作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (20): 156-158. doi: 10.3969/j.issn.1000-3428.2007.20.054

• 安全技术 • 上一篇    下一篇

一种柔性可信计算机模型与实现方法

周振柳1,陈 楣1,2,池亚平3,刘宝旭1,许榕生1   

  1. (1. 中国科学院高能物理所计算中心,北京 100049;2. 福州大学,福州 350002;3. 北京电子科技学院,北京100070)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-10-20 发布日期:2007-10-20

Flexible Trusted PC and Its Realization

ZHOU Zhen-liu1, CHEN Mei1,2, CHI Ya-ping3, LIU Bao-xu1, XU Rong-sheng1   

  1. (1. Computing Center, Institute of High Energy Physics, Chinese Academy of Sciences, Beijing 100049; 2. Fuzhou University, Fuzhou 350002; 3. Beijing Electronic Science and Technology Institute, Beijing 100070)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-10-20 Published:2007-10-20

摘要: 基于可信计算组织提出的可信计算原理和安全技术规范,设计了一种柔性可信计算机模型(FTPC),阐述了该模型的信任机制和实现方法。FTPC通过增强传统BIOS的安全功能,以BIOS核心代码为可信根核,将可信计算模块(TPM)封装成块设备,并通过计算机USB接口实现TPM与BIOS和操作系统的交互。FTPC采用实体的身份认证、完整性度量和密封存储等技术,无需改变现有计算机硬件体系结构即可支持可信计算,FTPC具有易实施和应用灵活的特点。

关键词: 可信计算模块(TPM), 可信计算, 柔性可信计算机, BIOS, 用于度量的核心可信根

Abstract: Based on the trusted computing group (TCG) specifications about trusted computing, a new type of flexible trusted PC (FTPC) is developed. The model and the trust transitive mechanism of FTPC are discussed. The trusted platform module (TPM) is an extension of USB port, and the legacy BIOS is enhanced to be the core root of trust for measurement (CRTM) in FTPC. The technologies, such as identity authentication of entity, integrity measurement of entity, and sealed storage, are employed in FTPC to support trusted computing. Without changing the PC’s current hardware architecture, the FTPC is more easy and flexible to be implemented and applied than the TCG trusted PC.

Key words: trusted platform module (TPM), trusted computing, flexible trusted PC(FTPC), BIOS, core root of trust for measurement (CRTM)

中图分类号: