中文摘要：

为了解决证明系统中存在的完整性保护不足的问题,对完整性策略和保护机制进行了研究,提出了一种基于DTE技术的证明系统安全域模型。该模型将证明系统按照功能特性划分为若干安全域,并且定义了模型变量以及安全规则。同时,为了确保不同域之间能够安全传输,在模型中引入了可信管道的概念。给出了安全域模型的实现方法和管道协议,并对管道协议进行了安全性分析和证明。

英文摘要：

In order to solve the problem of lacking protection of integrity in the attestation system,we study the integrity policies and protection mechanism,and present a DTE-based security domain model for the attestation system.The model separates the attestation system into several security domains according to the different functional features,and defines its variables and security regulations related to the attestation system.At the same time,in order to ensure secure transmission between domains,the concept of trusted pipeline is proposed in the model.Finally we give the implementation of the security domain model and the pipeline protocol,and analyze and prove the security of the pipeline protocol.