系统工程与电子技术
繫統工程與電子技術
계통공정여전자기술
SYSTEMS ENGINEERING AND ELECTRONICS
2010年
2期
437-440
,共4页
王斌%吴钦章%王春鸿%孙永泉%杜中平
王斌%吳欽章%王春鴻%孫永泉%杜中平
왕빈%오흠장%왕춘홍%손영천%두중평
网络安全%可信计算%安全控制模块%可信BIOS
網絡安全%可信計算%安全控製模塊%可信BIOS
망락안전%가신계산%안전공제모괴%가신BIOS
network security%trusted computing%security control module%trusted BIOS
当前的可信计算机主要关注于TPM安全芯片的集成与应用,在可信根保护、文件加密存储和系统安全防护方面存在不足.在参考可信计算技术的基础上,提出了一种以内嵌的安全控制模块为物理信任根的高可信计算机解决方案.论述了整体的组成结构、工作原理,详细分析了高可信计算机中安全控制模块和可信BIOS的实现机制.相关实验结果验证了高可信计算机平台设计方案的有效性.
噹前的可信計算機主要關註于TPM安全芯片的集成與應用,在可信根保護、文件加密存儲和繫統安全防護方麵存在不足.在參攷可信計算技術的基礎上,提齣瞭一種以內嵌的安全控製模塊為物理信任根的高可信計算機解決方案.論述瞭整體的組成結構、工作原理,詳細分析瞭高可信計算機中安全控製模塊和可信BIOS的實現機製.相關實驗結果驗證瞭高可信計算機平檯設計方案的有效性.
당전적가신계산궤주요관주우TPM안전심편적집성여응용,재가신근보호、문건가밀존저화계통안전방호방면존재불족.재삼고가신계산기술적기출상,제출료일충이내감적안전공제모괴위물리신임근적고가신계산궤해결방안.논술료정체적조성결구、공작원리,상세분석료고가신계산궤중안전공제모괴화가신BIOS적실현궤제.상관실험결과험증료고가신계산궤평태설계방안적유효성.
At present, the integration and application of TPM security chip is mainly focused on, however the existing trusted computer has some shortages in root of trust protection, encryption storage of files and system security protection. Based on the trusted computing technology, a high trusted computer is put forward to solve the above problems, in which security control module is the physical trust root. The architecture and working principle of the high trusted computer is described. Meanwhile, the implementation of security control module and the trusted BIOS are analyzed in detail. The applicability of the proposed method is validated by a detailed experimental results.
