CN106022137A - Implementation method and system for controlling POWER platform to be trusted by TPCM (Trusted Platform Control Module) - Google Patents

Implementation method and system for controlling POWER platform to be trusted by TPCM (Trusted Platform Control Module) Download PDF

Info

Publication number
CN106022137A
CN106022137A CN201610304629.4A CN201610304629A CN106022137A CN 106022137 A CN106022137 A CN 106022137A CN 201610304629 A CN201610304629 A CN 201610304629A CN 106022137 A CN106022137 A CN 106022137A
Authority
CN
China
Prior art keywords
tpcm
party
control module
power platform
firmware
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610304629.4A
Other languages
Chinese (zh)
Other versions
CN106022137B (en
Inventor
郝庄严
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Teamsun Technology Co., Ltd.
Original Assignee
Beijing New Cloud East System Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing New Cloud East System Technology Co Ltd filed Critical Beijing New Cloud East System Technology Co Ltd
Priority to CN201610304629.4A priority Critical patent/CN106022137B/en
Publication of CN106022137A publication Critical patent/CN106022137A/en
Application granted granted Critical
Publication of CN106022137B publication Critical patent/CN106022137B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Sources (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides an implementation method and system for controlling a POWER platform to be trusted by a TPCM (Trusted Platform Control Module). The method comprises the following steps: after the TPCM is electrified, controlling a third-party control module to be electrified, executing trusted measurement on the third-party control module, and forming a trust chain of the TPCM and the third-party control module if the TPCM confirms that the third-party control module is trusted; executing self-startup movement by the third-party control module, executing the trusted measurement on the POWER platform by the third-party control module or the TPCM, and forming the trust chain of the TPCM, the third-party control module and the POWER platform if a confirmation result shows that the POWER platform is trusted; and controlling the POWER platform to execute the startup action by the third-party control module. The TPCM is used on the POWER platform to eliminate a threat that the platform system is tampered, and the safety of the platform is improved.

Description

The realization method and system of POWER platform credible is controlled by TPCM
Technical field
The present invention relates to information security field, particularly relating to one can by TPCM control POWER platform The realization method and system of letter.
Background technology
At present, the control module for trusted computer system mainly has two kinds: one is TCG (Trusted Computing Group, international Trusted Computing Group) TPM (Trusted Platform Module, credible Console module), another kind is the TPCM (Trusted of CNS (GB/T 29827-2013) Platform Control Module, credible platform control module).
Wherein, TPM is that the form issuing stamped signature needs the software used to verify to during start, Have been carried out at present at x86 platform (a kind of clothes that central processing unit is core using sophisticated vocabulary framework Business device) with other platforms on application.TPCM is a kind of actively detecting module, mostly is x86 Platform Designing, Provide PCI-E interface (PCI-Express, EBI), solve basic input and output on x86 platform The threat that system (BIOS, Basic Input Output System) is tampered, but TPCM is only capable of at present X86 platform realizes.
POWER platform (a kind of service that central processing unit is core using reduced instruction set computer framework at present Device) the main trusted module used is TPM, but plug-in the calling of TPM is a kind of passive architecture, nothing Method performs dynamically actively tolerance, thus cause cannot be for the initialization firmware of platform on POWER platform Boot ROM does and actively detects the possibility whether being tampered.But, if active detecting module TPCM is connect On POWER platform, only provide PCI-E interface due to it, when starting to PCI-E interface degree of missing Hostboot code (being equivalent to the BIOS of x86) in amount Boot ROM, implies that at POWER platform On, it is impossible to use TPCM to ensure the start of POWER platform safety, also cannot avoid in Boot ROM The threat that Hostboot code is tampered.
Summary of the invention
In view of the drawbacks described above of prior art, the technical problem to be solved in the present invention is to provide a kind of by TPCM Control the realization method and system of POWER platform credible, POWER platform uses active body tying The TPCM of structure, to solve the threat that on POWER platform, Hostboot code is tampered, and improves POWER The safety of platform.
In order to solve above-mentioned technical problem, the invention provides one can by TPCM control POWER platform The implementation method of letter, described method includes step:
A () TPCM powers on after, control the energising of third party's control module, and to described third party's control module Perform credible tolerance, if described TPCM confirms that described third party's control module is believable, then form institute State the trust chain between TPCM and described third party's control module;
B () described third party control module performs oneself's boot action, and the POWER platform controlling it Perform credible tolerance, if described third party's control module confirms that described POWER platform is believable, then Form the trust chain between described TPCM, described third party's control module and described POWER platform;Or Person
Described third party's control module performs oneself's boot action, and the visit of the POWER platform controlled Ask that control is switched to described TPCM, described TPCM and described POWER platform is performed credible tolerance, If described TPCM confirms that described POWER platform is believable, then formed described TPCM, described the Trust chain between tripartite's control module and described POWER platform, described TPCM is by described POWER The access control of platform gives back described third party's control module;
C () described third party control module controls described POWER platform and performs boot action.
Wherein in an embodiment, after described TPCM powers on, control the energising of third party's control module, and Described third party's control module is performed credible tolerance, if described TPCM confirms that described third party controls mould Block is believable, then form the step bag of trust chain between described TPCM and described third party's control module Include:
After described TPCM powers on, control the energising of described third party's control module, described third party's control module The access control of its first outside start firmware is switched to described TPCM;And
Described TPCM performs credible tolerance, if described TPCM confirms to the described first outside start firmware Described first outside start firmware is believable, then formed described TPCM and described third party's control module it Between trust chain, the access control of described first outside start firmware is given back institute by the most described TPCM State third party's control module.
Wherein in an embodiment, described third party's control module performs oneself's boot action, and controls it The POWER platform of system performs credible tolerance, if described third party's control module confirms described POWER Platform is believable, then form described TPCM, described third party's control module and described POWER platform Between the step of trust chain include:
Described third party's control module performs oneself's boot action, and the to the POWER platform that it controls Two outside start firmwares perform credible tolerance, if described third party's control module confirms that described second outside is opened Machine firmware is believable, then form described TPCM, described third party's control module and described POWER and put down Trust chain between platform.
Wherein in an embodiment, described third party's control module performs oneself's boot action, and is controlled The access control of the POWER platform of system is switched to described TPCM, and described TPCM is to described POWER Platform performs credible tolerance, if described TPCM confirms that described POWER platform is believable, is then formed Trust chain between described TPCM, described third party's control module and described POWER platform, described The access control of described POWER platform is given back the step bag of described third party's control module by TPCM Include:
Described third party's control module performs oneself's boot action, and the of the POWER platform controlled It is outside to described second that the access control of two outside start firmwares is switched to described TPCM, described TPCM Start firmware performs credible tolerance, if described TPCM confirms that the described second outside start firmware is believable, Then form the trust chain between described TPCM, described third party's control module and described POWER platform, And the access control of the described second outside start firmware is given back described third party's control module.
Wherein in an embodiment, described method also includes:
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened Machine firmware performs credible tolerance, if described third party's control module confirm described second outside start firmware and Described internal start firmware is all believable, then form described TPCM, described third party's control module and institute State the trust chain between POWER platform.
Wherein in an embodiment, described method also includes:
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened The access control of machine firmware is switched to described TPCM, described TPCM to the described second outside start firmware Credible tolerance is performed, if described TPCM confirms that the described second outside start is solid with described internal start firmware Part and described internal start firmware are all believable, then form described TPCM, described third party's control module And the trust chain between described POWER platform, and the described second outside start firmware and described inside are opened The access control of machine firmware gives back described third party's control module.
Wherein in an embodiment, described third party's control module controls described POWER platform and performs to open The step of motor-driven work includes:
Described third party's control module is by controlling the logic circuit that powers on described POWER platform by described Processor is energized, and gives described processor, described place by the access control of described internal start firmware simultaneously Reason device controls described POWER platform and performs boot action.
The present invention also provides for a kind of system that realizes being controlled POWER platform credible by TPCM, described system Including:
TPCM, for after the power-up, controls the energising of third party's control module, and described third party is controlled mould Block performs credible tolerance, if it is confirmed that described third party's control module is believable, then forms described TPCM And the trust chain between described third party's control module;And
Third party's control module, dynamic for confirming to perform oneself's start after it is believable at described TPCM Make, and described POWER platform be identified be believable after, formed described TPCM, the described 3rd Trust chain between side's control module and described POWER platform, described third party's control module controls described POWER platform performs boot action;
Wherein, described POWER platform is, by described third party's control module, it is performed credible tolerance the most really It is believable for recognizing it, or described POWER platform is, by described TPCM, it is performed credible tolerance the most really It is believable for recognizing it;
Before described TPCM confirms that described POWER platform is believable, described third party's control module The access control of the described POWER platform controlled is switched to described TPCM, at described TPCM Confirm described POWER platform be believable after, described TPCM is by the access of described POWER platform Control gives back described third party's control module.
Wherein in an embodiment, described third party's control module includes the first switch unit, in institute State under the control of TPCM after energising, the access control of the himself first outside start firmware is switched to Described TPCM;
Described TPCM includes the first credible metric element, and performing for firmware of starting shooting described first outside can Reliability amount, if it is confirmed that described first outside start firmware is believable, then forms described TPCM and described Trust chain between third party's control module, hands over the access control of the described first outside start firmware simultaneously Return described third party's control module.
Wherein in an embodiment, described third party's control module includes the second credible metric element, is used for After third party's control module performs oneself's boot action, the second outside start to POWER platform is solid Part performs credible tolerance, if it is confirmed that described second outside start firmware is believable, then formed described TPCM, Trust chain between described third party's control module and described POWER platform.
Wherein in an embodiment, the second credible metric element of described third party's control module, it is additionally operable to Obtain the visit of the inside start firmware of processor in the described second outside start firmware and described POWER platform Ask control, and the described second outside start firmware and described internal start firmware are performed credible tolerance, as Fruit confirms that the described second outside start firmware and described internal start firmware are all believable, then formed described Trust chain between TPCM, described third party's control module and described POWER platform.
Wherein in an embodiment, described third party's control module includes the second switch unit, in institute After stating the execution oneself's boot action of third party's control module, outside the second of the POWER platform controlled The access control of portion's start firmware is switched to described TPCM, described first credible by described TPCM Metric element performs credible tolerance to the described second outside start firmware, if described first credible metric element Confirm that described second outside start firmware is believable, then form described TPCM, described third party controls mould Trust chain between block and described POWER platform, and the access of the described second outside start firmware is controlled Power gives back described third party's control module.
Wherein in an embodiment, the second switch unit of described third party's control module, it is additionally operable to obtain The access control of the inside start firmware of processor in described second outside start firmware and described POWER platform System power, and the access control of the described second outside start firmware and described internal start firmware is switched to institute State TPCM, by the described first credible metric element in described TPCM to the described second outside start firmware Credible tolerance is performed, if described first credible metric element confirms described second with described internal start firmware Outside start firmware and described internal start firmware are all believable, then formed described TPCM, the described 3rd Trust chain between side's control module and described POWER platform, and will described second outside start firmware with The access control of described internal start firmware gives back described third party's control module.
Wherein in an embodiment, described POWER platform includes power on logic circuit and described processor, The described logic circuit that powers on, for powering on for described processor under the control of described third party's control module; And described processor, for the access of described internal start firmware being controlled in described third party's control module After power gives described processor, control described POWER platform and perform boot action.
Beneficial effects of the present invention at least includes:
The above-mentioned realization method and system being controlled POWER platform credible by TPCM, TPCM powers on and just Often after running, control third party's control module power-up initializing and it is actively performed credible tolerance, and Confirm third party's control module be believable after, between TPCM and third party's control module formed trust Chain, third party's control module performs oneself's boot action, and by third party's control module or TPCM pair POWER platform actively performs credible tolerance, after confirmation POWER platform is also believable, is formed Trust chain between TPCM, third party's control module and POWER platform.Its by TPCM as trust Starting point preferentially starts, and uses TPCM or believable tolerance agency's (example during whole starting up Such as third party's control module) perform credible tolerance, make to trust constantly extension with this, until realizing POWER The whole piece trust chain of platform, it is ensured that the safety of POWER platform start, prevents data leak and Hostboot Code is tampered.And owing to having incorporated the TPCM of CNS on POWER platform, therefore Fill up the blank realizing China's reliable computing technology on POWER platform, it is achieved that at POWER platform The TPCM of upper use active body architecture, solves the prestige that on POWER platform, Hostboot code is tampered The side of body, improves the safety of POWER platform.
Accompanying drawing explanation
Fig. 1 is first of the implementation method being controlled POWER platform credible by TPCM in an embodiment The schematic flow sheet of embodiment;
Fig. 2 is the of the implementation method being controlled POWER platform credible by TPCM in another embodiment The schematic flow sheet of two embodiments;
Fig. 3 is implementation method concrete being controlled POWER platform credible by TPCM in first embodiment Schematic flow sheet;
Fig. 4 is implementation method concrete being controlled POWER platform credible by TPCM in the second embodiment Schematic flow sheet;
Fig. 5 is another of implementation method being controlled POWER platform credible by TPCM in first embodiment Idiographic flow schematic diagram;
Fig. 6 is another of implementation method being controlled POWER platform credible by TPCM in the second embodiment Idiographic flow schematic diagram;
Fig. 7 is the structure of the system that realizes being controlled POWER platform credible by TPCM in an embodiment Schematic diagram;
Fig. 8 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment Structure schematic diagram;
Fig. 9 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment Structure schematic diagram.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and advantage clearer, below in conjunction with accompanying drawing and reality Execute example the present invention is carried out the most in detail by the realization method and system of TPCM control POWER platform credible Describe in detail bright.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not used to limit Determine the present invention.
In one embodiment, as shown in Figure 1 and Figure 2, the invention provides one by TPCM control The implementation method of POWER platform credible, this implementation method includes two kinds of embodiments:
Seeing Fig. 1, the implementation method in first embodiment comprises the following steps:
Step S100, TPCM (Trusted Platform Control Module, credible platform control module) After powering on, control the energising of third party's control module, and third party's control module is performed credible tolerance, if TPCM confirms that third party's control module is believable, then formed between TPCM and third party's control module Trust chain.In one embodiment, third party's control module is BMC (Baseboard Management Controller, baseboard management controller).In one embodiment, credible tolerance includes integrity measurement, logical Cross and confirm that the integrity of third party's control module is to complete integrity measurement.
Step S200, third party's control module performs oneself's boot action, and puts down its POWER controlled Platform performs credible tolerance, if third party's control module confirms that POWER platform is believable, is then formed Trust chain between TPCM, third party's control module and described POWER platform.
Step S300, third party's control module controls POWER platform and performs boot action.
Seeing Fig. 2, the implementation method in the second embodiment comprises the following steps:
Step S100, after TPCM powers on, controls the energising of third party's control module, and third party is controlled mould Block performs credible tolerance (including integrity measurement), if TPCM confirms that third party's control module is believable (such as confirming the integrity of third party's control module), then formed between TPCM and third party's control module Trust chain.
Step S200 ', third party's control module performs oneself's boot action, and the POWER controlled The access control of platform is switched to TPCM, TPCM and POWER platform is performed credible tolerance, if TPCM confirms that POWER platform is believable, then form TPCM, third party's control module and POWER Trust chain between platform, the access control of POWER platform is given back third party and is controlled mould by TPCM Block.
Step S300, third party's control module controls POWER platform and performs boot action.
In above-mentioned two embodiment, the electrifying timing sequence of POWER platform control be by one on POWER platform Third party control module control.In realizing the method by TPCM control POWER platform, TPCM preferentially powers, to ensure that TPCM the most normally works.The credibility of TPCM itself and uniqueness Be to be authenticated by CNS in advance, i.e. TPCM itself is believable, and POWER platform is final Can start that safe be determined by TPCM, and it can perform POWER platform with other at this simultaneously The credible tolerance work of other subsystems on POWER platform, such as: perform POWER platform with other The integrity measurement of the subsystem on this POWER platform.Treat that TPCM powers on and after normal operation, by TPCM controls third party's control module power-up initializing (such as TPCM interface by POWER platform It is controlled), and third party's control module is performed credible tolerance.If TPCM confirms that third party controls mould Block is believable, then form the trust chain between TPCM and third party's control module, third party's control module Perform oneself's boot action.If TPCM confirms, when third party's control module is insincere, the most directly to stop the The boot action of tripartite's control module.
In the first embodiment, after third party's control module completes oneself's boot action, need to control POWER platform performs initialization action, third party's control module directly perform credible to POWER platform Tolerance.Third party's control module is to determine at TPCM just to start shooting after it is believable, and then to POWER Platform actively performs credible tolerance, therefore can ensure that the credibility of third party's control module, is determining POWER platform be believable after, formed TPCM, between third party's control module and POWER platform Trust chain so that trusting constantly extension, until realizing the whole piece trust chain of POWER platform, finally Third party's control module controls POWER platform and performs boot action, completes the safety open of POWER platform Machine.If third party's control module confirms that POWER platform is incredible, the most directly stop POWER The boot action of platform, to guarantee that on POWER platform, Hostboot code will not be tampered.
In a second embodiment, after third party's control module completes oneself's boot action, need to control POWER platform performs initialization action, and by TPCM, POWER platform is performed credible tolerance.By Control by third party's control module in traditional POWER platform, it is therefore desirable to third party controls mould It is first switched to TPCM, such TPCM by block to the access control of POWER platform can be the completeest The in pairs credible tolerance of POWER platform, after confirming that POWER platform is believable, TPCM, Form trust chain between third party's control module and POWER platform, make to trust constantly extension with this, directly To realizing the whole piece trust chain of POWER platform, then the access control of POWER platform is given back Third party's control module.Third party's control module controls POWER platform and performs boot action, completes POWER The safety opening terminal of platform.If third party's control module confirms that POWER platform is incredible, the most directly Stop the boot action of POWER platform, to guarantee that on POWER platform, Hostboot code will not be usurped Change.
Advantageously, above-mentioned two embodiment is to act on behalf of (the most believable by TPCM or multiple tolerance Third party's control module) constantly make trust extend, and then realize whole piece trust chain, therefore can ensure that The credibility of POWER platform start, ensures hardware and the integrity of operating system, prevent data leak and Hostboot code is tampered, and now third party's control module controls the execution boot action of POWER platform, Complete the safety opening terminal of POWER platform, during if it is confirmed that POWER platform is insincere, the most directly stop The boot action of POWER platform.What deserves to be explained is, formed TPCM, third party's control module and During trust chain between POWER platform, trust chain can be a trust chain, it is also possible to for netted trust Chain.
Further, since incorporated the TPCM of CNS on POWER platform, therefore fill up Realize the blank of China's reliable computing technology on POWER platform, be mainly for x86 framework meter to traditional Supplementing and perfect of the credible platform motherboard standard that calculation platform proposes, it is achieved use main on POWER platform The TPCM of kinety system structure, solves the threat that on POWER platform, Hostboot code is tampered, and improves The safety of POWER platform.
Wherein, POWER platform can be but be not limited to the POWER platform (use of OpenPOWER The central processing unit of reduced instruction set computer framework is a kind of terminal of core).It should be noted that confirming the 3rd Side control module and POWER platform be believable before, third party's control module and POWER platform And their assembly, subsystem are all in cold state.
In one embodiment, step S300 includes: third party's control module controls on POWER platform The logic circuit that powers on is that POWER platform powers on, and POWER platform performs boot action.
In one embodiment, Fig. 3, Fig. 4, step S100 in Fig. 1, embodiment illustrated in fig. 2 are seen Farther include:
Step S110, after TPCM powers on, controls the energising of third party's control module, and third party's control module will The access control of its first outside start firmware is switched to TPCM.
Step S120, TPCM performs credible tolerance to the first outside start firmware, if TPCM confirms the One outside start firmware is believable, then form the trust chain between TPCM and third party's control module, with Time TPCM the access control of the first outside start firmware is given back third party's control module.
The present embodiment is the detailed description of the invention of step S100, but is not used to limit step S100.Concrete, When third party's control module is performed credible tolerance, it is start outside to first in third party's control module Firmware performs credible tolerance, such as: to the outside start firmware Flash ROM in third party's control module Perform credible tolerance.Before firmware of starting shooting outside to first performs credible tolerance, the first outside start firmware Access control controlled by third party's control module, it is therefore desirable to first by the first outside start firmware Accessing control and be switched to TPCM, now TPCM can perform credible tolerance to the first outside start firmware, Obtain credible measurement results.If credible measurement results is credible, then can confirm that this first outside start firmware is Believable (the most complete), now defines trust chain between TPCM and third party's control module, The access control of the first outside start firmware is given back third party's control module, third party by TPCM simultaneously Control module realizes oneself's boot action.If credible measurement results is insincere, the most directly stop third party's control The boot action of molding block.
In one embodiment, seeing Fig. 3, step S200 in embodiment illustrated in fig. 1 includes:
Step S210, third party's control module performs oneself's boot action, and puts down its POWER controlled The second of platform outside start firmware performs credible tolerance, if third party's control module confirms the second outside start Firmware is believable, then form the trust chain between TPCM, third party's control module and POWER platform.
In one embodiment, seeing Fig. 4, the step S200 ' in embodiment illustrated in fig. 2 including:
Step S210 ', third party's control module performs oneself's boot action, and the POWER controlled The access control of the second of platform outside start firmware is switched to TPCM, TPCM to the second outside start Firmware performs credible tolerance, if TPCM confirms that the second outside start firmware is believable, then formed TPCM, Trust chain between third party's control module and POWER platform, and by the access of the second outside start firmware Control gives back third party's control module.
Above-mentioned two embodiment is step S200 and the detailed description of the invention of step S200 ', but is not used to limit Determine step S200 and step S200 '.Concrete, when POWER platform is performed credible tolerance, it is right The credible tolerance that in POWER platform second outside start firmware performs, such as: in POWER platform Outside, start firmware Flash ROM performs credible tolerance.Firmware of starting shooting outside to second performs credibility During amount, directly the second outside start firmware can be performed credible tolerance by third party's control module, it is possible to first (second is outside by third party's control module, the access control of the second outside start firmware to be switched to TPCM The access control of start firmware is controlled by third party's control module, therefore needs first by the second outside start The access control of firmware is switched to TPCM), then by TPCM, the second outside start firmware is performed credibility Amount, and obtain credible measurement results, if credible measurement results is credible, then can confirm that this second outside start Firmware is believable (the most complete), now can be at TPCM, third party's control module and POWER Trust chain is formed between platform, if the credible tolerance simultaneously by TPCM, the second outside start firmware performed, The access control by the second outside start firmware is then needed to give back third party's control module.Owing to starting It journey is the credibility by TPCM or multiple tolerance agency (such as: believable third party's control module etc.) Amount makes trust constantly extend, and therefore can ensure the reliable of whole piece trust chain, now third party's control module The start of POWER platform can be controlled, it is achieved the safety opening terminal of POWER platform.If credible measurement results is Insincere, the most directly stop the boot action of POWER platform.Thus can realize POWER platform Active detecting, and ensure that the Boot ROM in POWER platform will not be tampered, it is ensured that POWER The safety of platform.
Fig. 5 is another of implementation method being controlled POWER platform credible by TPCM in first embodiment Idiographic flow schematic diagram.Fig. 5 will be described in conjunction with Fig. 3.
In one embodiment, see Fig. 5, TPCM control the implementation method of POWER platform credible, Further comprising the steps of:
Step S201, third party's control module obtains in the second outside start firmware and POWER platform and processes The access control of the inside start firmware of device, and the second outside start firmware and internal start firmware are performed Credible tolerance, if third party's control module confirms that the second outside start firmware and internal start firmware are all can Letter, form TPCM, trust chain between third party's control module and POWER platform.
The start process of POWER platform has two ways, including mensurable processor starting procedure and can not spending Amount processor starting procedure, above-mentioned Fig. 3 and embodiment illustrated in fig. 4 are that one of which includes the most mensurable process The starting procedure of device, above-mentioned embodiment illustrated in fig. 5 is the starting procedure that one of which includes mensurable processor. In the embodiment shown in this Fig. 5, third party's control module obtains the second outside start of POWER platform The access control of the inside start firmware of processor in firmware and POWER platform, and directly to outside second Start firmware in portion's performs credible tolerance with internal start firmware, is confirming that outside second, start firmware and inside are opened Machine firmware be all believable after, formed TPCM, between third party's control module and POWER platform Trust chain, thus ensure the start safety of POWER platform.If the second outside start firmware, internal start The credible measurement results of any of which of firmware is insincere, the most directly stops the start of POWER platform dynamic Make, will not be tampered with the Boot ROM that this ensures in POWER platform, improve the safety of platform. The present embodiment achieves the credible tolerance of the active of processor in POWER platform, further ensures The start safety of POWER platform.
Wherein, third party's control module starts shooting firmware outside to second and internal start firmware performs credibility During amount, including two kinds of embodiments: one is that the second outside start firmware is first performed by third party's control module Credible tolerance, at the firmware that confirms to start shooting outside second for after being believable, then to inside start firmware execution Credible tolerance, confirm internal start firmware be also believable after, TPCM, third party's control module and Trust chain is formed between POWER platform.Another kind is that inside start firmware is first performed by third party's control module Credible tolerance, after confirmation internal start firmware is believable, then can to the second outside start firmware execution Reliability amount, confirm the second outside start firmware be also believable after, in TPCM, third party's control module And between POWER platform, form trust chain.
It should be noted that in the first embodiment, owing to the second outside start firmware is by third party Control module controls, and therefore after judging that outside second, start firmware is insincere, can stop POWER Platform is started shooting, it is achieved efficiency is higher.In the second embodiment, the inside start firmware elder generation quilt of processor Confirmation is believable, and now processor can run part operation, but due to the second start the most unconfirmed Whether firmware is believable, thus without being loaded into the data code of storage in the second start firmware, and will not be to the Data in two start firmwares operate, and the second start firmware to be confirmed is also believable, and processor just carries Entering the data in the second start firmware and perform corresponding operation, the operation that now processor performs is believable. Can other modules in metrology platform again it should be noted that be confirmed to be believable module.Owing to opening It is to be acted on behalf of (such as: believable third party's control module, Flash ROM by TPCM or multiple tolerance during Dong Deng) credible tolerance make trust constantly extend, therefore can ensure the reliable of whole piece trust chain, now Tripartite's control module can control the start of POWER platform safety.
Fig. 6 is another of implementation method being controlled POWER platform credible by TPCM in the second embodiment Idiographic flow schematic diagram.Fig. 6 will be described in conjunction with Fig. 4.
In one embodiment, see Fig. 6, TPCM control the implementation method of POWER platform credible Further comprising the steps of:
Step S201 ', third party's control module obtains in the second outside start firmware and POWER platform to be located The access control of the inside start firmware of reason device, and by the second outside start firmware and internal start firmware Access control be switched to that the second outside start firmware and internal start firmware perform by TPCM, TPCM can Reliability amount, if TPCM confirms that the second outside start firmware and internal start firmware are all believable, then shape Become TPCM, trust chain between third party's control module and POWER platform, and by the second outside start The access control of firmware and internal start firmware gives back third party's control module.
The start process of POWER platform has two ways, including mensurable processor starting procedure and can not spending Amount processor starting procedure, above-mentioned embodiment illustrated in fig. 6 is the start stream that another kind includes mensurable processor Journey.Concrete, obtain the second outside process started shooting in firmware and POWER platform of POWER platform The access control of the inside start firmware of device, and by the second outside start firmware and the visit of internal start firmware Ask that control is switched to TPCM, TPCM and performs credible to the second outside start firmware and internal start firmware Tolerance, such as, perform credible to the inside start firmware of the second outside start firmware Flash ROM and processor Tolerance, thus confirm the credible measurement results of the inside start firmware of the second outside start firmware and processor, Confirm to start shooting outside second firmware and internal start firmware be credible after, form TPCM, third party Control module and the trust chain of POWER platform, thus ensure the start safety of POWER platform.If the Outside two, the credible measurement results of any of which of start firmwares, internal start firmware is insincere, the most directly Connect the boot action stopping POWER platform, ensure the safety opening terminal of POWER platform with this, it is to avoid Boot ROM in POWER platform is tampered.The present embodiment achieves use TPCM to POWER The credible tolerance of the active of processor in platform, further ensures the start safety of POWER platform.
Similar, TPCM starts shooting firmware and time internal start firmware performs credible tolerance outside to second, Including two kinds of embodiments: one is that TPCM first performs credible tolerance, really to the second outside start firmware Recognize the second outside start firmware for be believable after, then inside start firmware is performed credible tolerance, confirmation Internal start firmware be also believable after, TPCM, third party's control module and POWER platform it Between formed trust chain.Another kind is that TPCM first performs credible tolerance to inside start firmware, is confirming inside Start firmware be believable after, then the second outside start firmware is performed credible tolerance, confirms that second is outside Start firmware be also believable after, shape between TPCM, third party's control module and POWER platform Become trust chain.
It should be noted that in the first embodiment, owing to the second outside start firmware is by third party Control module controls, and therefore after judging that outside second, start firmware is insincere, can stop POWER Platform is started shooting, it is achieved efficiency is higher.In the second embodiment, the inside start firmware elder generation quilt of processor Confirmation is believable, and now processor can run part operation, but due to the second start the most unconfirmed Whether firmware is believable, thus without being loaded into the data code of storage in the second start firmware, and will not be to the Data in two start firmwares operate, and the second start firmware to be confirmed is also believable, and processor just carries Entering the data in the second start firmware and perform corresponding operation, the operation that now processor performs is believable. Can other modules in metrology platform again it should be noted that be confirmed to be believable module.Owing to opening It is to be acted on behalf of (such as: believable third party's control module, Flash ROM by TPCM or multiple tolerance during Dong Deng) credible tolerance make trust constantly extend, therefore can ensure the reliable of whole piece trust chain, now Tripartite's control module can control the start of POWER platform safety.
Wherein, processor can be CPU (Central Processing Unit, CPU), for example, Power 8 processor.
In one embodiment, seeing Fig. 5, Fig. 6, step S300 includes:
Step S310, third party's control module is by controlling at the logic circuit general that powers on POWER platform Reason device energising, the access control of firmware of simultaneously being started shooting inside gives processor, processor control POWER Platform performs boot action.
What deserves to be explained is, POWER platform is provided with the logic circuit that powers on, this power on logic circuit and place Reason device connect, third party's control module by control power on logic circuit to processor be energized, meanwhile, general at The access control of the inside start firmware of reason device gives back processor, after processor performs oneself's boot action, Control POWER platform and perform boot action, it is achieved the safety opening terminal of POWER platform.
One of ordinary skill in the art will appreciate that all or part of flow process realizing in above-described embodiment method, Can be by computer program to instruct what relevant hardware completed, described computer program can be stored in In one computer read/write memory medium, this computer program is upon execution, it may include such as above-mentioned each method The flow process of embodiment.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) Deng.
Fig. 7 is the structure of the system that realizes being controlled POWER platform credible by TPCM in an embodiment Schematic diagram.As it is shown in fig. 7, this system includes: TPCM 100, for after the power-up, control third party's control Molding block 200 is energized, and third party's control module 200 is performed credible tolerance, if it is confirmed that third party's control Molding block 200 is believable, then form the trust chain between TPCM 100 and third party's control module 200; And third party's control module 200, for confirming that third party's control module 200 is believable at TPCM 100 Afterwards perform oneself boot action, and POWER platform 300 be identified be believable after, formed TPCM 100, the trust chain between third party's control module 200 and POWER platform 300, and control POWER Platform 300 performs boot action.
Wherein, POWER platform 300 is, by third party's control module 200, it is performed credible tolerance, and Confirmed that POWER platform 300 is believable by third party's control module 200, or POWER platform 300 It is, by TPCM 100, it is performed credible tolerance, and is confirmed described POWER platform 300 by TPCM 100 It is believable.Before TPCM 100 confirms that POWER platform 300 is believable, third party controls mould The access control of the POWER platform 300 that block 200 is controlled is switched to TPCM 100, at TPCM 100 confirm POWER platforms 300 be believable after, TPCM 100 is by POWER platform 300 Access control and give back third party's control module 200.
Specifically, POWER platform 300 can be controlled mould by being confirmed as believable third party by TPCM 100 Block 200 performs credible tolerance, it is possible to performed feasible tolerance by TPCM 100.In one embodiment, After tripartite's control module 200 start, its POWER platform 300 controlled is performed credible tolerance, confirming POWER platform 300 be believable after, formed TPCM 100, third party's control module 200 and POWER Trust chain between platform 300, and control POWER platform 300 and perform boot action.Real at another Execute in example, the access control of the POWER platform 300 that third party's control module 200 is controlled after powering Power processed is switched to TPCM 100, TPCM 100 and POWER platform 300 is performed credible tolerance, is confirming POWER platform 300 be believable after, formed TPCM100, third party's control module 200 and POWER Trust chain between platform 300, and the access control of POWER platform 300 is given back third party's control Molding block 200, is controlled POWER platform 300 by third party's control module 200 and performs boot action.
In the present embodiment, TPCM 100 powers on and after normal operation, controls in third party's control module 200 Electricity initializes and it also actively performs credible tolerance, and confirmation third party's control module 200 be believable it After, between TPCM 100 and third party's control module 200, form trust chain, third party's control module 200 Perform oneself's boot action, and after power-up, third party's control module 200 or TPCM 100 is to POWER Platform 300 actively performs credible tolerance, after confirmation POWER platform 300 is also believable, at TPCM 100, forming trust chain between third party's control module 200 and POWER platform 300, it is by TPCM 100 Preferentially start as trusting starting point, during whole starting up, use TPCM or believable tolerance generation Reason (being such as confirmed to be believable third party's control module 200) performs credible tolerance, makes to trust with this Constantly extension, until realizing the whole piece trust chain of POWER platform, it is ensured that the peace of POWER platform start Quan Xing, prevents data leak and Hostboot code to be tampered.And owing to incorporating on POWER platform The TPCM of CNS, has therefore filled up and has realized China's reliable computing technology on POWER platform Blank, it is achieved that on POWER platform use active body architecture TPCM, solve POWER The threat that on platform, Hostboot code is tampered, improves the safety of POWER platform.
Fig. 8 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment Structure schematic diagram.Fig. 8 will be described in conjunction with Fig. 7, and the module/element identical with label in Fig. 7 has phase Same or close function.
In one embodiment, seeing Fig. 8, third party's control module 200 includes the first switch unit 210, Under the control at TPCM 100 after energising, the access of the himself first outside start firmware is controlled Power is switched to TPCM 100.TPCM 100 includes the first credible metric element 110, for outside to first Start firmware performs credible tolerance, if it is confirmed that the first outside start firmware is believable, then forms TPCM Trust chain between 100 and third party's control module 200, controls the access of the first outside start firmware simultaneously Power gives back third party's control module 200.
Third party's control module 200 also includes the second switch unit 220, in third party's control module 200 After performing oneself's boot action, the second of the POWER platform 300 controlled outside start firmware Access control and be switched to TPCM 100.The first credible metric element 110 in TPCM 100, is additionally operable to Second outside start firmware is performed credible tolerance, if it is confirmed that the second outside start firmware is believable, then Form the trust chain between TPCM 100, third party's control module 200 and POWER platform 300, and will The access control of the second outside start firmware gives back third party's control module 200.
If processor 320 is mensurable processor in POWER platform 300, in one embodiment, See Fig. 8, the second switch unit 220 of third party's control module 200, it is additionally operable to obtain the second outside start The access control of the inside start firmware of processor 320 in firmware and POWER platform 300, and by the The access control of two outside start firmwares and internal start firmware is switched to TPCM 100.In TPCM 100 The first credible metric element 110, be additionally operable to perform credible to the second outside start firmware and internal start firmware Tolerance, if it is confirmed that the inside start firmware of the second outside start firmware and processor 320 is all believable, Then form the trust chain between TPCM 100, third party's control module 200 and POWER platform 300, and The access control of the second outside start firmware and internal start firmware is given back third party's control module 200.
In one embodiment, POWER platform 300 includes power on logic circuit 310 and processor 320. Power on logic circuit 310, for powering on for processor 320 under the control of third party's control module 200.Place Reason device 320, for giving processor in the started shooting inside access control of firmware of third party's control module 200 After 320, control POWER platform 300 and perform boot action.
Fig. 9 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment Structure schematic diagram.Fig. 9 will be described in conjunction with Fig. 7, and the module/element identical with label in Fig. 7 has phase Same or close function.
In one embodiment, seeing Fig. 9, third party's control module 200 includes the first switch unit 210, Under the control at TPCM 100 after energising, the access of the himself first outside start firmware is controlled Power is switched to TPCM 100.The first credible metric element 110 in TPCM 100, for outside to first Start firmware performs credible tolerance, if it is confirmed that the first outside start firmware is believable, then forms TPCM Trust chain between 100 and third party's control module 200, controls the access of the first outside start firmware simultaneously Power gives back third party's control module 200.
Third party's control module 200 also includes the second credible metric element 230, in third party's control module After 200 perform oneself's boot action, the second outside start firmware of POWER platform 300 is performed credible Tolerance, if it is confirmed that the second outside start firmware is believable, then formation TPCM 100, third party control mould Trust chain between block 200 and POWER platform 300.
If processor 320 is mensurable processor in POWER platform 300, in one embodiment, See Fig. 9, the second credible metric element 230 of third party's control module 200, it is additionally operable to obtain second outside The access control of the inside start firmware of processor 320 in start firmware and POWER platform 300, and The inside start firmware of the second outside start firmware and processor 320 is performed credible tolerance, if it is confirmed that the Two outside start firmwares and internal start firmware are all believable, then formation TPCM 100, third party control mould Trust chain between block 200 and POWER platform 300.
In one embodiment, POWER platform 300 includes power on logic circuit 310 and processor 320. Power on logic circuit 310, for powering on for processor 320 under the control of third party's control module 200.Place Reason device 320, for giving processor in the started shooting inside access control of firmware of third party's control module 200 After 320, control POWER platform 300 and perform boot action.
The system solution problem being controlled POWER platform credible by TPCM due to Fig. 7-9 illustrated embodiment The implementation method being controlled POWER platform credible by TPCM of principle and earlier figures 1-6 illustrated embodiment Similar, therefore the enforcement of this system may refer to the enforcement of preceding method, repeats no more in place of repetition.
Each technical characteristic of embodiment described above can combine arbitrarily, for making description succinct, the most right The all possible combination of each technical characteristic in above-described embodiment is all described, but, if these skills There is not contradiction in the combination of art feature, is all considered to be the scope that this specification is recorded.
Embodiment described above only have expressed the several embodiments of the present invention, and it describes more concrete and detailed, But can not therefore be construed as limiting the scope of the patent.It should be pointed out that, for this area For those of ordinary skill, without departing from the inventive concept of the premise, it is also possible to make some deformation and change Entering, these broadly fall into protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be with appended power Profit requires to be as the criterion.

Claims (10)

1. the implementation method being controlled POWER platform credible by TPCM, it is characterised in that described side Method includes step:
A () TPCM powers on after, control the energising of third party's control module, and to described third party's control module Perform credible tolerance, if described TPCM confirms that described third party's control module is believable, then form institute State the trust chain between TPCM and described third party's control module;
B () described third party control module performs oneself's boot action, and the POWER platform controlling it Perform credible tolerance, if described third party's control module confirms that described POWER platform is believable, then Form the trust chain between described TPCM, described third party's control module and described POWER platform;Or Person
Described third party's control module performs oneself's boot action, and the visit of the POWER platform controlled Ask that control is switched to described TPCM, described TPCM and described POWER platform is performed credible tolerance, If described TPCM confirms that described POWER platform is believable, then formed described TPCM, described the Trust chain between tripartite's control module and described POWER platform, described TPCM is by described POWER The access control of platform gives back described third party's control module;
C () described third party control module controls described POWER platform and performs boot action.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 1, its It is characterised by, after described TPCM powers on, controls the energising of third party's control module, and described third party is controlled Molding block performs credible tolerance, if described TPCM confirms that described third party's control module is believable, then The step forming the trust chain between described TPCM and described third party's control module includes:
After described TPCM powers on, control the energising of described third party's control module, described third party's control module The access control of its first outside start firmware is switched to described TPCM;And
Described TPCM performs credible tolerance, if described TPCM confirms to the described first outside start firmware Described first outside start firmware is believable, then formed described TPCM and described third party's control module it Between trust chain, the access control of described first outside start firmware is given back institute by the most described TPCM State third party's control module.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 1, its Being characterised by, described third party's control module performs oneself's boot action, and puts down its POWER controlled Platform performs credible tolerance, if described third party's control module confirms that described POWER platform is believable, Then form trust chain between described TPCM, described third party's control module and described POWER platform Step includes:
Described third party's control module performs oneself's boot action, and the to the POWER platform that it controls Two outside start firmwares perform credible tolerance, if described third party's control module confirms that described second outside is opened Machine firmware is believable, then form described TPCM, described third party's control module and described POWER and put down Trust chain between platform;
Described third party's control module performs oneself's boot action, and the visit of the POWER platform controlled Ask that control is switched to described TPCM, described TPCM and described POWER platform is performed credible tolerance, If described TPCM confirms that described POWER platform is believable, then formed described TPCM, described the Trust chain between tripartite's control module and described POWER platform, described TPCM is by described POWER The access control of platform is given back the step of described third party's control module and is included:
Described third party's control module performs oneself's boot action, and the of the POWER platform controlled It is outside to described second that the access control of two outside start firmwares is switched to described TPCM, described TPCM Start firmware performs credible tolerance, if described TPCM confirms that the described second outside start firmware is believable, Then form the trust chain between described TPCM, described third party's control module and described POWER platform, And the access control of the described second outside start firmware is given back described third party's control module.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 3, its Being characterised by, described method also includes:
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened Machine firmware performs credible tolerance, if described third party's control module confirm described second outside start firmware and Described internal start firmware is all believable, then form described TPCM, described third party's control module and institute State the trust chain between POWER platform;Or
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened The access control of machine firmware is switched to described TPCM, described TPCM to the described second outside start firmware Credible tolerance is performed, if described TPCM confirms that the described second outside start is solid with described internal start firmware Part and described internal start firmware are all believable, then form described TPCM, described third party's control module And the trust chain between described POWER platform, and the described second outside start firmware and described inside are opened The access control of machine firmware gives back described third party's control module.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 4, its Being characterised by, described third party's control module controls described POWER platform and performs the step bag of boot action Include:
Described third party's control module is by controlling the logic circuit that powers on described POWER platform by described Processor is energized, and gives described processor, described place by the access control of described internal start firmware simultaneously Reason device controls described POWER platform and performs boot action.
6. one kind by TPCM control POWER platform credible realize system, it is characterised in that described system System includes:
TPCM, for after the power-up, controls the energising of third party's control module, and described third party is controlled mould Block performs credible tolerance, if it is confirmed that described third party's control module is believable, then forms described TPCM And the trust chain between described third party's control module;And
Third party's control module, dynamic for confirming to perform oneself's start after it is believable at described TPCM Make, and described POWER platform be identified be believable after, formed described TPCM, the described 3rd Trust chain between side's control module and described POWER platform, described third party's control module controls described POWER platform performs boot action;
Wherein, described POWER platform is, by described third party's control module, it is performed credible tolerance the most really It is believable for recognizing it, or described POWER platform is, by described TPCM, it is performed credible tolerance the most really It is believable for recognizing it;
Before described TPCM confirms that described POWER platform is believable, described third party's control module The access control of the described POWER platform controlled is switched to described TPCM, at described TPCM Confirm described POWER platform be believable after, described TPCM is by the access of described POWER platform Control gives back described third party's control module.
The most according to claim 6 by TPCM control POWER platform credible realize system, its It is characterised by:
Described third party's control module includes the first switch unit, for being energized under the control of described TPCM After, the access control of the himself first outside start firmware is switched to described TPCM;
Described TPCM includes the first credible metric element, and performing for firmware of starting shooting described first outside can Reliability amount, if it is confirmed that described first outside start firmware is believable, then forms described TPCM and described Trust chain between third party's control module, hands over the access control of the described first outside start firmware simultaneously Return described third party's control module.
The most according to claim 6 by TPCM control POWER platform credible realize system, its It is characterised by:
Described third party's control module includes the second credible metric element, for performing in third party's control module After oneself's boot action, the second outside start firmware of POWER platform is performed credible tolerance, if Confirm that described second outside start firmware is believable, then form described TPCM, described third party controls mould Trust chain between block and described POWER platform;Or
Described third party's control module includes the second switch unit, for performing in described third party's control module After oneself's boot action, the access of the second of the POWER platform controlled outside start firmware controls Power is switched to described TPCM, by the described first credible metric element in described TPCM to outside described second Portion's start firmware performs credible tolerance, if described first credible metric element confirms the described second outside start Firmware is believable, then form described TPCM, described third party's control module and described POWER platform Between trust chain, and the access control of described second outside start firmware is given back described third party control Molding block.
The most according to claim 8 by TPCM control POWER platform credible realize system, its It is characterised by:
Second credible metric element of described third party's control module, is additionally operable to obtain the described second outside start The access control of the inside start firmware of processor in firmware and described POWER platform, and to described the Two outside start firmwares and described internal start firmware perform credible tolerance, if it is confirmed that described second outside is opened Machine firmware and described internal start firmware are all believable, then form described TPCM, described third party control Trust chain between module and described POWER platform;Or
Second switch unit of third party's control module, is additionally operable to obtain the described second outside start firmware and institute State the access control of the inside start firmware of processor in POWER platform, and described second outside is opened The access control of machine firmware and described internal start firmware is switched to described TPCM, by described TPCM Described first credible metric element perform described second outside start firmware and described internal start firmware can Reliability amount, if described first credible metric element confirms that the described second outside start firmware and described inside are opened Machine firmware is all believable, then form described TPCM, described third party's control module and described POWER Trust chain between platform, and by the described second outside start firmware and the access control of described internal start firmware Power processed gives back described third party's control module.
The most according to claim 9 by TPCM control POWER platform credible realize system, It is characterized in that, described POWER platform includes:
Power on logic circuit, for powering on for described processor under the control of described third party's control module; And
Described processor, for controlling the access of described internal start firmware in described third party's control module After power gives described processor, control described POWER platform and perform boot action.
CN201610304629.4A 2016-05-10 2016-05-10 The realization method and system of POWER platform credibles is controlled by TPCM Active CN106022137B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610304629.4A CN106022137B (en) 2016-05-10 2016-05-10 The realization method and system of POWER platform credibles is controlled by TPCM

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610304629.4A CN106022137B (en) 2016-05-10 2016-05-10 The realization method and system of POWER platform credibles is controlled by TPCM

Publications (2)

Publication Number Publication Date
CN106022137A true CN106022137A (en) 2016-10-12
CN106022137B CN106022137B (en) 2018-11-13

Family

ID=57098912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610304629.4A Active CN106022137B (en) 2016-05-10 2016-05-10 The realization method and system of POWER platform credibles is controlled by TPCM

Country Status (1)

Country Link
CN (1) CN106022137B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106991327A (en) * 2017-03-29 2017-07-28 山东英特力数据技术有限公司 A kind of design method based on Power platform credible computers and control operation method
CN109670349A (en) * 2018-12-13 2019-04-23 英业达科技有限公司 The hardware structure of trusted computer and the credible starting method of computer

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140230024A1 (en) * 2013-02-13 2014-08-14 Hitachi, Ltd. Computer system and virtual computer management method
CN104123511A (en) * 2014-07-28 2014-10-29 浪潮集团有限公司 Method for realizing BMC safety management in server with trusted computing function
US20140359239A1 (en) * 2011-12-29 2014-12-04 Radhakrishna Hiremane Apparatus for hardware accelerated runtime integrity measurement
CN105160255A (en) * 2015-08-06 2015-12-16 浪潮电子信息产业股份有限公司 Trustworthy measurement apparatus and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140359239A1 (en) * 2011-12-29 2014-12-04 Radhakrishna Hiremane Apparatus for hardware accelerated runtime integrity measurement
US20140230024A1 (en) * 2013-02-13 2014-08-14 Hitachi, Ltd. Computer system and virtual computer management method
CN104123511A (en) * 2014-07-28 2014-10-29 浪潮集团有限公司 Method for realizing BMC safety management in server with trusted computing function
CN105160255A (en) * 2015-08-06 2015-12-16 浪潮电子信息产业股份有限公司 Trustworthy measurement apparatus and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
吴之光等: "浅谈BMC管理系统在国产平台服务器中的应用", 《信息技术与信息化》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106991327A (en) * 2017-03-29 2017-07-28 山东英特力数据技术有限公司 A kind of design method based on Power platform credible computers and control operation method
CN109670349A (en) * 2018-12-13 2019-04-23 英业达科技有限公司 The hardware structure of trusted computer and the credible starting method of computer
CN109670349B (en) * 2018-12-13 2021-10-01 英业达科技有限公司 Hardware architecture of trusted computer and trusted starting method of computer

Also Published As

Publication number Publication date
CN106022137B (en) 2018-11-13

Similar Documents

Publication Publication Date Title
US9189247B2 (en) Method for switching between virtualized and non-virtualized system operation
US11687645B2 (en) Security control method and computer system
US7364087B2 (en) Virtual firmware smart card
CN103748594B (en) For ARM TRUSTZONETMImplemented firmware-based trusted platform module
US9898609B2 (en) Trusted boot of a virtual machine
TWI384356B (en) Method and system for validating a computer system
EP3188065A1 (en) Secure intelligent terminal device and information processing method
CN103718165A (en) BIOS flash attack protection and notification
CN106874771A (en) A kind of method and device for building reliable hardware trust chain
KR20150059564A (en) Method for integrity verification of electronic device, machine-readable storage medium and electronic device
CN107567629A (en) Dynamic firmware module loader in credible performing environment container
US8843742B2 (en) Hypervisor security using SMM
CN112541166A (en) Method, system and computer readable storage medium
CN113987599B (en) Method, device, equipment and readable storage medium for realizing firmware trusted root
TWI604336B (en) Runtime verification using external device
CN113946854B (en) File access control method and device and computer readable storage medium
CN106022137A (en) Implementation method and system for controlling POWER platform to be trusted by TPCM (Trusted Platform Control Module)
CN113448682A (en) Virtual machine monitor loading method and device and electronic equipment
CN113448681B (en) Registration method, equipment and storage medium of virtual machine monitor public key
US20180032761A1 (en) System and method for preventing thin/zero client from unauthorized physical access
CN101488177A (en) BIOS based computer security control system and method thereof
US12099602B2 (en) Secure peripheral component access
CN108629185B (en) Server trusted platform measurement control system and operation method thereof
CN111158863B (en) Interrupt controller processing method and device and electronic equipment
CN112784276A (en) Method and device for realizing credibility measurement

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20190603

Address after: 11 floors, Block A, Science and Technology Wealth Center, 8 Xueqing Road, Haidian District, Beijing, 100094

Patentee after: Beijing Teamsun Technology Co., Ltd.

Address before: 100192 Beijing Haidian District Xueqing Road 8 (Science and Technology Wealth Center) A 10-storey South District

Patentee before: Beijing new cloud East System Technology Co., Ltd.