According to the analysis and research of TCP technology with UEFI technology, this paper proposes the concept and model of Trusted - BIOS Platform based on trusted cryptography module chip with UEFI. It makes use of establishing RTM (Roots of Trust) and chain of trust to realize the three core functions: Data Protected, Identity Attestation, Integrity Measurement, Storage and Reporting. Then this paper applies the Trusted - BIOS Platform based on UEFI to Vista BitLocker. The Trusted - BIOS implemented in this paper was updated into the common Mainboard of Intel 945GCL, and successfully started boot Vista Operating System, the function test of trusted computing validated the model and basic functions of Trusted - BIOS platform.%通过对TCP技术和UEFI技术的研究与分析,基于国产可信密码模块芯片TCM,提出了符合UEFI规范的可信BIOS平台的概念和模型,主要通过建立可信根(Roots of Trust,RTS)、信任链(Chain of Trust)实现数据保护、身份证明与完整性测量、存储与报告3大核心功能。将实现的可信BIOS更新到通用Intel945GCL主板,成功地启动了Vista操作系统,并测试了可信相关功能,从而验证了可信BIOS平台模型与功能。
展开▼