检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
出 处:《计算机工程与设计》2012年第6期2229-2235,共7页Computer Engineering and Design
摘 要:为将可信计算技术更有效应用于嵌入式系统,结合链式与星型信任结构,提出了一种带数据恢复功能的混合式信任结构,可降低链式结构的信任损失,减轻星型结构中可信平台模块(TPM)的计算负担。在此基础上构建并实现了一种嵌入式可信平台,以内置可信度量核心根(CRTM)的嵌入式TPM作为信任根,并在其内部设计了双端口内存作为与嵌入式处理器间的通信接口。该平台在启动过程中通过CRTM验证启动程序及操作系统的完整性,利用操作系统动态拦截和验证应用程序的完整性,并在发现完整性度量值被修改时启动数据恢复功能,从而有效保证了嵌入式系统软件组件的完整性和可信启动。To improve trusted computing technology in embedded system,reduce the decrease of trust in chain-model transitive of trust and computing work of trusted platform module(TPM) in star-model,a hybrid-model chain of trust with data recovery function is presented based on these two models.An embedded trusted platform is constructed and implemented.Core root of trust for measurement(CRTM) is set within an embedded TPM,which is deployed as root of trust of the platform.An internal two-port random access memory(RAM) segment is also designed as communication interface between embedded TPM and embedded processor.On this embedded trusted platform,integrity of bootloader and operating system are validated by CRTM du-ring system startup,applications are intercepted and validated by operating system,and the data recovery function would be active when the change of integrity measurement value is detected.By all these means,integrity of software components on embedded system are effectively protected and trusted startup are ensured.
关 键 词:可信计算 信任链 嵌入式可信平台模块 片上系统 嵌入式可信平台
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.233
