| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Testing on Trust Chain of Trusted Computing Platform Based on Labeled Transition System |
| Authors | XU Ming-Di ZHANG Huan-Guo YAN Fei |
| Address | (Key Laboratory of Aerospace Information Security and Trust Computing of Ministry of Education, Wuhan 430072) (School of Computer, Wuhan University, Wuhan 430079) (State Key Laboratory of Software Engineering, Wuhan University, Wuhan 430072) |
| Year | 2009 |
| Issue | No.4(635¡ª645) |
| Abstract & Background | Abstract At present, the trusted computing has become a major development trend in the field of information security. According to ¡°China National Information Security Certification and Evaluation Management¡±, the information security products must be evaluated and certified. However, attribute to the situation that the specifications are established by the enterprises, the theory about the trusted computing is behind the technology, and there aren¡¯t any testing tools, which will affect the development of trusted computing. Therefore, this paper focuses on the behavior characters of specifications of trust chain, letting process algebra as denotation semantics, and taking labeled transition system (LTS) as operation semantics for formalizing behavior characters of trust chain. The authors put forward a test framework based on LTS for trust chain. Aiming at problems between specifications and implementations of trust chain, they reduce test suite effectively for testability, and reason the relationship of them, which are theory foundation of constructing test suite and solve the hard problem of trust chain test. Keywords trusted computing platform; trust chain; process algebra; labeled transition system; conformance testing Background This research work is based on the authors¡¯ research direction which aimed at testing and evaluation of Trusted Computing Platform. At present, the Trusted Computing has become a major development trend in the field of computer security. China¡¯s Trusted Computing technology and industry is in a phase of vigorous development, with the Trusted Computing product maturity, the Trusted Computing Platform applications will become more and more widely. Trusted Computing Platform can be used to greatly enhance the security of information systems, but must be under the Trusted Computing Platform evaluation, otherwise, neither the quality of trusted computing products, nor the security of information systems can be guaranteed. According to ¡°China National Information Security Certification and Evaluation Management¡±, the information security products must be evaluated and certified. Testing and evaluation of Trusted Computing Platform lays emphasis on scientific, comprehensive, accurate testing and evaluation of the consistency and safety of Trusted Computing Platform product, and to ensure that the results is a comprehensive, scientific and internal consistency one. The main features of Testing and evaluation of Trusted Computing Platform includes standards or specifications conformance testing, safety testing and system reliability testing of Trusted Computing Platform. At present, there is no complete theory, technology and evaluation system for testing and evaluation of the Trusted Computing Platform at home and abroad. This paper carries out testing a TCG-enabled PC and finds the gap between TCG specifications and product implementations. The authors used process algebra as a formal tool for description of the trust chain to deduct the behavior features of it, constructing an testing model of trust chain based on labeled transition system from the dynamic point of view, getting a reduction of basic testing set from testability point of view, proposing the consistency relations between implementation and specification of trust chain. After analyzing characteristics of the trust chain, dividing testing of the trusted chain into CRTM testing, events testing and the state testing, putting forward a trusted Chain testing model constructed by the three kinds of testing mentioned above. The prototype aim at testing TCG-compliant products which are specific desktops or laptops, and delaminating testing model into three layers which are composed of TPM, chain of trust and TSS. According to experiments, there are some limitations in those products which had got rid of important functions such as event logs, MA driver. The vendor¡¯s convenient actions maybe destroy the original scheme designed by TCG. This paper is supported by the National High Technology Research and Department Program(863 Program) of China(2007AA01Z411, 2008AA01Z404), National Natural Science Foundation of China(60673071, 90718005, 90718006) and the Open Fund of the Key Laboratory of Aerospace Information Security and Trust Computing, Ministry of Education. |