Research And Implementation Of Safety Integrity Authentication Technology Based ARM System

With the development of embedded computer technology, embedded devices are widely used in all areas of our lives, especially in embedded intelligent terminals toward portability and intelligent development, its popularity has even surpass PC. Due to the embedded intelligent devices and PC software architecture is similar, the attacker will also treat embedded intelligent devices as the target. Meanwhile safety measures in the embedded intelligent devices is imperfect, especially some system-level security to be strengthened, so establish a set of security measures for embedded intelligent devices is necessary.In this thesis, based the trusted execution standard of building the root of trust and forming a chain of trust sugested by TCG, combined with the current mainstream ARM TrustZone technology architecture, design and validate a system for ARM security integrity measure program, which from a system Boot to system operation are take protective measures to ensure the credibility of the environment, and the use of Linux system security subsystem module for detecting integrity for ARM system, to ensure the execution performing integrity verification, so that determines whether or not to run the trusted based on an assessment result of the detection,.While take the measures of Security integrity, the first use of encryption technology for integrity testing of the boot image to ensure that the integrity of image startup, provides the premise for the following security measures. Then use the T-OS which is running in the TrustZone provides a safty and trusted third party for the system, while transform T-OS trusted environment to analog the TPM standard proposed by TCG to construct a TPM service, to combine the integrity subsystem module to detect the integrity of targets that needs measure, these objectives include loading modules, executing software, and the target file access mapping, etc., to ensure that the current system resources to be accessed are not tampered complete. Finally embodiment, to experiment the integrity authentication technology for ARM system.