| 可信计算平台可信计算基构建研究 |
| |
| 引用本文: | 郑志蓉.可信计算平台可信计算基构建研究[J].信息安全与通信保密,2012(9):116-117. |
| |
| 作者姓名: | 郑志蓉 |
| |
| 作者单位: | 海军计算技术研究所,北京,100841 |
| |
| 摘 要: | 对基于PC构建的可信计算平台中可信计算基的构建方式进行了分析,指出通过逻辑方式构建的可信计算基存在被篡改和绕过的可能性,并提出了一种基于密码技术构建可信计算基的方法。该方法以可信平台模块为信任根,验证可信计算基的完整性,防止可信计算基被篡改;将系统中受控可执行程序执行解释部分加密存放,密钥存放在可信平台模块,程序的执行必须通过可信计算基,防止了可信计算基被绕过。通过分析其基本原理,验证了基于密码技术可有效构建具备完整性和唯一性的可信计算基。
|
| 关 键 词: | 可信计算平台 可信计算基 密码技术 |
Study on Construction of Trusted Computing Base in Trusted Computing Platform |
| |
| ZHENG Zhi-rong.Study on Construction of Trusted Computing Base in Trusted Computing Platform[J].China Information Security,2012(9):116-117. |
| |
| Authors: | ZHENG Zhi-rong |
| |
| Affiliation: | ZHENG Zhi-rong (Navy Institute of Computing Technologies, Beijing 100841, China) |
| |
| Abstract: | The constructing way for the trusted computing base in PC is analyzed. Based on the possibility that the trusted computing base may be modified and bypassed through logical ways, a constructing may based on cryptography for the trusted computing base is proposed. With trusted platform module as the trust root, the integrity of trusted computing base could be verified, and the modification of trusted computing base prevented. The interpretation of code execution is encrypted, the key is stored in the trust platform module, and the code must be executed through the trusted computing base. Analysis on its basic principle indicates that the trusted computing base based on cryptography and with integrity and uniqueness could be effectively constructed. |
| |
| Keywords: | trusted computing platform trusted computing base cryptography |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
