Windows下软件实名机制的设计与实现

发布时间：2018-12-10 23:16

【摘要】： 当前,不断升级的病毒、木马、间谍软件、广告软件等恶意代码对广大企业和个人用户造成了极大的不便和安全困扰,其危害是有目共睹的。同时,恶意代码和软件滥用是密切相关的,软件滥用使恶意代码有了更多可乘之机,加速了恶意代码的传播。针对恶意代码的危害,当前有许多不同的防范措施,如代码签名、沙盒技术、防病毒软件等。这些技术都发挥了一定的作用,但也还存在其不足之处。针对它们的不足,本文提出了基于PKI技术的软件实名机制。如今的生活中出现了越来越多实名的概念,如手机实名、网络实名、就医实名等,通过实名将某项事物和人的身份信息结合了起来。本文中的软件实名的作用和它们有相似之处,软件实名即使用公钥密码数字签名技术将计算机软件和其编制者的特有身份信息进行“绑定”,实名化后的软件具备防篡改及防抵赖的功能,当软件安装或运行时可在计算环境中对软件进行认证,根据认证的结果来决定是否允许软件的运行。本文设计了一种基于软件实名认证的系统安全机制,该机制在Windows系统的PE文件上实现,通过软件注册中心来对所有需要在系统中运行的软件进行审核,只有那些拥有合法标识、通过审核的软件才可在系统中运行。本文阐述了软件实名机制的安全策略,给出了在Windows环境下的软件标识模块、软件验证模块的实现方案,并提出对软件进行分级验证的策略来提高验证的效率。实验结果表明,软件实名机制可以查验软件合法来源,检查软件发布后是否被非法篡改,可有效阻止恶意软件运行,对于保证计算机系统安全有明显效果。
[Abstract]:At present, the continuously upgraded virus, Trojan horse, spyware, advertising software and other malicious code to the vast number of enterprises and individual users caused great inconvenience and security problems, its harm is obvious to all. At the same time, malicious code and software abuse are closely related, software abuse makes malicious code have more opportunities to speed up the spread of malicious code. At present, there are many different precautions against malicious code, such as code signature, sandboxie technology, antivirus software and so on. These technologies have played a certain role, but there are still some shortcomings. In view of their shortcomings, this paper proposes a software real name mechanism based on PKI technology. Nowadays, more and more concepts of real name appear, such as real name of mobile phone, real name of network, real name of seeking medical treatment and so on. The functions of the software real names in this paper are similar to those of them. The software real names use public key cryptographic digital signature technology to "bind" the computer software and the unique identity information of its authors. The real-named software has the functions of anti-tampering and anti-repudiation. When the software is installed or run, the software can be authenticated in the computing environment. According to the result of the authentication, the software can be allowed to run or not. In this paper, a system security mechanism based on software real name authentication is designed. The mechanism is implemented on the PE file of Windows system. The software registry is used to audit all the software that needs to run in the system. The audited software can only run in the system. In this paper, the security strategy of software real name mechanism is described, and the implementation scheme of software identification module and software verification module under Windows environment is given, and the strategy of software hierarchical verification is put forward to improve the efficiency of software verification. The experimental results show that the software real name mechanism can check the legitimate source of the software, check whether the software has been illegally tampered with after the release of the software, effectively prevent the malware from running, and have obvious effect on ensuring the security of the computer system.
【学位授予单位】：解放军信息工程大学
【学位级别】：硕士
【学位授予年份】：2008
【分类号】：TP393.08

【相似文献】