| With the rapid advance of information technology of the electric power industry and the deepening of the application, information system applications have penetrated into all aspects of the electricity generation, transmission, substation, distribution, utilization etc. It leads to higher requirements of the power information security that the business continuity and real-time features of the power system demand the information system have the same performance, while the traditional security technologies based on signature and virus database can not prevent the first infringement of information systems entirely. The paper proposes a mandatory running control technology based on trusted computing theory. The technology establishes the "Trusted Root" to achieve the secure initial state of the system and relys on kernel-level process behavior monitoring technology to ensure "Trusted chain" transfer, which enables the system to run in a safe and trusted environment.The paper discusses the trusted process model from the theory of trusted computing firstly, putting forward the concepts of Trusted Process, Trusted Process Identity and Trusted Process List. Subsequently, it launches the research of the mandatory running control technology under the guidance of the trusted process model. By modifying kernel functions which create the process and load executable files, the technology can find and block the illegal process operation timely and accurately from the underlying operating system. The realization of the technology contains the determination and calculation of the trusted process identity, the trusted process list, the kernel monitoring module of process and the user interaction module. The paper elaborates the mandatory running control technology based on trusted computing theory from the design of trusted process model to the achievement of the technology, obtaining a satisfactory theoretical and practical value. |
PDF Full Text Request