信息安全研究 ›› 2017, Vol. 3 ›› Issue (4): 299-304.

• 学术论文 • 上一篇    下一篇

《可信计算体系结构》标准综述

安宁钰   

  1. 全球能源互联网研究院
  • 收稿日期:2017-04-13 出版日期:2017-04-13 发布日期:2017-04-13
  • 通讯作者: 安宁钰
  • 作者简介:安宁钰 工学硕士,工程师,主要研究方向为信息安全、可信计算.

An Overview of Trusted Computing Structure Specification

  • Received:2017-04-13 Online:2017-04-13 Published:2017-04-13

摘要: 可信计算是一种运算与保护并行结构的计算模式,通过保持计算环境及计算逻辑的完整性,为计算平台提供了对恶意代码、非法操作的自主免疫能力.可信计算体系结构以国产密码体系为基础,以可信平台控制模块为信任根,以可信主板为平台,以软件为核心,以网络作为纽带,对上层应用进行透明可信支撑,从而保障应用执行环境和网络环境安全.介绍了《可信计算体系结构》标准的相关内容,包括可信计算体系结构的基本原理及功能、核心组成部件、可信信息系统以及可信计算规范体系的基本框架.《可信计算体系结构》标准从顶层为可信计算产品的设计和实施提供规范和指南,可以有效促进可信计算技术及其产业化有序发展,并为后续可信计算系列标准的制定和修订提供一个统一的框架.

关键词: 网络安全, 可信计算, 双体系结构, 可信信息系统, 顶层设计

Abstract: Power system is an important national infrastructure. Its safe and stable operation is the important guarantee of economic development and national security and stability. Chinas power system has been in safety protection with relevant regulations and requirements of the departments of the state, but the face of the current complex cyberspace security situation, there are still subject to APT and other malicious code attack risk. Trusted computing refers to the calculation of the operation at the same time security, so that the operation and process behavior under any conditions, the results are always the same as expected, the calculation can be measured throughout the control, not interference, is to change the traditional “Kill” the basis of passive defense technology. This paper analyzes the information security risks and challenges faced by the power system. and introduces the research and application of the trusted computing technology in the power system, and gives the recommended prospect for the engineering application of the trusted computing in combination with the actual production situation. Based on the trusted computing technology to build the power information security and immune system, and create an important industrial production control system and information infrastructure in the application of trusted computing technology to achieve high safety level protection of the precedent, the safety of other industries construction is also given worthy of reference and reference to the model.

Key words: cyber security, trusted computing, dual architecture, trusted information system, top-level design