可信计算发展综述

:2008-10-06;:2008-11-30:863(2006AA01Z173):(1938-),,,,,CCF,:;(1981-),,,,:;(1964-),,,,,::1001-9081(2009)04-0915-05,,(,610054)(gzxiong@uestc.edu.cn):,,,,:;;;:TP309:ASurveyondependablecomputingXIONGGuang2ze,CHANGZheng2wei,SANGNan(SchoolofComputerScienceandEngineering,UniversityofElectronicScienceandTechnologyofChina,ChengduSichuan610054,China)Abstract:Thispapersurveyedthedevelopmentofdependablecomputing.Thebasicconceptsofdependabilitywereexplained,andcurrentresearchworksofdependablecomputingwereintroduced.Highdependabilitysafeguardtechniquesforsafety2criticalsystemswereproposed.Somefutureresearchdirectionsofdependablecomputingwerepresented.Keywords:dependability;dependablecomputing;safety2criticalsystem;multi2levelhighdependabilitysafeguard0,,,,,,,,,,:1992,,1996,5,,5,802003,,,,60,,,,11.1(DependableComputing)2030Babbage[1]20,,J.vonNeumannC.E.Shannon[2]1965,Pierce(FailureTolerance)1967,AvizienisSchneider[3],,IEEE2CSTC1970,IFIPWG10.41980,Laprie1985(Dependability)(Reliability),RAND1992,Laprie,,Dependability:BasicConceptsandTerminology1.2,,,,,,DependabilityTrustworthinessHighConfidence[4],Dependable29420094JournalofComputerApplicationsVol.29No.4Apr.2009Computing[5-6],TrustedComputing[7]TrustworthyComputing[8],[6][5][7],[9],[4,8,10],[11]DependabilityTrustworthinessHighConfidence,,Dependability,,,111.2.1,:(Availability)(Reliability)(Safety)(Security)(Maintainability),(Confidentiality)(Integrity),,,,,1.2.2(Failure),,(),,,,(Error),,,,,,,(Fault),,,,,,,,,,221.2.31),,,,2),,,,,,,,,3),,,61929,80%,4),,,,,3,,,,,,32,,,,,2.11999IEEE2000IEEE(FTCS)IFIP10.4,IEEE/IFIP(InternationalConferenceonDependableSystemsandNetworks,DSN),20001211(NASA)Ames(HighDependabilityComputingConsortium),AdobeIBMSUN12,2004,IEEE(IEEETransactionsonDependableandSecureComputing),,1983,(TrustedComputerSystemEvaluationCriteria,TCSEC)[12],1985IBMHPIntelIT1999(TrustedComputingPlatformAlliance,TCPA),2003TCPATCG,ITTCG,20061(OpenTrustedComputing),232.2,,(863)2007,2007,,6,1.5,[13],200710,,,[14]JournalofComputerScienceandTechnology,,2004,,2008,2090,,,,[9,15][16],[17][18],[4],[19][20][21][22],,,3(SafetyCriticalSystems),,,(Safety),,,;,,,(),,,,,7194:,,,,,,,,,4,43.1,3.1.1,,,,,,,3.2,[23],[24],QoS,,[25],[26]ARTCA[27]E&TTE,3.1.2,,,,,,(),[24]3.1.3,(),,,,,[24],,3.33.2,,CRTOSII[21],[28],[29][28],,[30],CRTOSII3.3,[31],[18],,,SRET,[18],[32]4,,4.1,,,,,4.24.2.1,ITRS,,,(Multi2CoreProcessor)(Multi2ProcessorSystem2on2Chip)[33],,(Network2on2Chip),81929[34]4.2.2,,,,,[4],,,,4.2.3,,,,,,,,,,[8],,,[7]4.3,,,,,,,,,,[35]:D=1R+2SE+3SA+4A+5M(1),5i=1i=1,0i1D,R,SE,SA,AM,,,i,,,,,,,,,,4.4,,,,,,,,,,,,5,,,,,,:1),,,,,2),,,,,3),,,4),,,,:[1]LAPRIEJC.Dependablecomputingandfaulttolerance:Conceptsandterminology[C]//Proceedingsofthe15thIEEESymposiumonFaultTolerantComputingSystems.LosAlamitos,CA:IEEECom2puterSociety,1985:2-11.[2]vonNEUMANNJ.Probabilisticlogicsandthesynthesisofreliableorganismsfromunreliablecomponents[M]//SHANNONCE,ASH2BYWR,MCCARTHYJ.Automatastudies.Princeton:PrincetonUniversityPress,1956:43-98.[3]NELSONVP.Fault2tolerantcomputing:Fundamentalconcepts[J].Computer,1990,23(7):19-25.[4],,.[J].,2003,31(12A):1933-1938.[5]SIEWIOREKD,,CHILLAREGER,etal.[J].,2007,30(10):1645-1661.[6].[J].,2001,23(5):21-23.[7],.[J].,2006,35(4):686-697.[8],.[J].,2005,28(5):751-758.[9],,,.[J].:E,2007,37(2):129-150.(931)9194:1,,,,,44:,RADIUS;CA,,,,,:[1]HOUSLEYR,POLKW,FORDW,etal.InternetX.509PublicKeyInfrastructureCertificateandCertificateRevocationList(CRL)Profile[EB/OL].[2008-07-20].[2]TheGlobusAlliance.Globusproject[EB/OL].(2005-08-10)[2008-08-10].[3]PERLMANR.AnoverviewofPKItrustmodels[J].IEEENetwork,1999,13(6):38-43.[4]MOSEST.PKItrustmodels[EB/OL].[2008-07-22].[5]ZHUL,TUNGB.Publickeycryptographyforinitialauthenticationinkerboros(PKINIT)[EB/OL].(2007-01-05)[2008-07-25].[6]RIGNEYC,WILLENSS,RUBENSA,etal.Remoteauthentica2tiondialinuserservice(RADIUS)[EB/OL].[2008-07-19].[7]FOSTERI,KESSELMANC.Thegrid:Blueprintforanewcompu2tinginfrastructure[M].2nded.SanFrancisco,USA:MorganKauf2mannPublishers,2004.(919)[10],.[J].,2008,35(6):15-19.[11]AVIIENISA,LAPRIEJC,RANDELLB,etal.Basicconceptsandtaxonomyofdependableandsecurecomputing[J].IEEETransactionsonDependableandSecureComputing,2004,1(1):11-33.[12]Csc2std2001283.Trustedcomputersystemevaluationcriteria[S].Washington,DC,USA:DOD,1980.[13],,,.[J].,2008(3):145-151.[14],.[J].,2007,30(7):1-2.[15].[J].,2006,29(9):1-2.[16].[J].,1995,18(12):930-943.[17],,.SoC[J].,2005,42(1):153-162.[18].[D].:,2005.[19],.[J].,1999,16(9):1-3.[20],,,.[J].,2007,44(1):154-160.[21].[D].:,2003.[22].[J].,2003,6(9):1035-1041.[23].[D].:,2006.[24].[D].:,2006.[25],,.[J].,2001,29(2):147-149.[26].[D].:,2004.[27],,.Ethernet[J].,2005,16(1):121-134.[28].(safety)[D].:,2004.[29].[D].:,2001.[30].[D].:,2004.[31].[D].:,1997.[32],,.[J].,2004,27(4):442-450.[33]JERRAYAAA,WOLFW.Multiprocessorsystemsonchips[M].SanFrancisco,California:Elsevi