Tcg Software Stack (tss) Specification Analysis And Realization

In the domain of information security, more and more people pay their attentions to trusted computing technology. The core of trusted computing is a security chip installed on the motherboard, which is called TPM (Trusted Platform Module). TPM provide supporting security functions for applications in hardware level. In fact, secure applications can't access TPM directly, but invoke the interface of TSS (TCG Software Stack) to use the security functions provided by TPM.The TPM defined by Trusted Computing Group, is a new embedded security subsystems in the computer.It provides support for software application through hardware.In fact, secure applications can not directly access TPM, but by invoking the TSS.This subject design and implement TSS in Windows2000/XP, based on studing of the TSS1.2 standard interfaces defined by TCG (Trusted Computing Group).With the support of the trusted BIOS, it enhance the secure characteristic of the system, and provide a service for the development of secure applications.In this thesis, a optimized method is introduced to manage the limited key and session resources in TPM, base on their own characteristic. And a secure persistent storage hierarchy is implemented utilizing the security characteristic of TPM.A model about integrity measurement for applications is presented based on the analysis of the event manager, and a support module is implemented in the TSS. TSP adopt the authorization session mechanism in interacting with TPM, guaranteed the data integrity of the command and the security of the authorization data in transmission.This thesis systemly introduces trusted computing technology and the characteristic of TPM. It describe the system architecture of TSS, analysis the four layers of TSS, including TDD(TCG device driver), TDDL(TCG device driver library),TCS (TCG core service), TSP (TCG service provider), then design and implement the core modules of TSS, a command example is provided to introduce the relations of those modules. The system have the capability for developing a whole secure application.TSS specifications are issued by the organization of Trusted Computing Group, trying to confuse the reader or TSS implementers have a thorough understanding of trustworthy computing. TSS is the cutting points that a programmer can write the application. TSS specifications provide tpm all functions, and define a way to access TPM became simple and direct architecture. Thus, the TSS analysis and study have a far-reaching significance.