本文選題：龍芯3A　切入點(diǎn)：可信密碼模塊　出處：《北京工業(yè)大學(xué)》2014年碩士論文

【摘要】：在當(dāng)今信息社會(huì)中，信息安全面臨著嚴(yán)重的挑戰(zhàn)。為了維護(hù)國家安全和利益，信息系統(tǒng)國產(chǎn)化的研究具有重大的戰(zhàn)略意義，其中核心處理器、高端通用芯片是國產(chǎn)化過程中的重中之重。龍芯系列處理器是我國具有自主知識(shí)產(chǎn)權(quán)的系列處理器，龍芯處理器的誕生打破了我國長久以來的無“芯”狀況。 黑客從之前的破譯口令、竊取會(huì)話信息，到利用錯(cuò)誤配置服務(wù)、bug服務(wù)漏洞，又轉(zhuǎn)向攻擊無保護(hù)的終端。因此，從芯片、主板等硬件和BIOS、操作系統(tǒng)等底層軟件綜合采取措施，才能有效地提高計(jì)算機(jī)的安全性。我國自主研制了基于國內(nèi)密碼算法的可信模塊——可信密碼模塊（Trusted Cryptography Module，TCM）。TCM是置于計(jì)算機(jī)中的安全子系統(tǒng)，為安全應(yīng)用軟件在硬件上提供安全保障。TSM為應(yīng)用程序調(diào)用TCM安全保護(hù)功能提供入口點(diǎn)，管理TCM資源，并向應(yīng)用程序隱蔽TCM所建立的功能命令。事實(shí)上，安全應(yīng)用程序不應(yīng)該直接訪問TCM，而是通過調(diào)用TCM服務(wù)模塊（TCM Service Module，，TSM）來使用TCM的安全功能。 結(jié)合中電科技（北京）有限公司的國產(chǎn)CPU平臺(tái)安全可信開發(fā)項(xiàng)目，開展了基于龍芯3A處理器、AMD RS780E+SB710芯片組和TCM芯片硬件平臺(tái)的TCM系統(tǒng)驅(qū)動(dòng)與TSM的模塊、接口實(shí)現(xiàn)的研究，為應(yīng)用程序可靠地訪問安全的TCM硬件資源提供了基礎(chǔ)。主要工作如下： 首先，在介紹國內(nèi)外主要硬件平臺(tái)的基礎(chǔ)上，分析了基于國產(chǎn)平臺(tái)的可信軟件棧實(shí)現(xiàn)的重要意義， 接著，論述了可信計(jì)算密碼支撐平臺(tái)及其所支持的密碼算法。 然后，基于龍芯3A處理器架構(gòu)和TCM芯片平臺(tái)，采用了實(shí)驗(yàn)法、功能分析法等研究方法研究了TCM驅(qū)動(dòng)及TSM各層（TDDL、TCS、TSP）的實(shí)現(xiàn)。 最后，為了評(píng)估基于龍芯3A與TCM芯片硬件平臺(tái)的TSM系統(tǒng)的整體性能，進(jìn)行了TCM驅(qū)動(dòng)和TSM的可行性的檢測以及可信計(jì)算技術(shù)的驗(yàn)證。
[Abstract]:In today's information society, information security is facing serious challenges. In order to safeguard national security and interests, the study of localization of information system has great strategic significance, in which core processor, High-end universal chip is the most important in the process of localization. The Godson series processor is a series of processors with independent intellectual property rights in China. The birth of the Godson processor has broken the "core" situation of our country for a long time. Hackers used to break passwords, steal session information, exploit misconfigured services, bug service vulnerabilities, and then attack unprotected terminals. Therefore, from hardware such as chips, motherboards, and BIOSs, operating systems and other underlying software, comprehensive measures are taken. In order to improve the security of computer effectively, our country has developed a trusted Cryptography module, trusted Cryptography module, which is based on the domestic cipher algorithm. TCM is a security subsystem placed in the computer. Provides security for secure applications on hardware. TSM provides an entry point for applications to invoke TCM security protection, manages TCM resources, and hides functional commands created by TCM from the application. Security applications should not access TCMs directly, but use TCM's security capabilities by calling the TCM services module tcm Service module. Combined with the domestic CPU platform security and credible development project of China Electric Power Technology (Beijing) Co., Ltd, the research on the module and interface realization of TCM system driver and TSM based on RS780E SB710 chipset of Longson 3A processor and TCM chip hardware platform is carried out. Provides the basis for the application to reliably access secure TCM hardware resources. The main work is as follows:. Firstly, on the basis of introducing the main hardware platforms at home and abroad, the significance of the implementation of trusted software stack based on domestic platform is analyzed. Then, the trusted computing cryptographic support platform and its supported cryptographic algorithms are discussed. Then, based on the structure of Godson 3A processor and the TCM chip platform, the implementation of TCM driver and TSM TDDL TCSN TSPs is studied by means of experimental method and function analysis method. Finally, in order to evaluate the overall performance of TSM system based on Godson 3A and TCM chip hardware platform, the feasibility of TCM driver and TSM is tested and the trusted computing technology is verified.
【學(xué)位授予單位】：北京工業(yè)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前2條

1 張煥國;嚴(yán)飛;傅建明;徐明迪;楊樝;何凡;詹靜;;可信計(jì)算平臺(tái)測評(píng)理論與關(guān)鍵技術(shù)研究[J];中國科學(xué):信息科學(xué);2010年02期

2 劉毅;沈昌祥;;一種可信軟件棧的兼容性改進(jìn)方案[J];武漢大學(xué)學(xué)報(bào)(理學(xué)版);2009年01期

本文編號(hào)：1676005