Design of embedded trusted computing platform based on TPM

doi:10.3778/j.issn.1002-8331.1703-0021

Computer Engineering and Applications ›› 2018, Vol. 54 ›› Issue (13): 105-110.DOI: 10.3778/j.issn.1002-8331.1703-0021

Previous Articles Next Articles

Design of embedded trusted computing platform based on TPM

WANG Yong1，2, SHANG Wenli2, ZHAO Jianming2, WAN Ming2, YUAN Weiwei1

1.School of Automation and Electrical Engineering, Shenyang Ligong University, Shenyang 110159, China
2.Key Laboratory of Chinese Academy of Sciences Network Control System, Shenyang Institute of Automation, Chinese Academy of Sciences, Shenyang 110016, China

Online:2018-07-01 Published:2018-07-17

基于TPM的嵌入式可信计算平台设计

王勇1，2，尚文利2，赵剑明2，万明2，苑薇薇1

1.沈阳理工大学自动化与电气工程学院，沈阳 110159
2.中国科学院沈阳自动化研究所中科院网络化控制系统重点实验室，沈阳 110016

Abstract

Abstract: Enhancing the security of industrial embedded system is the core issue in the field of industrial information security. Only rely on the software security mechanism has been unable to fully protect the security of information, and the existing trusted platform module is designed for personal computer, can not meet the special needs of industrial embedded systems. Through the research of trusted computing technology, this paper designs an embedded trusted computing platform based on trusted platform module TPM, and from the software structure and hardware structure, the transmission mechanism of trusted platform module and trust chain is analyzed. Finally, the trusted verification is performed on the ZYNQ hardware platform, through the kernel forgery attack test, verify the correctness of the design, so as to ensure the security and reliability of industrial embedded platform.

Key words: trusted computing, Trust Platform Module（TPM）, chain of trust, ZYNQ hardware platform, embedded platform

摘要： 增强工业嵌入式系统的安全性是当今工业信息安全领域研究的核心议题。只依靠软件的安全机制已经不能充分地保护信息安全，而现有的可信平台模块是专为个人计算机设计的，不能满足工业嵌入式系统的特殊需求。通过研究可信计算技术，设计了基于可信平台模块TPM的嵌入式可信计算平台，并从软件结构和硬件结构，分析了可信平台模块和信任链的传递机制。最后，在ZYNQ硬件平台上进行可信验证，通过内核伪造攻击测试，验证了设计的正确性，从而确保了工业嵌入式平台的安全可信。

关键词: 可信计算, 可信平台模块（TPM）, 信任链, ZYNQ硬件平台, 嵌入式平台

WANG Yong1，2, SHANG Wenli2, ZHAO Jianming2, WAN Ming2, YUAN Weiwei1. Design of embedded trusted computing platform based on TPM[J]. Computer Engineering and Applications, 2018, 54(13): 105-110.

王勇1，2，尚文利2，赵剑明2，万明2，苑薇薇1. 基于TPM的嵌入式可信计算平台设计[J]. 计算机工程与应用, 2018, 54(13): 105-110.

[1]	HE Liwen, HOU Xiaoyu, TANG Chengcheng, ZHOU Rui, ZHANG Xingning. Rootkit Universality Detection Method for Heterogeneous BIOS Environments [J]. Computer Engineering and Applications, 2019, 55(23): 105-112.
[2]	MA Liang, QIAN Xuezhong. Research on critical path of Web service call based on trusted computing [J]. Computer Engineering and Applications, 2016, 52(3): 230-235.
[3]	SHANG Jing, XU Kaiyong, YANG Qichao. Trusted boot for computer centralized control system-oriented architecture [J]. Computer Engineering and Applications, 2015, 51(17): 64-69.
[4]	ZHAO Bo1，2, FEI Yongkang1，2, XIANG Shuang1，2, LI Yifan1，2. Research and implementation of secure boot mechanism for embedded systems [J]. Computer Engineering and Applications, 2014, 50(10): 72-77.
[5]	CHENG Ge, LI Cong. Research progress of trusted computing environment [J]. Computer Engineering and Applications, 2013, 49(13): 59-64.
[6]	LIU Lan, YUAN Daohua, TONG Xing, WANG Zhonglei. Distributed trusted verification mechanism for trusted computing platform [J]. Computer Engineering and Applications, 2012, 48(2): 99-102.
[7]	CHONG Huifang，WU Zhenqiang，WANG Haiyan. Property-supported self-attestation model and its secure protocol [J]. Computer Engineering and Applications, 2011, 47(7): 110-113.
[8]	GAI Xinmao1，2，SHEN Changxiang2，3，LI Yong2，4，LIU Yi3. Method for layering components towards structured protection [J]. Computer Engineering and Applications, 2011, 47(36): 25-28.
[9]	YANG Bei，WU Zhenqiang，YANG Xiaobo. Multi-level security model based on trusted computing [J]. Computer Engineering and Applications, 2011, 47(27): 122-125.
[10]	LI Yong1，LI Guang2，SHEN Changxiang3. Research of trusted channel model [J]. Computer Engineering and Applications, 2011, 47(26): 70-73.
[11]	MA Hua1，ZHANG Hongyu2. Component selection approach combining trust fuzzy evaluation and dynamic clustering [J]. Computer Engineering and Applications, 2011, 47(21): 73-76.
[12]	CHEN Nan，ZHU Jianming . Analysis and design of trusted online banking authentication protocol [J]. Computer Engineering and Applications, 2011, 47(12): 65-68.
[13]	WANG Hai-yan，WU Zhen-qiang，CHONG Hui-fang，JIANG Li. TPM-based authenticated key agreement protocol in trusted computing [J]. Computer Engineering and Applications, 2010, 46(35): 115-118.
[14]	GONG Lei^1，2，3，ZHAO Yong³，HAN Pei-sheng^1，3，LI Yu³. Research on security protective framework for typical application system [J]. Computer Engineering and Applications, 2010, 46(28): 90-93.
[15]	FU Li-hua，WANG Dan. Research on fuzzy logic-based trust evaluation of trusted computing models [J]. Computer Engineering and Applications, 2010, 46(22): 4-5.

Design of embedded trusted computing platform based on TPM

基于TPM的嵌入式可信计算平台设计

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics