Skip to main content
SpringerLink
Log in

Research on trusted computing and its development

  • Review
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Trusted computing is a novel technology of information system security. It has become a new tide in worldwide information security area and achieved inspiring accomplishment. In China, the initiative research of trusted computing is not late, and the achievements are plentiful and substantial. Our country is in the front rank of the world in trusted computing. This paper comprehensively illustrates the recent development in theory and technology of trusted computing, introduces some improvements in trusted computing in our country, and proposes our opinions and viewpoints towards the existing problems in trusted computing and its future development.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Shen C X, Zhang H G, Feng D G, et al. Survey of information security (in Chinese). Sci China Ser E, 2007, 37: 129–150

    Google Scholar 

  2. Shen C X, Zhang H G, Feng D G, et al. Survey of information security. Sci China Ser F-Inf Sci, 2007, 50: 273–298

    Article  MATH  Google Scholar 

  3. Zhang H G, Luo J, Jin G, et al. Development of trusted computing research (in Chinese). J Wuhan Univ (Nat Sci), 2006, 52: 513–518

    MATH  Google Scholar 

  4. Department of Defense Computer Security Center. Department of Defense Trusted Computer System Evaluation Criteria. DoD 5200.28-STD. USA: DOD, 1985

    Google Scholar 

  5. National Computer Security Center. Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria. NCSC-TG-005. USA: DOD, 1987

    Google Scholar 

  6. National Computer Security Center. Trusted Database Interpretation of the Trusted Computer System Evaluation Criteria. NCSC-TG-005. USA: DOD, 1987

    Google Scholar 

  7. Trusted Computing Group. TCG. https://www.trustedcomputinggroup.org

  8. Trusted Computing Group. TCG. https://www.trustedcomputinggroup.org/specs

  9. European Multilaterally Secure Computing Base (EMSCB). Towards trustworth systems with open standards and trusted computing. http://www.opentc.org

  10. Zhang H G, Wu G Q, Qin Z P, et al. A new security computer (in Chinese). J Wuhan Univ (Nat Sci), 2004, 50: 1–6

    Google Scholar 

  11. Zhang H G, Liu Y Z, Yu F J, et al. A new embedded security module (in Chinese). J Wuhan Univ (Nat Sci), 2004, 50: 7–11

    Google Scholar 

  12. State Cipher Administration. Cipher Support Platform Function and Interface Specification of Trusted Computing (in Chinese), 2007

  13. Liu K, Shan Z G, Wang J, et al. Survey of basic research in trusted software (in Chinese). Sci Found China, 2008, 3: 145–151

    Google Scholar 

  14. ISO/IEC. Information Technology-Open Systems Interconnection-The Directory Part 8: Authentication Framework. 1990

  15. Common Criteria Project Sponsoring Organisations. Common Criteria for Information Technology Security Evaluation. ISO/IEC International Standard (IS) 15408 1-3. Version 2.1. 1999

  16. Trusted Computing Group (TCG). TCPA Main Specification, Version 1.1b. 2002

  17. Zhao B, Zhang H G, Li J, et al. Trusted PDA computing platform architecture and security mechanism (in Chinese). Comput J, 2010, 33: in press

  18. Peng G J, Pan X C, Fu J M, et al. Static extracting method of software intended behavior based on API functions invoking. Wuhan Univ J Natur Sci, 2008, 13: 615–620

    Article  Google Scholar 

  19. Peng G J, Pan X C, Zhang H G, et al. Dynamic trustiness authentication framework based on software’s behavior integrity. In: Proceedings of the 9th International Conference for Young Computer Scientists (ICYCS 2008). Hunan: 2008. 2283–2288

  20. Peng G J. Software dynamic trusted theory based on behavior integrity and its technological research (in Chinese). Dissertation for the Doctoral Degree. Wuhan: Wuhan University, 2008

    Google Scholar 

  21. Intel Trusted Execution Technology. Software Development Guide Measured Launched Environment Developer’s Guide. Document Number: 315168-005. 2008

  22. Zhao B, Yan F, Yu F J, et al. trans. Trusted Computing (in Chinese). Beijing: China Machine Press, 2009

    Google Scholar 

  23. Luo J, Yan F, Yu F J, et al. Research on cryptology mechanism of trusted computing platform module (in Chinese). J Comput Appl, 2008, 28: 1907–1915

    MATH  Google Scholar 

  24. Zhu Z Q, Yu F J, Zhang H G, et al. An improved cryptology mechanism on trusted computing platform (in Chinese). J Wuhan Univ, 2009, 55: 11–16

    Google Scholar 

  25. Trusted Computing Group. TCG Mobile Trusted Module Specification. Version 1.0. Oregon: TCG, 2007 [2007209201]. https://www.trustedcomputinggroup.org/specs/mobilephone/tcg2mobile2trusted2module21.0.pdf

    Google Scholar 

  26. TCG. TCG Mobile Reference Architecture. Version 1.0. Oregon: TCG, 2007 [2007209201]. https://www.trustedcomputinggroup.org/specs/mobilephone/tcg2mobile2reference2architecture21.0.pdf

    Google Scholar 

  27. TMP. Trusted Mobile Platform Hardware Architecture description. [2007206205]. http://www.trustedmobile.org/TMPHWAD-rev1-00.pdf

  28. TMP. Trusted Mobile Platform Software Architecture description. [2007206205]. http://www.trustedmobile.org/TMPSWAD-rev1-00.pdf

  29. TMP. Trusted Mobile Platform Protocol Specification document. [2007206205]. http://www.trustedmobile.org/TMPProtocol-rev1-00.pdf

  30. OMTP. Open Mobile Terminal Platform Group. London: OMTP, 2007. [2007209201]. http://www.omtp.org/wgsrecommendations.html#trusted

    Google Scholar 

  31. Zhang H G, Qin Z P, Yang Q. Design and implementation of the TPM chip J3210. In: Proceedings of the 3rd Asia-Pacific Trusted Infrastrucre Technologies Conference. Wuhan, 2008. 72–78

  32. Zhang H G, Qin Z P, Liu Y. A new chip of trusted computing Module (in Chinese). J Wuhan Univ, 2008, 10: 991–994

    Google Scholar 

  33. Trusted Computing Group. TCG Generic Server Specification. Version 1.0. TCG, 2005

  34. Trusted Computing Group. TCG Itanium Architecture Based Server Specification. Version 1.0. TCG, 2006

  35. State Bureau of Quality and Technical Supervision. China Information Security Evaluation Certification Management Method (in Chinese), 1999

  36. Chen L Q, Kudla C, Paterson K G. Concurrent Signatures. In: Advances in Cryptology-EUROCRYPT 2004. Berlin/Heidelberg: Springer, 2004. 287–305

    Google Scholar 

  37. Sadeghi A R, Selhorst M, Stueble C, et al. TCG inside?-a note on TPM specification compliance. In: The 1st ACM Workshop on Scalable Trusted Computing. New York: ACM, 2006. 47–56

    Chapter  Google Scholar 

  38. Tóth G, Koszegi G, Hornák Z. Case study: automated security testing on the trusted computing platform. In: Proceedings of the ACM SIGOPS European Workshop on System Security (EUROSEC), 2008. 35–39

  39. Gurgens S, Rudolph C, Scheuermann D, et al. Security evaluation of scenarios based on the TCG’s TPM specification. In: Proceedings of the 12th European Symposium on Research in Computer Security, 2007. 438–453

  40. Lin A H. Automated analysis of security apis. Master’s thesis. Massachusetts: Massachusetts Institute of Technology, 2005

    Google Scholar 

  41. Li H, Feng D G. Compliant testing method of trusted cryptography module (in Chinese). J Wuhan Univ, 2009, 55: 31–34

    Google Scholar 

  42. Li H, Hu H, Chen X F. Research on compliant testing method of trusted cryptography module (in Chinese). Chinese J Comput, 2009, 32: 654–663

    Article  Google Scholar 

  43. Chen X F. The formal analysis and testing of trusted platform module (in Chinese). Chinese J Comput, 2009, 32: 646–653

    Article  Google Scholar 

  44. Cui Q, Shi W C. An approach for compliance validation of TPM through applications. J Grad Sch Chinese Acad Sci, 2008, 25: 649–656

    Google Scholar 

  45. Luo J. Research on testing and evaluating technology of trusted computing platform (in Chinese). Dissertation for the Doctoral Degree. Wuhan: Wuhan University, 2008

    Google Scholar 

  46. Zhang H G, Luo J, Yan F, et al. A practical solution on trusted computing platform testing. In: Proceedings of the 3rd Asia-Pracific Trusted Infrastructure Technologies Conference. 2008. 79–87

  47. Zhan J, Zhang H G, Xu S W, et al. An approach for compliance validation of TPM through applications (in Chinese). J Wuhan Univ, 2008, 33: 1067–1069

    Google Scholar 

  48. Zhan J, Zhang H G, Zou B Y, et al. Research on automated testing of the trusted platform model. In: The 9th International Conference for Young Computer Scientists, 2008. 2335–2339

  49. Zhan J, Zhang H G. Research on auto-testing of TMP (in Chinese). J Comput Res Develop, 2009, 46: 1839–1846

    Google Scholar 

  50. Zhan J. Research on architecture of computer and Application (in Chinese). Dissertation for the Doctoral Degree. Wuhan: Wuhan University, 2009

    Google Scholar 

  51. Xu M D, Zhang H G, Yan F. Testing on trust chain of trusted computing platform based on labeled transition system (in Chinese). Chinese J Comput, 2009, 32: 635–645

    Article  Google Scholar 

  52. Xu M D. Security analysis for chain of trust of trusted computing platform (in Chinese). Dissertation for the Doctoral Degree. Wuhan: Wuhan University, 2009

    Google Scholar 

  53. Yang Y, Zhang H G, He F, et al. Research and security analysis of anonymous identity authentication in trusted computing. In: Proceedings of the 3rd International Conference on New Trends in Information and Service Science, 2009. 409–412

  54. Yang Y, Zhang H G, Pan M, et al. A model-based fuzz framework to the security tesing of TCG software stack implementations. In: Proceedings of 2009 International Conference on Multimedia Information Networking and Security Science, 2009. 149–152

  55. Yang Y, Zhang H G, Xu S W, Zhang F, et al. Using first order logic to reason about TCG’s TPM specification. In: Proceedings of 2009 International Forum on Information Technology and Applications, 2009. 259–263

  56. Yang Y, Zhang H G, Wang H Z. Research on automatic detection method of C memory access flaw (in Chinese). Comput Sci, 2010, 6: in press

  57. Yang Y, Zhang H G, Xu S W. Application programming interface security analysis method of a formalization trusted computing platform module (in Chinese). J Wuhan Univ, 2010, in press

  58. Yang Y. Automatic software test research towards flaw (in Chinese). Dissertation for the Doctoral Degree. Wuhan: Computer School, 2009

    Google Scholar 

  59. Zhang H G, Yan F, Fu J M, et al. Research on theory and key technology of trusted computing platform security testing and evaluation. Sci China Inf Sci, 2010, 53: 434–453

    Article  Google Scholar 

  60. Chen H W, Wang J, Dong W. High trusted engineer Technology (in Chinese). Acta Electron Sin, 2004, 31: 1934–1938

    Google Scholar 

  61. Jackson D, Thomas M, Millett L I. Committee on Certifiably Dependable Software Systems, Computer Science and Telecommunications Board, Division on Engineering and Physical Sciences. National Research Council of the National Academies. Software for Dependable Systems-Sufficient Evidence? Washington: The National Academies Press, 2007

    Google Scholar 

  62. Jackson D. A direct path to dependable software. Commun ACM, 2009, 52: 78–88

    Article  Google Scholar 

  63. Dong W, Wang J, Zhao C Z, et al. Automating software FMEA via formal analysis of dependence relations. In: The 32nd Annual IEEE International Computer Software and Applications Conference (COMPSAC). New York: IEEE Computer Society, 2008. 490–491

    Chapter  Google Scholar 

  64. Lyu M R. Handbook of Software Reliability Engineering. New York: IEEE Computer Society Press, McGraw-Hill Book Company, 1996

    Google Scholar 

  65. Manadhata P K, Tan K M C, Maxion R A, et al. An Approach to Measuring A System’s Attack Surface. CMU-CS-07-146. 2007

  66. Rolland J F, Bodeveix J P, Filali M, et al. AADL modes for space software, data systems. In: Aerospace (DASIA 2008). Palma de Majorca, 2008. 27–30

  67. Mens T, Demeyer S. Software Evolution. Berlin/Heidelberg: Springer-Verlag, 2008

    MATH  Google Scholar 

  68. Ghoshal S, Manimaran S, Rosu G, et al. Monitoring IVHM systems using a monitor-oriented programming framework. In: The 6th NASA Langley Formal Methods Workshop (LFM 2008), 2008

  69. Nahmsuk O. Software Implemented Hardware Fault Tolerance. California: Stanford University, 2001

    Google Scholar 

  70. Woodcock J, Larsen P G, Bicarregui J, et al. Formal methods: practice and experience. ACM Computing Surveys, 2009, 41: 1–36

    Article  Google Scholar 

  71. Cousot P. Abstract interpretation based formal methods and future challenges. In: Informatics, 10 Years Back-10 Years Ahead. LNCS 2000. Berlin/Heidelberg: Springer, 2001. 138–156

    Google Scholar 

  72. Mei H, Wang Q X, Zhang L, et al. Software analysis: a road Map (in Chinese). Chinese J Comput, 2009, 32: 1697–1710

    Google Scholar 

  73. Coverity Inc. Coverity. http://www.coverity.com

  74. Brat G, Venet A. Precise and scalable static program analysis of NASA flight software. In: IEEE Aerospace Conference. Big Sky, MT, 2005. 1–10

  75. Blanchet B, Cousot P, Cousot R, et al. A static analyzer for large safety-critical software. In: PLDI 2003-ACM SIGPLAN SIGSOFT Conference on Programming Language Design and Implementation. New York: ACM, 2003. 196–207

    Chapter  Google Scholar 

  76. Clarke E M, Grumberg O, Peled D A. Model Checking. Massachusetts: MIT Press, 2000

    Google Scholar 

  77. Jhala R, Majumdar R. Software model checking. ACM Comput Surv, 2009, 41: 1–54

    Article  Google Scholar 

  78. NASA. JPF Wiki. http://babelfish.arc.nasa.gov/trac/jpf

  79. Penix J, Visser W, Park S, et al. Verifying time partitioning in the deos scheduling kernel, formal methods. Syst Des J, 2005, 26: 103–135

    MATH  Google Scholar 

  80. Cadar C, Dunbar D, Engler D. Klee: unassisted and automatic generation of high-coverage tests for complex systems programs. In: The 8th USENIX Symposium on Operating System Design and Implementation, 2008. 209–224

  81. Csallner C, Tillmann N, Smaragdakis Y. DySy: dynamic symbolic execution for invariant inference. In: Proceedings of the 30th International Conference on Software Engineering, 2008. 281–290

  82. Littlewood B, Wright D. The use of multilegged arguments to increase confidence in safety claims for software-based systems: a study based on a bbn analysis of an idealized example. IEEE Trans Softw Engin, 2007, 33: 347–365

    Article  Google Scholar 

  83. Wang H M, Yi G. Trusted evolution in network period (in Chinese). Commun Chinese Comput Acad, 2010, 6: in press

  84. Godfrey M W, German D M. The Past, Present, and Future of Software Evolution. FoSM, 2008. 129–138

  85. Lehman M M. On understanding laws, evolution and conservation in the large program life cycle. Syst Softw, 1980, 1: 213–221

    Article  Google Scholar 

  86. Boldyreff C, Nutter D, Rank S, et al. Environments to support collaborative software engineering. In: The 2nd Workshop on Cooperative Supports for Distributed Software Engineering Processes, 2003. 25–28

  87. Sarma A. A survey of collaborative tools in software development. Technical Report, UCI-ISR-05-3. Irvine: University of California, Institute for Software Research. 2005

    Google Scholar 

  88. Oreizy P, Medvidovic N, Taylor R. Architecture-based runtime software evolution. ICSE, 1998: 177–186

  89. Oreizy P, Medvidovic N, Taylor R N. Runtime software adaptation: framework, approaches, and styles. ICSE, 2008: 899–910

  90. Yang F Q, Lü J, Mei H. Architecture of net-built software technology: a path base on architecture. Sci China Ser F-Inf Sci, 2008, 51: 610–622

    Article  Google Scholar 

  91. Ruhe M G, Eberlein A. COTS selection: past, present, and future. In: Proceedings of the 14th Annual IEEE International Conference and Workshops on the Engineering of Computer-Based Systems, ECBS’ 07. Washington: IEEE Computer Society, 2007. 103–114

    Google Scholar 

  92. Taibi D, Lavazza L, Morasca S. OpenBQR: a framework for the assessment of OSS. In: IFIP Working Group 2.13 on Open Source Software. Limerick, 2007. 173–186

  93. Feiler N L, Gabriel P, Goodenough R, et al. Ultra-Large-Scale Systems: the Software Challenge of the Future. Software Engineering Institute. Pittsburgh, PA: Carnegie Mellon University, 2006

    Google Scholar 

  94. Kazman R, Chen H M. The metropolis model-a new logic for development of crowdsourced systems. Commun ACM, 2009, 52: 76–84

    Article  Google Scholar 

  95. Wang H M. Build shared trusted software product Environment (in Chinese). Commun Chinese Comput Acad, 2009, 5: 56–61

    Google Scholar 

  96. Trustie Team. Trustie Serial Technical Specification (in Chinese). V2.0. http://www.trustie.net. [2009-9]

  97. Mei H, Wang J. Software analysis (in Chinese). Chinese J Comput, 2009, 32: 1695–1696

    Google Scholar 

  98. Wang H M, Xu J. Structure and evolution of trusted software (in Chinese). Softw J, 2010, 21: in press

  99. Qu Y W. Ethology of Software (in Chinese). Beijing: Publishing House of Electronics Industry, 2004

    Google Scholar 

  100. Clark D, Sollins K, Wroclawski J. NewArch Project: Future-Generation Internet Architecture. http://www.isi.edu/newarch/iDOCS/final.finalreport.pdf

  101. Neumann P G. Principled assuredly trustworthy composable architectures. http://www.csl.sri.com/neumann/chats4.html

  102. Ellison R J. Moore A P. Trustworthy refinement through intrusion-aware design(TRIAD): an overview. In: Proceedings of the 3rd Annual High Confidence Software and Systems Conference, 2003. http://www.cert.org/archive/pdf/triad.pdf

  103. Lin C, Peng X H. Research on trusted network (in Chinese). Chinese J Comput, 2005, 28: 751–758

    Google Scholar 

  104. Lin C, Ren F Y. New network, controllable, trusted, Extended (in Chinese). J Softw, 2004, 15: 1815–1821

    MATH  Google Scholar 

  105. Min Y H. Trusted system and network (in Chinese). Comput Eng Sci, 2001, 23: 21–23

    Google Scholar 

  106. TNC Web Site. http://www.trustedcomputinggroup.org/developers/trusted network connect

  107. TCG Specification Trusted Network Connect -TNC Architecture for Interoperability Revision 1.1. http://www.trustedcomputinggroup.org. [2006-5]

  108. Trusted Computing Group. TCG Trusted Network Connect TNC Architecture for Interoperability Specification Version 1.4. http://www.trustedcomputinggroup.org/resources/tcg architecture overview version 14. [2009-5]

  109. Microsoft Corporation. Network Access Protection Platform Architecture. http://www.microsoft.com/technet/network/nap

  110. Zhang H G, Chen L, Zhang L Q. Research on trusted network Connection (in Chinese). Comput J, 2010, 33: in press

  111. Zhang L Q. Theories and key technology research in trusted network connection (in Chinese). Dissertation for the Doctoral Degree. Wuhan: Wuhan University, 2008

    Google Scholar 

  112. Zhang L Q, Chen L, Zhang H G, et al. Trusted code remote execution through trusted computing and virtualization. In: Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing Conference. Qingdao, 2007. 39–44

  113. Zhang L Q, Zhang H G, Zhang X T, et al. A new mechanism for trusted code remote execution. In: Proceedings of the 2007 International Conference on Computational Intelligence and Security Workshops. Harbin, 2007. 574–578

  114. Kühn U, Selhorst M, Stüble C. Realizing property-based attestation and sealing with commonly available hard- and software. In: Proceedings of the 1st ACM Workshop on Scalable Trusted Computing (STC’07). New York, 2007. 50–57

  115. Sadeghi A R, Stüble C. Property-based attestation for computing platforms: caring about properties, not mechanisms. In: The 2004 New Security Paradigms Workshop. Virginia Beach, 2004. 67–77

  116. Poritz J, Schunter M, van Herreweghen E, et al. Property Attestation - Scalable and Privacy-friendly Security Assessment of Peer Computers. Technical Report, RZ 3548. IBM Research, 2004

  117. Korthaus R, Sadeghi A R, Stüble C, et al. A practical property-based bootstrap architecture. In: Proceedings of the 4th ACM Workshop on Scalable Trusted Computing (STC’09). New York: ACM Press, 2009. 29–38

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Beijing University of Technology, Beijing, 100124, China

    ChangXiang Shen & HuanGuo Zhang

  2. Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education, School of Computer, Wuhan University, Wuhan, 430072, China

    Bo Zhao, Fei Yan, FaJiang Yu, LiQiang Zhang & MingDi Xu

  3. School of Computer, National University of Defence Technology, Changsha, 430074, China

    HuaiMin Wang & Ji Wang

Authors
  1. ChangXiang Shen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. HuanGuo Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. HuaiMin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ji Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bo Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Fei Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. FaJiang Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. LiQiang Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. MingDi Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to HuanGuo Zhang.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Shen, C., Zhang, H., Wang, H. et al. Research on trusted computing and its development. Sci. China Inf. Sci. 53, 405–433 (2010). https://doi.org/10.1007/s11432-010-0069-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11432-010-0069-x

Keywords

Search

Navigation