The Research And Application Of Trusted-BIOS Platform Based On UEFI

The research of Trusted Computing is an important direction in security area in the world. It solves the security problems because of PC architecture to ensure the computer more secure, according to the integrated analysis for hardware, firmware and operating system. Trusted Compute Platform based on TC technology is a new secure architecture founded on common computer platform, and the trustiness of BIOS is the foundation of TCP, so the research on the Trusted-BIOS is very significant.UEFI (Unified Extensible Firmware Interface) is an international open standard describing the interface of Platform Firmware and Operating System or other application software. UEFI was applied widely in computer and embedded area, having already become an industry standard of the next generation BIOS firmware technology.According to the analysis and research of TCP technology with UEFI technology, this paper proposes the concept and model of Trusted-BIOS Platform based on UEFI, it makes use of establishing RTM (Roots of Trust) and chain of trust to realize the three core functions: Data Protected, Identity Attestation, Integrity Measurement, Storage and Reporting.Based on the architecture of UEFI, this paper also implements Trusted-BIOS Platform. The concrete contents are as follows: TCMH Driver (Trusted Computing Module Hardware Driver), TBSM (Trusted BIOS Software Module), TBME (Trusted BIOS Measure Engine), TBMT (Trusted BIOS Message Transmit Module), except the basic functions of Trusted-BIOS Platform itself and trusted mechanisms, it extends the platform functions, including supporting TCG (Trusted Computing Group) protocols, UEFI secure algorithm library, UEFI driver signing protocols and so on, providing foundation for applying Trusted-BIOS Platform widely.Then this paper applies the Trusted-BIOS Platform based on UEFI to Vista BitLocker. The Trusted-BIOS implemented in this paper was updated into the common Mainboard of Intel 945GCL, and successfully started boot Vista Operating System, the function test of Vista BitLocker validated the model and basic functions of Trusted-BIOS platform. Finally this paper presents the conclusion and points out the research and application of Trusted-BIOS Platform based on UEFI that can be pursued in the future.