TPCM主动防御可信服务器平台设计
|
摘要
提出一种基于服务器的三阶三路主动防御方法.该方法在保持原有设计的基础上,利用服务器主板已有的接口进行扩展设计,达到服务器基础平台防篡改和防攻击的目的.该方法确保可信平台控制模块(trusted platform control module,TPCM)可信根首先上电,度量启动代码及环境的可信性和完整性,并在服务器启动过程中进行可信链的传递.若检测到启动程序和配置数据或平台环境遭受攻击,则根据预先写在TPCM内部的安全策略让服务器进入受控非可信工作模式或阻止其上电等.操作系统加载后,运行应用软件过程中,实时动态保持计算机的可信运行环境,直至系统关机.实现服务器基础平台的全生命周期主动防御.
The active of three-phase and three-channel( 3 P3 C) defense method for server was proposed.Based on the original design,the extended design was conducted by using the existing interface of the server motherboard,which achieved the goal of tamper-proof and attack-proof for the server base platform.This method ensured that the trusted platform control module( TPCM) which the trust root was firstly powered on. The credibility and integrity of the boot code and environment were measured and confirmed.During the startup of the server,the trusted chain was transmitted. If the boot code and config data was detected to be maliciously tampered with,or the environment of the platform was attacked,the server would shift to a controlled untrusted working mode,or would be prevented from switch on according to the security policy written in advance within the TPCM. When the operating system was loaded,during the running process of the application software,the trusted running environment of the computer was maintained dynamically in real time until the system was shut down,which could ensure the lifecycle active defense of the server foundation platform.
The active of three-phase and three-channel( 3 P3 C) defense method for server was proposed.Based on the original design,the extended design was conducted by using the existing interface of the server motherboard,which achieved the goal of tamper-proof and attack-proof for the server base platform.This method ensured that the trusted platform control module( TPCM) which the trust root was firstly powered on. The credibility and integrity of the boot code and environment were measured and confirmed.During the startup of the server,the trusted chain was transmitted. If the boot code and config data was detected to be maliciously tampered with,or the environment of the platform was attacked,the server would shift to a controlled untrusted working mode,or would be prevented from switch on according to the security policy written in advance within the TPCM. When the operating system was loaded,during the running process of the application software,the trusted running environment of the computer was maintained dynamically in real time until the system was shut down,which could ensure the lifecycle active defense of the server foundation platform.
引文
[1]黄坚会,沈昌祥,谢文录.TPCM三阶三路安全可信平台防护架构[J].武汉大学学报(理学版),2018,64(2):109-114.
[2]黄坚会,喻剑,赵保华,等.可信平台控制模块规范[R].北京:中关村可信计算产业联盟,2016.
[3] TRUSTED COMPUTING GROUP. TPM main specification[EB/OL].(2011-03-08)[2018-09-02]. http:∥www.trustedcomputinggroup.org/tpm-main-specification/.
[4] TRUSTED COMPUTING GROUP. PC client platform TPM profile(PTP)specification[EB/OL].(2015-01-01)[2018-09-02].http:∥www.trustedcomputinggroup.org/pc-client-platform-tpm-profile-ptp-specification/.
[5]韩佶洋.主板常用芯片及电路维修手册[M].北京:清华大学出版社,2008.
[6]黄坚会,石文昌.基于ATX主板的TPCM主动度量及电源控制设计[J].信息网络安全,2016(11):1-5.
[7]国家密码管理局.SM3密码杂凑算法:GM/T 0004—2012[S].北京:中国标准出版社,2012.
[8]国家密码管理局.可信计算密码支撑平台功能与接口规范:GB/T 29829[S].北京:中国标准出版社,2013.
[9]黄坚会.TPCM平台度量及控制设计[J].信息安全研究,2017,3(4):310-315.
[10]沈昌祥.用可信计算3. 0筑牢网络安全防线[J].信息安全研究,2017,3(4):290-298.
[2]黄坚会,喻剑,赵保华,等.可信平台控制模块规范[R].北京:中关村可信计算产业联盟,2016.
[3] TRUSTED COMPUTING GROUP. TPM main specification[EB/OL].(2011-03-08)[2018-09-02]. http:∥www.trustedcomputinggroup.org/tpm-main-specification/.
[4] TRUSTED COMPUTING GROUP. PC client platform TPM profile(PTP)specification[EB/OL].(2015-01-01)[2018-09-02].http:∥www.trustedcomputinggroup.org/pc-client-platform-tpm-profile-ptp-specification/.
[5]韩佶洋.主板常用芯片及电路维修手册[M].北京:清华大学出版社,2008.
[6]黄坚会,石文昌.基于ATX主板的TPCM主动度量及电源控制设计[J].信息网络安全,2016(11):1-5.
[7]国家密码管理局.SM3密码杂凑算法:GM/T 0004—2012[S].北京:中国标准出版社,2012.
[8]国家密码管理局.可信计算密码支撑平台功能与接口规范:GB/T 29829[S].北京:中国标准出版社,2013.
[9]黄坚会.TPCM平台度量及控制设计[J].信息安全研究,2017,3(4):310-315.
[10]沈昌祥.用可信计算3. 0筑牢网络安全防线[J].信息安全研究,2017,3(4):290-298.