| In recent years, as the internetwork’s scale progressively increasing and deepening, thenetwork becomes complicated which resulted in that the network information securityproblem is increasingly sharp. And the network defense system’s security and reliability alsobecomes more and more serious challenges. People realized that the terminal is the key toprevent network intrusions and data leakage. Terminal equipment at the network edge is theinitiator of the vast majority of security risks. Therefore, the establishment of a complete,compatible terminal system has great value and practical significance. Especially for privatenetwork(such as e-government network) which requires higher information securitymanagement, a highly reliable security mechanisms become more important.Based on the basic feature in current network environment, because of the limitation andshortcoming that most traditional security solutions rely on third-party application software,this paper study the Xen virtualization technology, the trusted chip(Trusted Platform Module,TPM) and the trust chain transfer mechanism comprehensively, then proposes a virtual clientsystem(terminal system) trusted boot mechanism based virtualization technology in order tosolve the traditional problems that terminal relies on third-party security software excessively.Based on the TNC(Trusted Network Connect) architecture, this paper combined the TPMtrusted chip with the feature of virtualization, study the virtual machine privileged domain andthe mechanism of chain of trust mechanism, extends trusted boot process from the privilegeddomain to the virtual client terminal based on the study above, repair the trusted boot securitymechanism and reaches the objective of trusted and security on terminal.The target is to improve network security management system, ensure the credibility andsecurity of network terminals, then achieve the goal of mechanism in chain of trust from theterminal to the entire network, and achieve the purpose of network information securityfinally. |
