Table of Contents Author Guidelines Submit a Manuscript
Scientific Programming
Volume 2016 (2016), Article ID 4516596, 12 pages
http://dx.doi.org/10.1155/2016/4516596
Research Article

Research on Linux Trusted Boot Method Based on Reverse Integrity Verification

1School of Computer, National University of Defense Technology, Changsha, Hunan 410073, China
2College of Polytechnic, Hunan Normal University, Changsha, Hunan 410073, China
3Department of Computer and Information Engineering, Luoyang Institute of Science and Technology, Luoyang, Henan 471023, China

Received 25 February 2016; Accepted 8 May 2016

Academic Editor: Florin Pop

Copyright © 2016 Chenlin Huang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

Trusted computing aims to build a trusted computing environment for information systems with the help of secure hardware TPM, which has been proved to be an effective way against network security threats. However, the TPM chips are not yet widely deployed in most computing devices so far, thus limiting the applied scope of trusted computing technology. To solve the problem of lacking trusted hardware in existing computing platform, an alternative security hardware USBKey is introduced in this paper to simulate the basic functions of TPM and a new reverse USBKey-based integrity verification model is proposed to implement the reverse integrity verification of the operating system boot process, which can achieve the effect of trusted boot of the operating system in end systems without TPMs. A Linux operating system booting method based on reverse integrity verification is designed and implemented in this paper, with which the integrity of data and executable files in the operating system are verified and protected during the trusted boot process phase by phase. It implements the trusted boot of operation system without TPM and supports remote attestation of the platform. Enhanced by our method, the flexibility of the trusted computing technology is greatly improved and it is possible for trusted computing to be applied in large-scale computing environment.