Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Trust chain transfer method for trusted computing platform

A technology of trusted computing and chain of trust, applied in the field of information security, can solve the problems that the verification subject is easily bypassed, untrustworthy, and hijacked by the chain of trust. the effect of prevention

Inactive Publication Date: 2012-01-25
中国人民解放军海军计算技术研究所
View PDF1 Cites 104 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the starting point of the establishment of the trust chain, since the BIOS is regarded as a part of the trusted measurement root, there is a possibility that the trusted measurement root is uncontrollable and untrustworthy; There are many links, the verification subject is easily bypassed, and there is a threat that the trust chain is "hijacked" by malicious code; in the verification process, due to the large number of verification objects, in the actual implementation process, there is a phenomenon of simplification, resulting in a small number of verification objects , incomplete questions
The applicability and practicability of the main features of the trust chain transfer platform, a trusted computing platform, are not strong

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trust chain transfer method for trusted computing platform
  • Trust chain transfer method for trusted computing platform
  • Trust chain transfer method for trusted computing platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The method for establishing and transferring the chain of trust described in the description of the present invention includes the following steps:

[0028] (1) After the mainboard of the trusted computing platform is powered on, the TCM first powers on to start initialization, and controls the power supply, clock and reset signal lines so that the trusted mainboard is in a reset state, and takes over the control of the system before the CPU is powered on. Actively read the binary code of the BOOT BLOCK of the BIOS through the LPC bus for integrity verification. After the verification is passed, the TCM releases the power supply, clock and reset signals, and connects the LPC bus of the trusted motherboard to the trusted BIOS chip through the internal hardware logic of the trusted platform control module, and the BIOS starts normally. Such as figure 2 The trusted cryptographic module in the medium measures the BOOT BLOCK and transfers the control right as shown in proc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a trust chain transfer method for a trusted computing platform. A trusted computing module (TCM) serving as a starting point of starting a trust chain is started and actively initiated at first to verify the trustiness of a BIOS (basic input output system) chip; after the trusted BIOS chip is started, a MAIN BLOCK of the BIOS chip performs concentrated integrity verification on key files of an MBR (master boot record), an operating system loader and an operating system kernel; in the starting process of an operating system, the starting and running of an unauthorized program are prevented in a way of combining the integrity verification based on a white list and running program control; and hashing operations for the integrity verification are finished by a hardware computing engine. When a user starts any executable program, a security module in the operating system kernel checks the integrity of the program and checks whether the program is in the trusted program white list or not, and only application programs which are in the trusted program white list of the system and have integrity measures consistent with an expected value are permitted to be run. High-efficiency and fine-grained trust chain transfer is realized, the damages of viruses to system files and program files can be prevented, and the execution of the unauthorized program can be prevented.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method for establishing and transferring trust relationships among trusted computing platform components. Background technique [0002] Trusted Computing Group (TCG) is referred to as TCG for short. The basic idea of ​​trusted computing proposed by TCG is to build a root of trust (Root of trust), and start from the root of trust, use the method of hash measurement to establish a verifiable chain of trust, from the hardware platform to the BIOS, operation The system, and then the application, is verified at the first level, so as to extend this trust to the entire computer system and ensure that the computer system is credible. The chain of trust describes the logical concept of the trust relationship formed by one-way and sequential integrity verification of the starting sequence and time of each component module formed when a trusted computing platform is started. [0003...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/50
Inventor 黄强沈昌祥金刚蔡谊郑志蓉刘毅傅子奇涂航罗云锋
Owner 中国人民解放军海军计算技术研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com