A system interaction method based on a trusted computing platform with a double-system structure

A technology of trusted computing and architecture, applied in the field of trusted computing, can solve the problems of being unable to play and prevent the Wannacry ransomware attack, and achieve the effect of improving security performance, facilitating active measurement and active control

Inactive Publication Date: 2019-06-28
沈昌祥
View PDF2 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the TPM is essentially just a passively mounted external device on the computer. It will only function when it is called by the host program. Once the host is controlled by the attacker, the TPM will not be able to play its role, resulting in TCG's tr

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A system interaction method based on a trusted computing platform with a double-system structure
  • A system interaction method based on a trusted computing platform with a double-system structure
  • A system interaction method based on a trusted computing platform with a double-system structure

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0094] A system interaction method based on a dual-architecture trusted computing platform provided by the present invention will be described in detail below.

[0095] A system interaction method based on a dual-architecture trusted computing platform, the trusted computing platform includes: a parallel computing subsystem and a protection subsystem, the computing subsystem is used to complete computing tasks, and the protection subsystem is used to control Module, which actively measures and controls the computing subsystem according to the trusted policy; there is a security isolation mechanism between the computing subsystem and the protection subsystem, and they interact through a dedicated access channel;

[0096] System interaction methods include:

[0097] The protection subsystem obtains the host resource information of the computing subsystem through the host resource access interface and directly controls the computing subsystem, and / or, the protection subsystem per...

Embodiment 2

[0101] The process of one-way interaction between the protection subsystem and the computing subsystem through the host resource access interface will be described in detail below.

[0102] Host resource access interfaces can be divided into two categories: information acquisition interfaces and control interfaces.

[0103] Using the information acquisition interface through the shared bus, the TPCM can directly access the host resources of the computing subsystem without relying on the CPU of the computing subsystem. Use the information acquisition interface TPCM to obtain information such as memory, I / O devices, and CPU status of the computing subsystem.

[0104] The direct control of the protection subsystem to the calculation subsystem can also be realized by using the control interface. For example, host memory read and write, host I / O device control, power control, motherboard signal control, etc.

[0105] The host resource access interface is unidirectional, such as ...

Embodiment 3

[0111]The process of two-way interaction between the protection subsystem and the computing subsystem through the communication interaction interface will be described in detail below.

[0112] When the protection subsystem adopts the proxy measurement mode, the protection subsystem performs information transmission and collaborative control with the computing subsystem through the communication interaction interface, including:

[0113] The agent program of the trusted software-based control layer of the protection subsystem transmits information with the trusted platform control module of the protection subsystem through the communication interaction interface, and assists the protection subsystem to carry out cooperative control of the computing subsystem;

[0114] Among them, the main program of the control layer is implanted in the protection subsystem, the agent program of the control layer is implanted in the computing subsystem, the operating system of the computing sub...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a system interaction method based on a trusted computing platform with a double-system structure. The trusted computing platform is characterized in that the trusted computingplatform comprises a computing subsystem and a protection subsystem which are parallel, the computing subsystem is used for completing a computing task, and the protection subsystem is used for carrying out active measurement and active control on the computing subsystem according to a trusted strategy through a trusted platform control module; the system interaction method comprises the steps that the protection subsystem obtains host resource information of the computing subsystem through the host resource access interface and directly controls the computing subsystem, and/or the protectionsubsystem and the computing subsystem conduct information transmission and cooperative control through the communication interaction interface. According to the system interaction method provided by the invention, the protection subsystem obtains the host resource information of the computing subsystem through the host resource access interface and directly controls the computing subsystem, and the protection subsystem and the computing subsystem can also perform information transmission and cooperative control through the communication interaction interface.

Description

technical field [0001] The invention relates to the technical field of trusted computing, in particular to a system interaction method based on a dual-architecture trusted computing platform. Background technique [0002] The current cyberspace is extremely fragile, and cyberattacks such as Stuxnet, Wannacry, and Mirai that have caused great impacts emerge in endlessly and become increasingly rampant. The root cause is that the problem is not addressed from the root causes of network security risks, and the passive defense methods of "blocking and killing" represented by "firewall", "virus scanning and killing" and "intrusion detection" are blindly adopted, which is hard to prevent , especially in the face of attacks launched against the vulnerabilities of the target system, it is impossible to effectively defend at all. [0003] In order to solve the problems faced by the current cyberspace security, the international TCG organization has proposed a method of trusted compu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
Inventor 沈昌祥孙瑜夏攀洪宇
Owner 沈昌祥
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap