作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2020, Vol. 46 ›› Issue (8): 223-227,234. doi: 10.19678/j.issn.1000-3428.0056142

• 体系结构与软件技术 • 上一篇    下一篇

基于VTCM的分布式可信度量方法

何旺宇1,2, 王中华1,2, 李亚晖1,2   

  1. 1. 中国航空工业集团公司西安航空计算技术研究所, 西安 710065;
    2. 机载弹载计算机航空科技重点实验室, 西安 710068
  • 收稿日期:2019-09-27 修回日期:2019-10-30 发布日期:2019-11-08
  • 作者简介:何旺宇(1996-),男,硕士研究生,主研方向为嵌入式系统安全;王中华(通信作者),高级工程师;李亚晖,研究员。
  • 基金资助:
    国家部委基金。

Distributed Trusted Measurement Method Based on VTCM

HE Wangyu1,2, WANG Zhonghua1,2, LI Yahui1,2   

  1. 1. Xi'an Aeronautics Computing Technique Research Institute, Aviation Industry Corporation of China, Xi'an 710065, China;
    2. Key Laboratory of Aviation Science and Technology on Airborne and Missile-borne Computer, Xi'an 710068, China
  • Received:2019-09-27 Revised:2019-10-30 Published:2019-11-08

摘要: 为实现多台协同工作的嵌入式计算机安全启动,需在每台计算机内嵌入可信计算模块,但会给资源受限的嵌入式系统带来较大的能耗与管理开销。为此,提出一种结合可信密码模块(TCM)和虚拟可信密码模块(VTCM)的分布式可信度量方法。将已安装TCM模块的嵌入式计算机作为可信基础,在其他计算机上运行VTCM与TCM模块验证配置信息以完成分布式可信度量,从而实现工作域内可信扩展。实验结果表明,该方法满足嵌入式计算机可信启动过程中的机密性和完整性要求,在嵌入式环境下具有安全并行启动的可行性。

关键词: 可信计算, 嵌入式计算机, 可信密码模块, 虚拟可信密码模块, 分布式可信度量

Abstract: In order to realize the safe start-up of multiple cooperative embedded computers,it is necessary to embed trusted computing module in each computer,but this will bring large energy consumption and management overhead to resource-constrained embedded system.To address the problem,this paper proposes a distributed trusted measurement method combining Trusted Cryptography Module(TCM) and Virtual Trusted Cryptography Module(VTCM).The embedded computer with TCM module installed is used as the trusted base,and the VTCM and TCM module are run on other computers to verify the configuration information to complete the distributed trusted measurement,so as to realize the trusted extension in the work domain.Experimental results show that the method meets the requirements of confidentiality and integrity in the trusted start-up process of embedded computer,and has the feasibility of secure parallel start-up in embedded environment.

Key words: trusted computing, embedded computer, Trusted Cryptography Module(TCM), Virtual Trusted Cryptography Module(VTCM), distributed trusted measurement

中图分类号: