摘要： 鉴于可信计算可以弥补传统安全防护技术在构架设计和防护强度上存在的安全风险，提出一种可信计算安全模型，从信任链着手，将嵌入式可信安全模块、智能卡等模块引入可信计算平台，对关键技术的实现进行介绍，包括以J3210为核心的可信硬件平台、嵌入式操作系统 JetOS、BIOS安全增强、操作系统的安全增强以及基于智能卡的用户身份认证。

关键词: 可信计算, 结构性安全模型, 可信密码模块, 安全增强, 信任链

Abstract: In view of the trusted computing can make up for the traditional security protection technology in architecture design and protection on the strength of security risks exist, this paper puts forward a kind of structural security model. From trust chain, it introduces the embedded trusted security module and one smart card module into trusted computing platform. The realization methods of the key technologies of J3210, JetOS, BIOS enhancement, OS security enhancement and user identity authentication based on smart card are given.

Key words: trusted computing, structural security model, trusted cryptography module, security enhancement, trust chain

中图分类号: 

• N945