Method for remote dynamic verification on integrality of client software

A client software and dynamic verification technology, applied in electrical components, transmission systems, etc., can solve problems such as software trustworthiness and security risks
CN101834860AInactive Publication Date: 2010-09-15BEIJING JIAOTONG UNIV
5 Cites 38 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
BEIJING JIAOTONG UNIV
Publication Date
2010-09-15
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides a method for remote dynamic verification on integrality of client software. In the method, a TCG (Trusted Computing Group) remote verification method, an Xen virtual machine security isolation property and a Trusted Platform Module (TPM) timestamp function are adopted to realize remote dynamic verification of a network server on self-contained executables of a network client untrusted client virtual domain. The network client is configured with a security chip TPM (Trusted Platform Module) and an Xen virtual machine system is also installed. A remote dynamic verification framework adopted by the method comprises three parts of an integrality measuring mechanism, a reporting mechanism and a verification mechanism, wherein the integrality measuring mechanism is completed by a back-end verification agent module installed in a network client privileged virtual domain and a memory measuring module installed in a network client virtual machine monitor; the reporting mechanism is completed by a front-end verification agent module installed in the network client virtual domain; and the verification mechanism is completed by a verification module installed d in the network server.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a method for remotely and dynamically verifying the integrity of client software, belonging to the field of computer information security. Background technique

[0002] At present, many attack methods that damage terminals are implemented by injecting various forms of malicious codes such as viruses, worms, spyware, and phishing software rather than by damaging secure channels. Therefore, the security of communication endpoints is an issue that cannot be ignored. For this reason, many network services such as online banking usually need to remotely verify the integrity of client-related software before providing services to clients, so as to ensure that they are serving legitimate clients. This verification process is called remote certification or remote verification. The verification object of the remote attestation may be the application software file, or the data in the program code segment, program data segment, program st...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More