A New Data Protecting Scheme Based on TPM

摘要

Trusted platform model (TPM) is special-purpose integrated circuits built into a variety of platforms to enable strong user authentication and machine attestation-essential to prevent inappropriate access to confidential and sensitive information and to protect against compromised networks. As a necessary component for multifarious platforms, storage device keeps on a mass of data including confidential and secretive information. How to ensure data not to be accessed by unauthorized users effectively, and to guarantee information to be in safe and secure state? Aiming at these problems, we put forward a novel scheme for protecting data on personal computer platform. By combing trusted computing platform, we propose a secure and reliable model for user authentication and data encryption. The model uses storage protocol to establish a password system to encrypt data, and uses TPM to authenticate different users. We also implement this model by adding it into trusted computing platform. The enhanced platform can not only encrypt data per sector drastically, but also exclude those who can't be authenticated. Some external software attacks and physical theft also cut no ice.