A security control method

A security control and active security technology, applied in computer security devices, instruments, computing, etc., can solve problems such as inability to provide trust in system device controller chips, failure to provide trust transfer implementation methods, motherboard peripherals, and BOOTROM protection. , to achieve the effect of improving safety

Active Publication Date: 2021-05-14
BEIJING KEXIN HUATAI INFORMATION TECH
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, TPCM cannot protect the motherboard peripherals and BOOT ROM through the system device controller after the CPU executes the BIOS code, and cannot provide credible calculations for the startup of the system device controller chip itself and the actions before the startup. In addition, the TCG specification only provides the trusted transfer process below the operating system (Operating System, OS) layer, but does not give the specific implementation method of trust transfer, as well as the security requirements and specific implementation methods for the system hardware platform , and cannot provide a trusted computing environment for computing above the OS layer

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A security control method
  • A security control method
  • A security control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] This embodiment proposes a security control method, the flow chart of which is as follows figure 1 As shown, before the system is started, the TPCM is first ordered to be powered on, and the TPCM performs active security measurement on the hardware integrity of the system. After the measurement is passed, the active security measurement is performed on the operating system and related application software, and the computer system trust chain is completed. established, the method includes:

[0040] Step 1: Before starting the system, shill the TPCM module to be powered on, and carry out active safety measurement on the relevant hardware of the system.

[0041] Specifically, the TPCM module is set independently of the computer operating system to be started, so as to ensure that the active security measurement process will not be affected when the computer operating system to be started is abnormal, and the TPCM is the The only trusted root of the computer operating syst...

Embodiment 2

[0062] Based on the method in Embodiment 1, this embodiment proposes a method to ensure the safe operation of the operating system, and its functional structure diagram is as follows figure 2 As shown, the flow chart is as image 3 As shown, the following steps are located between step 4 and step 5 in Embodiment 1, including:

[0063] Step 41: When the system is running, the Trusted Software Base (TSB) identifies users, programs, and system environment status that access data in the operating system.

[0064] Specifically, the identifying the user who accesses the data in the operating system includes calling the authority control module through the TSB, so as to obtain the identity information of the user, and the identity information includes a user ID.

[0065] Specifically, the identifying the program and system environment state in the operating system includes calling a dynamic measurement module through the TSB, and the dynamic measurement module performs active secur...

Embodiment 3

[0071] The present invention also proposes a trusted control method based on a trusted hard disk, characterized in that the method includes:

[0072] Step 1. Power on the trusted hard disk, use the TPCM module embedded in the hard disk chip in the trusted hard disk to measure other hardware in its system, if the measurement result of the other hardware is normal, then enter step 2, if If the measurement result of the other hardware is abnormal, then alarm;

[0073] Step 2. Power on the other hardware, start the system where the trusted hard disk is located, measure the software in the system where the trusted hard disk is located, if the measurement result of the software is normal, then enter step 3, if If the measurement result of the software is abnormal, then report to the police;

[0074] Step 3. The system where the trusted hard disk is located runs normally. When the system where the trusted hard disk is located performs read / write operations on the trusted hard disk, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a safety control method, which can not only measure the active safety of the hardware and operating system of the system during the system startup process, but also measure the operating environment of the system and the security of data and other factors during the normal operation stage of the operating system. For measurement, TPCM will retain the measured abnormal information and log information of unsafe factors, and will aggregate them to the trusted management center for audit and identify potential risks. The technical solution of this embodiment can further improve the security of the system.

Description

technical field [0001] The invention relates to the field of computer security, in particular to a security control method. Background technique [0002] With the rapid development of my country's national economy, information construction and national defense construction, people's needs for high-security and high-performance information security application products are becoming more and more urgent. The research and development of information security application products based on trusted computing will promote the process of my country's economic and social informatization and ensure national information security. In order to meet the needs of users with relatively high information security requirements, the existing technology provides a new generation of trusted computer platform, trusted basic output system (Basic Input Output System, BIOS), trusted storage and virtual machine monitoring and other technologies. Trusted computing security application products. Such t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/57G06F21/575
Inventor 孙瑜杨秩洪宇王涛
Owner BEIJING KEXIN HUATAI INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap