Design And Implementation Of Trusted Security System Based On USBKEY

With the rapid development of computer technology,the applications of computer and network have penetrated into every field of life and play a huge role,the ensuing security problems are increasingly grim.Traditional computer does not have perfect security mechanism and protection strategy,is the root cause of security problems.Trusted computing is based on the trusted root of physical security,and the trust relationship is extended to the whole computer system through trust measurement and trust chain technology,solve the security problem of computer system from the root.However,the trusted platform module TPM is embedded in the motherboard,which is limited to the application of trusted computing on a common computer,and the trusted computing platform does not verify the login user's legitimacy.Aiming at the above problems,this paper propose a trusted security architecture suitable for common computers,uses USBKEY instead of TPM to build a trusted root,achieves trusted bootstrap function,and ensures the system process credible by the process monitoring system.Ensuring the normal operation of the computer function at the same time the trusted computing application to a common computer system to create a safe and reliable work environment for users.Based on the TCG specification and the trusted computing platform TPM,this paper proposes a credible security architecture based on USBKEY to solve the problem of insufficient security of common computer security by analyzing the trusted starting mechanism and GRUB source code.The architecture uses USBKEY and BIOS as trusted root,through the boot authentication,trusted boot and trust chain technology to achieve a credible start function,and with the core hardware of USBKEY,design of process monitoring system,ensuring system process integrity and trustworthiness while the system running.Boot authentication function and trusted boot function is based on the GRUB source code.Boot authentication used to verify user's legitimacy,trusted boot used to measure the integrity of system kernel file and so on while the start process,make sure that the operating system is credible during the boot load process,to create a safe and reliable operating environment.