The Design And Implementation Of The Trusted Server Based On Intel(?) Trusted Execution Technology

Computer security problems appeared with the birth of the computer. Compared with the mobile terminal, computer is more vulnerable to the hacker attacks because of its open structure. With the development of cloud computing and big data, the computer infrastructure not only plays a increasing significant role, but also suffers from a growing number of hacker attacks in the information society. The outbreak of "Snowden event" exacerbated the public and the IT adminstrators’ concern about the safety of the computer, especially those in the core area of service.In the late 90s of the last century, the Trusted Computing Alliance was formed at Microsoft’s lead, which was committed to the study of protecting the integrity of the computer’s key components, and released the TPM1.0 (Trusted Platform Module) chip later. TPM chip uses hardware technology to make the core cryptographic module immune from outside tampering and theft. After more than 20 years of development,the members of the Trusted Computing Group have covered all areas of computers, and these companies also released their own trusted applications based on the TPM chip. Intel presented Trusted Execution Technology (TXT) in Xeon 5200 Processor, and added a new instruction set to support this technology. Intel TXT technology uses TPM chip and registers in the dedicated area to complete the verification of platform integrity.This paper describes how to implement the Intel TXT technology in server, and analyzes the status of trusted computing domestically and abroad.Through the analysis of computer boot procedure, this paper decribes how to build a platform measurement chain with the TPM chip’s authorization mechanisms and key mechanism. Also, this paper decribes a method to achieve the verification of platform integrity when Intel TXT technology is not available. The core features of the trusted server are presented in this paper,including the testing cases and testing results.After describing the needs analysis based on the design of the overall system architecture and functional architecture, this paper decribes the diverious functional modules through the form of flow charts and introduces the core funcions of the trusted server. Finally, this paper recommends the trusted server’s ultimate testing cases and testing results.