| ABSTRACT: According to statistics, more than 70% of the leaks and malicious attacks are occurring within the terminal. In our country most of leaks are due to staff caused by violation of safety system unconsciously. Such as internet violation or cross-using of mobile storage media may make the secrecy-involved terminal infecting Trojan and revealing confidential information. Leak has brought immeasurable loss to the state and enterprises, so how to prevent it from the source is becoming the focus of lots of researchers.Development of trusted computing technology has brought new ideas to deal with the computer security issues. The TPM (trusted platform module) chip fixed on the main board as the computer's trusted root can measure the integrity of computer platform, identify the computer platform, do the data sealed storage. Using the TPM technology on the terminal, we can control and reduce the leak occurred from the source. So we can do much better on the protection of computer security.In this paper, we design an active control technology of internet violation by combining the Windows API functions with Hook. And we ensure the security of the access network terminal by measuring the integrity of the network connection program. We also implement the access control on the secrecy-involved files by using file system filter drive technology. We design and implement the terminal audit function of files and equipment. In the end, we study the TPM key management mechanism and encrypted audit log, which ensure the audit log security on the hardware level. |
PDF Full Text Request