Embedded Terminal Security Research Based On Trusted Root

With the rapid development of embedded technology, the embedded terminal productsdeeply root in peoples’ heart, and security becomes quite essential. But most of theembedded terminals often ignore safety design in the development cycle, which causesvulnerabilities against attacks. In order to effectively solve the security problems, such asdata leaks and virus infection caused by embedded terminal, we need to take an overallaspect and especially, look into the underlying of the system, by which way we can bettersolve security problems of the terminal. and from the trusted root.This article first summarizes the advanced ideas of trusted computing technology; withregard to these ideas, we design a new measurement and a control over structure, set up anew trust transfer model in the process of trust transfer, and based on this design wecomplete the trusted guide scheme of terminal. These all take a trusted root point of view.We also introduce the recoverable mechanism, and this make the terminal system moreperfect. Secondly, in consideration of the terminal system protection entities, such as keys,programs and data, we draw against protection measures of data encryption, data bindingand data sealing, improve the digital seal technology, and achieve higher quality protection.Finally, we conducted the experimental verification on a mobile police terminal. We builthardware platform with Marvell PXA310microprocessor as the core and used the WindowsEmbedded CE operating system; moreover, both a trusted password module and arecoverable module were added to the system. During the development of the Bootloadersystem, we implement a one-step-one-measurement method, which ensures the integrity ofthe system from its start. Rigorous process powerfully guarantees the safety of policeterminal system.We in the article design a new measurement and control over structure, and,considering the attenuation problem of trust, establish a compound structure that combines astar structure with chain structure; we improve the measurement steps and add in therecovery mechanism against the integrate measurement in traditional trusted guide; in thecase of the traditional data protection technology where digital seal technology lacks of privacy permissions, we encrypt with the private key mechanism in the out layer, andimprove the digital seal technology; finally,the whole idea is illustrated on an embeddedmobile police terminal.Our work ensures the integrity of terminal in the boot process, effectively prevents theprogram from being tampered with, and to a certain extent, improves the security andreliability performance of the equipment. There are also some shortcomings about theembedded terminal security research in this paper and still a lot of work needed to do, suchas the improvement of dynamic trusted measurement, storage, and reporting mechanism,and the battle against the lack of corresponding credible mechanism in the system andapplication.