摘要: 基于可信计算组织提出的可信计算原理和安全技术规范,设计了一种柔性可信计算机模型(FTPC),阐述了该模型的信任机制和实现方法。FTPC通过增强传统BIOS的安全功能,以BIOS核心代码为可信根核,将可信计算模块(TPM)封装成块设备,并通过计算机USB接口实现TPM与BIOS和操作系统的交互。FTPC采用实体的身份认证、完整性度量和密封存储等技术,无需改变现有计算机硬件体系结构即可支持可信计算,FTPC具有易实施和应用灵活的特点。
关键词:
可信计算模块(TPM),
可信计算,
柔性可信计算机,
BIOS,
用于度量的核心可信根
Abstract: Based on the trusted computing group (TCG) specifications about trusted computing, a new type of flexible trusted PC (FTPC) is developed. The model and the trust transitive mechanism of FTPC are discussed. The trusted platform module (TPM) is an extension of USB port, and the legacy BIOS is enhanced to be the core root of trust for measurement (CRTM) in FTPC. The technologies, such as identity authentication of entity, integrity measurement of entity, and sealed storage, are employed in FTPC to support trusted computing. Without changing the PC’s current hardware architecture, the FTPC is more easy and flexible to be implemented and applied than the TCG trusted PC.
Key words:
trusted platform module (TPM),
trusted computing,
flexible trusted PC(FTPC),
BIOS,
core root of trust for measurement (CRTM)
中图分类号:
周振柳;陈 楣;池亚平;刘宝旭;许榕生. 一种柔性可信计算机模型与实现方法[J]. 计算机工程, 2007, 33(20): 156-158.
ZHOU Zhen-liu; CHEN Mei; CHI Ya-ping; LIU Bao-xu; XU Rong-sheng. Flexible Trusted PC and Its Realization[J]. Computer Engineering, 2007, 33(20): 156-158.