This paper proposes a security enhancement scheme for disaster tolerant systems based on trusted computing technology which combines with the idea of distributed threshold storage. This scheme takes advantage of a trusted computing platform with a trusted computing module, which has excellent features such as security storage, remote attestation, and so on. These features effectively ensure trustworthiness of the disaster tolerant point. Furthermore, distributed storage based on Erasure code not only disposes the storage problem about a great deal of data, but also preferably avoids one node invalidation, alleviates network load and deals with joint cheat and many other security problems. Consequently, those security enhancement technologies provide mass data with global security protection during the course of disaster tolerance.With the rapid development of information technology and continuous enhancement of people's dependence on information systems, guaranteeing the data security of information systems has attracted wide attention. However, under an open network environment, data faces all kinds of threats so that information systems have to face great difficulties. It is proved that adopting a disaster-tolerant method is an effective technological way for mass data of information systems. In disaster-tolerant systems, besides adopting high performance disaster-tolerant technology, it is also quite necessary to assure terminal trustworthiness in disaster-tolerant systems and the safety of data storage, in order to ensure a more robust data security. Therefore, it is of great importance to study the terminal of disaster-tolerant systems and security enhancement technology of disaster-tolerant data [1] .Except for various kinds of traditional security enhancement technologies [2] , we usually need to run an attestation protocol [3] to verify the degree of trust involving the terminal of disaster-tolerant systems. Apart from the early popular security protocols [4] , there are a great many practical protocols such as the Kerberos protocol [5] . Although these protocols settle matters about user-level identity attestation, these schemes still omit a few problems as follows: ① Do not check out whether the terminal platform is trusted. ② Do not consider the privacy of users. Furthermore, besides traditional user identity authentication, the proposed scheme must con-