How to build a trusted execution environment on a computer

摘要

This invention being the method of constructing reliance possible execution environment to the computer, reliance possible file verification module and reliance possible process memory code verification module installing beforehand inside the operating system, loading the safe operating system, designates that it makes execute as the key. Reliance possible file verification module to capture all file operation behavior, if it is the operation behavior for the reliance possible file, processes on the basis of this file operation type, it is the operation behavior for the reliance impossible file, after passing to the verification for this file, operates vis-a-vis the file. If reliance possible process memory code verification module, verifying in fixed time whether or not running state and completeness of all process cords/codes are normal, if it is not normal, it puts out warning, after retaining the actual place data of execution of this process, it ends this process and with restoring normal it comes to the point of, it is, normally to execute it continues. According to this invention, whether or not the file and process itself received attack, this way, even in attack from the known or unknown virus be able to detect, be able to guarantee the security of the execution environment in the computer in spite, at the same time use of the user is made convenient, cost of actualization is decrease. Selective figure Figure 2