摘 要 当前普通 PC 难以建立可信的环境,而利用软硬件相对简单的 Java 智能卡能 够建立起可信的环境,从而建立可信平台。在这个可信平台中,可靠安全的密钥 管理是非常重要的,它是可信平台数据安全存储的基础。 本文实现了适用于 Java 智能卡的可信密钥管理,为 Java 智能卡可信平台的 数据的安全存储奠定基础,并为实现平台间的安全通信提供了安全支持。 本文首先研究现有的可信计算平台的密钥管理机制;接着在此研究的基础上, 利用两个开源软件包 tpm_emulator 和 Trousers 构建可信计算平台,从而深入分析 可信计算平台密钥管理机制的实现过程及其所涉及的数据结构和数据流向;最后, 在以上研究与分析的基础上,设计与实现了基于 Java 智能卡的可信密钥管理。 关键词:可信计算 密钥管理 Java 智能卡 Abstract At present it is difficult to establish the credibility in the general PC environment, but using Java smart card which has comparatively simple hardware and software systems, it is able to establish a credible environment, thereby constructs the trusted platform. On this trusted platform, reliable and secure key management is very important, which is the base of the secure storage for the data of the trusted platform. The paper implements the trusted key management applied to Java smart card which settles the foundation of secure storage for the data of the trusted Java smart card platform and provides security support for the secure communications between platforms. First, the paper studies the key management mechanisms of the existing Trusted Computing Platform; then, based on the research, the paper builds a Trusted Computing Platform using two open-source software packages of tpm_emulator and Trousers, thereby deeply analyses the process of key management mechanism of the Trusted Computing Platform along with the data structure and data flow involved in the process; finally, based on the research and analysis, the paper designs and implements the trusted key management based on the Java smart card. Keywords: Trusted Computing Key management Java smart card 目 录 第一章 绪论........................................................................................................................................ 1 课题来源.......
