Start Usbkey The Linux-based Security Research And Design Of The Chain

Trusted computing technology has become a hot topic in the field of information security,which advances the ability of businesses,government agencies and consumers to conduct trustworthy transactions.At present,domestic trusted research have not enough items on the security of the Operating System(OS) architecture for primary commercial using.With the fast development of network technique and with the emergence of diversification security threats,traditional design theory and structure of security OS can not solve the secure problems in actual world.In this thesis,we research and implement some trusted problems based on Linux.The thesis first describes the general idea of trusted computing,including the function and the development of the trusted computing in constructing a trusted operating system.Safe booting and safe file systems based on the theory of the operating system,the demand of trusted computing and the idea of securetrusted chain of OS.Based on the analyed of the common startup proeess in the traditional OS,the safe startup process is anailyed,which is divided into two phases,the former one is the startup of the trusted hardware,the later one is the startup of the OS kernel,and some problems about the safe startup process are addressed.The two phases which are safe can ensure the security of the startup process of OS,at the same time can be sufficient to computing criterion by the TCG,we do research on the security measurement of the two phases,ensusing the security of OS.The thesis designs and implements the protection of Linux OS by using USBKey as TPM trusted root based on trusted computing technology.The new mechanism has some features as below:(1) The security of the booting process of Linux is improved by using USBKey,so it can ensure the security based on hardware.(2)The security of Linux file system is enhanced by using LSM technology.We implement the part of the safe chain using BIOS security,Grub security,kernel and Initrd security,LSM technology on Linux operating system,together with the architecture of trusted computing in the whole.Basing on the development environment, an application is developed to demonstate the capability of trusted computing.At last, we bring up some improvements about trusted theory and implementation of safe chain of OS.