On the basis of the TM defined in Section 3, the trust chain can be formally constructed. Next, we introduce how to describe the traditional trust chain using TM.
Theorem 1. Turing machine can achieve the deduction rules of predict logic described in Section 1. Let us assume that there exist some MV type programs en(n ∈ N) in TM's tape0 or tape1, and
- Trusted (ei) ei in TM's tape0;
- Measure (ei, ej, Integ) U[ei, ej] = qv;
- Measure (ei, ej, Integ) U[ei, ej] = qr.
When TM stops, each en in tape0 satisfies the trusted loading rule or trust chain extending rule of predict logic. It means that en is either in tape0 initially or measured by other ei (i < n) in tape0.
Proof. When TM stops, if ek is in tape0 initially, from the condition (1), we know that it satisfies Trusted (ek). If ek is not in tape0 initially, it is in tape1. From TM's working procedure, if and only if when ei is on tape0 and U[ei, ek] = qv, then ek can be copied from tape1 to tape0. Through the conditions that ei has already been in tape0 equals to Trusted (ei). In addition, U[ei, ek] = qv equals to Measure(ei, ek, Integ). Finally, ek is in tape0, which equals to Trusted (ek) ∧ Trusted (ei). It is the extending rule defined by the predict logic. It follows that the TM can achieve the deduction rules of the predict logic.
From Theorem 1, TM can strictly simulate the extending progress of trust chain only by using the MV type program. The extending of tape0 equals to the extending of the trust chain. However, it is not enough to complete the normal work of trusted computing system. According to the workflow of TM, the programs in tape0 can only take the strings to be verified in tape1 as their inputs, and take the strings that have been verified in tape1 as their outputs in tape0. For this limitation, the programs in tape0 are not able to execute the computing as normal program. So, TM defines V type program that can verify normal TM program. Actually, at the TM model, the TCB in Figure 2 consists of a set of V type programs. Other modules, which are normal TM programs, can be verified by these V type programs. And, each module in Figure 1 is composed of normal TM coding program, V type program, and MV type program.
When the TM simulates the grant execute process of Figure 2, the initial configurations of TM are set as follows:
where pb, pbl, pos, pm0 …, pa0 … separately represent the functional BIOS, bootloader, OS kernel, system services and applications, and vb, vbl, vos, vm0 …, va0 … separately represent related V type program in TCB. This TM simply verifies and executes normal programs in tape1. All verifying programs of different level modules are concentrated in tape0. Actually, as the centralized trusted boot method avoids the construction of trust chain, it does not need MV type program. Here, the trust transitive path is described in Figure 6. All V type programs are located in TCB. When the system starts up, these V type programs are directly granted trust from TCB. Then, each V type program verifies related progress. Through this path, all of the applications are verified and loaded directly by TCB.
Then, this TM simulates the grant execute process of Figure 1, where pb, pbl, pos, pm0 …, pa0 … separately represent the functional BIOS, bootloader, OS kernel, some kernel services and applications, and vb, vbl, vos, vm0…, va0…. represent the related V type verifying program. Besides, mbl, mos, mm, and ma are MV type verifying programs, in which mbl is for vbl and mos, mos is for vos, mm and ma, mm is for vm0…, ma is for va0… . Intuitively, the action of the V type program is to grant “loading, executing permission” to a verified normal program, and the MV type program is to grant “trust measuring permission” to the verified program. The trust transitive path is shown in Figure 7. In this case, TCB gives the executing permission to a functional program pb in BIOS through vb, and gives executing permission to a measurement program (i.e., vbl and mos) that will verify the next level (i.e., bootloader) through mbl; BIOS gives executing permission to the functional program pbl through vbl in bootloader, and gives executing permission to the measurement program (i.e., vos, mm, and ma) that will verify the next level (i.e., OS kernel) through mos, and so on.