CN111414625A - Method and system for realizing computer trusted software stack supporting active trusted capability - Google Patents
Method and system for realizing computer trusted software stack supporting active trusted capability Download PDFInfo
- Publication number
- CN111414625A CN111414625A CN202010251372.7A CN202010251372A CN111414625A CN 111414625 A CN111414625 A CN 111414625A CN 202010251372 A CN202010251372 A CN 202010251372A CN 111414625 A CN111414625 A CN 111414625A
- Authority
- CN
- China
- Prior art keywords
- monitoring
- trusted
- tpcm
- module
- layer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention discloses a method and a system for realizing a computer trusted software stack supporting active trusted capability, wherein the method for realizing the computer trusted software stack comprises the following implementation steps: adding a trusted monitoring Root (RTV) in a Trusted Platform Control Module (TPCM); respectively expanding and establishing a functional module for supporting active credibility at each layer in the existing computer credible software stack, and providing a service interface of the active credible capability for an application program through the topmost functional module; and issuing authorization to each functional module from the trusted monitoring root RTV from bottom to top at the starting time, so that a trusted chain is established from the trusted monitoring root RTV to the application program. The invention can realize the active credible monitoring of the system and the software, provide necessary credible software stack support for the credible 3.0 technical architecture and provide a standard and conveniently used credible platform control module interface for the software.
Description
Technical Field
The invention relates to the field of computer operating system software and the field of information security, in particular to a method and a system for realizing a computer trusted software stack supporting active trusted capability.
Background
The technical scheme includes that a Trusted Software Stack (TCG Software Stack, TSS) is supporting Software of a Trusted system on a Trusted computing Platform, and mainly has the function of providing interfaces for operating systems and application Software using Trusted modules TPM (foreign standard) or TCM (Trusted Cryptography Module, Chinese standard), and by using the interfaces, the application program only needs to directly interact with the Trusted Software Stack and can fully use functions provided by the Trusted modules, so that the application program can conveniently coordinate work of Trusted measurement on different platforms and further develop the Trusted measurement, and the existing TSS has the main design target of (1) providing a set of interface functions of the application program to use TCM/TPM resources, (2) managing synchronous access of a plurality of application programs to the TSTPM, (3) managing/managing resources according to requirements of visitors, providing an audit function log according to requirements of visitors, (5) providing a record and management result, and providing a unified key storage, managing function, and managing data from a TSS to a synchronous access system, and a host computer system, and providing a unified management system security management system, and a host system management system, and a host system management system, and a host, wherein the existing host system management system can not only has the existing integrated host, and a host system management system, and a host system management system, a host, and a host system, a host system management system, a host system, a host system, a host system, a host computer, a host system, a host computer, a host.
The trusted computing is a protection whole formed by a trusted platform module (hardware), a trusted software stack, trusted software and the like. While the construction problem of the TPCM is solved, the corresponding functions of the trusted software stack still stay in the trusted 2.0 era, and based on the passive trusted idea of the traditional TPM/TCM, the passive trusted software stack lacks the support capability for active trust structurally and functionally, which is undoubtedly an obstacle to the smooth promotion of trusted 3.0.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: aiming at the problems in the prior art, the invention provides a method and a system for realizing a computer trusted software stack supporting active trusted capability, which can realize active trusted monitoring of a system and software, provide necessary trusted software stack support for a trusted 3.0 technical architecture and provide a standard and conveniently-used trusted platform control module interface for the software.
In order to solve the technical problems, the invention adopts the technical scheme that:
a method for realizing a computer trusted software stack supporting active trusted capability comprises the following implementation steps:
1) adding a trusted monitoring Root (RTV) in a Trusted Platform Control Module (TPCM);
2) respectively expanding and establishing a functional module for supporting active credibility at each layer in the existing computer credible software stack, and providing a service interface of the active credible capability for an application program through the topmost functional module;
3) and issuing authorization to each functional module from the trusted monitoring root RTV from bottom to top at the starting time, so that a trusted chain is established from the trusted monitoring root RTV to the application program.
Optionally, when the functional module for supporting the active trusted capability is established in the extension in step 2), the detailed step of establishing the functional module for supporting the active trusted capability for the TDD layer extension includes: adding a monitoring function driver and a kernel agent in a TDD layer, wherein the kernel agent is used for realizing the additional support provided by a kernel module for active monitoring, and the additional support comprises the following steps: command transmission, data interaction and the like required by monitoring operation in the TPCM are encapsulated into an equipment interface and are linked into an equipment file system; and configuring the monitoring function of the TPCM after the kernel is started, transmitting the parameters of the monitored object to the TPCM, receiving a control instruction from the TPCM and converting the control instruction into corresponding intervention operation.
Optionally, when the function module for supporting the active trusted capability is established in the extension in step 2), the step of establishing the function module for supporting the active trusted capability for the extension of the TDD L layer in detail includes adding a monitoring interface in the TDD L layer, where the monitoring interface is used to submit a relevant request and parameters to the TPCM and obtain a returned monitoring state.
Optionally, when the functional module for supporting the active trusted capability is established in the step 2) in an extended manner, the detailed step of establishing the functional module for supporting the active trusted capability for the TCS layer in an extended manner includes adding a monitoring context management module and an agent module in the TCS layer, where the monitoring context management module is used for managing a monitoring object, a policy and a method, the agent module is used for helping the TPCM to acquire system information on line in real time and complete serialization of a monitoring management command, and acquiring information required for monitoring from the system layer by using channels such as tool software or a kernel interface according to the requirements of an upper layer application or the TPCM module, or implementing a control action sent by the TPCM, and the added monitoring context management module and the agent module communicate with the TDD L layer by multiplexing a command assembler to extend the command assembly capability thereof.
Optionally, when the functional module for supporting the active trusted capability is established in the extension in step 2), the detailed step of establishing the functional module for supporting the active trusted capability for the TSP layer extension includes: a monitoring context management module, a monitoring object management module, a monitoring strategy management module and an intervention method management module are added in a TSP layer, and are respectively used for providing monitoring context management, monitoring object management, monitoring strategy management and intervention method management for an application program, so that the application can send a monitoring request to the TPCM, the application can register and configure a code or a file of the application into a monitored object, and the TPCM can take action or call a user-defined intervention method when the credibility is abnormal.
Optionally, the detailed steps of step 3) include: when the monitoring function driver and the kernel agent of the TDD layer establish a trusted relationship along with the traditional trusted measurement of the kernel, then the monitoring function driver in the TDD executes initialization and prepares to provide a service interface of the TPCM to the inside and the outside of the kernel, then the kernel agent in the TDD starts executing and reports kernel information to the TPCM, registers a monitoring object and an intervention method and provides a monitoring request, and the kernel agent can also cooperate with an agent module in the TCS layer to provide monitoring information and an intervention means; meanwhile, the TPCM starts from a trusted monitoring root RTV inside the TPCM, a token or a secret key special for trusted monitoring is issued for a kernel agent, an agent module of a TCS layer and an application program in sequence to provide authorization, and the token or the secret key is authenticated when the agent module makes a monitoring request or performs data exchange with the TPCM to prevent an untrusted illegal request from occurring.
Optionally, step 3) is followed by a step of registering and starting a monitoring task by the application, including:
s1) the application creates a monitoring context to obtain a real-time task support in the TPCM;
s2) the application program applies for authorization to the computer trusted software stack to obtain a token or a secret key for trusted monitoring;
s3) the application program registers the monitoring object with the computer trusted software stack; the monitoring object management module of the TSP layer checks whether the monitoring object can be directly used by the TPCM, if the monitoring object cannot be directly used by the TPCM, the monitoring object management module sends a request to the agent module of the TCS layer or the kernel agent in the TDD, and the monitoring object management module of the TSP layer or the kernel agent in the TDD converts the monitoring object into the monitoring object which can be directly used by the TPCM and then transmits the monitoring object to the TPCM;
s4) the application program registers the intervention method to the computer trusted software stack; the intervention method management module of the TSP layer checks whether the intervention method can be directly used by the TPCM, if the intervention method cannot be directly used by the TPCM, the intervention method management module sends a request to the agent module of the TCS layer or the kernel agent in the TDD, and the intervention method management module of the TSP layer converts the intervention method into the intervention method which can be directly used by the TPCM and then transmits the intervention method to the TPCM through the agent module of the TCS layer or the kernel agent in the TDD;
s5) the application program registers the monitoring strategy with the computer trusted software stack;
s6) the application starts the monitoring task in the TPCM.
In addition, the invention also provides a computer system, and the computer system comprises the computer trusted software stack obtained by the implementation method of the computer trusted software stack supporting the active trusted capability.
Compared with the prior art, the invention has the following advantages: (1) the functions and interfaces of the traditional trusted software stack are compatible, and the existing trusted application program can directly run on the trusted software stack; (2) the service of registering and canceling the active monitoring to the TPCM by the application program is supported, so that the development of the credible monitoring function is controlled by the user program, and the flexibility is improved; (3) the method supports the kernel program to register and cancel the service of active monitoring to the TPCM, and compared with the traditional trusted software stack which only supports the application program, the method enhances the support capability of the trusted software stack.
Drawings
FIG. 1 is a schematic diagram of a basic flow of a method according to an embodiment of the present invention.
Fig. 2 is a schematic structural diagram of a functional module expanded in the embodiment of the present invention.
Fig. 3 is a schematic diagram of a basic flow for establishing trusted monitoring in the embodiment of the present invention.
Fig. 4 is a schematic diagram of a basic flow for implementing trusted monitoring in the embodiment of the present invention.
Detailed Description
The invention provides a method and a system for realizing a computer trusted software stack supporting active trusted capability, which are based on TrustZone isolation technology, realize traditional/TCM functions by using TrustZone TEE environment, realize multi-task supported active monitoring task, access and monitor software and hardware resources in REE environment, operate L inux operating system in REE environment, realize communication with TEE TPCM by SMC, SGI and a shared memory mechanism, realize self-credibility establishment and measurement check by using TBBR (trusted Board BootRequiires) specification of ARM, and sequentially complete the measurement of trusted kernels such as UEFI, UE L and the like in REE system.
As shown in fig. 1, the implementation steps of the method for implementing a computer trusted software stack supporting active trusted capability according to this embodiment include:
1) adding a trusted monitoring Root (RTV) in a Trusted Platform Control Module (TPCM);
2) respectively expanding and establishing a functional module for supporting active credibility at each layer in the existing computer credible software stack, and providing a service interface of the active credible capability for an application program through the topmost functional module;
3) and issuing authorization to each functional module from the trusted monitoring root RTV from bottom to top at the starting time, so that a trusted chain is established from the trusted monitoring root RTV to the application program.
Referring to fig. 2, in this embodiment, a Root key dedicated for Trusted monitoring is implemented in the TPCM, which is referred to as Root of Trusted monitoring (RTV) in the present invention, and an active monitoring unit in the TPCM is a functional module in the TPCM for responding to active monitoring. The functional module of the right dashed box part in fig. 2 is a functional module that is respectively extended and established for supporting active trusted capability for each layer in the existing trusted software stack of the computer.
The method comprises the steps of adding a monitoring function driver and a Kernel agent in the TDD layer, wherein the Kernel agent is used for realizing the additional support provided by the Kernel Module for active monitoring, the additional support comprises the steps of packaging commands, data interaction and the like required by monitoring operation in the TPCM into a device interface and linking the device interface into a device file system, configuring a monitoring function of the TPCM after the Kernel is started, transmitting parameters of a monitoring object to the TPCM, receiving control instructions from the TPCM and converting the control instructions into corresponding intervention operation, wherein the monitoring function driver and the Kernel are implemented in L inux, the Kernel driver and the Kernel are used as two Kernel modules (L inux), and the Kernel driver are used for directly providing a monitoring function Module for monitoring the abnormal data of the Kernel Module, and providing a management function Module for monitoring the abnormal data of the Kernel Module, and a management function Module for monitoring the Kernel Module through a management Module, a Kernel interface and a Kernel interface management Module for processing abnormal data by a Kernel Module, a Kernel interface and a Kernel interface management Module, a Kernel interface and a Kernel interface.
The TDD L layer of the conventional trusted software stack mainly provides three types of interface support for the TCS layer, namely, a maintenance interface class for maintaining interaction with the TDD layer, an indirect interface class for acquiring and setting attributes of the TCM/TPM, the TDD layer, and the TDD L layer, and a direct interface class for sending and receiving TCM/TPM commands, referring to fig. 2, when the function module for supporting active trusted capability is established by extension in step 2) of this embodiment, a detailed step of establishing the function module for supporting active trusted capability by extension in the TDD L layer includes adding a monitoring interface in the TDD L layer, where the monitoring interface is used for submitting relevant requests and parameters to the TPCM and acquiring returned monitoring status.
Referring to fig. 2, when the function module for supporting the active trusted capability is established in an extension manner in step 2) of this embodiment, the detailed step of establishing the function module for supporting the active trusted capability in the extension manner for the TCS layer includes adding a monitoring context management module and an agent module in the TCS layer, where the monitoring context management module is used for monitoring objects, policies and methods, the agent module is used for helping the TPCM to acquire system information on line in real time and complete serialization of monitoring management commands, and acquiring information required for monitoring from the system layer by using channels such as tool software or kernel interfaces or implementing control actions issued by the TPCM according to requirements of upper applications or the TPCM module, and the added monitoring context management module and agent module communicate with the TDD L layer by multiplexing a command assembler to extend their command assembly capability.
The TSP layer works in the address space of the application by means of dynamic links. Referring to fig. 2, when the functional module for supporting the active trust capability is established by extension in step 2) of this embodiment, the detailed step of establishing the functional module for supporting the active trust capability for the TSP layer extension includes: a monitoring context management module, a monitoring object management module, a monitoring strategy management module and an intervention method management module are added in a TSP layer, and are respectively used for providing monitoring context management, monitoring object management, monitoring strategy management and intervention method management for an application program, so that the application can send a monitoring request to the TPCM, the application can register and configure a code or a file of the application into a monitored object, and the TPCM can take action or call a user-defined intervention method when the credibility is abnormal.
The loading process of the TDD L, TCS and TSP level software stack of this embodiment is similar to that of the conventional trusted software stack, and the relatively significant difference is that an independent TCS proxy system service is created in the TCS layer, the service has the same level of system authority as the root user, can access all system resources (including key files such as file systems such as/proc,/sys, and system. map), can manage the behavior of the application (e.g., kill or suspend the application), the TCS layer also creates an integrated service for providing services such as context management, key management, and the like of the conventional trusted software stack, and includes monitoring related services in the corresponding level in fig. 2.
Based on the above extension manner, the method of this embodiment first ensures inheritance and compatibility of the conventional trusted software stack, so that the original trusted application can be run on the trusted software stack of this embodiment without modification. The module expanded by the embodiment puts new requirements on the starting sequence and the calling relation, and utilizes the functions and mechanisms of the traditional trusted software stack. Firstly, the extension part of the TDD layer establishes a trusted relationship with the traditional trusted measurement of the kernel, then the extended monitoring driver in the TDD layer executes initialization and prepares to provide a service interface of the TPCM to the inside and the outside of the kernel, then the extended kernel agent in the TDD layer starts executing, reports kernel information to the TPCM, registers a monitoring object and an intervention method, and provides a monitoring request. The kernel agent may also provide monitoring information and intervention means in conjunction with agents in the TCS, such as the kernel agent more easily obtaining page table mappings for applications or sending various signals to user processes. In this embodiment, the detailed steps of step 3) include: when the monitoring function driver and the kernel agent of the TDD layer establish a trusted relationship along with the traditional trusted measurement of the kernel, then the monitoring function driver in the TDD executes initialization and prepares to provide a service interface of the TPCM to the inside and the outside of the kernel, then the kernel agent in the TDD starts executing and reports kernel information to the TPCM, registers a monitoring object and an intervention method and provides a monitoring request, and the kernel agent can also cooperate with an agent module in the TCS layer to provide monitoring information and an intervention means; meanwhile, the TPCM starts from a trusted monitoring root RTV inside the TPCM, a token or a secret key special for trusted monitoring is issued for a kernel agent, an agent module of a TCS layer and an application program in sequence to provide authorization, and the token or the secret key is authenticated when the agent module makes a monitoring request or performs data exchange with the TPCM to prevent an untrusted illegal request from occurring. As can be seen from fig. 2, the TPCM of this embodiment, starting from the root RTV of trusted monitoring, issues a token or a key dedicated for trusted monitoring to the kernel agent, the agent module of the TCS layer, and the application in turn, and authenticates the kernel agent, the agent module, and the application when making a monitoring request or performing data exchange to the TPCM, so as to prevent an untrusted illegal request from occurring. When the application is established based on TPCM monitoring, firstly establishing a monitoring context, applying for a monitoring token, then registering monitored object information to the TPCM, and also registering a monitoring strategy and an intervention (control) method. The application may issue a request to the TPCM to change the monitoring objects/policies/methods or revoke them if necessary. The user-level operations are all sent to the bottom layer through the extension interface module of the TSP layer, and the control operations of the TPCM are implemented through direct memory access (note: some TPCMs can directly access the address space of the host) or by various-level agents, or by hardware such as power management.
As shown in fig. 3, after step 3), the method further includes a step of registering, by the application, to start the monitoring task, including:
s1) the application creates a monitoring context to obtain a real-time task support in the TPCM;
s2) the application program applies for authorization to the trusted software stack of the computer to obtain a token or a key for trusted monitoring, wherein the token or the key is generated by virtue of a trusted monitoring root RTV in the TPCM to prove the legality and the credibility of subsequent operation, and can avoid the interference and damage of illegal instructions to the monitoring operation;
s3) the application program registers the monitoring object with the computer trusted software stack; the monitoring object management module of the TSP layer checks whether the monitoring object can be directly used by the TPCM, if the monitoring object cannot be directly used by the TPCM, the monitoring object management module sends a request to the agent module of the TCS layer or the kernel agent in the TDD, and the monitoring object management module of the TSP layer or the kernel agent in the TDD converts the monitoring object into the monitoring object which can be directly used by the TPCM and then transmits the monitoring object to the TPCM;
s4) the application program registers the intervention method to the computer trusted software stack; the intervention method management module of the TSP layer checks whether the intervention method can be directly used by the TPCM, if the intervention method cannot be directly used by the TPCM, the intervention method management module sends a request to the agent module of the TCS layer or the kernel agent in the TDD, and the intervention method management module of the TSP layer converts the intervention method into the intervention method which can be directly used by the TPCM and then transmits the intervention method to the TPCM through the agent module of the TCS layer or the kernel agent in the TDD;
s5) the application program registers the monitoring strategy with the computer trusted software stack;
s6) the application starts the monitoring task in the TPCM.
As shown in fig. 4, each real-time monitoring task in the TPCM required by the computer trusted software stack of this embodiment is simple loop iteration, each loop is to perform scanning measurement on a data block of a monitored object, an intervention mechanism is triggered when the measurement is abnormal, and a loop is skipped and the monitoring task is ended when a request for ending monitoring by an application is received.
In addition, the invention also provides a computer system, and the computer system comprises the computer trusted software stack obtained by the implementation method of the computer trusted software stack supporting the active trusted capability.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The present application is directed to methods, apparatus (systems), and computer program products according to embodiments of the application wherein instructions, which execute via a flowchart and/or a processor of the computer program product, create means for implementing functions specified in the flowchart and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.
Claims (8)
1. A method for realizing a computer trusted software stack supporting active trusted capability is characterized by comprising the following implementation steps:
1) adding a trusted monitoring Root (RTV) in a Trusted Platform Control Module (TPCM);
2) respectively expanding and establishing a functional module for supporting active credibility at each layer in the existing computer credible software stack, and providing a service interface of the active credible capability for an application program through the topmost functional module;
3) and issuing authorization to each functional module from the trusted monitoring root RTV from bottom to top at the starting time, so that a trusted chain is established from the trusted monitoring root RTV to the application program.
2. The method for implementing a computer trusted software stack supporting active trusted capability according to claim 1, wherein when the functional module for supporting active trusted capability is established by extension in step 2), the detailed step of establishing the functional module for supporting active trusted capability for TDD layer extension includes: adding a monitoring function driver and a kernel agent in a TDD layer, wherein the kernel agent is used for realizing the additional support provided by a kernel module for active monitoring, and the additional support comprises the following steps: command transmission, data interaction and the like required by monitoring operation in the TPCM are encapsulated into an equipment interface and are linked into an equipment file system; and configuring the monitoring function of the TPCM after the kernel is started, transmitting the parameters of the monitored object to the TPCM, receiving a control instruction from the TPCM and converting the control instruction into corresponding intervention operation.
3. The method as claimed in claim 2, wherein when the extension establishes the functional module for supporting active trusted capability in step 2), the step of establishing the functional module for supporting active trusted capability for the TDD L layer extension further includes adding a monitoring interface in the TDD L layer, the monitoring interface being used for submitting related requests and parameters to the TPCM and obtaining returned monitoring status.
4. The method for implementing the computer trusted software stack supporting active trusted capability according to claim 3, wherein when the functional module for supporting active trusted capability is established in the step 2) in an extended manner, the detailed step of establishing the functional module for supporting active trusted capability in the TCS layer in an extended manner includes adding a monitoring context management module and an agent module in the TCS layer, where the monitoring context management module is used for monitoring objects, policies and method management, and the agent module is used for helping the TPCM to acquire system information online in real time and complete serialization of monitoring management commands, and acquiring information required for monitoring from the system layer by using channels such as tool software or kernel interfaces or the like according to requirements of an upper application or the TPCM module, or implementing control actions issued by the TPCM, and the added monitoring context management module and the agent module extend command assembly capability to communicate with the TDD L layer by multiplexing a command assembler.
5. The method as claimed in claim 4, wherein when the extension establishes the functional module for supporting active trusted capability in step 2), the detailed step of establishing the functional module for supporting active trusted capability for the TSP layer extension includes: a monitoring context management module, a monitoring object management module, a monitoring strategy management module and an intervention method management module are added in a TSP layer, and are respectively used for providing monitoring context management, monitoring object management, monitoring strategy management and intervention method management for an application program, so that the application can send a monitoring request to the TPCM, the application can register and configure a code or a file of the application into a monitored object, and the TPCM can take action or call a user-defined intervention method when the credibility is abnormal.
6. The method for implementing a computer trusted software stack supporting active trusted capability according to claim 5, wherein the detailed step of step 3) comprises: when the monitoring function driver and the kernel agent of the TDD layer establish a trusted relationship along with the traditional trusted measurement of the kernel, then the monitoring function driver in the TDD executes initialization and prepares to provide a service interface of the TPCM to the inside and the outside of the kernel, then the kernel agent in the TDD starts executing and reports kernel information to the TPCM, registers a monitoring object and an intervention method and provides a monitoring request, and the kernel agent can also cooperate with an agent module in the TCS layer to provide monitoring information and an intervention means; meanwhile, the TPCM starts from a trusted monitoring root RTV inside the TPCM, a token or a secret key special for trusted monitoring is issued for a kernel agent, an agent module of a TCS layer and an application program in sequence to provide authorization, and the token or the secret key is authenticated when the agent module makes a monitoring request or performs data exchange with the TPCM to prevent an untrusted illegal request from occurring.
7. The method for implementing a computer trusted software stack supporting active trusted capability according to claim 6, further comprising a step of registering, by the application program, the start monitoring task after the step 3), wherein the step comprises:
s1) the application creates a monitoring context to obtain a real-time task support in the TPCM;
s2) the application program applies for authorization to the computer trusted software stack to obtain a token or a secret key for trusted monitoring;
s3) the application program registers the monitoring object with the computer trusted software stack; the monitoring object management module of the TSP layer checks whether the monitoring object can be directly used by the TPCM, if the monitoring object cannot be directly used by the TPCM, the monitoring object management module sends a request to the agent module of the TCS layer or the kernel agent in the TDD, and the monitoring object management module of the TSP layer or the kernel agent in the TDD converts the monitoring object into the monitoring object which can be directly used by the TPCM and then transmits the monitoring object to the TPCM;
s4) the application program registers the intervention method to the computer trusted software stack; the intervention method management module of the TSP layer checks whether the intervention method can be directly used by the TPCM, if the intervention method cannot be directly used by the TPCM, the intervention method management module sends a request to the agent module of the TCS layer or the kernel agent in the TDD, and the intervention method management module of the TSP layer converts the intervention method into the intervention method which can be directly used by the TPCM and then transmits the intervention method to the TPCM through the agent module of the TCS layer or the kernel agent in the TDD;
s5) the application program registers the monitoring strategy with the computer trusted software stack;
s6) the application starts the monitoring task in the TPCM.
8. A computer system, characterized in that, the computer system comprises the computer trusted software stack obtained by the method for implementing the computer trusted software stack supporting active trusted capability according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010251372.7A CN111414625B (en) | 2020-04-01 | 2020-04-01 | Method and system for realizing computer trusted software stack supporting active trusted capability |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010251372.7A CN111414625B (en) | 2020-04-01 | 2020-04-01 | Method and system for realizing computer trusted software stack supporting active trusted capability |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111414625A true CN111414625A (en) | 2020-07-14 |
| CN111414625B CN111414625B (en) | 2023-09-22 |
Family
ID=71491714
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010251372.7A Active CN111414625B (en) | 2020-04-01 | 2020-04-01 | Method and system for realizing computer trusted software stack supporting active trusted capability |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111414625B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114115836A (en) * | 2022-01-28 | 2022-03-01 | 麒麟软件有限公司 | Design method and system of trusted TCM software stack based on Linux operating system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102332070A (en) * | 2011-09-30 | 2012-01-25 | 中国人民解放军海军计算技术研究所 | Trust chain transfer method for trusted computing platform |
| CN104202296A (en) * | 2014-07-30 | 2014-12-10 | 中国电子科技集团公司第三十研究所 | Trusted security enhancement method for domestic operating system |
| US20150007265A1 (en) * | 2013-06-27 | 2015-01-01 | Selim Aissi | Secure data transmission and verification with untrusted computing devices |
| US9467299B1 (en) * | 2014-03-19 | 2016-10-11 | National Security Agency | Device for and method of controlled multilevel chain of trust/revision |
| CN107766724A (en) * | 2017-10-17 | 2018-03-06 | 华北电力大学 | A kind of construction method of trusted computer platform software stack function structure |
| US20180109538A1 (en) * | 2016-10-17 | 2018-04-19 | Mocana Corporation | System and method for policy based adaptive application capability management and device attestation |
| CN109871695A (en) * | 2019-03-14 | 2019-06-11 | 沈昌祥 | A kind of credible calculating platform of calculating and the parallel dual Architecture of protection |
| US20190334713A1 (en) * | 2018-04-28 | 2019-10-31 | Alibaba Group Holding Limited | Encryption Card, Electronic Device, and Encryption Service Method |
-
2020
- 2020-04-01 CN CN202010251372.7A patent/CN111414625B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102332070A (en) * | 2011-09-30 | 2012-01-25 | 中国人民解放军海军计算技术研究所 | Trust chain transfer method for trusted computing platform |
| US20150007265A1 (en) * | 2013-06-27 | 2015-01-01 | Selim Aissi | Secure data transmission and verification with untrusted computing devices |
| US9467299B1 (en) * | 2014-03-19 | 2016-10-11 | National Security Agency | Device for and method of controlled multilevel chain of trust/revision |
| CN104202296A (en) * | 2014-07-30 | 2014-12-10 | 中国电子科技集团公司第三十研究所 | Trusted security enhancement method for domestic operating system |
| US20180109538A1 (en) * | 2016-10-17 | 2018-04-19 | Mocana Corporation | System and method for policy based adaptive application capability management and device attestation |
| CN107766724A (en) * | 2017-10-17 | 2018-03-06 | 华北电力大学 | A kind of construction method of trusted computer platform software stack function structure |
| US20190334713A1 (en) * | 2018-04-28 | 2019-10-31 | Alibaba Group Holding Limited | Encryption Card, Electronic Device, and Encryption Service Method |
| CN109871695A (en) * | 2019-03-14 | 2019-06-11 | 沈昌祥 | A kind of credible calculating platform of calculating and the parallel dual Architecture of protection |
Non-Patent Citations (2)
| Title |
|---|
| 沈昌祥 等: "基于国产密码体系的可信计算体系框架", vol. 02, no. 05 * |
| 黄秀文: "基于可信计算的远程证明的研究", vol. 28, no. 06 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114115836A (en) * | 2022-01-28 | 2022-03-01 | 麒麟软件有限公司 | Design method and system of trusted TCM software stack based on Linux operating system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111414625B (en) | 2023-09-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8024564B2 (en) | Automating configuration of software applications | |
| CN102495750B (en) | Virtual desktop configuration method and system | |
| US7587750B2 (en) | Method and system to support network port authentication from out-of-band firmware | |
| US20090319806A1 (en) | Extensible pre-boot authentication | |
| US20090193491A1 (en) | Secure element manager | |
| CN102404117B (en) | Secure deployment of provable identity for dynamic application environments | |
| US20160019393A1 (en) | Trusted Boot of a Virtual Machine | |
| US20120089831A1 (en) | Associating A Multi-Context Trusted Platform Module With Distributed Platforms | |
| CN110348204B (en) | Code protection system, authentication method, authentication device, chip and electronic equipment | |
| CN107533608A (en) | Credible renewal | |
| CN103748556A (en) | Communication with a virtual trusted runtime bios | |
| CN110764846B (en) | Method for realizing cross-browser calling of computer external equipment based on local proxy service | |
| DE112020000792T5 (en) | TRUSTED EXECUTION ENVIRONMENT ACCELERATED BY GRAPHICS PROCESSING UNIT | |
| US20180109594A1 (en) | Method for managing user information of application, device, and system | |
| CN111526111B (en) | Control method, device and equipment for logging in light application and computer storage medium | |
| US11113366B2 (en) | Cryptographic mechanisms for software setup using token-based two-factor authentication | |
| CN107430669A (en) | computing system and method | |
| CN118012572A (en) | Techniques for automatically configuring minimum cloud service access rights for container applications | |
| US7496761B2 (en) | Method and system for batch task creation and execution | |
| US10158495B2 (en) | Remote hardware device conversion | |
| CN109324873A (en) | The equipment and storage medium for virtualizing method for managing security, running kernel-driven | |
| US7849055B2 (en) | Method and system for limiting instances of a client-server program within a restricted distributed network | |
| CN111970162B (en) | Heterogeneous GIS platform service central control system under super-integration framework | |
| CN108090376A (en) | CAN bus data prevention method and system based on TrustZone | |
| CN111414625A (en) | Method and system for realizing computer trusted software stack supporting active trusted capability |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |