Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A UEFI trusted support system and control method thereof

A technology for supporting systems and control methods, applied in the field of information security, can solve the problems of increasing the complexity of TPCM design, lack of research, and prolonging the system startup time.

Inactive Publication Date: 2011-12-14
中国人民解放军海军计算技术研究所 +1
View PDF1 Cites 70 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The above patents describe in detail the hardware and firmware architecture of TPCM designed to realize the active measurement function, and only propose the use of TPCM for BIOS measurement and BIOS for MBR measurement, but do not give how to make full use of various trusted services of TPCM. Realize the measurement and verification of BIOS and OS at the firmware layer Improve the architecture of the trusted support system and its trusted control method for trust chain transfer, especially the research on the trusted support system based on UEFI technology is not found in the existing patents
In addition, the BIOS is not fixed. The above patents use TPCM to update the BIOS, which increases the complexity of the TPCM design and prolongs the startup time of the system. The above patents use the BIOS to measure and verify the MBR, which requires modification of the BIOS. This is almost impossible for the machines currently in mass use without BIOS source code support

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A UEFI trusted support system and control method thereof
  • A UEFI trusted support system and control method thereof
  • A UEFI trusted support system and control method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0119] Below in conjunction with accompanying drawing of description, specific embodiment of the present invention is described:

[0120] A UEFI trusted support system, its system architecture and workflow are as follows image 3 and Figure 4 shown. It is characterized in that it includes UEFI trusted support system firmware and TPCM hardware. Among them, the UEFI trusted support system firmware is stored in a non-volatile memory (such as Flash), which is connected to the TPCM hardware using a system bus (such as LPC, etc.); the TPCM hardware and the trusted computing platform use a system bus (such as LPC, USB, etc.) , PCI, PCIE, etc.) connected.

[0121] The UEFI trusted support system firmware adopts a modular design and follows the UEFI interface specification, including a TPCM driver module, a trusted authentication module, a BIOS trusted measurement verification module, a hardware trusted measurement verification module, an OS-related software trusted measurement ver...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a unified extensible firmware interface (UEFI) trusted supporting system and a method for controlling the same. The UEFI trusted supporting system comprises UEFI trusted supporting system firmware and a trusted platform control module (TPCM), wherein the UEFI trusted supporting system firmware is stored on a nonvolatile memory and connected with the TPCM by a system bus; and the TPCM is connected with a trusted computation platform by the system bus. The method for controlling the UEFI trusted supporting system comprises the following steps of: firstly, loading a driver for the TPCM; secondly, sequentially authenticating the identity of users, performing measurement validation on a basis input / output system (BIOS), the characteristic data of hardware and a master boot record (MBR) / operating system (OS) Loader / OS Kernel, controlling different hardware peripheral interfaces according to an I / O strategy of the users, and performing safety guide setting on the system by a safety guide module; and finally, controlling by the BIOS or the OS. By the system and the method, trusted computation, the configuration management of the TPCM, the backup / recovery of the BIOS / MBR / OS Loader / OS Kernel and the physical protection of key data are realized on a firmware layer. The invention can be simultaneously applied to a Linux system which opens source codes and a Windows system which does not open the source codes, so that a fault does not occur in a trust chain between BIOS firmware and OS software, and the safety of a computer and the friendliness of human-computer interaction are improved.

Description

technical field [0001] The invention belongs to the field of information security, and in particular relates to a trusted support system and a method thereof which are applied to a trusted computing platform and comply with UEFI interface specifications. The system uses TPCM hardware management, authentication, storage, password and other services to realize trusted support function modules such as trusted authentication, trusted measurement, trusted recovery, configuration management, and secure boot, and completes the transfer of trust chain from TPCM to BIOS and from TPCM to BIOS. The process by which the BIOS is passed to the OS. technical background [0002] The International Trusted Computing Group (TCG) stipulates that Trusted Platform Module (TPM) is the hardware basis of trusted computing, and proposes a method of using TPM and BIOS as the root of trust to realize trusted computing. Aiming at the security flaws of the TPM root of trust measurement, experts and scho...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/57
Inventor 沈昌祥赵丽娜金刚陈小春郑志蓉蔡谊张超傅子奇黄强刘毅
Owner 中国人民解放军海军计算技术研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com