Research on credible start-up and I/O access control of embedded Linux based on trusted computing

摘要

With the continuous increase of embedded system hacking, the security of system booting and I/O port is facing new challenge. Aiming at solving these problems, two secure designs that can enhance the security performance of start-up process and I/O port access control of embedded Linux is presented in this paper. Integrating Linux kernel security mechanism and security storage function of TPM (Trusted Platform Module) efficiently, two mechanisms are provided to expand security services which are not only credible booting, but also I/O access control mechanism with the support of safe file system to strengthen the security protection of system sensitive data. Two designs are robust through hardware-based protection and underlying security support relying on TPM chip so as to resist the illegal invasion through the test of booting and I/O control.