Research on Trusted Bootstrap Based on the Universal Smart Card

  • Lin YanEmail author
  • Jianbiao ZhangEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9565)


The trusted boot is a hot spot in trusted computing field. User’s identity authentication and trusted measurement are used to deal with security threats. But it is difficult to implement the general trusted boot based on hardware, which can be bypassed easily by software. In order to solve the above problem, a scheme of trusted boot is presented based on the universal smart card. It does not change the hardware and the firmware of the smart card and the terminal device. The core method combines user’s identity authentication with trusted measurement. It binds user’s identity, smart card and terminal device to ensure the trusted boot of terminal device. The trusted computing mechanism can be extended from power on to the application layer. Ultimately, experiments prove the security of boot and simplification of the implementation.


Trusted computing Trusted root Trusted chain Trusted measurement Security bootstrap 


  1. 1.
    Shen, C., et al.: Research and development of trusted computing. J. China Sci. 2, 139–166 (2010)Google Scholar
  2. 2.
    Shen, C.: Thinking and revelation of cyber space security strategy. J. Fin. Computerizing 6, 11–13 (2014)Google Scholar
  3. 3.
    TCG PC Client Specific Implementation Specification for Conventional BIOS Specification Version 1.21 Errata Revision 1.00 February 24th, 2012 For TPM Family 1.2; Level 2, 4 (2014).
  4. 4.
    UEFI. UEFI specification version 2.3.1 (2011).
  5. 5.
    Huanguo, Z., Zhao, B., et al.: Trusted Computing. Wuhan University Press, Wuhan (2011)Google Scholar
  6. 6.
    Zhibin, H.: The theoretical construction and realization path of state cyberspace security strategy in China. J. China Soft. Sci. 5, 22–27 (2012)Google Scholar
  7. 7.
    The White House (Washington, USA). International Strategy for Cyberspace-Prosperity, Security, and Openness in a Networked World, 5 (2011).
  8. 8.
    Masti, R.J., Marforio, C., Capkun, S.: An architecture for concurrent execution of secure environments in clouds. In: Proceedings of the 2013 ACM Workshop on Cloud Computing Security Workshop, pp. 11–22. ACM (2013)Google Scholar
  9. 9.
    Danev, B., Masti, R.J., Karame, G.O., et al.: Enabling secure VM-vTPM migration in private clouds. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 187–196. ACM (2011)Google Scholar
  10. 10.
    Li, H.-J., Tian, X.-X.: Research of Trust Chain of Operating System. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Cong, W.-N., Cao, K.: Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Trans. Distrib. Syst. 23, 1467–1479 (2012)CrossRefGoogle Scholar
  12. 12.
    Trusted Computing Group. [EB/OL], 4 (2014).
  13. 13.
    Tian, J., et al.: Trusted Computing and Trust Management. Science Press, Beijing (2014)Google Scholar
  14. 14.
    Wang, C., Ren, K., Lou, W., et al.: Toward publicly auditable secure cloud data storage services. IEEE Netw. 24(4), 19–24 (2010)CrossRefGoogle Scholar
  15. 15.
    Seo, M.-S., Park, D.-W.: Security measures of personal information of smart home PC. Int. J. Smart Home 7(6), 227–236 (2013)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Wu, L., Li, H., Ren, Y., et al.: Smart card power analysis platform design and implementation. J. Tsinghua Univ. (Sci. Technol.) 10, 1409–1414 (2012)Google Scholar
  17. 17.
    Cui, J.: Research of Multi-factors Identity Authentication Protocol and Implementation Based on Smart Card. J. East China Normal University 9 (2013)Google Scholar
  18. 18.
    Wang, M.: Research and Design for the Low Power Dual Interface CPU Smart Card Chip. J. Fudan University (2011)Google Scholar
  19. 19.
    Huang, Y.: Researches on Authentication Protocols and Applications in Network Security Systems. Wuhan University, 4 (2010)Google Scholar
  20. 20.
    Zou, D., et al.: Principle and Application of Trusted Computing Technology. Science Press, Beijing (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.College of Computer ScienceBeijing University of TechnologyBeijingChina
  2. 2.Beijing Key Laboratory of Trusted ComputingBeijingChina
  3. 3.National Engineering Laboratory for Critical Technologies of Information Security Classified ProtectionBeijingChina

Personalised recommendations