CN203982390U - A kind of private network computer safety system based on TPM - Google Patents
A kind of private network computer safety system based on TPM Download PDFInfo
- Publication number
- CN203982390U CN203982390U CN201420100550.6U CN201420100550U CN203982390U CN 203982390 U CN203982390 U CN 203982390U CN 201420100550 U CN201420100550 U CN 201420100550U CN 203982390 U CN203982390 U CN 203982390U
- Authority
- CN
- China
- Prior art keywords
- tpm
- private network
- mainboard
- computing machine
- chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 102100033668 Cartilage matrix protein Human genes 0.000 claims description 4
- 101001018382 Homo sapiens Cartilage matrix protein Proteins 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 206010033799 Paralysis Diseases 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Landscapes
- Computer And Data Communications (AREA)
Abstract
The utility model relates to a kind of private network computer safety system based on TPM, comprises private network computing machine and outside TPM safety chip; Described private network computing machine comprises mainboard and the internal memory being connected with mainboard, safe hard disk, safe I/O assembly, CPU, BIOS system and BIOS security control chip, described mainboard is provided with security control hardware, and described security control hardware comprises inner TPM safety chip; Described outside TPM safety chip is connected with the mainboard of described computing machine by USB port.The utility model carrys out the operating right of leading subscriber by inside and outside TPM hardware, effectively stoped software attacks to obtain the possibility of computer cryptography, has improved the security that computing machine uses.
Description
Technical field
The utility model belongs to field of computer technology, is specifically related to a kind of private network computer safety system based on TPM.
Background technology
Along with computer network application widely in human lives field, network is the immanent various aspects such as social politics, economy, culture, military affairs and social life that affect.Meanwhile, for software attacks, the assault of computing machine,, for the quantity of the intrusion behavior of important information resource and network infrastructure and attempt intrusion behavior, also increase thereupon.Because operator's awareness of safety is thin, lack necessary safety prevention measure, computer network is constantly by illegal invasion, important information, data, data are stolen, not only cause the serious consequence of divulging a secret, even cause computer system paralysis, suchlike event has caused huge economic loss to government and enterprise, even jeopardizes nation's security.Some private network computing machines exist safety practice weakness to a great extent, without access control function, lack the safety issues such as necessary safety trial mechanism.
Utility model content
The utility model, for the pregnable feature of private network computer BIOS, provides a kind of computer safety system based on TCG system, can pass through the user-dependent operating right of BIOS security control hardware management, improves the security that computing machine uses.
The technical solution adopted in the utility model is as follows:
A private network computer safety system based on TPM, comprises private network computing machine and outside TPM safety chip; Described private network computing machine comprises mainboard and the internal memory being connected with mainboard, safe hard disk, safe I/O assembly, CPU, BIOS system and BIOS security control chip, described mainboard is provided with security control hardware, and described security control hardware comprises inner TPM safety chip; Described outside TPM safety chip is connected with the mainboard of described private network computing machine.
Further, described outside TPM safety chip is connected with the mainboard of described computing machine by USB port.
Further, described inner TPM safety chip and outside TPM safety chip connect to form by CPU, TPM storer, safe I/O interface, verification system and tandom number generator.
Further, described security control hardware also comprises trusted storage root (CRTM), Software Protocol Stack.
Further, on described mainboard, be also provided with storage control chip, can control user's data stream.
The utility model comes leading subscriber logon rights, user's operating right and user management authority by inside and outside TPM hardware, has effectively stoped software attacks to obtain the possibility of computer cryptography, has improved the security that computing machine uses; By USB interface, TPM is connected to computing machine, obtain computing machine rights of using, simple in structure, good stability, simple operation.
Accompanying drawing explanation
Fig. 1 is the structural representation of the embedded computer security system based on TPM of the present utility model.
Fig. 2 is the structural representation of TPM safety chip of the present utility model.
Fig. 3 is the workflow diagram of the embedded computer security system based on TPM of the present utility model.
Embodiment
Below by specific embodiments and the drawings, the utility model is described further.
Fig. 1 is the composition schematic diagram of the embedded computer security system based on TPM of the present embodiment.This system made, on the basis of TCG trusted computer platform framework, comprises private network computing machine and outside TPM safety chip.Private network computing machine comprises mainboard and the internal memory being connected with mainboard, safe hard disk, safe I/O assembly, CPU, BIOS system and BIOS security control chip, mainboard is provided with security control hardware, and security control hardware comprises inner TPM safety chip, trusted storage root (CRTM), Software Protocol Stack etc.Outside TPM safety chip is connected with the mainboard of described computing machine by USB port.In computing machine, on mainboard, also storage control chip can be set, be different from traditional storer, can control user's data stream.
As shown in Figure 2, above-mentioned inner TPM safety chip and outside TPM safety chip, connect to form by CPU, TPM storer, safe I/O interface, crypto-operation device and tandom number generator.
The computer safety system of the present embodiment, be based upon on the basis of TCG trusted computer platform framework, the platform safety system that the inside and outside TPM of take builds as core, by TPM safety chip, by CRTM trusted root initialization administration module, be encapsulated on mainboard, by BIOS security control chip, carry out safety management control.
Fig. 3 is the workflow diagram of the computer safety system of the present embodiment.In the time of computer booting, BIOS security control chip can guide by BIOS, now can automatically detect the USB interface whether outside TPM safety chip inserts computing machine, and system automatically guiding enters guide picture.If do not insert outside TPM safety chip, system will be pointed out and enter thrashing, and prompting user checks outside TPM safety chip.Between outside TPM and inner TPM, have authentication mechanism, after moving first by some information registerings in inner TPM, so each startup all can have the process of a checking.After entering login interface, under the control of BIOS security control chip, by the cooperation of outside TPM safety chip and inner TPM safety chip, system is automatically identified and is guided outside TPM safety chip to remove to contrast user's startup password.If can use this computing machine with outside TPM safety chip is consistent, if the continuous input error of password three times, system will be defaulted as illegally and log in, and limit it and log in.
The utility model connects computing machine by USB interface by outside TPM safety chip, obtain computing machine rights of using, by being used in combination of outside TPM safety chip and inner TPM safety chip, can effectively identify lander's identity, verify its load right, access rights, effectively stoped from unauthorized malicious attack, improved the security that computing machine uses, simple operation, simple in structure.
Above-described embodiment is only an example of the present utility model, is not used for limiting enforcement of the present utility model and interest field, and all or technical schemes of being equal to identical with content described in the utility model claim, all should be included in the utility model protection domain.
Claims (4)
1. the private network computer safety system based on TPM, is characterized in that, comprises private network computing machine and outside TPM safety chip; Described private network computing machine comprises mainboard and the internal memory being connected with mainboard, safe hard disk, safe I/O assembly, CPU, BIOS system and BIOS security control chip, described mainboard is provided with security control hardware, and described security control hardware comprises inner TPM safety chip; Described outside TPM safety chip is connected with the mainboard of described private network computing machine by USB port.
2. the private network computer safety system based on TPM as claimed in claim 1, is characterized in that: described inner TPM safety chip and outside TPM safety chip connect to form by CPU, TPM storer, safe I/O interface, verification system and tandom number generator.
3. the private network computer safety system based on TPM as claimed in claim 1, is characterized in that: described security control hardware also comprises CRTM and Software Protocol Stack.
4. the private network computer safety system based on TPM as claimed in claim 1, is characterized in that: on described mainboard, be also provided with storage control chip.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201420100550.6U CN203982390U (en) | 2014-03-06 | 2014-03-06 | A kind of private network computer safety system based on TPM |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201420100550.6U CN203982390U (en) | 2014-03-06 | 2014-03-06 | A kind of private network computer safety system based on TPM |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN203982390U true CN203982390U (en) | 2014-12-03 |
Family
ID=51979818
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201420100550.6U Expired - Fee Related CN203982390U (en) | 2014-03-06 | 2014-03-06 | A kind of private network computer safety system based on TPM |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN203982390U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105550602A (en) * | 2016-01-29 | 2016-05-04 | 深圳市铂盛科技有限公司 | Secure computer motherboard encrypted based on State-Cryptography-Administration algorithm and encryption method |
-
2014
- 2014-03-06 CN CN201420100550.6U patent/CN203982390U/en not_active Expired - Fee Related
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105550602A (en) * | 2016-01-29 | 2016-05-04 | 深圳市铂盛科技有限公司 | Secure computer motherboard encrypted based on State-Cryptography-Administration algorithm and encryption method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20240098097A1 (en) | Secure over-the-air updates | |
| US10361998B2 (en) | Secure gateway communication systems and methods | |
| CN110233817B (en) | Container safety system based on cloud computing | |
| CN101986325A (en) | Computer security access control system and method | |
| CN103246849A (en) | Safe running method based on ROST under Windows | |
| Yu et al. | Protecting the security and privacy of the virtual machine through privilege separation | |
| CN102024115B (en) | Computer with user security subsystem | |
| CN102184358A (en) | USB (Universal Serial Bus) embedded trustworthiness private information processing device and system | |
| CN103793662A (en) | Method for safely operating trusted platform on basis of mandatory access control | |
| CN112199700B (en) | Safety management method and system for MES data system | |
| CN106548097A (en) | The operation method and device of network device software | |
| WO2020187206A1 (en) | Implementation scheme of trusted computing system based on solid-state disk master controller | |
| US20220326863A1 (en) | Data storage apparatus with variable computer file system | |
| CN203982390U (en) | A kind of private network computer safety system based on TPM | |
| CN104463510A (en) | Finance management system | |
| CN102025492B (en) | WEB server and data protection method thereof | |
| CN106817385A (en) | Cloud terminal network access system based on high speed reliable hardware module | |
| CN201845340U (en) | Safety computer provided with user safety subsystem | |
| CN202067261U (en) | Universal serial bus (USB) embedding type trustworthy private information processing device and system | |
| Tymchenko et al. | Risks of Loss of Personal Data in the Process of Sending and Printing Documents. | |
| CN111104665A (en) | Security monitoring method based on license authentication of cluster virtual machine | |
| CN203233445U (en) | High security internal network information safety system | |
| Heiser et al. | What if you could actually trust your kernel? | |
| Griscioli et al. | Securing promiscuous use of untrusted usb thumb drives in industrial control systems | |
| CN202918335U (en) | Fusion type identity authentication device based on cloud computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220602 Address after: No. h, 23 / F, No. 259, dongdazhi street, Nangang District, Harbin City, Heilongjiang Province, 150001 (residential) Patentee after: Zhongchada (Heilongjiang) Engineering Management Service (Group) Co.,Ltd. Address before: 161005 No.99 Hecheng Road, Longsha District, Qiqihar City, Heilongjiang Province Patentee before: Du Honggang |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141203 |