CN102012979A - Embedded credible computing terminal - Google Patents
Embedded credible computing terminal Download PDFInfo
- Publication number
- CN102012979A CN102012979A CN2010105445022A CN201010544502A CN102012979A CN 102012979 A CN102012979 A CN 102012979A CN 2010105445022 A CN2010105445022 A CN 2010105445022A CN 201010544502 A CN201010544502 A CN 201010544502A CN 102012979 A CN102012979 A CN 102012979A
- Authority
- CN
- China
- Prior art keywords
- embedded
- computing terminal
- trusted computing
- tpm
- bus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004364 calculation method Methods 0.000 claims description 19
- 238000005259 measurement Methods 0.000 claims description 18
- 239000007858 starting material Substances 0.000 claims description 15
- 230000005055 memory storage Effects 0.000 claims description 10
- 238000004891 communication Methods 0.000 claims description 7
- 239000004973 liquid crystal related substance Substances 0.000 claims description 6
- 230000001360 synchronised effect Effects 0.000 claims description 4
- 238000000034 method Methods 0.000 description 10
- 238000004422 calculation algorithm Methods 0.000 description 6
- 102100033668 Cartilage matrix protein Human genes 0.000 description 5
- 101001018382 Homo sapiens Cartilage matrix protein Proteins 0.000 description 5
- 230000006399 behavior Effects 0.000 description 5
- 238000007726 management method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 230000002093 peripheral effect Effects 0.000 description 3
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Abstract
The invention discloses an embedded credible computing terminal to solve a technical problem of improving degree of credibility of a computing terminal and implementing simple circuit structure. The embedded credible computing terminal of the invention is physically connected with an embedded microprocessor by an I2C universal serial bus; a system is provided with an initialization device, a measuring device and a comparing device which are orderly connected, and the comparing device is connected with a normalized value database, a starting device and a feedback device; the initialization device, the measuring device, the comparing device and the normalized value database are all located in a read-only memory, and the starting device and the feedback device are stored in a program memory. Compared with the prior art, the measuring device performs SHA-1 computing after initialization to transmit computing result to the comparing device, the comparing device compares the computing result with a normalized value read from the normalized value database to selectively enter the starting device or the feedback device and build a credible computing environment, a physical connection between an ARM and a TPM is an I2C bus, and the circuit structure is simple.
Description
Technical field
The present invention relates to a kind of safe information equipment, particularly a kind of Trusted Computing equipment.
Background technology
Trusted Computing is subjected to more and more researchers and research organizations pay much as new developing direction of information security field.Solve security threat, just need set up the credible transfer mode of an information from computing machine or terminal system inside.Have only " credible " of realizing terminal, could solve between people and the machine from the source, the information security transmission between machine and the machine.Therefore, " Trusted Computing " becomes the only way of information security development.
In order to solve the dangerous of terminal system, fundamentally improve its security, must comprehensively take measures from aspects such as chip, hardware configuration and operating systems, produce the basic thought of Trusted Computing thus, its objective is the credible calculating platform that in calculating and communication system, is extensive use of based under the hardware security module support, to improve its whole security.
Be different from traditional safety technique, reliable computing technology begins to take precautions against from terminal to be attacked.The main thought of Trusted Computing is to introduce safety chip on hardware platform, is called credible platform module TPM framework, the security that improves terminal system, thus the part of general or whole computing platform become the computing platform of " credible ".Its fundamental purpose is the safety that guarantees whole computer network by the security that strengthens existing terminal architecture, meaning is built a sincere system exactly in computer network, each terminal all has legal network identity, and can be approved, and terminal has malicious code, as the immunocompetence of virus, wooden horse etc.In such trusted computation environment, any terminal goes wrong, and can both guarantee reasonable evidence obtaining, convenient monitoring and management.
Trusted Computing tissue T CG (Trusted Computing Group) to the definition of " credible " is: " entity is being realized giving when setting the goal; if its behavior is always as expection, then this entity is believable " (An entity can be trusted if it always behaves in the expected manner for the intended purpose).This definition is with Trusted Computing and current safety technique separately: the credible behavior outcome of emphasizing can expect, but and to be not equal to the affirmation behavior be safe, this is two different notions.From the definition of TCG, crediblely in fact also comprised the notion of reliability in the fault-tolerant calculation.Reliability assurance hardware or software system performance are measurable.
The main means of Trusted Computing are to carry out identity validation, use to encrypt and carry out memory protection and use integrity measurement to carry out integrity protection.Basic thought is at first to set up a root of trust in computer system, sets up a trust chain again, and one-level is measured the authentication one-level, and one-level is trusted one-level, trusting relationship is expanded to the whole terminal system, thereby guarantee the credible of system.Owing to introduced a such embedded computer system that is embedded in the computer platform of safety chip TPM (Trusted Platform Module), TCG has solved many indeterminable problems in the past.
In the TCG system, trusted root Root of trust is unconditionally trusted, and system does not detect the behavior of trusted root, so whether trusted root is really credible, is the credible key of system.TPM is the basis of trusted root.TPM is a small-sized SOC (system on a chip) that contains crypto-operation parts and memory unit, and it is the maker of key, is again the key management device, and unified DLL (dynamic link library) also is provided simultaneously.TPM with supporting application software, is mainly used in the functions such as reliability certification, authenticating user identification and digital signature of finishing computing platform by key management and configuration management are provided.
TPM is made of input and output, cipher processor, hashed message authentication code HMAC engine module.The TPM chip is verified BootLoader and operating system integrality successively, as correct then normal operation system, otherwise out of service.Afterwards, utilize various keys in the encrypting module generation system of TPM built-in chip type, application modules is carried out encryption and decryption, and secure communication interface upwards is provided, to guarantee the safety of upper application module.
According to the TCG standard, the foundation of trusted computation environment depends on the trusted root that can not distort and based on the trust chain of trusted root, and at present the credible tolerance root of the TCG trusted terminal that adopts of industry generally be stored in basic input-output system BIOS (; Quot; Basic Input Output System﹠amp; Quot) in, and BIOS itself can be by malicious modification, the failure that causes system's trusted environment to be set up like this.
What the trusted terminal major part of prior art related to is general-purpose computing system, and a spot of embedded trusted terminal is only arranged, and the TPM expansion design that adopts comprises System Management Bus SMBus interface and low pin count LPC interface.General embedded type CPU directly is not with SMBus bus or lpc bus, the TPM module can only be connected by general input/output port with embedded type CPU, therefore need write software simulation SMBus or LPC interface by the agreement of these two kinds of interfaces, reduce the portability of system software.
Summary of the invention
Of the present inventionly provide a kind of embedded Trusted Computing terminal, the technical matters that solve is to improve the credibility of computing terminal, and circuit structure is simple.
The present invention is by the following technical solutions: a kind of embedded Trusted Computing terminal, the embedded reliable hardware layer of described embedded Trusted Computing terminal comprises creditable calculation modules, embedded microprocessor, program storage and ROM (read-only memory), and described creditable calculation modules and embedded microprocessor pass through I
2C universal serial bus physical connection; The system of described embedded Trusted Computing terminal is provided with apparatus for initializing, measurement apparatus, the compare device who is linked in sequence, and the compare device connects standard value database, starter gear and feedback assembly; Described apparatus for initializing, measurement apparatus, compare device and standard value database are positioned at ROM (read-only memory) inside, and starter gear and feedback assembly are stored in the program storage; Described apparatus for initializing is used for the initialization embedded microprocessor; Described measurement apparatus is used for reading code and the operating system code of the BOOTLOADER that is stored in program storage, and these codes are passed through I
2The C bus is delivered to creditable calculation modules, and creditable calculation modules is done the SHA-1 computing to the data that receive: from a maximum 2
64Produce a string 160 data summarization in the data of position, operation result is passed through I
2The C bus passes to the compare device; The result data summary that described compare device is used for standard value that the standard value database is read and measurement apparatus computing contrast, and two groups 160 data are plucked and subtracted each other, and the result is zero, the execution starter gear; Described starter gear is used to guide embedded microprocessor to start its operating system; Described feedback assembly is used for sending the warning that the code of embedded Trusted Computing terminal has been distorted to the user.
Of the present invention two groups 160 data are plucked and are subtracted each other, and the result is non-vanishing, carry out feedback assembly.
Standard value of the present invention is the data summarization of the SHA-1 computing of source code.
Compare device of the present invention connects the master record database through memory storage, and memory storage and master record database storing are in program storage.
Compare device of the present invention is delivered to memory device stores to the master record database with comparing result.
The log information of nearest 512 startups of master record database storing of the present invention.
Embedded reliable hardware layer of the present invention is provided with bridge and 4 passage Dram accesses, bridge and 4 passage Dram accesses are connected with embedded microprocessor, synchronous DRAM, liquid-crystal controller and Dram access, program storage, ROM (read-only memory) through ahb bus, and bridge and 4 passage Dram accesses are connected with I through the APB bus
2C bus, Ethernet interface chip, serial communication interface, USB interface and IO interface, I
2The C bus connects creditable calculation modules and VGA output.
Feedback assembly of the present invention connects user interface through liquid-crystal controller.
The I that creditable calculation modules of the present invention is had by embedded microprocessor itself
2C universal serial bus physical connection.
The present invention compared with prior art, the Trusted Computing terminal is by apparatus for initializing, measurement apparatus, the compare device is linked in sequence, the compare device connects the standard value database, feedback assembly, starter gear and memory storage, after initialization is finished, measurement apparatus carries out SHA-1 calculating by TPM to the program that is stored among the NAND-FLASH, and result of calculation is sent to the compare device, the standard value comparison between calculation results of compare device by from the standard value database, reading, selection enters starter gear or feedback assembly, CRTM can not be stored among the ROM with distorting, and after CRTM finishes start-up routine tolerance, just load and move described start-up routine, start terminal and carry out Trusted Computing, thereby set up trusted computation environment, the physical connection between ARM and the TPM is I
2The C bus, circuit structure is simple.
Description of drawings
Fig. 1 is overall framework figure of the present invention.
Fig. 2 is a hardware structure diagram of the present invention.
Fig. 3 is the block diagram that is connected of flush bonding processor of the present invention and TPM module.
Fig. 4 is a TPM operational flowchart of the present invention.
Fig. 5 is TPM of the present invention, ARM and start-up routine load-on module interactive relation figure.
Fig. 6 is an embedded Trusted Computing terminal system structural drawing of the present invention.
Embodiment
Below in conjunction with drawings and Examples the present invention is described in further detail.As shown in Figure 1, embedded Trusted Computing terminal of the present invention mainly constitutes embedded reliable hardware layer by creditable calculation modules TPM, embedded microprocessor ARM and peripherals, the I that TPM is had by ARM module itself
2The C universal serial bus is realized both physical connections, and peripherals is connected by communication media or bus with ARM.
TPM is used to finish the core algorithm of embedded Trusted Computing end message safety, promptly realizes the SHA-1 algorithm, and digital digest, signature and authentication, key and random number generation, memory protection, security audit and believable startup and self check send the result to ARM.TPM contains various password parts and memory unit, and a series of Cipher Processing functions can be provided, the nonvolatile random access memory NVRAM that comprises public key encryption algorithm RSA, SHA-1 algorithm engine, randomizer and deposit key messages such as key.
ARM starts the Trusted Computing terminal after being used to receive the result that TPM finishes start-up routine load-on module tolerance.
Peripherals is mouse, keyboard and memory device, is used for man-machine interaction and information stores.
As shown in Figure 2, embedded reliable hardware layer of the present invention, be provided with bridge and 4 passage Dram access DMA, bridge and 4 passage Dram access DMA connect embedded microprocessor ARM, synchronous DRAM SDRAM, liquid-crystal controller and Dram access DMA, program storage NAND-FLASH, read only memory ROM respectively through ahb bus.Bridge and 4 passage Dram access DMA connect I respectively through the APB bus
2C bus, Ethernet interface chip CS8900, serial communication interface, USB interface and IO interface.I
2The C bus connects creditable calculation modules TPM and VGA output CH7005.IO interface connects keyboard etc.
Described TPM inside is provided with computing unit and storage unit, constitutes small-sized computing machine.
As shown in Figure 6, the system of embedded Trusted Computing terminal of the present invention is linked in sequence by apparatus for initializing, measurement apparatus, compare device, the compare device connects standard value database, feedback assembly, starter gear and memory storage, memory storage connects the master record database, feedback assembly through liquid-crystal controller to user interface.
Apparatus for initializing, measurement apparatus, compare device and standard value database are arranged in read only memory ROM, and starter gear, memory storage and feedback assembly are stored among the NAND-FLASH, are carried out by ARM.The master record database storing is in NAND-FLASH.
The user operates embedded Trusted Computing terminal of the present invention, to its power on and obtain feedback assembly whether distorted information arbitrarily about BOOTLOADER among the NAND-FLASH and operating system, i.e. different with the operating system feedback informations distorted of all being considered to of this partial code with original BOOTLOADER.
Apparatus for initializing is used for initialization ARM, is initialized as and closes house dog, forbids all interruptions, and it is 200MHz that the ARM frequency is set, and synchronous DRAM SDRAM control register is set, and ARM is started working, and carries out measurement apparatus then.
Measurement apparatus is used for reading code and the embedded Trusted Computing terminal operating system code of the BOOTLOADER that is stored in NAND-FLASH, and these codes are passed through I
2The C bus is delivered to TPM, and TPM does the SHA-1 computing to the data that receive: from a maximum 2
64Produce a string 160 data summarization in the data of position, data summarization is operation result, and operation result is passed through I
2The C bus passes to the compare device.
The compare device is used for the standard value that will read from the standard value database and the result of measurement apparatus computing contrasts, standard value is the data summarization of original SHA-1 computing, two groups 160 data summarization subtracts each other, if the result is zero, then two groups of data are identical, and the code among the expression NAND-FLASH is source code, and comparing result is delivered to memory device stores to the master record database, if comparing result is identical simultaneously, instruction ARM carries out starter gear, and ELSE instruction ARM carries out feedback assembly.
The standard value database is used to store the SHA-1 operation result standard of source code, and the SHA-1 operation result of promptly not distorted is anyly distorted with different all being considered to of source code.
Feedback assembly is used for giving a warning to the user, and the code of embedded Trusted Computing terminal is distorted, exports warning message on the screen of user interface: " presumptive instruction is distorted "/" The Software has been destroyed ".
Starter gear is used to guide embedded microprocessor ARM start the operating system (embedded trusted operations layer).Be stored among the NAND-FLASH after this operating system nucleus compression, guiding is exactly that the operating system nucleus of compression is duplicated from NAND-FLASH, unzips among the RAM.
Memory storage stores SHA-1 operation result and comparing result into the master record database as the log information that starts.
The master record database is used to store the log information of nearest 512 startups.
The user is the user of embedded Trusted Computing terminal, is used for powering on to embedded Trusted Computing terminal.
Embodiment, TPM adopts the AT97SC3204T of U.S. Atmel Corporation, and ARM adopts the S3C2410A of Korea S Samsung.Employing C is a programming language, and compilation tool is arm-linux-gcc-3.4.1.
The user sends instruction: energized.
Initialization directive: TPM_Init () and ARM_Init ().
Tolerance instruction: T_SHA1_Extend ().
Contrast instruction: T_Contrast ().
Read standard value database instruction: T_ReadStandardValue ().
").
Start the instruction of embedded OS: boot_kemel ().
The instruction of storing daily record: save_log ().
When starting embedded Trusted Computing terminal, ARM reads and carries out apparatus for initializing, measurement apparatus and the compare device among the ROM, and the BOOTLOADER code is measured: the SHA-1 computing by the TPM module, operation result and the standard value database that is stored among the ROM are contrasted, if identical then BOOTLOADER is loaded into SDRAM from NAND-FLASH, thereby guaranteeing the credibility of terminal at the very start.
After TPM finishes BOOTLOADER code tolerance, start the embedded OS of embedded microprocessor ARM by the BOOTLOADER start-up code of having measured.
Credible tolerance root CRTM can not be stored among the ROM with distorting, but not be stored among the NAND-FLASH, thereby guaranteed the foundation of trusted computation environment, and, after by TPM BOOTLOADER code tolerance being finished, just load the BOOTLOADER code, thereby guarantee when embedded Trusted Computing terminal loads BOOTLOADER, just to have set up believable computing environment to SDRAM.
The apparatus for initializing of embedded Trusted Computing terminal is started by the user.After initialization was finished, measurement apparatus carried out SHA-1 calculating to the program that is stored among the NAND-FLASH, and result of calculation is sent to the compare device.Standard value and result of calculation that the compare device reads from the standard value database by contrast are selected to enter starter gear or feedback assembly, and comparing result are sent to memory storage, thereby stores the master record database into.If comparing result is different, then inform the user by feedback assembly, otherwise start-up system.
As shown in Figure 3, the physical connection between ARM and the TPM is I
2The C bus makes circuit structure simple, and programming is convenient, and the space of circuit board and design difficulty reduce, and cost and volume reduce, and realize the modularization and the standardization of custom system software and hardware easily.
As shown in Figure 4, TPM operating process of the present invention is:
One, beginning;
Two, ARM passes through I
2The C bus sends the TPM order to TPM;
Three, ARM detects I
2Whether the C bus returns ACK.If return ACK, expression TPM has responded this order, enters flow process four execution; If do not return ACK, expression TPM does not respond this order, enters flow process five execution;
Four, ARM passes through I
2The C bus reads the rreturn value of TPM order;
Five, check whether order is carried out overtimely, if do not have overtimely, enters flow process two execution, otherwise the function call failure.
As shown in Figure 5, all pass through I between TPM and ARM module and the start-up routine load-on module
2The C bus communication.TPM at first passes through I
2The C bus is measured start-up loading modular program code and is sent tolerance to ARM and finish indication, and the code of ARM in receiving TPM indication back loading and execution start-up routine load-on module tentatively set up trusted computation environment.
The Trusted Computing that embedded Trusted Computing terminal of the present invention is carried out comprises following implementation:
1, carries out the computing of high speed asymmetric key cipher algorithm encryption and decryption by the TPM module by the asymmetric key cipher algorithm engine;
2, by the TPM module control executive component, process monitoring execution unit and tolerance checking execution unit are carried out integrity protection;
3, by the process monitoring submodule to process behavior evaluate and test, monitor;
4, by application integrity tolerance authentication module process integrity is evaluated and tested, responded.
Embedded Trusted Computing terminal of the present invention can not be stored CRTM with distorting, and just loads and move described start-up routine after described CRTM finishes start-up routine tolerance, starts terminal and carries out Trusted Computing, thereby set up trusted computation environment.
Claims (9)
1. embedded Trusted Computing terminal, the embedded reliable hardware layer of described embedded Trusted Computing terminal comprises creditable calculation modules (TPM), embedded microprocessor (ARM), program storage (NAND-FLASH) and ROM (read-only memory) (ROM), it is characterized in that: described creditable calculation modules (TPM) passes through I with embedded microprocessor (ARM)
2C universal serial bus physical connection; The system of described embedded Trusted Computing terminal is provided with apparatus for initializing, measurement apparatus, the compare device who is linked in sequence, and the compare device connects standard value database, starter gear and feedback assembly; Described apparatus for initializing, measurement apparatus, compare device and standard value database are positioned at ROM (read-only memory) (ROM) inside, and starter gear and feedback assembly are stored in the program storage (NAND-FLASH); Described apparatus for initializing is used for initialization embedded microprocessor (ARM); Described measurement apparatus is used for reading code and the operating system code of the BOOTLOADER that is stored in program storage (NAND-FLASH), and these codes are passed through I
2The C bus is delivered to creditable calculation modules (TPM), and creditable calculation modules (TPM) is done the SHA-1 computing to the data that receive: from a maximum 2
64Produce a string 160 data summarization in the data of position, operation result is passed through I
2The C bus passes to the compare device; The result data summary that described compare device is used for standard value that the standard value database is read and measurement apparatus computing contrast, and two groups 160 data are plucked and subtracted each other, and the result is zero, the execution starter gear; Described starter gear is used to guide embedded microprocessor (ARM) to start its operating system; Described feedback assembly is used for sending the warning that the code of embedded Trusted Computing terminal has been distorted to the user.
2. embedded Trusted Computing terminal according to claim 1 is characterized in that: described two groups 160 data are plucked and are subtracted each other, and the result is non-vanishing, carry out feedback assembly.
3. embedded Trusted Computing terminal according to claim 2 is characterized in that: described standard value is the data summarization of the SHA-1 computing of source code.
4. embedded Trusted Computing terminal according to claim 3, it is characterized in that: described compare device connects the master record database through memory storage, and memory storage and master record database storing are in program storage (NAND-FLASH).
5. embedded Trusted Computing terminal according to claim 4 is characterized in that: described compare device is delivered to memory device stores to the master record database with comparing result.
6. embedded Trusted Computing terminal according to claim 5 is characterized in that: the log information of nearest 512 startups of described master record database storing.
7. embedded Trusted Computing terminal according to claim 6, it is characterized in that: described embedded reliable hardware layer is provided with bridge and 4 passage Dram accesses (DMA), bridge and 4 passage Dram access (DMA) ahb bus are connected with embedded microprocessor (ARM), synchronous DRAM (SDRAM), liquid-crystal controller and Dram access (DMA), program storage (NAND-FLASH), ROM (read-only memory) (ROM), and bridge and 4 passage Dram accesses (DMA) are connected with I through the APB bus
2C bus, Ethernet interface chip (CS8900), serial communication interface, USB interface and IO interface, I
2The C bus connects creditable calculation modules (TPM) and VGA output (CH7005).
8. embedded Trusted Computing terminal according to claim 7, it is characterized in that: described feedback assembly connects user interface through liquid-crystal controller.
9. embedded Trusted Computing terminal according to claim 8 is characterized in that: the I that described creditable calculation modules (TPM) is had by embedded microprocessor (ARM) itself
2C universal serial bus physical connection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105445022A CN102012979B (en) | 2010-11-15 | 2010-11-15 | Embedded credible computing terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105445022A CN102012979B (en) | 2010-11-15 | 2010-11-15 | Embedded credible computing terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102012979A true CN102012979A (en) | 2011-04-13 |
| CN102012979B CN102012979B (en) | 2012-07-04 |
Family
ID=43843152
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010105445022A Expired - Fee Related CN102012979B (en) | 2010-11-15 | 2010-11-15 | Embedded credible computing terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102012979B (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103150523A (en) * | 2013-03-07 | 2013-06-12 | 太原科技大学 | Simple embedded-type credible terminal system and method thereof |
| CN103166952A (en) * | 2012-11-16 | 2013-06-19 | 太原科技大学 | Embedded type vehicle-mounted data collection terminal |
| CN103310670A (en) * | 2013-05-17 | 2013-09-18 | 珠海翔翼航空技术有限公司 | Air-land talk environment simulation system terminal of full-flight simulator, and control method thereof |
| CN103377342A (en) * | 2012-04-27 | 2013-10-30 | 国民技术股份有限公司 | Method and system for verifying sensitive operations |
| CN103678955A (en) * | 2013-04-26 | 2014-03-26 | 厦门密安信息技术有限责任公司 | Dependable chip design method |
| CN103995479A (en) * | 2014-05-13 | 2014-08-20 | 珠海博威智能电网有限公司 | Medium-voltage on-off controller system based on hardware trust control and use method thereof |
| CN104468591A (en) * | 2014-12-12 | 2015-03-25 | 国家电网公司 | Power dependable safety communication system based on dependable computing module |
| WO2015090196A1 (en) * | 2013-12-18 | 2015-06-25 | 国家电网公司 | Method for creating dependable environment in power distribution terminal |
| CN108153554A (en) * | 2017-12-18 | 2018-06-12 | 江苏方天电力技术有限公司 | A kind of RTOS trusted systems and implementation method based on credible chip |
| CN110275593A (en) * | 2019-06-25 | 2019-09-24 | 成都航天通信设备有限责任公司 | A kind of modularization information processing system and its heat dissipating method |
| CN110532777A (en) * | 2018-05-24 | 2019-12-03 | 霍尼韦尔环境自控产品(天津)有限公司 | Secure startup system and method, terminal device and its core system |
| CN111538993A (en) * | 2020-04-16 | 2020-08-14 | 南京东科优信网络安全技术研究院有限公司 | Device and method for performing credibility measurement by introducing external hardware trust root |
| CN112233759A (en) * | 2020-10-15 | 2021-01-15 | 刘明 | Coronary heart disease management cloud platform system and intelligent medicine box |
| CN116049081A (en) * | 2022-12-30 | 2023-05-02 | 成都电科星拓科技有限公司 | SMBus slave digital module design method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6327652B1 (en) * | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
| CN1853162A (en) * | 2003-09-18 | 2006-10-25 | 贵族技术澳大利亚有限公司 | BIOS protection device |
| CN101038556A (en) * | 2007-04-30 | 2007-09-19 | 中国科学院软件研究所 | Trusted bootstrap method and system thereof |
| CN101122936A (en) * | 2007-09-21 | 2008-02-13 | 武汉大学 | Embed type platform guiding of credible mechanism |
| CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
-
2010
- 2010-11-15 CN CN2010105445022A patent/CN102012979B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6327652B1 (en) * | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
| CN1853162A (en) * | 2003-09-18 | 2006-10-25 | 贵族技术澳大利亚有限公司 | BIOS protection device |
| CN101038556A (en) * | 2007-04-30 | 2007-09-19 | 中国科学院软件研究所 | Trusted bootstrap method and system thereof |
| CN101122936A (en) * | 2007-09-21 | 2008-02-13 | 武汉大学 | Embed type platform guiding of credible mechanism |
| CN101515316A (en) * | 2008-02-19 | 2009-08-26 | 北京工业大学 | Trusted computing terminal and trusted computing method |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103377342A (en) * | 2012-04-27 | 2013-10-30 | 国民技术股份有限公司 | Method and system for verifying sensitive operations |
| CN103166952A (en) * | 2012-11-16 | 2013-06-19 | 太原科技大学 | Embedded type vehicle-mounted data collection terminal |
| CN103166952B (en) * | 2012-11-16 | 2016-04-27 | 太原科技大学 | A kind of embedded onboard data collection station |
| CN103150523B (en) * | 2013-03-07 | 2016-01-13 | 太原科技大学 | A kind of easy embedded credible terminal system and method |
| CN103150523A (en) * | 2013-03-07 | 2013-06-12 | 太原科技大学 | Simple embedded-type credible terminal system and method thereof |
| CN103678955A (en) * | 2013-04-26 | 2014-03-26 | 厦门密安信息技术有限责任公司 | Dependable chip design method |
| CN103310670A (en) * | 2013-05-17 | 2013-09-18 | 珠海翔翼航空技术有限公司 | Air-land talk environment simulation system terminal of full-flight simulator, and control method thereof |
| WO2015090196A1 (en) * | 2013-12-18 | 2015-06-25 | 国家电网公司 | Method for creating dependable environment in power distribution terminal |
| CN103995479A (en) * | 2014-05-13 | 2014-08-20 | 珠海博威智能电网有限公司 | Medium-voltage on-off controller system based on hardware trust control and use method thereof |
| CN104468591A (en) * | 2014-12-12 | 2015-03-25 | 国家电网公司 | Power dependable safety communication system based on dependable computing module |
| CN108153554A (en) * | 2017-12-18 | 2018-06-12 | 江苏方天电力技术有限公司 | A kind of RTOS trusted systems and implementation method based on credible chip |
| CN110532777A (en) * | 2018-05-24 | 2019-12-03 | 霍尼韦尔环境自控产品(天津)有限公司 | Secure startup system and method, terminal device and its core system |
| CN110275593A (en) * | 2019-06-25 | 2019-09-24 | 成都航天通信设备有限责任公司 | A kind of modularization information processing system and its heat dissipating method |
| CN110275593B (en) * | 2019-06-25 | 2022-05-24 | 成都航天通信设备有限责任公司 | Heat dissipation method of modular information processing system |
| CN111538993A (en) * | 2020-04-16 | 2020-08-14 | 南京东科优信网络安全技术研究院有限公司 | Device and method for performing credibility measurement by introducing external hardware trust root |
| CN111538993B (en) * | 2020-04-16 | 2023-05-12 | 南京东科优信网络安全技术研究院有限公司 | Device and method for introducing external hardware trust root to perform trusted measurement |
| CN112233759A (en) * | 2020-10-15 | 2021-01-15 | 刘明 | Coronary heart disease management cloud platform system and intelligent medicine box |
| CN116049081A (en) * | 2022-12-30 | 2023-05-02 | 成都电科星拓科技有限公司 | SMBus slave digital module design method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102012979B (en) | 2012-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102012979B (en) | Embedded credible computing terminal | |
| JP5551130B2 (en) | Encapsulation of reliable platform module functions by TCPA inside server management coprocessor subsystem | |
| US11093258B2 (en) | Method for trusted booting of PLC based on measurement mechanism | |
| CN103038745B (en) | Extension integrity measurement | |
| LeMay et al. | Cumulative attestation kernels for embedded systems | |
| CN101515316B (en) | Trusted computing terminal and trusted computing method | |
| CN104160403B (en) | Use single credible platform module measuring table part | |
| CN105205401B (en) | Trusted computer system and its trusted bootstrap method based on security password chip | |
| US8225101B2 (en) | Cross validation of data using multiple subsystems | |
| CN103080904B (en) | Multistage lock-step integrity report mechanism is provided | |
| US9208292B2 (en) | Entering a secured computing environment using multiple authenticated code modules | |
| CN104794393A (en) | Embedded type partition image security certification and kernel trusted boot method and equipment thereof | |
| CN107665308B (en) | TPCM system for building and maintaining trusted operating environment and corresponding method | |
| CN102279914A (en) | Unified extensible firmware interface (UEFI) trusted supporting system and method for controlling same | |
| CN111638936B (en) | Virtual machine static measurement method and device based on built-in security architecture | |
| CN104850792A (en) | Establishment method and apparatus of trust chain of server | |
| CN105930733A (en) | Trust chain construction method and apparatus | |
| CN109614154A (en) | A kind of computer safety start method | |
| CN109583214B (en) | Safety control method | |
| US20210232688A1 (en) | Determine whether to perform action on computing device based on analysis of endorsement information of a security co-processor | |
| CN115906046A (en) | Trusted computing system and measurement method based on trusted computing system | |
| Chen et al. | Formal analysis of secure bootstrap in trusted computing | |
| US11734457B2 (en) | Technology for controlling access to processor debug features | |
| CN112825093B (en) | Security baseline checking method, host, server, electronic device and storage medium | |
| CN107315962A (en) | A kind of trusted processing module of embedded platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C53 | Correction of patent of invention or patent application | ||
| CB03 | Change of inventor or designer information |
Inventor after: Chen Lei Inventor after: Zhang Xianggang Inventor after: Li Bo Inventor after: Zhong Qishui Inventor after: Chen Deyuan Inventor after: Chen Kunyuan Inventor before: Chen Lei Inventor before: Zhang Xianggang Inventor before: Li Bo Inventor before: Zhong Qishui Inventor before: Chen Deyuan Inventor before: Chen Kunyuan |
|
| ASS | Succession or assignment of patent right |
Free format text: FORMER OWNER: UNIVERSITY OF ELECTRONIC SCIENCE AND TECHNOLOGY OF CHINA Effective date: 20140225 |
|
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Chen Lei Inventor after: Chen Deyuan Inventor after: Chen Kunyuan Inventor before: Chen Lei Inventor before: Zhang Xianggang Inventor before: Li Bo Inventor before: Zhong Qishui Inventor before: Chen Deyuan Inventor before: Chen Kunyuan |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 518035 SHENZHEN, GUANGDONG PROVINCE TO: 518000 SHENZHEN, GUANGDONG PROVINCE Free format text: CORRECT: INVENTOR; FROM: CHEN LEI ZHANG XIANGGANG LI BO ZHONG QISHUI CHEN DEYUAN CHEN KUNYUAN TO: CHEN LEI CHEN DEYUAN CHEN KUNYUAN |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20140225 Address after: 518000, Shenzhen, Guangdong, Futian District four Bagua road 22 South Court Hotel 1 building B section six, 601, 603 Patentee after: SHENZHEN HUAWEI CENTURY TECHNOLOGY Corp. Address before: Futian District Shenzhen City, Guangdong province 518035 CaiTian Road No. 6009 min Ning Garden Office 508 Patentee before: SHENZHEN HUAWEI CENTURY TECHNOLOGY Corp. Patentee before: University of Electronic Science and Technology of China |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20120704 Termination date: 20211115 |