Research on Storage Security Based on Trusted Computing Platform

Abstract

As an information carrier for multifarious platforms, the security issues about disk storage directly effected system security, dependability and data confidentiality. How to ensure data not to be accessed by unauthorized users effectively, and to guarantee information to be in safe and secure state? Aiming at these problems, we introduce concept of trusted storage (TS), and advance implements about TS through analyzing several access scenarios in practice. Then we put forward a novel scheme for protecting data on personal computer platform. By combing trusted computing platform, we propose a secure and reliable model for user authentication and data encryption. The model uses storage protocol to establish a subsystem to encrypt data, and uses TPM to authenticate different users. We also implement this model by adding it into trusted computing platform. The enhanced platform can not only encrypt data per sector drastically, but also exclude those who canpsilat be authenticated. Some external software attacks and physical theft also cut no ice. Deep analysis and comparison show that using TS can help to extend trust chain of platform to peripherals to analyze the security risk of different operation environment. Moreover, TS can enhance communication protocol of storage device to improve security of data flow.