CN2914500Y - Portable and reliable platform module - Google Patents
Portable and reliable platform module Download PDFInfo
- Publication number
- CN2914500Y CN2914500Y CN 200620004459 CN200620004459U CN2914500Y CN 2914500 Y CN2914500 Y CN 2914500Y CN 200620004459 CN200620004459 CN 200620004459 CN 200620004459 U CN200620004459 U CN 200620004459U CN 2914500 Y CN2914500 Y CN 2914500Y
- Authority
- CN
- China
- Prior art keywords
- platform module
- trusted platform
- portable
- module
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model relates to a portable trusted platform module, belonging to information safety protection field, for solving the problem of the prior portable trusted platform module incapable of achieving remote dynamic management. The portable trusted platform module comprises an on-chip service device for constructing safe and isolated operation environment and simultaneously accomplishing calculation management and safe application management of the trusted platform module, a trusted platform device for achieving isolation and decryption calculation, and a communication and management device for communication and remote management between the portable trusted platform module and a terminal main computer system. The device adopting the utility model can provide trusted platform on conventional portable terminal main computer at high reliably and low cost and can achieve remote management of the portable trusted platform module.
Description
Technical field
The utility model belongs to the information safety protection field, is specifically related to a kind of portable trusted platform module.
Background technology
Developing rapidly of computer and network communications technology shows two visible trends: the one, and the web development of computational resource, device resource and information resources is rapid; Another one is that the end host equipment of these Internet resources of visit more and more develops towards the direction of variation, miniaturization, intellectuality and mobile.The infrastructure that end host is handled as information stores, transmission, application operation, himself fail safe relate to various aspects such as system safety, data security, network security, and any one node all might influence the safety of whole network.End host user's characteristics are: disperse, amount is big, dynamically, difference of technology level is big, safety is thinked little of, thereby end host becomes the weak link of information security system.Therefore, the safety of end host information interaction will be to guarantee that whole Internet resources safety and system are crucial normally.
The success of based on network Distributed Services become a kind of mode that increases productivity; for validity and the continuation that guarantees Distributed Services; usually need to guarantee safety, i.e. protection of end host sensitive data and operation and the normal assurance that service is provided from the end host interface that obtains service.For being retained on the end host equipment and the safeguard measure of in use mutual sensitive data, generally can consider, and these all are the center with the trust problem from the several aspects of confidentiality, integrality, availability and non-repudiation.In order to solve the trust method problem of setting up this network terminal better, in the world some renowned companies alliance formed (the TrustedComputer Group of credible computation organization, TCG), its purpose mainly is the safety that guarantees whole network by the fail safe that strengthens existing end host architecture, meaning is built a sincere system exactly in network, each end host all has legal network identity, and can be approved; And end host has malicious code, as the immunocompetence of virus, wooden horse etc.In such trusted computation environment, any end host goes wrong, and can both guarantee reasonable evidence obtaining, convenient monitoring and management.
The safety function that credible calculating provides has: the encryption storage of end host device authentication, data integrity verifying, authenticating user identification, user right legitimacy, port controlling and management, data, the hardware protection of important information.These safety functions have guaranteed the credible of configuration, application program of user, software and hardware etc., have further guaranteed the credible of end host, finally construct computer network trusty.
According to the standard of TCG, the trust of each end host inter-entity is based on the credible platform module that is present in the end entity (Trusted Platform Module, TPM) hardware component.Credible platform makes an end host entity can determine the safe condition of the software environment in this platform; and the data that need protection (interim operational data in the middle of comprising) are enclosed in the specific software environment of this platform, thereby guarantee the foundation of trust of end host entity.Therefore, on the end host entity, set up credible platform, must rethink and form the environment of relative closure from links such as hardware designs, system design and operational managements.This situation is feasible for the end host equipment of redesign, production, for the existing terminal main frame, then be difficult to realize, because in the prior art, the hardware of end host equipment, software and system are ever-changing, complexity differs, be difficult to unification, can't all carry out credible Base Design again, otherwise will strengthen the difficulty and the cost of end host configuration credible platform all end hosts; In addition, including trustable network in for the end host that how will exist or use also is the problem that will consider; Simultaneously, the credible platform of dispersion can't be concentrated, dynamically updates and manage.
Summary of the invention
At the defective that exists in the prior art, the purpose of this utility model provides a kind of portable trusted platform module supporting remote dynamic management, can under existence conditions, realize reliably, low-cost on existing portable terminal host, adding credible platform, and this module can and end host between set up credible platform, can carry out dynamic telemanagement to credible platform.
For reaching above purpose, the technical solution adopted in the utility model is: a kind of portable trusted platform module comprises following part:
1) with sheet that I/O communication module on the TPM chip is connected on service unit, go up service unit for described and be used to set up running environment and the management of computing that can finish credible platform module simultaneously and the Secure Application management that safety is isolated;
Further, go up service unit by large-capacity storage media, form for described with the master control chip that the credible platform module chip is connected with large-capacity storage media.
Also deposit respectively by the different subregions of security-critical degree on the described large-capacity storage media: Secure Application hypervisor, security application, virtual machine program, system image file, the application data after TPM encrypts.
Described security management program has been taked safeguard measure, and leaves in all the time on the above-mentioned large-capacity storage media.
Described storage medium comprises electronic storage medium and magnetic storage medium, and above-mentioned electronic storage medium comprises FLASH, EEPROM.
2) being used to finish the credible platform device of isolating the encryption and decryption computing is the TPM chip;
This device comprises with lower device: cpu central processing unit and the I/O communication module, crypto engine, hardware random number generator RNG, random access memory ram, Electrically Erasable Read Only Memory EEPROM or flash memory FLASH and the read only memory ROM that are connected with cpu central processing unit, further:
(1) hardware random number generator RNG is used to produce all keys;
(2) in CPU, be provided with in the chip of credible platform module and isolate the arithmetic unit of finishing all encryption and decryption computings;
(3) be provided with in EEPROM on the TPM chip or the FLASH and be stored in key in the credible platform module chip and guarantee the protective device that the use of key is not revealed, above-mentioned key is that the protection mechanism according to security state machine is stored in the TPM chip of credible platform module;
(4) be provided with the device that is used to authenticate and limit the key use in ROM, i.e. the use of each key has strict separately authority and authentication employment mechanism, limits and preserve current user mode by authenticating the back under the protection mechanism of security state machine;
(5) also be provided with virtual machine VM on the read only memory ROM.
3) communication and the management devices of connection portable trusted platform module and end host system.
Further, the communication modes of described credible platform module and end host is the mode of wired connection, promptly includes but not limited to serial ports, parallel port, USB, 1394, PCMICA etc.; Or the mode of wireless connecting, promptly include but not limited to infrared, ultrasonic wave, bluetooth, UWB, WI-FI etc.
Effect of the present utility model is: utilize existing circuit condition, the Integrated Solution of exploitation of innovation, can under existence conditions, realize reliably, low-cost on existing portable terminal host, adding credible platform, realize portable trusted platform module supporting remote dynamic management described in the utility model.Therefore, adopt device described in the utility model, broken through the difficult point that existing TPM module can't realize supporting remote dynamic management, for the safe operation of network operation service provides practicable unified management method and safety device.1), portable TPM module identification terminal host computer system and set up with the end host system automatically and get in touch initiatively 2 key issues of telemanagement trusted module have mainly been solved by the TPM control module of portable trusted platform terminal in the utility model:, make a plurality of TPM modules utilize end host system formation trustable network.So only need management can concentrate but relatively independent TPM module rather than redesign numerous and disorderly numerous and diverse trusted terminal host computer system and just reach the purpose of setting up trustable network; 2), portable TPM module can utilize the communication basis safety of end host system to realize the telemanagement of TPM.
Description of drawings
Fig. 1 is that portable trusted platform module described in the utility model is formed structure chart;
Fig. 2 is the composition structure chart of credible platform device;
Fig. 3 is the concrete application example flow chart of module described in the utility model.
Embodiment
Below in conjunction with drawings and Examples the utility model is specifically described in detail:
As shown in Figure 1, a kind of portable trusted platform module comprises following part:
One, service unit on the sheet (Services On Chip, SOC).
This device mainly is to set up the running environment of a safety isolation and can finish the management of computing of TPM and the management of Secure Application simultaneously.As shown in Figure 1, this device is made up of master control chip 1 and large-capacity storage media 5, and master control chip 1 is in charge of TPM chip 4 and large-capacity storage media 5.Deposited respectively by the different subregions of security-critical degree on the large-capacity storage media 5: Secure Application hypervisor 10, security application 9, virtual (Virtual Machine, VM) machine program 8, system image file 7 and the application data 6 after TPM chip 4 is encrypted.The size of capacity and subregion are looked actual needs and are selected, but security management program leaves on the storage medium after need adopting safeguard measure all the time.Storage medium includes but not limited to present widely used electronic storage medium and magnetic storage medium, and above-mentioned electronic storage medium comprises FLASH, EEPROM.The storage medium that adopts in the present embodiment is FLASH.The renewal of security application 9 and management are by 10 controls of Secure Application hypervisor.
Two, the credible platform device partly is the TPM chip.
As shown in Figure 2, this part is mainly finished and is isolated the encryption and decryption computing, and this TPM chip 4 mainly is made up of cpu central processing unit 11, I/O communication module 12, crypto engine 13, hardware random number generator RNG14, random access memory ram 15, Electrically Erasable Read Only Memory EEPROM or flash memory FLASH16 and read only memory ROM 17.Wherein, the main and control chip 1 of TPM chip 4 carries out communication and accepts its management.Deposit the embedded OS of encryption on the read only memory ROM 17 and be responsible for whole TPM chip 4 is carried out internal control, comprise data management, communication management, safety management and application management.In addition, in the present embodiment,
(1) hardware random number generator RNG14 is used to produce all keys;
(2) in the cpu central processing unit 11 of TPM chip 4, be provided with the arithmetic unit that all encryption and decryption computings are finished in isolation;
(3) be provided with key storage in EEPROM on TPM chip 4 or the FLASH16 and guarantee the protective device that the use of key is not revealed, above-mentioned key is that the protection mechanism according to security state machine is stored in the TPM chip 4 of credible platform module;
(4) in ROM17, be provided with the device that is used to authenticate and limit the key use.The use that is each key has strict separately authority and authentication employment mechanism, and by limiting after authenticating and under the protection mechanism of security state machine and preserving current user mode, current safe state is stored on the random access memory ram 15.
(5) also be provided with virtual machine VM (virtual machine program 8 that is different from the front) on the read only memory ROM 17, VM makes the reading and writing data physical address of embedded OS and random access memory ram 15 and Electrically Erasable Read Only Memory EEPROM or flash memory FLASH16 finish conversion, guarantees that storage is unordered at the physical address of random access memory ram 15 and Electrically Erasable Read Only Memory EEPROM or flash memory FLASH16.
Three, communication device 2 and management devices 3.
This part mainly is responsible for the communication and the information interchange management of portable trusted platform module and end host system.The mode of communication can be the mode of wired connection, promptly includes but not limited to serial ports, parallel port, USB, 1394, PCMICA etc.; Also can be the formula of wireless connecting, promptly include but not limited to infrared, ultrasonic wave, bluetooth, UWB, WI-FI etc.The bind mode that adopts in the present embodiment is the usb mode in wired connection.
1), portable TPM module identification terminal host computer system and set up with the end host system automatically and get in touch initiatively adopt TPM module described in the utility model mainly to solve 2 key issues of telemanagement credible platform module:, to make a plurality of TPM modules utilize end host system formation trustable network.So only need management can concentrate but relatively independent TPM module rather than redesign numerous and disorderly numerous and diverse trusted terminal host computer system and just reach the purpose of setting up trustable network; 2), portable TPM module can utilize the communication basis safety of end host system to realize the telemanagement of TPM.
Because TPM generally is a passive components during as the crypto-operation function, need to arrange other security application to drive and management to its use, security application is carried out safe and reliable renewal and management is a key of setting up credible calculating; And scope and function in order to enlarge credible calculating, also be very crucial to the security requirement of the supporting remote dynamic management of the security application that disperses with end host equipment.
By above embodiment as can be seen, in concrete the application, a kind of portable trusted platform module supporting remote dynamic management that the utility model provides can very effective solution prior art in existing problem, the flow chart of the concrete utilization example of this credible platform module is with reference to figure 3.Utilization scheme shown in Figure 3 comprises 3 parts: end host, portable trusted platform module, security management center server.
At first the security module of security management center server can be carried out the key and the security application initialization of off-line according to application need to end host and portable trusted platform module.The initialization of portable trusted platform module is related to a pair of unsymmetrical key PRA and PUA and external authentication key EXB and Secure Application hypervisor SECADM, system image file SYSIMG and VM program etc. at least.
Portable TPM module is with after end host is connected, can produce a random number RA NDOM and issue end host, end host is used and is returned to the TPM module after authenticate key is encrypted this random number RA NDOM, the TPM module will with external authentication key EXB to the data decryption that receives and with random number RA NDOM relatively, if the fruit unanimity proves that then this moment, portable trusted platform module can be set up credible the connection with end host.The Secure Application hypervisor SECADM on the TPM delivered to end host with VM program and system image file SYSIMG and moved on end host this moment, form new system environments by the system image file that on virtual machine, recovers to import, thereby make up the system running environment that safety is isolated.
The communication module that Secure Application hypervisor SECADM on the while portable trusted platform module will start on the end host is set up long-range the connection with the security management center server.In the process that starts long-range connection, portable trusted platform module will be set up two-way authentication by the server of TPM device and security management center: at first portable trusted platform module is issued the PUA in the TPM (or digital certificate) server of security management center, the server of security management center will be to the data in these data and database comparisons, if correctly then receive otherwise refusal; The server of security management center will produce a random number and encrypt with the PUA that receives then, send portable trusted platform module back to; Random number after portable trusted platform module will be encrypted is delivered to and is used corresponding PRA deciphering in the TPM module, the result after the deciphering will be compressed after the compression algorithm for DATA encrypt with PRA again after again with the PUB encryption of server after send back to the server of security management center by main frame; After receiving, will adopt the security management center server server PRB deciphering, result behind the successful decryption obtains data DDATA by the PUA deciphering again, if the random number that these data and server produce before this is through the comparison of same compression algorithm calculated result, if unanimity then TPM can set up credible the connection with security management center.Communication simultaneously can be set up the passage of the encryption of sharing key, and the shared key of encrypted tunnel can be produced after the PUB of server encrypts by the TPM of portable trusted platform module and issue server, and the PRB deciphering by server obtains again.
After portable trusted platform module and security management center server are set up remote encryption and are connected, can be mutually swap data and information safely.Portable trusted platform module will upgrade data or data on the storage medium or the security application on the TPM chip on it, need manage by security management program and receive and send, reception all has result after PRB key through security administration server carries out digital signature from security management center data in server bag, the result of digital signature through the TPM chip authentication by after just can require packet is left on the TPM module according to safe class; The PRA key that the packet that will upload on the same TPM module also all has through the TPM chip carries out digital signature result, the result of digital signature through server authentication by after just packet can be received and leave on the server.
In sum, the utility model utilization is by various safety measures, with the end host is trust bridge, has successfully set up portable trusted platform module and has been connected with the credible and secure of security management center, has realized portable trusted platform module is carried out the Remote Dynamic safety management.
Method described in the utility model is not limited to the embodiment described in the embodiment, so long as those skilled in the art draw other execution mode according to the technical solution of the utility model, belongs to technological innovation scope of the present utility model equally.
Claims (10)
1. portable trusted platform module, comprise that being used to finish the credible platform device of isolating the encryption and decryption computing is the TPM chip, the TPM chip comprises cpu central processing unit and the I/O communication module, crypto engine, hardware random number generator RNG, random access memory ram, Electrically Erasable Read Only Memory EEPROM or flash memory FLASH and the read only memory ROM that are connected with cpu central processing unit again, it is characterized in that this module also comprises following part:
1) with sheet that I/O communication module on the TPM chip is connected on service unit, go up service unit for described and be used to set up running environment and the management of computing that can finish credible platform module simultaneously and the Secure Application management that safety is isolated;
2) communication and the management devices of connection portable trusted platform module and end host system.
2. portable trusted platform module as claimed in claim 1 is characterized in that: go up service unit by large-capacity storage media, form with the master control chip that the credible platform module chip is connected with large-capacity storage media for described.
3. portable trusted platform module as claimed in claim 2 is characterized in that: carry out subregion by security-critical degree difference on the described large-capacity storage media and also deposit respectively: Secure Application hypervisor, security application, virtual machine program, system image file, the application data after credible platform module is encrypted.
4. portable trusted platform module as claimed in claim 3 is characterized in that: described security management program has been taked safeguard measure, and leaves in all the time on the above-mentioned large-capacity storage media.
5. portable trusted platform module as claimed in claim 2 is characterized in that: described storage medium comprises electronic storage medium and magnetic storage medium, and above-mentioned electronic storage medium comprises FLASH, EEPROM.
6. as claim 1,2,3,4 or 5 described portable trusted platform modules, it is characterized in that:
(1) the hardware random number generator RNG in the credible platform device is used to produce all keys;
(2) in CPU, be provided with in the chip of credible platform module and isolate the arithmetic unit of finishing all encryption and decryption computings.
7. portable trusted platform module as claimed in claim 6 is characterized in that the credible platform device also comprises with lower device:
(3) be provided with in EEPROM on the TPM chip or the FLASH and be stored in key in the credible platform module chip and guarantee the protective device that the use of key is not revealed, above-mentioned key is that the protection mechanism according to security state machine is stored in the TPM chip of credible platform module.
8. portable trusted platform module as claimed in claim 7 is characterized in that the credible platform device also comprises with lower device:
(4) in ROM, be provided with the device that is used to authenticate and limit the key use;
(5) also be provided with virtual machine VM on the read only memory ROM.
9. portable trusted platform module as claimed in claim 1 is characterized in that: the communication modes of described credible platform module and end host is the mode of wired connection, comprises serial ports, parallel port, USB, PCMICA or 1394.
10. a kind of portable trusted platform module supporting remote dynamic management as claimed in claim 1 is characterized in that: the communication modes of described credible platform module and end host is the mode of wireless connecting, comprises infrared, ultrasonic wave, bluetooth, UWB or WI-FI.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200620004459 CN2914500Y (en) | 2006-02-24 | 2006-02-24 | Portable and reliable platform module |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200620004459 CN2914500Y (en) | 2006-02-24 | 2006-02-24 | Portable and reliable platform module |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2914500Y true CN2914500Y (en) | 2007-06-20 |
Family
ID=38169094
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200620004459 Expired - Lifetime CN2914500Y (en) | 2006-02-24 | 2006-02-24 | Portable and reliable platform module |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2914500Y (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100583057C (en) * | 2008-04-22 | 2010-01-20 | 中国科学院软件研究所 | Credible password module test case creation method and its test system |
| CN101183413B (en) * | 2007-12-14 | 2010-06-02 | 西安电子科技大学 | Architecture of trusted platform module and method for providing service thereof |
| CN103166952A (en) * | 2012-11-16 | 2013-06-19 | 太原科技大学 | Embedded type vehicle-mounted data collection terminal |
-
2006
- 2006-02-24 CN CN 200620004459 patent/CN2914500Y/en not_active Expired - Lifetime
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101183413B (en) * | 2007-12-14 | 2010-06-02 | 西安电子科技大学 | Architecture of trusted platform module and method for providing service thereof |
| CN100583057C (en) * | 2008-04-22 | 2010-01-20 | 中国科学院软件研究所 | Credible password module test case creation method and its test system |
| CN103166952A (en) * | 2012-11-16 | 2013-06-19 | 太原科技大学 | Embedded type vehicle-mounted data collection terminal |
| CN103166952B (en) * | 2012-11-16 | 2016-04-27 | 太原科技大学 | A kind of embedded onboard data collection station |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11770368B2 (en) | Techniques for shared private data objects in a trusted execution environment | |
| Ayoade et al. | Decentralized IoT data management using blockchain and trusted execution environment | |
| Dai et al. | SBLWT: A secure blockchain lightweight wallet based on trustzone | |
| US20190253417A1 (en) | Hardware device and authenticating method thereof | |
| CN107851167A (en) | Protection calculates the technology of data in a computing environment | |
| CN101908112B (en) | Test method and system of security chip | |
| CN100550030C (en) | On portable terminal host, add the method for credible platform | |
| CN106991329A (en) | A kind of trust calculation unit and its operation method based on domestic TCM | |
| CN201054140Y (en) | Information security control chip | |
| CN106603487B (en) | Method for improving security of TLS protocol processing based on CPU space-time isolation mechanism | |
| CN103002445A (en) | Safe mobile electronic equipment for providing application services | |
| CN106022080A (en) | Cipher card based on PCIe (peripheral component interface express) interface and data encryption method of cipher card | |
| CN108345806A (en) | A kind of hardware encryption card and encryption method | |
| Arfaoui et al. | Trusted execution environments: A look under the hood | |
| CN103150524B (en) | A kind of safe storage chip, system and authentication method thereof | |
| CN109460639A (en) | A kind of license authentication control method, device, terminal and storage medium | |
| CN1808457B (en) | Portable trusted device for remote dynamic management | |
| US20230237155A1 (en) | Securing communications with security processors using platform keys | |
| WO2011141579A2 (en) | System and method for providing security for cloud computing resources using portable security devices | |
| Zhang et al. | Trusttokenf: A generic security framework for mobile two-factor authentication using trustzone | |
| CN101420299B (en) | Method for enhancing stability of intelligent cipher key equipment and intelligent cipher key equipment | |
| US9692641B2 (en) | Network connecting method and electronic device | |
| US20030053630A1 (en) | Method and system for key usage control in an embedded security system | |
| CN2914500Y (en) | Portable and reliable platform module | |
| CN104834874A (en) | Establishing physical locality between secure execution environments |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term |
Granted publication date: 20070620 |
|
| EXPY | Termination of patent right or utility model |