{"title":"基于双核架构的嵌入式信任根设计","authors":"Xiangying Kong, Xinran Kong","doi":"10.1145/3565387.3565413","DOIUrl":null,"url":null,"abstract":"Given the characteristics and design constraints of the embedded system, a software trust root construction method based on dual kernel architecture and composed of bootloader and trusted kernel and a stem branch trust chain transmission model are proposed ,aiming at the requirements of the trusted environment of embedded applications, The Bootloader, solidified in the boot FLASH, embeds the SHA-1 engine, to measure and load the trusted kernel. Meanwhile, the trusted kernel realizes the protection of the Bootloader by prohibiting the user kernel and upper-layer applications from writing access to the FLASH. The interaction between them, as the root of trust, can resist non-physical attacks; the trusted kernel provides password service-related functions for the user kernel; the application system and the user kernel where it is lockated run as a process of the trusted kernel. Finally, based on predicate logic, a formal proof of trusted boot is given, and a prototype system is built to verify the availability of the scheme.","PeriodicalId":182491,"journal":{"name":"Proceedings of the 6th International Conference on Computer Science and Application Engineering","volume":"118 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Design of Embedded Trust Root Based on Dual-Kernel Architecture\",\"authors\":\"Xiangying Kong, Xinran Kong\",\"doi\":\"10.1145/3565387.3565413\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Given the characteristics and design constraints of the embedded system, a software trust root construction method based on dual kernel architecture and composed of bootloader and trusted kernel and a stem branch trust chain transmission model are proposed ,aiming at the requirements of the trusted environment of embedded applications, The Bootloader, solidified in the boot FLASH, embeds the SHA-1 engine, to measure and load the trusted kernel. Meanwhile, the trusted kernel realizes the protection of the Bootloader by prohibiting the user kernel and upper-layer applications from writing access to the FLASH. The interaction between them, as the root of trust, can resist non-physical attacks; the trusted kernel provides password service-related functions for the user kernel; the application system and the user kernel where it is lockated run as a process of the trusted kernel. Finally, based on predicate logic, a formal proof of trusted boot is given, and a prototype system is built to verify the availability of the scheme.\",\"PeriodicalId\":182491,\"journal\":{\"name\":\"Proceedings of the 6th International Conference on Computer Science and Application Engineering\",\"volume\":\"118 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-10-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 6th International Conference on Computer Science and Application Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3565387.3565413\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 6th International Conference on Computer Science and Application Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3565387.3565413","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Design of Embedded Trust Root Based on Dual-Kernel Architecture
Given the characteristics and design constraints of the embedded system, a software trust root construction method based on dual kernel architecture and composed of bootloader and trusted kernel and a stem branch trust chain transmission model are proposed ,aiming at the requirements of the trusted environment of embedded applications, The Bootloader, solidified in the boot FLASH, embeds the SHA-1 engine, to measure and load the trusted kernel. Meanwhile, the trusted kernel realizes the protection of the Bootloader by prohibiting the user kernel and upper-layer applications from writing access to the FLASH. The interaction between them, as the root of trust, can resist non-physical attacks; the trusted kernel provides password service-related functions for the user kernel; the application system and the user kernel where it is lockated run as a process of the trusted kernel. Finally, based on predicate logic, a formal proof of trusted boot is given, and a prototype system is built to verify the availability of the scheme.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
