| At the beginning of computer system design,it is for auxiliary calculation,and it does not consider system safety.But with the development of computing intelligence and data resource sharing,computer has gradually become the carrier of people’s knowledge and wealth,and network provides a strong support for resource sharing.However,the current computer and network system security measures can not meet the security needs of resource bearing and sharing.More and more computer and network system vulnerabilities have become the targets of attack and utilization,which has posed a serious threat to information security.China’s active immune trusted computing innovatively proposes a dual architecture,namely computing + defense,which fundamentally changes the traditional computer architecture and network model,and makes the defense system separate from the computing system and become an independent protection unit.As a network node,the computer and network equipment have the ability of independent defense.By building an independent active immune defense system for trusted computing nodes,we can prevent the intrusion of known and unknown virus software,prevent the use of malicious tampered hardware components to build a computing platform system,and prevent unsafe network nodes from accessing the trusted network,thus greatly reducing the risk of being attacked by viruses,Trojans and DDo S.The trusted platform control module(TPCM)is the basic support chip of the immune defense system in the dual system,and it is also the trust foundation of network node self-protection,network security access and security transmission.This paper proposes a TPCM module design of active immune system based on dual architecture,which is suitable for trusted server,Internet of things,personal computer,mobile terminal,industrial terminal,industrial PC and other computer applications.The main research work of this paper is as follows:1)The construction of trusted system based on TPCM: first,the establishment of trust starting point,TPCM is the core control module of trusted computing,and it is the trusted root of trusted computing platform.The TPCM contains the first measurement code,which can measure the key data in the startup code of the trusted platform at the beginning of the system power on,and then allow the computer to start the code to run.Secondly,TPCM initiates the extension of trust source.When TPCM completes the measurement of key data in the startup code and passes the verification,TPCM starts the trusted computing platform to extend the trust to the startup code.TPCM initiates the measurement and verification of its basic computing platform equipment and code data,and finally completes the construction of trusted system in the operating system.2)Design and implementation of TPCM chip: TPCM chip is not only the root of trusted computing,which is the originator of trusted computing,but also the executive part of trusted computing,the control part of trusted computing.It provides various support to the upper application through the establishment of communication protocol,including cryptographic operation,hash operation,important data storage,device access control,etc.3)Ralization of the software and hardware interface between TPCM and computer: TPCM is connected to the trusted motherboard through the computer bus,and the trusted platform control module and other devices need to be connected through the main control bus,low-speed communication bus and high-speed communication bus interface.TPCM basic software enables computers to obtain trusted services and security reports of TPCM through the security instruction interface. |
PDF Full Text Request