Abstract: Embodiments of this specification disclose computing devices and methods for constructing a trusted chain of a computing device, and relate to the field of information security technologies. The method includes following: A trusted module located on the computing device is started; the trusted module measures a CRTM of a processor on the computing device, and stores a measurement result in the trusted module; and when the CRTM is executed by the processor, a next level of code of the CRTM is measured, and a measurement result is stored in the trusted module; and when the next level of code of the CRTM is executed by the processor, a next level of code is measured, and a measurement result is stored in the trusted module, where by analogy, next levels of code is measured layer by layer to complete trusted chain establishment for the computing device.

Abstract: A node includes a first secure and trusted execution environment with a built-in first security certificate, a second secure and trusted execution environment with a built-in second security certificate, a trusted measurement agent, and a TPCM located in the first secure and trusted execution environment. In a method, after a measurement request is initiated, the first secure and trusted execution environment signs the measurement request by using a private key of the first security certificate to obtain a measurement request data packet including a signature; and the second secure and trusted execution environment performs signature verification on the measurement request data packet by using a public key of the first security certificate, obtains measurement data of a target protection object after the signature verification succeeds, signs the measurement data to obtain a measurement data packet including a signature.