计算机技术与发展2012,Vol.22Issue(6):143-146,4.
一种不依赖TPM的安全引导方式的设计与实现
Design and Implementation of a Secure Boot without TPM Support
摘要
Abstract
Investigating in depth the technology of trusted platform module (TPM) and kexec, design and implement a secure boot mechanism for computers without TPM support, hi this scheme,referencing the secure hoot mechanism based on TPM,a small protected Linux will start first, which can then measure the real operating system needed to boot at the early stage. After the measurement,can boot the operating system on disk by utilizing kexec. The mechanism designed by this paper can support Windows and Linux according to the experimenls.and it was also shown that no obvious burden has been added to the whole system boot time. This mechanism is one of secure boots for existing computer without changing hardware,is a kind of security enhancement measures for computer system.关键词
信息安全/安全引导/预引导系统/kexec/完整性度量Key words
information security/secure boot/ pre-boot system/ kexec/integrity measure分类
信息技术与安全科学引用本文复制引用
姚金魁,张涛,王金双,陈融,施祖清..一种不依赖TPM的安全引导方式的设计与实现[J].计算机技术与发展,2012,22(6):143-146,4.基金项目
国家高技术研究发展计划"863"项目(2009AA01Z40) (2009AA01Z40)
