【摘要】 机密计算环境的构建与使用，是保障信息数据安全的重要技术手段。然而，现有的机密计算环境的形成，其信任锚点来自硬件处理器，机密计算环境的构成依赖于缺乏可证明安全的软件栈实现。近年来包括各大主流CPU厂商的硬件安全漏洞频现，各种针对现有机密环境构造弱点的攻击频发，都给依赖机密计算环境的各种安全应用和数据带来严重威胁。可信计算是一种将可信根作为信任锚点，以可信度量为手段，用信任链方式构造可信执行环境的安全方法和技术，将可信计算技术用于机密计算环境构建，可以有效解决上述安全问题。文章从可信的角度提出了一种构造自主可控的机密计算环境的新思路。可信锚点的服务是保障机密计算环境安全的前提，在可信锚点之上建立具有内存隔离等特性的机密计算环境。文章研究的完成，将有效解决现有机密计算场景的安全威胁，提升具有自主可控关键基础设计的能力。更多还原

【Abstract】 The construction and use of confidential computing environment are an important technical means to ensure the security of information data. However, its trust anchor is formed from hardware processors in existing confidential computing environments, and the construction of the confidential computing environment depends on the lack of provably secure software implementations. In recent years, the hardware security vulnerabilities of CPU manufacturers appear frequently, and many attacks of existing confidential environment vulnerabilities occur frequently, which brings a serious threat to the various security applications and data that rely on the confidential computing environment. Trusted computing takes the root of trust as a trust anchor, the reliability measures is used as a means, the chain of trust is used to construct the security method and technology of trusted execution environment, Therefore, the trusted computing technology is used to construct the confidential computing environment and effectively solve the above safety problem. In this research, an autonomous controllable confidential computer environment and its security ability are proposed from the perspective of trusted computing. The function of trust anchor is the premise to ensure the security of confidential computing environment. a confidential computing environment with memory isolation features can be built on trust anchor, which can effectively solve the security threats in the existing confidential computing environments and improve the capability of independently controlling the key foundation designs.更多还原