Paper Info
Title
Research on Linux Trusted Boot Method Based on Reverse Integrity Verification
Abstract
AbstractTrusted computing aims to build a trusted computing environment for information systems with the help of secure hardware TPM, which has been proved to be an effective way against network security threats. However, the TPM chips are not yet widely deployed in most computing devices so far, thus limiting the applied scope of trusted computing technology. To solve the problem of lacking trusted hardware in existing computing platform, an alternative security hardware USBKey is introduced in this paper to simulate the basic functions of TPM and a new reverse USBKey-based integrity verification model is proposed to implement the reverse integrity verification of the operating system boot process, which can achieve the effect of trusted boot of the operating system in end systems without TPMs. A Linux operating system booting method based on reverse integrity verification is designed and implemented in this paper, with which the integrity of data and executable files in the operating system are verified and protected during the trusted boot process phase by phase. It implements the trusted boot of operation system without TPM and supports remote attestation of the platform. Enhanced by our method, the flexibility of the trusted computing technology is greatly improved and it is possible for trusted computing to be applied in large-scale computing environment.
Year
DOI
Venue
2016
10.1155/2016/4516596
Periodicals
Field
DocType
Volume
Booting,Trusted Computing,Computer science,Network security,Secure cryptoprocessor,Trusted Platform Module,Direct Anonymous Attestation,Hengzhi chip,Operating system,Embedded system,Executable
Journal
2016
Issue
ISSN
Citations 
1
1058-9244
1
PageRank 
References 
Authors
0.37
13
6
Name
Order
Citations
PageRank
Chenlin Huang1488.83
Chuanwang Hou211.05
Huadong Dai342.77
Yan Ding454.46
Songling Fu510.37
Mengluo Ji610.37