| EFI(Extensible Firmware Interface) is a completely new platform for pre-start. Compared with traditional BIOS, EFI has unparalleled advantages, and the most important thing is that it provides a great deal of scalability and of the development. But its security threats has not been releviled.First, this paper analyzes the security of EFI BIOS, and then analyzes the trusted Measurement mechanism of Trusted Computing technology. This paper puts forward a scheme to enhance the security of EFI base on principle of Trusted Computing Platform security thinking. In the end, it realizes the security scheme by using the universal and low-cost U-key as the trusted hardware, and realize the measure of integrity of EFI BIOS on the driver during EFI booting , and meanwhile enhances the security of EFI BIOS.EFI BIOS loads the security module through the U-key driver interface,so it must implement the U-key driver firstly. Therefore, the paper studied the driver model of EFI Specification 2.0, and implementeds the U-key device driver.The achievement of the research in this paper is that it provides a reference for implementing the portable and trusted platform module of the U-key, and it will contribute to promoting demestic BIOS firmware layer of security technology research. |
PDF Full Text Request