Abstract:

Trusted computing has received further attention as an effective technique to safeguard information systems, and it has been widely applied in various fields. Trusted chain establishment, as an essential model of trusted computing technology which ensures the credibility of computing platform, still brings poor system efficiency due to the complex environment of the platform. To optimize the procedure of trusted chain establishment for trusted computing platforms, our research improved traditional trusted chain establishment from static to dynamic with additional security risk level assessment step during trusted chain establishment innovatively. First, we comprehensively analyzed threats and their source for platforms. Based on main indicators of the platform, fixed weight clustering evaluation method in the grey system theory was used to evaluate security risk level for platforms. With the recorded data of software and hardware changes for the platform, we assessed the security risk level for this platform and demonstrated the clustering results and improved measurement strategy for platform during trusted chain establishment. It is more systematic and more efficient than the traditional static trusted chain establishment method, which could find more files tampered during measurement procedure.

Key words:

Trusted Computing; Grey Clustering, Security Risk Assessment, Trusted Computing Platform;