Research on dynamic integrity measurement strategy based on measurement point distribution

摘要

Trusted computing technology is to further enhance the safety of the computer system by changing the traditional computer architecture. Integrity measurement is the key technology of trusted computing and the core and foundation of integrity protection system. In view of the fact that integrity measurement can't effectively avoid TOC-TOU security risks and overabundance of redundancy in the current trusted computing platform, a new dynamic integrity measurement strategy is proposed. The strategy takes the time point of the attack as the benchmark, and modifies the integrity measurement point distribution to measure the dynamic integrity of the measurement object in real time, so as to effectively grasp the integrity of the system operation. The analysis results show that the method not only has the static measurement ability, but also detect attack damage to the integrity of the system in the running process of the system, so as to improve the security of the system, and maintain the system flexibility and compatibility.