CN106022137A - Implementation method and system for controlling POWER platform to be trusted by TPCM (Trusted Platform Control Module) - Google Patents
Implementation method and system for controlling POWER platform to be trusted by TPCM (Trusted Platform Control Module) Download PDFInfo
- Publication number
- CN106022137A CN106022137A CN201610304629.4A CN201610304629A CN106022137A CN 106022137 A CN106022137 A CN 106022137A CN 201610304629 A CN201610304629 A CN 201610304629A CN 106022137 A CN106022137 A CN 106022137A
- Authority
- CN
- China
- Prior art keywords
- tpcm
- party
- control module
- power platform
- firmware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Sources (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides an implementation method and system for controlling a POWER platform to be trusted by a TPCM (Trusted Platform Control Module). The method comprises the following steps: after the TPCM is electrified, controlling a third-party control module to be electrified, executing trusted measurement on the third-party control module, and forming a trust chain of the TPCM and the third-party control module if the TPCM confirms that the third-party control module is trusted; executing self-startup movement by the third-party control module, executing the trusted measurement on the POWER platform by the third-party control module or the TPCM, and forming the trust chain of the TPCM, the third-party control module and the POWER platform if a confirmation result shows that the POWER platform is trusted; and controlling the POWER platform to execute the startup action by the third-party control module. The TPCM is used on the POWER platform to eliminate a threat that the platform system is tampered, and the safety of the platform is improved.
Description
Technical field
The present invention relates to information security field, particularly relating to one can by TPCM control POWER platform
The realization method and system of letter.
Background technology
At present, the control module for trusted computer system mainly has two kinds: one is TCG (Trusted
Computing Group, international Trusted Computing Group) TPM (Trusted Platform Module, credible
Console module), another kind is the TPCM (Trusted of CNS (GB/T 29827-2013)
Platform Control Module, credible platform control module).
Wherein, TPM is that the form issuing stamped signature needs the software used to verify to during start,
Have been carried out at present at x86 platform (a kind of clothes that central processing unit is core using sophisticated vocabulary framework
Business device) with other platforms on application.TPCM is a kind of actively detecting module, mostly is x86 Platform Designing,
Provide PCI-E interface (PCI-Express, EBI), solve basic input and output on x86 platform
The threat that system (BIOS, Basic Input Output System) is tampered, but TPCM is only capable of at present
X86 platform realizes.
POWER platform (a kind of service that central processing unit is core using reduced instruction set computer framework at present
Device) the main trusted module used is TPM, but plug-in the calling of TPM is a kind of passive architecture, nothing
Method performs dynamically actively tolerance, thus cause cannot be for the initialization firmware of platform on POWER platform
Boot ROM does and actively detects the possibility whether being tampered.But, if active detecting module TPCM is connect
On POWER platform, only provide PCI-E interface due to it, when starting to PCI-E interface degree of missing
Hostboot code (being equivalent to the BIOS of x86) in amount Boot ROM, implies that at POWER platform
On, it is impossible to use TPCM to ensure the start of POWER platform safety, also cannot avoid in Boot ROM
The threat that Hostboot code is tampered.
Summary of the invention
In view of the drawbacks described above of prior art, the technical problem to be solved in the present invention is to provide a kind of by TPCM
Control the realization method and system of POWER platform credible, POWER platform uses active body tying
The TPCM of structure, to solve the threat that on POWER platform, Hostboot code is tampered, and improves POWER
The safety of platform.
In order to solve above-mentioned technical problem, the invention provides one can by TPCM control POWER platform
The implementation method of letter, described method includes step:
A () TPCM powers on after, control the energising of third party's control module, and to described third party's control module
Perform credible tolerance, if described TPCM confirms that described third party's control module is believable, then form institute
State the trust chain between TPCM and described third party's control module;
B () described third party control module performs oneself's boot action, and the POWER platform controlling it
Perform credible tolerance, if described third party's control module confirms that described POWER platform is believable, then
Form the trust chain between described TPCM, described third party's control module and described POWER platform;Or
Person
Described third party's control module performs oneself's boot action, and the visit of the POWER platform controlled
Ask that control is switched to described TPCM, described TPCM and described POWER platform is performed credible tolerance,
If described TPCM confirms that described POWER platform is believable, then formed described TPCM, described the
Trust chain between tripartite's control module and described POWER platform, described TPCM is by described POWER
The access control of platform gives back described third party's control module;
C () described third party control module controls described POWER platform and performs boot action.
Wherein in an embodiment, after described TPCM powers on, control the energising of third party's control module, and
Described third party's control module is performed credible tolerance, if described TPCM confirms that described third party controls mould
Block is believable, then form the step bag of trust chain between described TPCM and described third party's control module
Include:
After described TPCM powers on, control the energising of described third party's control module, described third party's control module
The access control of its first outside start firmware is switched to described TPCM;And
Described TPCM performs credible tolerance, if described TPCM confirms to the described first outside start firmware
Described first outside start firmware is believable, then formed described TPCM and described third party's control module it
Between trust chain, the access control of described first outside start firmware is given back institute by the most described TPCM
State third party's control module.
Wherein in an embodiment, described third party's control module performs oneself's boot action, and controls it
The POWER platform of system performs credible tolerance, if described third party's control module confirms described POWER
Platform is believable, then form described TPCM, described third party's control module and described POWER platform
Between the step of trust chain include:
Described third party's control module performs oneself's boot action, and the to the POWER platform that it controls
Two outside start firmwares perform credible tolerance, if described third party's control module confirms that described second outside is opened
Machine firmware is believable, then form described TPCM, described third party's control module and described POWER and put down
Trust chain between platform.
Wherein in an embodiment, described third party's control module performs oneself's boot action, and is controlled
The access control of the POWER platform of system is switched to described TPCM, and described TPCM is to described POWER
Platform performs credible tolerance, if described TPCM confirms that described POWER platform is believable, is then formed
Trust chain between described TPCM, described third party's control module and described POWER platform, described
The access control of described POWER platform is given back the step bag of described third party's control module by TPCM
Include:
Described third party's control module performs oneself's boot action, and the of the POWER platform controlled
It is outside to described second that the access control of two outside start firmwares is switched to described TPCM, described TPCM
Start firmware performs credible tolerance, if described TPCM confirms that the described second outside start firmware is believable,
Then form the trust chain between described TPCM, described third party's control module and described POWER platform,
And the access control of the described second outside start firmware is given back described third party's control module.
Wherein in an embodiment, described method also includes:
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located
The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened
Machine firmware performs credible tolerance, if described third party's control module confirm described second outside start firmware and
Described internal start firmware is all believable, then form described TPCM, described third party's control module and institute
State the trust chain between POWER platform.
Wherein in an embodiment, described method also includes:
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located
The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened
The access control of machine firmware is switched to described TPCM, described TPCM to the described second outside start firmware
Credible tolerance is performed, if described TPCM confirms that the described second outside start is solid with described internal start firmware
Part and described internal start firmware are all believable, then form described TPCM, described third party's control module
And the trust chain between described POWER platform, and the described second outside start firmware and described inside are opened
The access control of machine firmware gives back described third party's control module.
Wherein in an embodiment, described third party's control module controls described POWER platform and performs to open
The step of motor-driven work includes:
Described third party's control module is by controlling the logic circuit that powers on described POWER platform by described
Processor is energized, and gives described processor, described place by the access control of described internal start firmware simultaneously
Reason device controls described POWER platform and performs boot action.
The present invention also provides for a kind of system that realizes being controlled POWER platform credible by TPCM, described system
Including:
TPCM, for after the power-up, controls the energising of third party's control module, and described third party is controlled mould
Block performs credible tolerance, if it is confirmed that described third party's control module is believable, then forms described TPCM
And the trust chain between described third party's control module;And
Third party's control module, dynamic for confirming to perform oneself's start after it is believable at described TPCM
Make, and described POWER platform be identified be believable after, formed described TPCM, the described 3rd
Trust chain between side's control module and described POWER platform, described third party's control module controls described
POWER platform performs boot action;
Wherein, described POWER platform is, by described third party's control module, it is performed credible tolerance the most really
It is believable for recognizing it, or described POWER platform is, by described TPCM, it is performed credible tolerance the most really
It is believable for recognizing it;
Before described TPCM confirms that described POWER platform is believable, described third party's control module
The access control of the described POWER platform controlled is switched to described TPCM, at described TPCM
Confirm described POWER platform be believable after, described TPCM is by the access of described POWER platform
Control gives back described third party's control module.
Wherein in an embodiment, described third party's control module includes the first switch unit, in institute
State under the control of TPCM after energising, the access control of the himself first outside start firmware is switched to
Described TPCM;
Described TPCM includes the first credible metric element, and performing for firmware of starting shooting described first outside can
Reliability amount, if it is confirmed that described first outside start firmware is believable, then forms described TPCM and described
Trust chain between third party's control module, hands over the access control of the described first outside start firmware simultaneously
Return described third party's control module.
Wherein in an embodiment, described third party's control module includes the second credible metric element, is used for
After third party's control module performs oneself's boot action, the second outside start to POWER platform is solid
Part performs credible tolerance, if it is confirmed that described second outside start firmware is believable, then formed described TPCM,
Trust chain between described third party's control module and described POWER platform.
Wherein in an embodiment, the second credible metric element of described third party's control module, it is additionally operable to
Obtain the visit of the inside start firmware of processor in the described second outside start firmware and described POWER platform
Ask control, and the described second outside start firmware and described internal start firmware are performed credible tolerance, as
Fruit confirms that the described second outside start firmware and described internal start firmware are all believable, then formed described
Trust chain between TPCM, described third party's control module and described POWER platform.
Wherein in an embodiment, described third party's control module includes the second switch unit, in institute
After stating the execution oneself's boot action of third party's control module, outside the second of the POWER platform controlled
The access control of portion's start firmware is switched to described TPCM, described first credible by described TPCM
Metric element performs credible tolerance to the described second outside start firmware, if described first credible metric element
Confirm that described second outside start firmware is believable, then form described TPCM, described third party controls mould
Trust chain between block and described POWER platform, and the access of the described second outside start firmware is controlled
Power gives back described third party's control module.
Wherein in an embodiment, the second switch unit of described third party's control module, it is additionally operable to obtain
The access control of the inside start firmware of processor in described second outside start firmware and described POWER platform
System power, and the access control of the described second outside start firmware and described internal start firmware is switched to institute
State TPCM, by the described first credible metric element in described TPCM to the described second outside start firmware
Credible tolerance is performed, if described first credible metric element confirms described second with described internal start firmware
Outside start firmware and described internal start firmware are all believable, then formed described TPCM, the described 3rd
Trust chain between side's control module and described POWER platform, and will described second outside start firmware with
The access control of described internal start firmware gives back described third party's control module.
Wherein in an embodiment, described POWER platform includes power on logic circuit and described processor,
The described logic circuit that powers on, for powering on for described processor under the control of described third party's control module;
And described processor, for the access of described internal start firmware being controlled in described third party's control module
After power gives described processor, control described POWER platform and perform boot action.
Beneficial effects of the present invention at least includes:
The above-mentioned realization method and system being controlled POWER platform credible by TPCM, TPCM powers on and just
Often after running, control third party's control module power-up initializing and it is actively performed credible tolerance, and
Confirm third party's control module be believable after, between TPCM and third party's control module formed trust
Chain, third party's control module performs oneself's boot action, and by third party's control module or TPCM pair
POWER platform actively performs credible tolerance, after confirmation POWER platform is also believable, is formed
Trust chain between TPCM, third party's control module and POWER platform.Its by TPCM as trust
Starting point preferentially starts, and uses TPCM or believable tolerance agency's (example during whole starting up
Such as third party's control module) perform credible tolerance, make to trust constantly extension with this, until realizing POWER
The whole piece trust chain of platform, it is ensured that the safety of POWER platform start, prevents data leak and Hostboot
Code is tampered.And owing to having incorporated the TPCM of CNS on POWER platform, therefore
Fill up the blank realizing China's reliable computing technology on POWER platform, it is achieved that at POWER platform
The TPCM of upper use active body architecture, solves the prestige that on POWER platform, Hostboot code is tampered
The side of body, improves the safety of POWER platform.
Accompanying drawing explanation
Fig. 1 is first of the implementation method being controlled POWER platform credible by TPCM in an embodiment
The schematic flow sheet of embodiment;
Fig. 2 is the of the implementation method being controlled POWER platform credible by TPCM in another embodiment
The schematic flow sheet of two embodiments;
Fig. 3 is implementation method concrete being controlled POWER platform credible by TPCM in first embodiment
Schematic flow sheet;
Fig. 4 is implementation method concrete being controlled POWER platform credible by TPCM in the second embodiment
Schematic flow sheet;
Fig. 5 is another of implementation method being controlled POWER platform credible by TPCM in first embodiment
Idiographic flow schematic diagram;
Fig. 6 is another of implementation method being controlled POWER platform credible by TPCM in the second embodiment
Idiographic flow schematic diagram;
Fig. 7 is the structure of the system that realizes being controlled POWER platform credible by TPCM in an embodiment
Schematic diagram;
Fig. 8 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment
Structure schematic diagram;
Fig. 9 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment
Structure schematic diagram.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and advantage clearer, below in conjunction with accompanying drawing and reality
Execute example the present invention is carried out the most in detail by the realization method and system of TPCM control POWER platform credible
Describe in detail bright.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not used to limit
Determine the present invention.
In one embodiment, as shown in Figure 1 and Figure 2, the invention provides one by TPCM control
The implementation method of POWER platform credible, this implementation method includes two kinds of embodiments:
Seeing Fig. 1, the implementation method in first embodiment comprises the following steps:
Step S100, TPCM (Trusted Platform Control Module, credible platform control module)
After powering on, control the energising of third party's control module, and third party's control module is performed credible tolerance, if
TPCM confirms that third party's control module is believable, then formed between TPCM and third party's control module
Trust chain.In one embodiment, third party's control module is BMC (Baseboard Management
Controller, baseboard management controller).In one embodiment, credible tolerance includes integrity measurement, logical
Cross and confirm that the integrity of third party's control module is to complete integrity measurement.
Step S200, third party's control module performs oneself's boot action, and puts down its POWER controlled
Platform performs credible tolerance, if third party's control module confirms that POWER platform is believable, is then formed
Trust chain between TPCM, third party's control module and described POWER platform.
Step S300, third party's control module controls POWER platform and performs boot action.
Seeing Fig. 2, the implementation method in the second embodiment comprises the following steps:
Step S100, after TPCM powers on, controls the energising of third party's control module, and third party is controlled mould
Block performs credible tolerance (including integrity measurement), if TPCM confirms that third party's control module is believable
(such as confirming the integrity of third party's control module), then formed between TPCM and third party's control module
Trust chain.
Step S200 ', third party's control module performs oneself's boot action, and the POWER controlled
The access control of platform is switched to TPCM, TPCM and POWER platform is performed credible tolerance, if
TPCM confirms that POWER platform is believable, then form TPCM, third party's control module and POWER
Trust chain between platform, the access control of POWER platform is given back third party and is controlled mould by TPCM
Block.
Step S300, third party's control module controls POWER platform and performs boot action.
In above-mentioned two embodiment, the electrifying timing sequence of POWER platform control be by one on POWER platform
Third party control module control.In realizing the method by TPCM control POWER platform,
TPCM preferentially powers, to ensure that TPCM the most normally works.The credibility of TPCM itself and uniqueness
Be to be authenticated by CNS in advance, i.e. TPCM itself is believable, and POWER platform is final
Can start that safe be determined by TPCM, and it can perform POWER platform with other at this simultaneously
The credible tolerance work of other subsystems on POWER platform, such as: perform POWER platform with other
The integrity measurement of the subsystem on this POWER platform.Treat that TPCM powers on and after normal operation, by
TPCM controls third party's control module power-up initializing (such as TPCM interface by POWER platform
It is controlled), and third party's control module is performed credible tolerance.If TPCM confirms that third party controls mould
Block is believable, then form the trust chain between TPCM and third party's control module, third party's control module
Perform oneself's boot action.If TPCM confirms, when third party's control module is insincere, the most directly to stop the
The boot action of tripartite's control module.
In the first embodiment, after third party's control module completes oneself's boot action, need to control
POWER platform performs initialization action, third party's control module directly perform credible to POWER platform
Tolerance.Third party's control module is to determine at TPCM just to start shooting after it is believable, and then to POWER
Platform actively performs credible tolerance, therefore can ensure that the credibility of third party's control module, is determining
POWER platform be believable after, formed TPCM, between third party's control module and POWER platform
Trust chain so that trusting constantly extension, until realizing the whole piece trust chain of POWER platform, finally
Third party's control module controls POWER platform and performs boot action, completes the safety open of POWER platform
Machine.If third party's control module confirms that POWER platform is incredible, the most directly stop POWER
The boot action of platform, to guarantee that on POWER platform, Hostboot code will not be tampered.
In a second embodiment, after third party's control module completes oneself's boot action, need to control
POWER platform performs initialization action, and by TPCM, POWER platform is performed credible tolerance.By
Control by third party's control module in traditional POWER platform, it is therefore desirable to third party controls mould
It is first switched to TPCM, such TPCM by block to the access control of POWER platform can be the completeest
The in pairs credible tolerance of POWER platform, after confirming that POWER platform is believable, TPCM,
Form trust chain between third party's control module and POWER platform, make to trust constantly extension with this, directly
To realizing the whole piece trust chain of POWER platform, then the access control of POWER platform is given back
Third party's control module.Third party's control module controls POWER platform and performs boot action, completes POWER
The safety opening terminal of platform.If third party's control module confirms that POWER platform is incredible, the most directly
Stop the boot action of POWER platform, to guarantee that on POWER platform, Hostboot code will not be usurped
Change.
Advantageously, above-mentioned two embodiment is to act on behalf of (the most believable by TPCM or multiple tolerance
Third party's control module) constantly make trust extend, and then realize whole piece trust chain, therefore can ensure that
The credibility of POWER platform start, ensures hardware and the integrity of operating system, prevent data leak and
Hostboot code is tampered, and now third party's control module controls the execution boot action of POWER platform,
Complete the safety opening terminal of POWER platform, during if it is confirmed that POWER platform is insincere, the most directly stop
The boot action of POWER platform.What deserves to be explained is, formed TPCM, third party's control module and
During trust chain between POWER platform, trust chain can be a trust chain, it is also possible to for netted trust
Chain.
Further, since incorporated the TPCM of CNS on POWER platform, therefore fill up
Realize the blank of China's reliable computing technology on POWER platform, be mainly for x86 framework meter to traditional
Supplementing and perfect of the credible platform motherboard standard that calculation platform proposes, it is achieved use main on POWER platform
The TPCM of kinety system structure, solves the threat that on POWER platform, Hostboot code is tampered, and improves
The safety of POWER platform.
Wherein, POWER platform can be but be not limited to the POWER platform (use of OpenPOWER
The central processing unit of reduced instruction set computer framework is a kind of terminal of core).It should be noted that confirming the 3rd
Side control module and POWER platform be believable before, third party's control module and POWER platform
And their assembly, subsystem are all in cold state.
In one embodiment, step S300 includes: third party's control module controls on POWER platform
The logic circuit that powers on is that POWER platform powers on, and POWER platform performs boot action.
In one embodiment, Fig. 3, Fig. 4, step S100 in Fig. 1, embodiment illustrated in fig. 2 are seen
Farther include:
Step S110, after TPCM powers on, controls the energising of third party's control module, and third party's control module will
The access control of its first outside start firmware is switched to TPCM.
Step S120, TPCM performs credible tolerance to the first outside start firmware, if TPCM confirms the
One outside start firmware is believable, then form the trust chain between TPCM and third party's control module, with
Time TPCM the access control of the first outside start firmware is given back third party's control module.
The present embodiment is the detailed description of the invention of step S100, but is not used to limit step S100.Concrete,
When third party's control module is performed credible tolerance, it is start outside to first in third party's control module
Firmware performs credible tolerance, such as: to the outside start firmware Flash ROM in third party's control module
Perform credible tolerance.Before firmware of starting shooting outside to first performs credible tolerance, the first outside start firmware
Access control controlled by third party's control module, it is therefore desirable to first by the first outside start firmware
Accessing control and be switched to TPCM, now TPCM can perform credible tolerance to the first outside start firmware,
Obtain credible measurement results.If credible measurement results is credible, then can confirm that this first outside start firmware is
Believable (the most complete), now defines trust chain between TPCM and third party's control module,
The access control of the first outside start firmware is given back third party's control module, third party by TPCM simultaneously
Control module realizes oneself's boot action.If credible measurement results is insincere, the most directly stop third party's control
The boot action of molding block.
In one embodiment, seeing Fig. 3, step S200 in embodiment illustrated in fig. 1 includes:
Step S210, third party's control module performs oneself's boot action, and puts down its POWER controlled
The second of platform outside start firmware performs credible tolerance, if third party's control module confirms the second outside start
Firmware is believable, then form the trust chain between TPCM, third party's control module and POWER platform.
In one embodiment, seeing Fig. 4, the step S200 ' in embodiment illustrated in fig. 2 including:
Step S210 ', third party's control module performs oneself's boot action, and the POWER controlled
The access control of the second of platform outside start firmware is switched to TPCM, TPCM to the second outside start
Firmware performs credible tolerance, if TPCM confirms that the second outside start firmware is believable, then formed TPCM,
Trust chain between third party's control module and POWER platform, and by the access of the second outside start firmware
Control gives back third party's control module.
Above-mentioned two embodiment is step S200 and the detailed description of the invention of step S200 ', but is not used to limit
Determine step S200 and step S200 '.Concrete, when POWER platform is performed credible tolerance, it is right
The credible tolerance that in POWER platform second outside start firmware performs, such as: in POWER platform
Outside, start firmware Flash ROM performs credible tolerance.Firmware of starting shooting outside to second performs credibility
During amount, directly the second outside start firmware can be performed credible tolerance by third party's control module, it is possible to first
(second is outside by third party's control module, the access control of the second outside start firmware to be switched to TPCM
The access control of start firmware is controlled by third party's control module, therefore needs first by the second outside start
The access control of firmware is switched to TPCM), then by TPCM, the second outside start firmware is performed credibility
Amount, and obtain credible measurement results, if credible measurement results is credible, then can confirm that this second outside start
Firmware is believable (the most complete), now can be at TPCM, third party's control module and POWER
Trust chain is formed between platform, if the credible tolerance simultaneously by TPCM, the second outside start firmware performed,
The access control by the second outside start firmware is then needed to give back third party's control module.Owing to starting
It journey is the credibility by TPCM or multiple tolerance agency (such as: believable third party's control module etc.)
Amount makes trust constantly extend, and therefore can ensure the reliable of whole piece trust chain, now third party's control module
The start of POWER platform can be controlled, it is achieved the safety opening terminal of POWER platform.If credible measurement results is
Insincere, the most directly stop the boot action of POWER platform.Thus can realize POWER platform
Active detecting, and ensure that the Boot ROM in POWER platform will not be tampered, it is ensured that POWER
The safety of platform.
Fig. 5 is another of implementation method being controlled POWER platform credible by TPCM in first embodiment
Idiographic flow schematic diagram.Fig. 5 will be described in conjunction with Fig. 3.
In one embodiment, see Fig. 5, TPCM control the implementation method of POWER platform credible,
Further comprising the steps of:
Step S201, third party's control module obtains in the second outside start firmware and POWER platform and processes
The access control of the inside start firmware of device, and the second outside start firmware and internal start firmware are performed
Credible tolerance, if third party's control module confirms that the second outside start firmware and internal start firmware are all can
Letter, form TPCM, trust chain between third party's control module and POWER platform.
The start process of POWER platform has two ways, including mensurable processor starting procedure and can not spending
Amount processor starting procedure, above-mentioned Fig. 3 and embodiment illustrated in fig. 4 are that one of which includes the most mensurable process
The starting procedure of device, above-mentioned embodiment illustrated in fig. 5 is the starting procedure that one of which includes mensurable processor.
In the embodiment shown in this Fig. 5, third party's control module obtains the second outside start of POWER platform
The access control of the inside start firmware of processor in firmware and POWER platform, and directly to outside second
Start firmware in portion's performs credible tolerance with internal start firmware, is confirming that outside second, start firmware and inside are opened
Machine firmware be all believable after, formed TPCM, between third party's control module and POWER platform
Trust chain, thus ensure the start safety of POWER platform.If the second outside start firmware, internal start
The credible measurement results of any of which of firmware is insincere, the most directly stops the start of POWER platform dynamic
Make, will not be tampered with the Boot ROM that this ensures in POWER platform, improve the safety of platform.
The present embodiment achieves the credible tolerance of the active of processor in POWER platform, further ensures
The start safety of POWER platform.
Wherein, third party's control module starts shooting firmware outside to second and internal start firmware performs credibility
During amount, including two kinds of embodiments: one is that the second outside start firmware is first performed by third party's control module
Credible tolerance, at the firmware that confirms to start shooting outside second for after being believable, then to inside start firmware execution
Credible tolerance, confirm internal start firmware be also believable after, TPCM, third party's control module and
Trust chain is formed between POWER platform.Another kind is that inside start firmware is first performed by third party's control module
Credible tolerance, after confirmation internal start firmware is believable, then can to the second outside start firmware execution
Reliability amount, confirm the second outside start firmware be also believable after, in TPCM, third party's control module
And between POWER platform, form trust chain.
It should be noted that in the first embodiment, owing to the second outside start firmware is by third party
Control module controls, and therefore after judging that outside second, start firmware is insincere, can stop POWER
Platform is started shooting, it is achieved efficiency is higher.In the second embodiment, the inside start firmware elder generation quilt of processor
Confirmation is believable, and now processor can run part operation, but due to the second start the most unconfirmed
Whether firmware is believable, thus without being loaded into the data code of storage in the second start firmware, and will not be to the
Data in two start firmwares operate, and the second start firmware to be confirmed is also believable, and processor just carries
Entering the data in the second start firmware and perform corresponding operation, the operation that now processor performs is believable.
Can other modules in metrology platform again it should be noted that be confirmed to be believable module.Owing to opening
It is to be acted on behalf of (such as: believable third party's control module, Flash ROM by TPCM or multiple tolerance during Dong
Deng) credible tolerance make trust constantly extend, therefore can ensure the reliable of whole piece trust chain, now
Tripartite's control module can control the start of POWER platform safety.
Fig. 6 is another of implementation method being controlled POWER platform credible by TPCM in the second embodiment
Idiographic flow schematic diagram.Fig. 6 will be described in conjunction with Fig. 4.
In one embodiment, see Fig. 6, TPCM control the implementation method of POWER platform credible
Further comprising the steps of:
Step S201 ', third party's control module obtains in the second outside start firmware and POWER platform to be located
The access control of the inside start firmware of reason device, and by the second outside start firmware and internal start firmware
Access control be switched to that the second outside start firmware and internal start firmware perform by TPCM, TPCM can
Reliability amount, if TPCM confirms that the second outside start firmware and internal start firmware are all believable, then shape
Become TPCM, trust chain between third party's control module and POWER platform, and by the second outside start
The access control of firmware and internal start firmware gives back third party's control module.
The start process of POWER platform has two ways, including mensurable processor starting procedure and can not spending
Amount processor starting procedure, above-mentioned embodiment illustrated in fig. 6 is the start stream that another kind includes mensurable processor
Journey.Concrete, obtain the second outside process started shooting in firmware and POWER platform of POWER platform
The access control of the inside start firmware of device, and by the second outside start firmware and the visit of internal start firmware
Ask that control is switched to TPCM, TPCM and performs credible to the second outside start firmware and internal start firmware
Tolerance, such as, perform credible to the inside start firmware of the second outside start firmware Flash ROM and processor
Tolerance, thus confirm the credible measurement results of the inside start firmware of the second outside start firmware and processor,
Confirm to start shooting outside second firmware and internal start firmware be credible after, form TPCM, third party
Control module and the trust chain of POWER platform, thus ensure the start safety of POWER platform.If the
Outside two, the credible measurement results of any of which of start firmwares, internal start firmware is insincere, the most directly
Connect the boot action stopping POWER platform, ensure the safety opening terminal of POWER platform with this, it is to avoid
Boot ROM in POWER platform is tampered.The present embodiment achieves use TPCM to POWER
The credible tolerance of the active of processor in platform, further ensures the start safety of POWER platform.
Similar, TPCM starts shooting firmware and time internal start firmware performs credible tolerance outside to second,
Including two kinds of embodiments: one is that TPCM first performs credible tolerance, really to the second outside start firmware
Recognize the second outside start firmware for be believable after, then inside start firmware is performed credible tolerance, confirmation
Internal start firmware be also believable after, TPCM, third party's control module and POWER platform it
Between formed trust chain.Another kind is that TPCM first performs credible tolerance to inside start firmware, is confirming inside
Start firmware be believable after, then the second outside start firmware is performed credible tolerance, confirms that second is outside
Start firmware be also believable after, shape between TPCM, third party's control module and POWER platform
Become trust chain.
It should be noted that in the first embodiment, owing to the second outside start firmware is by third party
Control module controls, and therefore after judging that outside second, start firmware is insincere, can stop POWER
Platform is started shooting, it is achieved efficiency is higher.In the second embodiment, the inside start firmware elder generation quilt of processor
Confirmation is believable, and now processor can run part operation, but due to the second start the most unconfirmed
Whether firmware is believable, thus without being loaded into the data code of storage in the second start firmware, and will not be to the
Data in two start firmwares operate, and the second start firmware to be confirmed is also believable, and processor just carries
Entering the data in the second start firmware and perform corresponding operation, the operation that now processor performs is believable.
Can other modules in metrology platform again it should be noted that be confirmed to be believable module.Owing to opening
It is to be acted on behalf of (such as: believable third party's control module, Flash ROM by TPCM or multiple tolerance during Dong
Deng) credible tolerance make trust constantly extend, therefore can ensure the reliable of whole piece trust chain, now
Tripartite's control module can control the start of POWER platform safety.
Wherein, processor can be CPU (Central Processing Unit, CPU), for example,
Power 8 processor.
In one embodiment, seeing Fig. 5, Fig. 6, step S300 includes:
Step S310, third party's control module is by controlling at the logic circuit general that powers on POWER platform
Reason device energising, the access control of firmware of simultaneously being started shooting inside gives processor, processor control POWER
Platform performs boot action.
What deserves to be explained is, POWER platform is provided with the logic circuit that powers on, this power on logic circuit and place
Reason device connect, third party's control module by control power on logic circuit to processor be energized, meanwhile, general at
The access control of the inside start firmware of reason device gives back processor, after processor performs oneself's boot action,
Control POWER platform and perform boot action, it is achieved the safety opening terminal of POWER platform.
One of ordinary skill in the art will appreciate that all or part of flow process realizing in above-described embodiment method,
Can be by computer program to instruct what relevant hardware completed, described computer program can be stored in
In one computer read/write memory medium, this computer program is upon execution, it may include such as above-mentioned each method
The flow process of embodiment.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body
(Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM)
Deng.
Fig. 7 is the structure of the system that realizes being controlled POWER platform credible by TPCM in an embodiment
Schematic diagram.As it is shown in fig. 7, this system includes: TPCM 100, for after the power-up, control third party's control
Molding block 200 is energized, and third party's control module 200 is performed credible tolerance, if it is confirmed that third party's control
Molding block 200 is believable, then form the trust chain between TPCM 100 and third party's control module 200;
And third party's control module 200, for confirming that third party's control module 200 is believable at TPCM 100
Afterwards perform oneself boot action, and POWER platform 300 be identified be believable after, formed TPCM
100, the trust chain between third party's control module 200 and POWER platform 300, and control POWER
Platform 300 performs boot action.
Wherein, POWER platform 300 is, by third party's control module 200, it is performed credible tolerance, and
Confirmed that POWER platform 300 is believable by third party's control module 200, or POWER platform 300
It is, by TPCM 100, it is performed credible tolerance, and is confirmed described POWER platform 300 by TPCM 100
It is believable.Before TPCM 100 confirms that POWER platform 300 is believable, third party controls mould
The access control of the POWER platform 300 that block 200 is controlled is switched to TPCM 100, at TPCM
100 confirm POWER platforms 300 be believable after, TPCM 100 is by POWER platform 300
Access control and give back third party's control module 200.
Specifically, POWER platform 300 can be controlled mould by being confirmed as believable third party by TPCM 100
Block 200 performs credible tolerance, it is possible to performed feasible tolerance by TPCM 100.In one embodiment,
After tripartite's control module 200 start, its POWER platform 300 controlled is performed credible tolerance, confirming
POWER platform 300 be believable after, formed TPCM 100, third party's control module 200 and POWER
Trust chain between platform 300, and control POWER platform 300 and perform boot action.Real at another
Execute in example, the access control of the POWER platform 300 that third party's control module 200 is controlled after powering
Power processed is switched to TPCM 100, TPCM 100 and POWER platform 300 is performed credible tolerance, is confirming
POWER platform 300 be believable after, formed TPCM100, third party's control module 200 and POWER
Trust chain between platform 300, and the access control of POWER platform 300 is given back third party's control
Molding block 200, is controlled POWER platform 300 by third party's control module 200 and performs boot action.
In the present embodiment, TPCM 100 powers on and after normal operation, controls in third party's control module 200
Electricity initializes and it also actively performs credible tolerance, and confirmation third party's control module 200 be believable it
After, between TPCM 100 and third party's control module 200, form trust chain, third party's control module 200
Perform oneself's boot action, and after power-up, third party's control module 200 or TPCM 100 is to POWER
Platform 300 actively performs credible tolerance, after confirmation POWER platform 300 is also believable, at TPCM
100, forming trust chain between third party's control module 200 and POWER platform 300, it is by TPCM 100
Preferentially start as trusting starting point, during whole starting up, use TPCM or believable tolerance generation
Reason (being such as confirmed to be believable third party's control module 200) performs credible tolerance, makes to trust with this
Constantly extension, until realizing the whole piece trust chain of POWER platform, it is ensured that the peace of POWER platform start
Quan Xing, prevents data leak and Hostboot code to be tampered.And owing to incorporating on POWER platform
The TPCM of CNS, has therefore filled up and has realized China's reliable computing technology on POWER platform
Blank, it is achieved that on POWER platform use active body architecture TPCM, solve POWER
The threat that on platform, Hostboot code is tampered, improves the safety of POWER platform.
Fig. 8 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment
Structure schematic diagram.Fig. 8 will be described in conjunction with Fig. 7, and the module/element identical with label in Fig. 7 has phase
Same or close function.
In one embodiment, seeing Fig. 8, third party's control module 200 includes the first switch unit 210,
Under the control at TPCM 100 after energising, the access of the himself first outside start firmware is controlled
Power is switched to TPCM 100.TPCM 100 includes the first credible metric element 110, for outside to first
Start firmware performs credible tolerance, if it is confirmed that the first outside start firmware is believable, then forms TPCM
Trust chain between 100 and third party's control module 200, controls the access of the first outside start firmware simultaneously
Power gives back third party's control module 200.
Third party's control module 200 also includes the second switch unit 220, in third party's control module 200
After performing oneself's boot action, the second of the POWER platform 300 controlled outside start firmware
Access control and be switched to TPCM 100.The first credible metric element 110 in TPCM 100, is additionally operable to
Second outside start firmware is performed credible tolerance, if it is confirmed that the second outside start firmware is believable, then
Form the trust chain between TPCM 100, third party's control module 200 and POWER platform 300, and will
The access control of the second outside start firmware gives back third party's control module 200.
If processor 320 is mensurable processor in POWER platform 300, in one embodiment,
See Fig. 8, the second switch unit 220 of third party's control module 200, it is additionally operable to obtain the second outside start
The access control of the inside start firmware of processor 320 in firmware and POWER platform 300, and by the
The access control of two outside start firmwares and internal start firmware is switched to TPCM 100.In TPCM 100
The first credible metric element 110, be additionally operable to perform credible to the second outside start firmware and internal start firmware
Tolerance, if it is confirmed that the inside start firmware of the second outside start firmware and processor 320 is all believable,
Then form the trust chain between TPCM 100, third party's control module 200 and POWER platform 300, and
The access control of the second outside start firmware and internal start firmware is given back third party's control module 200.
In one embodiment, POWER platform 300 includes power on logic circuit 310 and processor 320.
Power on logic circuit 310, for powering on for processor 320 under the control of third party's control module 200.Place
Reason device 320, for giving processor in the started shooting inside access control of firmware of third party's control module 200
After 320, control POWER platform 300 and perform boot action.
Fig. 9 is the knot of the system that realizes being controlled POWER platform credible by TPCM in another embodiment
Structure schematic diagram.Fig. 9 will be described in conjunction with Fig. 7, and the module/element identical with label in Fig. 7 has phase
Same or close function.
In one embodiment, seeing Fig. 9, third party's control module 200 includes the first switch unit 210,
Under the control at TPCM 100 after energising, the access of the himself first outside start firmware is controlled
Power is switched to TPCM 100.The first credible metric element 110 in TPCM 100, for outside to first
Start firmware performs credible tolerance, if it is confirmed that the first outside start firmware is believable, then forms TPCM
Trust chain between 100 and third party's control module 200, controls the access of the first outside start firmware simultaneously
Power gives back third party's control module 200.
Third party's control module 200 also includes the second credible metric element 230, in third party's control module
After 200 perform oneself's boot action, the second outside start firmware of POWER platform 300 is performed credible
Tolerance, if it is confirmed that the second outside start firmware is believable, then formation TPCM 100, third party control mould
Trust chain between block 200 and POWER platform 300.
If processor 320 is mensurable processor in POWER platform 300, in one embodiment,
See Fig. 9, the second credible metric element 230 of third party's control module 200, it is additionally operable to obtain second outside
The access control of the inside start firmware of processor 320 in start firmware and POWER platform 300, and
The inside start firmware of the second outside start firmware and processor 320 is performed credible tolerance, if it is confirmed that the
Two outside start firmwares and internal start firmware are all believable, then formation TPCM 100, third party control mould
Trust chain between block 200 and POWER platform 300.
In one embodiment, POWER platform 300 includes power on logic circuit 310 and processor 320.
Power on logic circuit 310, for powering on for processor 320 under the control of third party's control module 200.Place
Reason device 320, for giving processor in the started shooting inside access control of firmware of third party's control module 200
After 320, control POWER platform 300 and perform boot action.
The system solution problem being controlled POWER platform credible by TPCM due to Fig. 7-9 illustrated embodiment
The implementation method being controlled POWER platform credible by TPCM of principle and earlier figures 1-6 illustrated embodiment
Similar, therefore the enforcement of this system may refer to the enforcement of preceding method, repeats no more in place of repetition.
Each technical characteristic of embodiment described above can combine arbitrarily, for making description succinct, the most right
The all possible combination of each technical characteristic in above-described embodiment is all described, but, if these skills
There is not contradiction in the combination of art feature, is all considered to be the scope that this specification is recorded.
Embodiment described above only have expressed the several embodiments of the present invention, and it describes more concrete and detailed,
But can not therefore be construed as limiting the scope of the patent.It should be pointed out that, for this area
For those of ordinary skill, without departing from the inventive concept of the premise, it is also possible to make some deformation and change
Entering, these broadly fall into protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be with appended power
Profit requires to be as the criterion.
Claims (10)
1. the implementation method being controlled POWER platform credible by TPCM, it is characterised in that described side
Method includes step:
A () TPCM powers on after, control the energising of third party's control module, and to described third party's control module
Perform credible tolerance, if described TPCM confirms that described third party's control module is believable, then form institute
State the trust chain between TPCM and described third party's control module;
B () described third party control module performs oneself's boot action, and the POWER platform controlling it
Perform credible tolerance, if described third party's control module confirms that described POWER platform is believable, then
Form the trust chain between described TPCM, described third party's control module and described POWER platform;Or
Person
Described third party's control module performs oneself's boot action, and the visit of the POWER platform controlled
Ask that control is switched to described TPCM, described TPCM and described POWER platform is performed credible tolerance,
If described TPCM confirms that described POWER platform is believable, then formed described TPCM, described the
Trust chain between tripartite's control module and described POWER platform, described TPCM is by described POWER
The access control of platform gives back described third party's control module;
C () described third party control module controls described POWER platform and performs boot action.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 1, its
It is characterised by, after described TPCM powers on, controls the energising of third party's control module, and described third party is controlled
Molding block performs credible tolerance, if described TPCM confirms that described third party's control module is believable, then
The step forming the trust chain between described TPCM and described third party's control module includes:
After described TPCM powers on, control the energising of described third party's control module, described third party's control module
The access control of its first outside start firmware is switched to described TPCM;And
Described TPCM performs credible tolerance, if described TPCM confirms to the described first outside start firmware
Described first outside start firmware is believable, then formed described TPCM and described third party's control module it
Between trust chain, the access control of described first outside start firmware is given back institute by the most described TPCM
State third party's control module.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 1, its
Being characterised by, described third party's control module performs oneself's boot action, and puts down its POWER controlled
Platform performs credible tolerance, if described third party's control module confirms that described POWER platform is believable,
Then form trust chain between described TPCM, described third party's control module and described POWER platform
Step includes:
Described third party's control module performs oneself's boot action, and the to the POWER platform that it controls
Two outside start firmwares perform credible tolerance, if described third party's control module confirms that described second outside is opened
Machine firmware is believable, then form described TPCM, described third party's control module and described POWER and put down
Trust chain between platform;
Described third party's control module performs oneself's boot action, and the visit of the POWER platform controlled
Ask that control is switched to described TPCM, described TPCM and described POWER platform is performed credible tolerance,
If described TPCM confirms that described POWER platform is believable, then formed described TPCM, described the
Trust chain between tripartite's control module and described POWER platform, described TPCM is by described POWER
The access control of platform is given back the step of described third party's control module and is included:
Described third party's control module performs oneself's boot action, and the of the POWER platform controlled
It is outside to described second that the access control of two outside start firmwares is switched to described TPCM, described TPCM
Start firmware performs credible tolerance, if described TPCM confirms that the described second outside start firmware is believable,
Then form the trust chain between described TPCM, described third party's control module and described POWER platform,
And the access control of the described second outside start firmware is given back described third party's control module.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 3, its
Being characterised by, described method also includes:
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located
The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened
Machine firmware performs credible tolerance, if described third party's control module confirm described second outside start firmware and
Described internal start firmware is all believable, then form described TPCM, described third party's control module and institute
State the trust chain between POWER platform;Or
Described third party's control module obtains in the described second outside start firmware and described POWER platform to be located
The access control of the inside start firmware of reason device, and the described second outside start firmware and described inside are opened
The access control of machine firmware is switched to described TPCM, described TPCM to the described second outside start firmware
Credible tolerance is performed, if described TPCM confirms that the described second outside start is solid with described internal start firmware
Part and described internal start firmware are all believable, then form described TPCM, described third party's control module
And the trust chain between described POWER platform, and the described second outside start firmware and described inside are opened
The access control of machine firmware gives back described third party's control module.
The implementation method being controlled POWER platform credible by TPCM the most according to claim 4, its
Being characterised by, described third party's control module controls described POWER platform and performs the step bag of boot action
Include:
Described third party's control module is by controlling the logic circuit that powers on described POWER platform by described
Processor is energized, and gives described processor, described place by the access control of described internal start firmware simultaneously
Reason device controls described POWER platform and performs boot action.
6. one kind by TPCM control POWER platform credible realize system, it is characterised in that described system
System includes:
TPCM, for after the power-up, controls the energising of third party's control module, and described third party is controlled mould
Block performs credible tolerance, if it is confirmed that described third party's control module is believable, then forms described TPCM
And the trust chain between described third party's control module;And
Third party's control module, dynamic for confirming to perform oneself's start after it is believable at described TPCM
Make, and described POWER platform be identified be believable after, formed described TPCM, the described 3rd
Trust chain between side's control module and described POWER platform, described third party's control module controls described
POWER platform performs boot action;
Wherein, described POWER platform is, by described third party's control module, it is performed credible tolerance the most really
It is believable for recognizing it, or described POWER platform is, by described TPCM, it is performed credible tolerance the most really
It is believable for recognizing it;
Before described TPCM confirms that described POWER platform is believable, described third party's control module
The access control of the described POWER platform controlled is switched to described TPCM, at described TPCM
Confirm described POWER platform be believable after, described TPCM is by the access of described POWER platform
Control gives back described third party's control module.
The most according to claim 6 by TPCM control POWER platform credible realize system, its
It is characterised by:
Described third party's control module includes the first switch unit, for being energized under the control of described TPCM
After, the access control of the himself first outside start firmware is switched to described TPCM;
Described TPCM includes the first credible metric element, and performing for firmware of starting shooting described first outside can
Reliability amount, if it is confirmed that described first outside start firmware is believable, then forms described TPCM and described
Trust chain between third party's control module, hands over the access control of the described first outside start firmware simultaneously
Return described third party's control module.
The most according to claim 6 by TPCM control POWER platform credible realize system, its
It is characterised by:
Described third party's control module includes the second credible metric element, for performing in third party's control module
After oneself's boot action, the second outside start firmware of POWER platform is performed credible tolerance, if
Confirm that described second outside start firmware is believable, then form described TPCM, described third party controls mould
Trust chain between block and described POWER platform;Or
Described third party's control module includes the second switch unit, for performing in described third party's control module
After oneself's boot action, the access of the second of the POWER platform controlled outside start firmware controls
Power is switched to described TPCM, by the described first credible metric element in described TPCM to outside described second
Portion's start firmware performs credible tolerance, if described first credible metric element confirms the described second outside start
Firmware is believable, then form described TPCM, described third party's control module and described POWER platform
Between trust chain, and the access control of described second outside start firmware is given back described third party control
Molding block.
The most according to claim 8 by TPCM control POWER platform credible realize system, its
It is characterised by:
Second credible metric element of described third party's control module, is additionally operable to obtain the described second outside start
The access control of the inside start firmware of processor in firmware and described POWER platform, and to described the
Two outside start firmwares and described internal start firmware perform credible tolerance, if it is confirmed that described second outside is opened
Machine firmware and described internal start firmware are all believable, then form described TPCM, described third party control
Trust chain between module and described POWER platform;Or
Second switch unit of third party's control module, is additionally operable to obtain the described second outside start firmware and institute
State the access control of the inside start firmware of processor in POWER platform, and described second outside is opened
The access control of machine firmware and described internal start firmware is switched to described TPCM, by described TPCM
Described first credible metric element perform described second outside start firmware and described internal start firmware can
Reliability amount, if described first credible metric element confirms that the described second outside start firmware and described inside are opened
Machine firmware is all believable, then form described TPCM, described third party's control module and described POWER
Trust chain between platform, and by the described second outside start firmware and the access control of described internal start firmware
Power processed gives back described third party's control module.
The most according to claim 9 by TPCM control POWER platform credible realize system,
It is characterized in that, described POWER platform includes:
Power on logic circuit, for powering on for described processor under the control of described third party's control module;
And
Described processor, for controlling the access of described internal start firmware in described third party's control module
After power gives described processor, control described POWER platform and perform boot action.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610304629.4A CN106022137B (en) | 2016-05-10 | 2016-05-10 | The realization method and system of POWER platform credibles is controlled by TPCM |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610304629.4A CN106022137B (en) | 2016-05-10 | 2016-05-10 | The realization method and system of POWER platform credibles is controlled by TPCM |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106022137A true CN106022137A (en) | 2016-10-12 |
CN106022137B CN106022137B (en) | 2018-11-13 |
Family
ID=57098912
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610304629.4A Active CN106022137B (en) | 2016-05-10 | 2016-05-10 | The realization method and system of POWER platform credibles is controlled by TPCM |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106022137B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106991327A (en) * | 2017-03-29 | 2017-07-28 | 山东英特力数据技术有限公司 | A kind of design method based on Power platform credible computers and control operation method |
CN109670349A (en) * | 2018-12-13 | 2019-04-23 | 英业达科技有限公司 | The hardware structure of trusted computer and the credible starting method of computer |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140230024A1 (en) * | 2013-02-13 | 2014-08-14 | Hitachi, Ltd. | Computer system and virtual computer management method |
CN104123511A (en) * | 2014-07-28 | 2014-10-29 | 浪潮集团有限公司 | Method for realizing BMC safety management in server with trusted computing function |
US20140359239A1 (en) * | 2011-12-29 | 2014-12-04 | Radhakrishna Hiremane | Apparatus for hardware accelerated runtime integrity measurement |
CN105160255A (en) * | 2015-08-06 | 2015-12-16 | 浪潮电子信息产业股份有限公司 | Trustworthy measurement apparatus and method |
-
2016
- 2016-05-10 CN CN201610304629.4A patent/CN106022137B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140359239A1 (en) * | 2011-12-29 | 2014-12-04 | Radhakrishna Hiremane | Apparatus for hardware accelerated runtime integrity measurement |
US20140230024A1 (en) * | 2013-02-13 | 2014-08-14 | Hitachi, Ltd. | Computer system and virtual computer management method |
CN104123511A (en) * | 2014-07-28 | 2014-10-29 | 浪潮集团有限公司 | Method for realizing BMC safety management in server with trusted computing function |
CN105160255A (en) * | 2015-08-06 | 2015-12-16 | 浪潮电子信息产业股份有限公司 | Trustworthy measurement apparatus and method |
Non-Patent Citations (1)
Title |
---|
吴之光等: "浅谈BMC管理系统在国产平台服务器中的应用", 《信息技术与信息化》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106991327A (en) * | 2017-03-29 | 2017-07-28 | 山东英特力数据技术有限公司 | A kind of design method based on Power platform credible computers and control operation method |
CN109670349A (en) * | 2018-12-13 | 2019-04-23 | 英业达科技有限公司 | The hardware structure of trusted computer and the credible starting method of computer |
CN109670349B (en) * | 2018-12-13 | 2021-10-01 | 英业达科技有限公司 | Hardware architecture of trusted computer and trusted starting method of computer |
Also Published As
Publication number | Publication date |
---|---|
CN106022137B (en) | 2018-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9189247B2 (en) | Method for switching between virtualized and non-virtualized system operation | |
US11687645B2 (en) | Security control method and computer system | |
US7364087B2 (en) | Virtual firmware smart card | |
CN103748594B (en) | For ARM TRUSTZONETMImplemented firmware-based trusted platform module | |
US9898609B2 (en) | Trusted boot of a virtual machine | |
TWI384356B (en) | Method and system for validating a computer system | |
EP3188065A1 (en) | Secure intelligent terminal device and information processing method | |
CN103718165A (en) | BIOS flash attack protection and notification | |
CN106874771A (en) | A kind of method and device for building reliable hardware trust chain | |
KR20150059564A (en) | Method for integrity verification of electronic device, machine-readable storage medium and electronic device | |
CN107567629A (en) | Dynamic firmware module loader in credible performing environment container | |
US8843742B2 (en) | Hypervisor security using SMM | |
CN112541166A (en) | Method, system and computer readable storage medium | |
CN113987599B (en) | Method, device, equipment and readable storage medium for realizing firmware trusted root | |
TWI604336B (en) | Runtime verification using external device | |
CN113946854B (en) | File access control method and device and computer readable storage medium | |
CN106022137A (en) | Implementation method and system for controlling POWER platform to be trusted by TPCM (Trusted Platform Control Module) | |
CN113448682A (en) | Virtual machine monitor loading method and device and electronic equipment | |
CN113448681B (en) | Registration method, equipment and storage medium of virtual machine monitor public key | |
US20180032761A1 (en) | System and method for preventing thin/zero client from unauthorized physical access | |
CN101488177A (en) | BIOS based computer security control system and method thereof | |
US12099602B2 (en) | Secure peripheral component access | |
CN108629185B (en) | Server trusted platform measurement control system and operation method thereof | |
CN111158863B (en) | Interrupt controller processing method and device and electronic equipment | |
CN112784276A (en) | Method and device for realizing credibility measurement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20190603 Address after: 11 floors, Block A, Science and Technology Wealth Center, 8 Xueqing Road, Haidian District, Beijing, 100094 Patentee after: Beijing Teamsun Technology Co., Ltd. Address before: 100192 Beijing Haidian District Xueqing Road 8 (Science and Technology Wealth Center) A 10-storey South District Patentee before: Beijing new cloud East System Technology Co., Ltd. |