A startup measurement method and device using oprom mechanism
A measurement method and mechanism technology, applied in computer security devices, instruments, calculations, etc., can solve problems such as security verification, inability to perform start-up measurement, and inability to achieve computer equipment start-up measurement adaptation, so as to improve safety performance and ensure safety credible effect
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0061] Based on the above-mentioned trusted computing platform, for allowing the situation of directly modifying the BIOS firmware program, the present invention provides a startup measurement method, including:
[0062] S101. After the trusted computing platform is powered on, the TPCM is started before the CPU of the computing subsystem, and the TPCM measures the BIOS of the computing subsystem.
[0063] S102. If the measurement result is credible, start the CPU and load the BIOS. During the execution of the BIOS, the measurement agent module in the BIOS (the TSB in the protection subsystem is implanted into the agent in the computing subsystem) first intercepts the loading of the OSLoader code, then reads the OSLoader code and its related information from the hard disk, and Send it to TPCM for measurement.
[0064] S103. If the measurement result of the OSLoader is credible, the BIOS loads and executes the OSLoader. Afterwards, the measurement proxy module in OSLoader fir...
Embodiment 2
[0069] For the situation that the BIOS firmware program is not allowed to be directly modified or the BIOS modification is not applicable in the actual scene, the present invention provides a startup measurement method using the OPROM mechanism.
[0070] A startup measurement method using the OPROM mechanism can be applied to the trusted computing platform described above. The trusted computing platform includes: a parallel computing subsystem and a protection subsystem, the computing subsystem is used to complete computing tasks, and the protection subsystem The system is used to actively measure and control the computing subsystem according to the trusted policy through the trusted platform control module; the computing subsystem and the protection subsystem have a security isolation mechanism and interact through a dedicated access channel;
[0071] Such as figure 2 As shown, the startup measurement method in this embodiment includes:
[0072] S1. After the trusted comput...
Embodiment 3
[0081] For the situation that the BIOS firmware program is not allowed to be directly modified or the BIOS modification is not applicable in the actual scene, the present invention proposes a startup measurement method using the OPROM mechanism.
[0082] A startup measurement method using the OPROM mechanism, applied to a trusted computing platform, the trusted computing platform includes: a parallel computing subsystem and a protection subsystem, the computing subsystem is used to complete the computing task, and the protection subsystem is used to pass the trusted The platform control module performs active measurement and active control on the computing subsystem according to the trusted policy; the computing subsystem and the protection subsystem have a security isolation mechanism, and interact through a dedicated access channel;
[0083] Startup measurement methods include:
[0084] S101. After the trusted computing platform is powered on, the trusted platform control mo...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com