The traditional information security system, which is mainly composed of the old three types (firewall, intrusion monitoring and virus prevention), focuses on external prevention, which is inconsistent with the actual situation that the main threats to information security come from inside. From the three levels of servers, networks and terminals that make up the information system, the existing protection means are decreasing layer by layer. People often pay too much attention to the protection of servers and network devices, thus ignoring the protection of terminals. Malicious attack means are changeable, while the third one is blocking. For example, the network layer is fortified to block illegal users and unauthorized access on the periphery. This blocking method is to capture the characteristic information of hacker attacks and virus intrusions, but it is characterized by the lag information that has occurred and cannot scientifically predict future attacks and intrusions. Therefore, people closely combine the underlying computing technology with cryptographic technology, thus promoting the research of information security technology to enter the stage of trust computing technology.
research meaning People are more and more dependent on computer systems, but computer hacker attacks such as viruses and trojans are emerging endlessly to endanger and threaten the information security of computer systems, so trusted computing of computer systems becomes more and more important. Trusted computing technology is one of the effective methods to remove the threat of computer networks and terminals. The traditional information security measures are nothing more than "plugging loopholes, building high walls and preventing external attacks", but the final result is that it is impossible to prevent. The main reason is not to control the source of unsafe problems, but to block them outside. Academician Shen Changxiang, an expert of the National Informatization Expert Advisory Committee, believes that in order to solve the structural insecurity of PC, trusted computing should be implemented worldwide.
Since Anderson first proposed the concept of trusted system in the early 1970s, the credibility of information systems has been widely concerned by academia and industry.
Trusted computing technology is a new research hotspot in the field of information security in recent years. Its research aims to effectively solve the insecurity of computer structure and fundamentally improve the security of the system. Trusted computing has changed people's traditional way of thinking about information security. It starts from the terminal to prevent attacks, and improves the security of the terminal system, so that every user in the information system has been authenticated and authorized, and its operation complies with the regulations, so that no offensive accidents will occur‘ The security problem of the entire information system can be solved by starting from the terminal. " Academician Shen Changyang proposed this idea as early as the early 1990s.
The essence of trusted computing technology is to require the transaction and computing equipment in the information system to be trusted, reliable, secure and protected. Trusted, running with a known scheme, and able to communicate with the scheme in advance; Reliable, always available for transactions and communications, and resistant to viruses and other intrusions; Safe, able to stop unnecessary interference or observation procedures; It is protected. In order to keep the computer confidential, it only shares information with necessary personnel within the setting range of common parameters.
As the core of trusted computing technology, trusted computing platform has become the basic and platform equipment of information system. The trusted source of the trusted computing platform comes from the Trusted Platform Module (TPM). The trusted platform module is a hardware device connected to the platform motherboard, which is used to verify identity and process variables used by computers or devices in a trusted computing environment. The TPM and the data stored in it are separate from all other components of the platform. The Trusted Platform Module (TPM) itself is a small control and management system, which serves as the source of information for the platform runtime. All security authentication and security calls of the system are completed through TPM, and a complete trust chain relationship of network application software operating system hardware user is established. Under the effect of trust transmission, the integrity check of the security mechanism is realized, thus ensuring the credibility of each link, and thus ensuring the credibility of the entire system. The main function of trusted computing platform is to ensure the authenticity and legitimacy of user identity and authority; The integrity and availability of the workspace; Ensure confidentiality and integrity of storage, processing and transmission; Ensure the integrity of hardware environment configuration, operating system kernel, services and applications; Ensure the security of key operation and storage; Ensure that the system is immune to viruses and hackers. It plays a very important role in building the information security environment and ensuring the source security. The user authentication in the network environment can not only include the user's identity information, but also the hardware information of the PC, which can better ensure the security of network communication and identity authentication, and ultimately achieve the best combination of the most basic information security functions such as anti-virus and anti intrusion with the trusted computing platform.
As the product of the integration of computer technology and communication technology, the Internet has become the largest artificial information system after nearly 40 years of development. With the continuous emergence of new application modes such as e-commerce, e-government and cross domain resource sharing, people gradually realize that the credibility of software systems in the Internet environment has become a problem to be solved. The credibility of Internet software stems from the uncontrollability and uncertainty of resource behavior in the Internet environment, which is also related to the openness Dynamics is closely related to the growth, autonomy, diversity and other natural characteristics of resources. At the same time, due to the continuous expansion of application scale, the types and scope of resources involved, the improvement of application complexity and the innovation of computing mode, higher requirements have been put forward for the reliable assurance of software systems in the Internet environment.
For China's informatization construction, e-government, e-commerce system, enterprise informatization system, military secret, communication, battle command system, etc. all urgently need a secure and reliable computing platform to build a security guarantee system. First, in the construction of e-government system, identity authentication, authorization management and responsibility verification need to be based on a trusted computing platform. Secondly, relevant technical measures (such as security gateways, security gateways, security firewalls, etc.) used for security isolation of classified and non classified networks need to be based on trusted computing platforms. Finally, the informatization construction of military confidential information, communication and battle command system is an important part of national defense construction, and its information security is directly related to the life and death of the country. They also need to be based on a trusted computing platform.
Under the Internet environment, whether the computer system is trusted, including whether the hardware, network, operating system, middleware, application software, information system users, and the complex systems that interact with them are trusted. Problems in any link of this chain will lead to the untrusted computer system.
