IP (Internet Protocol) core for measuring BIOS (Basic Input Output System) and measurement method
A measurement value and width technology, applied in the field of BIOS measurement IP core for trusted computing, can solve problems such as difficulty in detection and prevention, inability to prevent system damage or theft of system information, and difficulty in detection, etc. The effect of reducing the impact and increasing the speed
Inactive Publication Date: 2014-03-05
中国人民解放军海军计算技术研究所 +1
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
With the gradual application of more scalable UEFI BIOS, BIOS Rootkit will also have more changes, making it more difficult to detect and prevent
These attack methods and methods are very hidden and difficult to find. If malicious code enters the kernel or BIOS and obtains system management rights, it will not be able to prevent damage to the system or steal information stored in the system.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0016] Specific embodiments of the present invention are described below in conjunction with the accompanying drawings:
[0017] see figure 1 Shown is the structure diagram of the BIOS measurement IP core. It can be seen from the figure that the BIOS measurement IP core is composed of an LPC interface module, a high-speed asynchronous FIFO module, a hash operation module, a measurement value comparison module, and an Avalon interface module.
[0018] When the computer is started, the security chip holds the access control right of the BIOS, then reads all the data of the BIOS, completes the hash operation, and compares it with the expected value of the BIOS integrity measurement. During the BIOS integrity verification process, the security chip cannot perform other initialization operations. In order to minimize the impact of the BIOS integrity verification on system startup, the BIOS measurement module is implemented by hardware. On the one hand, by speeding up the BIOS veri...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses an IP (Internet Protocol) core for measuring BIOS (Basic Input Output System) and a measurement method. The IP core comprises an LPC (Low Pin Count) interface module, a high-speed asynchronous FIFO (First-In, First-Out) module, a hash operation module, a measurement value comparison module and an Avalon interface module. The iterative time of a hash algorithm adopted for measuring the BIOS in the four-round iteration process is consistent; and the measurement value comparison module is responsible for comparing the hash result obtained by the hash operation module with an expectant hash value and informing the comparison result of a safety chip main processor through the Avalon interface. The measurement method is operated in parallel by two layers, wherein one layer is in input parallel and the other layer is in hash parallel. The BIOS measurement module disclosed by the invention can be used for processing tasks together with the safety chip, thus the multi-task processing capacity of the system is improved; compared with the prior art, the IP core adopts the streamline design, further has stronger data processing capacity and multi-task processing capacity and can be used for greatly reducing the influence on the system caused by BIOS measurement in the start process of the system.
Description
technical field [0001] The invention relates to a BIOS measurement IP core, in particular to a trusted computing-oriented BIOS measurement IP core. Background technique [0002] On a trusted platform, the chain of trust is a one-way transmission chain. Any problem with any node, especially the root of trust, will lead to the failure of the establishment of the entire trust environment. In a common trusted platform, the BIOS, as the root of trusted measurement, becomes the focus of attacks. At present, many new attack methods, such as kernel BIOS Rootkit, mainly insert malicious codes into the expansion modules in the BIOS, start with the operation of the BIOS, and obtain the control right of the system. With the gradual application of more scalable UEFI BIOS, BIOS Rootkit will also have more changes, making it more difficult to detect and prevent. These attack methods and methods are very hidden and difficult to find. If malicious codes enter the kernel or BIOS and obtain ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/71
Inventor 沈昌祥王斌郑志蓉郭灵儿金刚王宏涛鄢斌李红傅子奇蔡谊唐金艺刘毅
Owner 中国人民解放军海军计算技术研究所