| The rapid development of the Internet needs for higher security requirements. As an important technology of information security, Trusted Computing uses the new architecture both in hardware and software to enhance the security of our computers. The current research of Trusted Computing has made a series of encouraging results from technology development to products. How to develop more economical and convenient Trusted Computing products becomes a new focus to the researchers. Move the TPM to smart card or USB Key is a new direction of Trusted Computing development. Key management is a very important part in TPM technology. Therefore, the study of key management mechanism on portable TPM is of great significance.Compared with traditional TPM, the portable TPM's key management is much different on the realization basis, the trusted storage, the key migration and authorization. This thesis mainly discusses the design of TPM key management based on USB Key and its implementation. After analyzing the traditional architecture of the TPM and the structure of USB Key, we comprehend the TPM architecture based on USB Key. Through a comprehensive analysis of the traditional TPM key management mechanism and the profiles of key management, we give the concept of portable TPM based on the identity binding. Then we provide the overall design of the portable TPM's key management, including the TPM key and certification, the credibility storage of the key, the key functions, key migration, and the management of AIK.Combined with Java smart card of USB Key's features, we design the data structure, APDU command set, the realization of some functions and AIK management. After that, we establish the function of portable TPM management module, use the feature of Java Card technology to implement the function modules, and then use the APDU commands to test these functions. Finally we assess the correctness of the functions' realization. |
PDF Full Text Request