中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/86775
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 42715398      Online Users : 1438
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/86775


    Title: SatPolicy: 基於Trustzone的衛星政策執行系統;SatPolicy: A TrustZone-based Policy Enforcement Mechanism on the Satellite
    Authors: 黃宇帆;Huang, Yu-Fan
    Contributors: 資訊工程學系
    Keywords: Policy Enforcement;強制訪問控制;公開金鑰基礎建設;可信執行環境;ARM TrustZone;Policy Enforcement;Mandatory Access Control;PKI;Trusted Execution Environment;ARM TrustZone
    Date: 2021-08-30
    Issue Date: 2021-12-07 13:12:18 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著衛星數量的顯著增加,在衛星上實現政策執行變得越來越 重要。為了在衛星上執行政策,我們提出了衛星政策執行機制Sat- Policy。在SatPolicy 中,根據合法的行程間通訊(Inter-Process Commmunication( IPC)) 來指定強制性的策略。SatPolicy 的策略執行機制包 括IPC 流驗證器和政策解析器,我們將這兩個模組實作在可信執行 環境(Trusted Execution Environment(TEE)) 中,以避免來自豐富執行 環境(Rich Execution Environment(REE)) 的攻擊並防止政策洩漏給攻 擊者。此外,為了避免政策更新的風險,SatPolicy 將基於(Public Key Infrastructure(PKI)) 的安全軟體更新機制與TEE 軟體驗證機制結合。 SatPolicy 僅允許具有合法身份(即具合法證書的開發者)的軟體開發 者將軟體佈署到衛星上。最後,我們在ARM 開發板上測量了我們實 作的部分,我們也證明它的低開銷和有效性。;With the significant increase in the number of satellites, satellite policy enforcement is becoming more and more important. In order to enforce policies on satellite, we present SatPolicy, a policy enforcement mechanism on satellites. In SatPolicy, mandatory policies are specified in terms of permitted inter-process communication. The policy enforcement mechanism of SatPolicy includes IPC flow verifier and policy parser, which are implemented in Trusted Execution Environment (TEE) to avoid attacks from the Rich Execution Environment (REE) and prevent policies leak to attackers. In addition, to avoid the risk of policy update, SatPolicy integrates PKI-based security software update mechanism with TEE software verification mechanism. Sat- Policy only allows software developers with legal identities (i.e. certificates) to deploy software to satellites. Finally we evaluate our implementation on ARM development board illustrating its low overhead and effectiveness.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML114View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明