Unlock instant, AI-driven research and patent intelligence for your innovation.

Platform integrity checking method based on TPM chip

A platform integrity and verification method technology, applied in the field of platform integrity verification based on TPM chips, can solve problems such as no longer safe, system integrity cannot be guaranteed, and achieve the effect of great flexibility

Inactive Publication Date: 2015-06-17
INSPUR GROUP CO LTD
View PDF7 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the integrity information is tampered with, or the verification process is monitored or attacked, the process will no longer be safe and the integrity of the system will not be guaranteed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Platform integrity checking method based on TPM chip

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0024] as attached figure 1 Shown, the platform integrity check method based on TPM chip of the present invention, comprises the following steps:

[0025] (1) Obtain the owner permission of the TPM chip.

[0026] (2) Start an authorization session policySession of TPM_SE_POLICY type, and use the PolicyPCR command to extend the currently required PCR value to policySession -> policyDigest.

[0027] (3) Use the PolicyGetDigest command to obtain the authorization policy containing the current PCR information.

[0028] (4) Create a Primary Object as the parent key (protection key) of the encryption key as the Owner.

[0029] (5) Create the encryption key symKey, set the authorization value of the key to the authorization policy obtained in the third step, and load the generated key into the TPM.

[0030] (6) Start an authorization session policySession1 of TPM_SE_POLICY type, and use the PolicyPCR command to extend the PCR value selected in the first step to policySession1->pol...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a platform integrity checking method based on a TPM chip, and belongs to the field of integrity checking methods. Platform integrity and usability of a TPM secret key are bound together through the method. A kernel file is encrypted through the secret key generated by the TPM chip, the usability of the secret key directly determines whether the kernel file can be decrypted and loaded. Compared with the prior art, the platform integrity and the secret key are bound through the method, and if a platform is tampered, the secret key cannot be used for decrypting the kernel file. Meanwhile, when a strategy is generated, a manager can select to preserve strategy data, when platform integrity is damaged, the manager can start an OS according to the strategy data, higher flexibility is provided for a user, and high application and popularization value is achieved.

Description

technical field [0001] The invention relates to an integrity verification method, in particular to a platform integrity verification method based on a TPM chip. Background technique [0002] The so-called integrity check is actually a comparison process that compares the current information with the provided information that is considered complete. If they are consistent, the current information is considered complete; otherwise, the current information is considered tampered with. A platform with a TPM chip can use the extension function (Extend) of the PCR (Platform Configuration Register) in the TPM chip to extend the summary value of the part to be executed to the PCR. A complete measurement chain of the OS to reflect the information of the current platform. [0003] In the traditional integrity verification process, the user first establishes complete information and stores it, and each time the system starts, read the value of the specified PCR to obtain the current p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62
Inventor 许鑫
Owner INSPUR GROUP CO LTD