摘要： 遵循TCG可信计算的固件通过可信度量和信任传递保证固件模块及OS Loader的完整性。这种可信固件当前实现的缺点在于只保护了系统的静态安全属性，而对动态安全属性保护无能为力。基于此，通过对固件代码和数据的分类研究，对固件代码和数据进行安全分级控制，提出固件动态安全属性保护模型，在EFI/UEFI可信固件的基础上实现动态安全属性的保护。实验证明，该方法简单有效，适合于固件代码尺寸小、启动速度快的要求。

关键词: 静态安全属性, 动态安全属性, 可信计算, 可信固件

Abstract: Trusted firmware compliant with TCG uses trust measurement and trust transition to assure that other modules in firmware and OS Loader are in its integrity. The disadvantage of this method is that it can assure static security attributes about firmware system, but cannot assure dynamic security attributes. Based on study about types of code and data in firmware, a security model assuring dynamic security attribute, which combines trust measurement and classification of code and data, is proposed. Furthermore, this model is simple and efficient enough to meet firmware’s need for small size and fast boot.

Key words: static security attribute, dynamic security attribute, trusted computing, trusted firmware

中图分类号: 

• TP393.08