摘要： 针对现行通用个人计算机基于开放架构、存在诸多攻击点等安全问题，提出了一种基于TPM安全芯片的新型计算机体系结构。设计并实现了基于安全芯片的软件协议栈TSS，在安全芯片中使用软件协议栈，通过核心服务API来调用核心服务模块，解决远程通信的平台信任问题。设计并实现了基于多协议的授权和认证管理，实现上层应用和TPM之间的授权会话及授权认证，从而保证计算机能够完成安全计算和安全存储的工作，使计算平台达到更高的安全性。

关键词: TPM安全芯片, 软件协议栈, 可信计算, 安全体系结构

Abstract: To solve the problem of computer security, this paper puts forward a new computer architecture based on TPM chip by designing a software protocol stack TSS based on security chip. By using this protocol stack to call kernel service modules through API, the problem of trusted platforms in distance communication can be solved. In the security chip based on TPM, authorization and authentication management based on multi-protocol are designed and implemented to realize authorized communication and authentication between upper application and TPM, ensuring that the computer is able to accomplish the task of safe computation and safe store to enhance the security level of the computing platforms.

Key words: TPM security chip, software protocol stack, trusted computation, security architecture

中图分类号: 

• TP303