| 一种并行可复原可信启动过程的设计与实现 |
| |
| 引用本文: | 谭良,周明天.一种并行可复原可信启动过程的设计与实现[J].计算机科学,2007,34(10):284-289. |
| |
| 作者姓名: | 谭良 周明天 |
| |
| 作者单位: | 1. 电子科技大学计算机科学与工程学院,成都,610054;四川师范大学电子工程学院,成都,610066
2. 电子科技大学计算机科学与工程学院,成都,610054 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划)
,
四川省科技攻关项目 |
| |
| 摘 要: | 操作系统可信性的建立是从整个计算机系统加电引导开始直至操作系统运行环境最终的创建,对任意一次可能降低操作系统可信性的执行代码操作都要进行一致性度量。本文基于可信计算联盟的规范,分析了基于TPM的可信引导过程,提出了一种新的可信引导过程:并行可复原可信引导过程一在主机CPU与TPM之间采用并行工作方式,并支持被验证组件代码的备份和恢复。然后利用通道技术设计和实现了这一引导过程。最后对该引导过程进行了安全和性能分析,分析表明该引导过程可以使计算机获得更高的安全保障,为进一步建立可信计算环境提供了基础。
|
| 关 键 词: | 可信计算 可信平台模块 完整性度量 |
Design and Implementation of a Parallel Recovery Trusted Startup Process Based on the Trusted Platform Module |
| |
| TAN Liang,ZHOU Ming-Tian.Design and Implementation of a Parallel Recovery Trusted Startup Process Based on the Trusted Platform Module[J].Computer Science,2007,34(10):284-289. |
| |
| Authors: | TAN Liang ZHOU Ming-Tian |
| |
| Abstract: | For establishing the trustworthiness of the operating system,every program code of the operating system, which possibly reduces the trustworthiness,must be attest the integrality during the whole process form firstly switc- hing on power to finally establishing the running environment in the computer system.According to the standards of the trusted computing group,based on the analysis to the trusted startup process of the common operator system,a trusted boot process,called a Parallel Recovery Trusted Startup Process (PRTSP),which takes a parallel working be- tween CPU and TPM,and supports backup and recovery,has been put forward,and then designed and implemented by channel technology.Finally,we discuss the security and performance of the PRTSP.Based on the PRTSP,high as- surance of system security has been gained,thus the basis for building the trusted computing environment has been provided. |
| |
| Keywords: | Trusted computing Trusted platform module (TPM) Attestation of integrity |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
