Xu M.-D.,Wuhan Digital and Engineering Institute |
Xu M.-D.,Wuhan University |
Xu M.-D.,Key Laboratory of Aerospace Information Security and Trust Computing |
Zhang H.-G.,Wuhan Digital and Engineering Institute |
And 11 more authors.
Jisuanji Xuebao/Chinese Journal of Computers | Year: 2010
The specifications of trusted computing are guidance for products. But securities of specifications themselves need to be verified. The chain of trust is the key technical method to assure system security and is the focus of security in trusted computing platform. Aiming at information flow issue on specification of chain of trust, this paper uses secure process algebra to model trust chain, and describes mutual relationships between entities by non deducibility on composition, and abstracts the behavior and characters of specification of trust chain to multi-level secure inputs and outputs. After discussing associated relations of I/O of high level and low level, we analyzed the system of trust chain. Finally we put forward some conclusions and sounds prove.
Ren Z.,Wuhan University |
Ren Z.,Wuhan Digital and Engineering Institute |
Wang L.,Wuhan University |
Wang Q.,Wuhan University |
Xu M.,Wuhan Digital and Engineering Institute
IEEE Transactions on Services Computing | Year: 2015
Cloud storage allows users to store their data in a remote server to get rid of expensive local storage and management costs and then access data of interest anytime anywhere. A number of solutions have been proposed to tackle the verification of remote data integrity and retrievability in cloud storage systems. Most of existing schemes, however, do not support efficient data dynamics and/or suffer from security vulnerabilities when involving dynamic data operations. In this paper, we propose a dynamic proof of retrievability scheme supporting public auditability and communication-efficient recovery from data corruptions. To this end, we split up the data into data blocks and encode each data block individually using outer code and inner code before outsourcing so that i) an update inside any data block only affects a few codeword symbols and ii) communication-efficient data repair for a breakdown server can be achieved and communication overhead for small data corruptions within a server can be eliminated. Based on the encoded data blocks, we utilize rb23Tree to enforce the data sequence for dynamic operations, preventing the cloud service provider from manipulating data block to pass the integrity check in the dynamic scenario. We also analyze the effectiveness of the proposed construction in defending against pollution attacks during data recovery. Formal security analysis and extensive experimental evaluations are conducted, showing that the proposed scheme is practical for use in cloud storage systems. © 2015 IEEE.
Xu S.W.,Wuhan Digital and Engineering Institute |
Zhang H.G.,Hubei University |
Zhang H.G.,Hubei University of Education |
Dai Z.,Wuhan Digital and Engineering Institute |
And 2 more authors.
Advanced Materials Research | Year: 2014
Late Launch, which is a kind of dynamic measurement technology proposed by both Intel and AMD, offers isolated execution environment for codes needed to be protected. However, since the specifications and documents of Late Launch have hundreds of pages, they are too long and complicated to be fully covered and analyzed. A model based on Horn clauses is presented to solve the problem that there is a lack of realistic models and of automated tools for the verification of security protocols based on Late Launch. A running example is taken to show the execution details of Late Launch. Based on the example, secrecy properties of Late Launch are verified. What's more, the automatic theorem proving tool ProVerif is used to make the verification more fast and accurate. © (2014) Trans Tech Publications, Switzerland.
Yan K.,Wuhan Digital and Engineering Institute |
Heng W.,Wuhan Digital and Engineering Institute
Proceedings of SPIE - The International Society for Optical Engineering | Year: 2013
This paper brings forward a video recording and replaying system with the architecture of Digital Signal Processor (DSP) and Field Programmable Gate Array (FPGA). The system achieved encoding, recording, decoding and replaying of Video Graphics Array (VGA) signals which are displayed on a monitor during airplanes and ships' navigating. In the architecture, the DSP is a main processor which is used for a large amount of complicated calculation during digital signal processing. The FPGA is a coprocessor for preprocessing video signals and implementing logic control in the system. In the hardware design of the system, Peripheral Device Transfer (PDT) function of the External Memory Interface (EMIF) is utilized to implement seamless interface among the DSP, the synchronous dynamic RAM (SDRAM) and the First-In-First-Out (FIFO) in the system. This transfer mode can avoid the bottle-neck of the data transfer and simplify the circuit between the DSP and its peripheral chips. The DSP's EMIF and two level matching chips are used to implement Advanced Technology Attachment (ATA) protocol on physical layer of the interface of an Integrated Drive Electronics (IDE) Hard Disk (HD), which has a high speed in data access and does not rely on a computer. Main functions of the logic on the FPGA are described and the screenshots of the behavioral simulation are provided in this paper. In the design of program on the DSP, Enhanced Direct Memory Access (EDMA) channels are used to transfer data between the FIFO and the SDRAM to exert the CPU's high performance on computing without intervention by the CPU and save its time spending. JPEG2000 is implemented to obtain high fidelity in video recording and replaying. Ways and means of acquiring high performance for code are briefly present. The ability of data processing of the system is desirable. And smoothness of the replayed video is acceptable. By right of its design flexibility and reliable operation, the system based on DSP and FPGA for video recording and replaying has a considerable perspective in analysis after the event, simulated exercitation and so forth. © 2013 SPIE.
Xu M.-D.,Wuhan Digital and Engineering Institute |
Zhang H.-G.,The Key Laboratory of Aerospace Information Security and Trust Computing |
Zhang F.,Hangzhou Dianzi University |
Yang L.-J.,Wuhan Digital and Engineering Institute
Tien Tzu Hsueh Pao/Acta Electronica Sinica | Year: 2014
Chain of trust (CoT) is one of the key technologies for constructing trusted system. As viewed from theories and application systems of CoT, this paper introduced several representative models and the latest investigations including noninterference-based CoT theory and composition security-based CoT theory firstly. Afterward, this paper expatiated advantage and shortage of two CoT theories in detail. Secondly, this paper introduced the development of application systems comprising static CoT and dynamic CoT, and analyzed the remote attestation technology of chain of trust, and presented the CoT systems in cloud computing environment, and analyzed the security deficiency of those systems, and then discussed the conformance testing and security evaluation for CoT application system. Finally, this paper put forward the research and development trend for CoT. ©, 2014, Tien Tzu Hsueh Pao/Acta Electronica Sinica. All right reserved.