|
|||||
|
|
| 一种安全引导的设计与实现 | |
| 引用本文: | 黄涛,方艳湘,彭双和. 一种安全引导的设计与实现[J]. 计算机工程与设计, 2007, 28(4): 745-748 |
| 作者姓名: | 黄涛 方艳湘 彭双和 |
| 作者单位: | 解放军信息工程大学,电子技术学院,河南,郑州,450052;南开大学,信息科学技术学院,天津,300071;北京交通大学,计算机与信息技术学院,北京,100044 |
| 基金项目: | 国家高技术研究发展计划(863计划) |
| 摘 要: | 基于可信根和信任链的概念,通过对GRUB引导过程的分析,设计并实现了一种基于GRUB的安全引导sGRUB.在sGRUB引导过程中,当每次进行控制权转移时,对将要转移到的下一层,进行完整性验证.如果验证通过,进行控制权的转移;如果验证不通过,则从uSB-Key中进行完整性恢复.整个引导过程将按照信任链的传递进行,处于一种可信的状态,为系统的安全提供可靠的基础,从而提高系统的安全性. |
| 关 键 词: | 可信链 可信度量 可信根 认证引导 安全引导 GRUB |
| 文章编号: | 1000-7024(2007)04-0745-04 |
| 修稿时间: | 2006-01-15 |
Secure bootstrap design and implementation |
|
| HUANG Tao,FANG Yan-xiang,PENG Shuang-he. Secure bootstrap design and implementation[J]. Computer Engineering and Design, 2007, 28(4): 745-748 | |
| Authors: | HUANG Tao FANG Yan-xiang PENG Shuang-he |
| Affiliation: | 1. Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450052, China;2. College of Information Technical Science, Nankai University, Tianjing 300071, China;3. School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China |
| Abstract: | Based on the concept of root of trust and chain of trust and the analysis of GRUB,a secure bootstrap process called sGRUB is designedand implementedbased on GRUB.In sGRUB bootstrapprocess,it validates integrity at each layer transition.If the validating is passed,then the control is passed to the next layer.If validating is failed,the failed layer can recover from USB-Key.Thus the bootstrap process proceeds according to the chain of trust and stays in a trusted state.The sGRUB bootstrap process provide a stable base for system security and enhance system's security degree. |
| Keywords: | chain of trust measurement of trust root of trust authenticated boot secure boot GRUB |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |