化的直接匿名证言协议方案[J]. 计算机研究与发展, 2014, 51(2): 334-343.
[4]	王丽娜, 任正伟, 董永峰, 余荣威, 邓入弋,. 云存储中基于可信平台模块的密钥使用次数管理方法[J]. , 2013, 50(8): 1628-1636.
[5]	王勇方娟任兴田林莉. 基于进程代数的TCG远程证明协议的形式化验证[J]. , 2013, 50(2): 325-331.
[6]	周福才, 岳笑含, 白洪波, 徐剑,. 一种高效的具有灵活属性证书状态校验机制的PBA方案[J]. , 2013, 50(10): 2070-2081.
[7]	郑丽娟, 韩臻, . 基于分离机制网络的可信域内快速认证协议[J]. , 2012, 49(5): 939-948.
[8]	沈晴霓, 杜虹, 文汉, 卿斯汉,. 一种基于完整性度量架构的数据封装方法[J]. , 2012, 49(1): 210-216.
[9]	田俊峰, 李珍, 刘玉玲,. 一种可信软件设计方法及可信性评价[J]. , 2011, 48(8): 1447-1454.
[10]	徐士伟, 张焕国,. 基于应用π演算的可信平台模块的安全性形式化分析[J]. , 2011, 48(8): 1421-1429.
[11]	冯登国秦宇汪丹初晓博. 可信计算技术研究[J]. , 2011, 48(8): 1332-1349.
[12]	刘武, 段海新, 张洪, 任萍, 吴建平,. TRBAC:基于信任的访问控制模型[J]. , 2011, 48(8): 1414-1420.
[13]	庄琭蔡勉沈昌祥. 基于交互式马尔可夫链的可信动态度量研究[J]. , 2011, 48(8): 1464-1472.
[14]	张焕国李晶潘丹铃赵波. 嵌入式系统可信平台模块研究[J]. , 2011, 48(7): 1269-1278.
[15]	李昊秦宇冯登国. 基于可信平台模块的虚拟单调计数器研究[J]. , 2011, 48(3): 415-422.