CN100550030C - On portable terminal host, add the method for credible platform - Google Patents
On portable terminal host, add the method for credible platform Download PDFInfo
- Publication number
- CN100550030C CN100550030C CNB2006100079644A CN200610007964A CN100550030C CN 100550030 C CN100550030 C CN 100550030C CN B2006100079644 A CNB2006100079644 A CN B2006100079644A CN 200610007964 A CN200610007964 A CN 200610007964A CN 100550030 C CN100550030 C CN 100550030C
- Authority
- CN
- China
- Prior art keywords
- credible platform
- platform module
- security
- module
- portable terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of method of on portable terminal host, adding credible platform, belong to the information safety protection field.In the prior art, the hardware of portable terminal host, software and system are ever-changing, can't all carry out the management of credible Base Design and Remote Dynamic to all common portable terminal host again.Method of the present invention is carried out initialization to the TPM module earlier, allot portable TPM module then, between TPM module and end host, carry out external authentication, in the end host system, set up and isolate running environment, TPM module and security management center server carry out two-way authentication, TPM module and security management center server carry out the external encryption communication, and the security application authentication of TPM module and security management center, processing receive data.The present invention can be implemented in and adds at any time on the existing conventional portable end host and unload credible platform, and can carry out the dynamic telemanagement of remote live to credible platform.
Description
Technical field
The invention belongs to the information safety protection field, be specifically related to a kind of method of on portable terminal host, adding credible platform.
Background technology
Developing rapidly of computing machine and network communications technology shows two visible trends: the one, and the web development of computational resource, device resource and information resources is rapid; Another one is that the end host equipment of these Internet resources of visit more and more develops towards the direction of variation, miniaturization, intellectuality and mobile.The infrastructure that end host is handled as information stores, transmission, application operation, himself security relate to various aspects such as security of system, data security, network security, and any one node all might influence the safety of whole network.End host user's characteristics are: disperse, amount is big, dynamically, difference of technology level is big, safety is thinked little of, thereby end host becomes the weak link of information security system.Therefore, the safety of end host information interaction will be to guarantee that whole Internet resources safety and system are crucial normally.
The success of based on network Distributed Services become a kind of mode that increases productivity; for validity and the continuation that guarantees Distributed Services; usually need to guarantee safety, i.e. protection of end host sensitive data and operation and the normal assurance that service is provided from the terminal interface that obtains service.For being retained on the end host equipment and the safeguard measure of in use mutual sensitive data, generally can consider, and these all are the center with the trust problem from the several aspects of confidentiality, integrality, availability and non-repudiation.In order to solve the trust method problem of setting up this network terminal main frame better, in the world some renowned companies alliance formed Trusted Computing tissue (TrustedComputer Group, TCG), its purpose mainly is the safety that guarantees whole network by the security that strengthens existing end host architecture, meaning is built a sincere system exactly in network, each end host all has legal network identity, and can be approved; And end host has malicious code, as the immunocompetence of virus, wooden horse etc.In such trusted computation environment, any end host goes wrong, and can both guarantee reasonable evidence obtaining, convenient monitoring and management.
The security function that Trusted Computing provides has: the encryption storage of end host device authentication, data integrity verifying, authenticating user identification, user right legitimacy, port controlling and management, data, the protection of the hardware encipher of important information.These security functions have guaranteed the credible of configuration, application program of user, software and hardware etc., have further guaranteed the credible of end host, finally construct computer network trusty.
According to the standard of TCG, the trust of each end host inter-entity is based on the credible platform module that is present in the end host entity (Trusted Platform Module, TPM) hardware component.Credible platform makes an end host entity can determine the safe condition of the software environment in this platform; and the data that need protection (interim operational data in the middle of comprising) are enclosed in the specific software environment of this platform, thereby guarantee the foundation of trust of end host entity.Therefore, on the end host entity, set up credible platform, must rethink and form the environment of relative closure from links such as hardware design, system design and operational managements.This situation is feasible for the equipment of redesign, production, for the existing terminal main frame, then be difficult to realize, because in the prior art, the hardware of end host equipment, software and system are ever-changing, complexity differs, be difficult to unification, can't all carry out credible Base Design again, otherwise will strengthen the difficulty and the cost of end host configuration credible platform all end hosts; In addition, including trustable network in for the end host that how will exist or use also is the problem that will consider; Simultaneously, the credible platform of dispersion can't be concentrated, dynamically updates and manage.
Summary of the invention
At the defective that exists in the prior art, the purpose of this invention is to provide a kind of method of on portable terminal host, adding credible platform, this method can be implemented on the existing portable terminal host adds credible platform, and can carry out dynamic telemanagement to credible platform.
For reaching above purpose, the technical solution used in the present invention is: a kind of method of adding credible platform on portable terminal host may further comprise the steps:
(1) credible platform module is carried out initialization;
(2) allot portable trusted platform module, credible platform module and end host carry out external authentication, set up in the end host system and isolate running environment; Described external authentication process is: produce a random number RA NDOM by credible platform module earlier and issue end host, end host returns to credible platform module after encrypting this random number RA NDOM with authenticate key, credible platform module will with external authentication key EXB to the data decryption that receives and with random number RA NDOM relatively, if consistent then set up credible platform module and be connected with the credible of end host;
(3) credible platform module and security management center server carry out two-way authentication;
(4) credible platform module and security management center server carry out the outer remote encryption communication;
(5) credible platform module and security management center secure data exchange;
(6) credible platform module and end host break away from connects before, the isolation running environment automatic safe in the end host system is saved on the credible platform module, the end host system is reduced into automatically and connects preceding state with credible platform module.
Further, during the initialization credible platform module, the security module of security management center server can be carried out the key and the security application initialization of off-line to end host and credible platform module in the step (1).
The key management system of security management center and device generate unsymmetrical key group, symmetric key group, key use authentication PIN code (Personal Identification Number) or fingerprint template information.
The cryptographic algorithm of above-mentioned unsymmetrical key correspondence includes but not limited to that RSA, ECC (elliptic curve) commonly used now encrypt or the tailor-made algorithm of national requirements.
The cryptographic algorithm of above-mentioned symmetric key correspondence includes but not limited to the tailor-made algorithm of DES, 3DES, AES or national appointment commonly used now.
Compression algorithm on the above-mentioned credible platform module includes but not limited to MD5, SHA-1 algorithm commonly used now.
(Virtual Machine VM) writes separately independently secure storage areas to the writing station of security management center program safety with Secure Application supervisory routine SECADM, system image file SYSIMG, virtual machine.
Further, in the step (2), described allocation credible platform module is to install credible platform module additional or portable terminal host is connected with credible platform module by external interface in portable terminal host.
Further, in the step (2), credible platform module with the external authentication of end host security of system after break the wall of mistrust with it and to get in touch.
Further, after carrying out external authentication in the step (2), leaving Secure Application supervisory routine on the large-capacity storage media on the credible platform module in can be imported on the host computer system operation automatically and by it virtual program or system image file be imported the host computer system operation, in host computer system, form new system environments by the system image file that on virtual machine, recovers to import, thereby set up the system running environment of relative isolation with the main frame original system, portable trusted platform module is in encrypted state in all exchanges data with the end host system simultaneously.
Further, in the step (4), the Secure Application supervisory routine of just moving on the main frame isolation environment can be set up the remote encryption communication channel with long-range security management center server by the hardware communication basis of main frame;
Further, setting up in the process of encrypted tunnel is the security function that is started the TPM chip of the credible platform module in the portable terminal host by the Secure Application supervisory routine, and above-mentioned security function comprises the generation of session key, encryption, digital signature, deciphering, authentication.
Further, in the step (5), after the remote encryption passage is set up, the safety management module that starts credible platform module and security management center server by the Secure Application supervisory routine carries out the strictness authentication, after authentication was passed through, the security management center server can upgrade and manage security information and the safe storage security application thereon on the interior TPM chip of credible platform module long-range, dynamically, safely.
Further, in the step (5), long-range at the security management center server, upgrade dynamically, safely and manage in the process of security information on the TPM chip in the credible platform module and safe storage security application thereon, these carry out digital signature and necessary encryption through the security module of security management center server earlier from security information and the security application that the security management center server sends out, after the incoming terminal host computer system by the advanced line number word signature authentication of credible platform module, authentication by after carry out necessary deciphering again; Security information and the security application that sends out from credible platform module carries out digital signature and necessary encryption through credible platform module earlier equally, arrive after the security module of security management center server by the advanced line number word signature authentication of the security module of security management center server, authentication by after carry out necessary deciphering again.
Further, in the step (6), credible platform module and end host break away from connects before, all data of the isolation running environment generation in the end host system comprise that ephemeral data is automatically through being saved on the large-capacity storage media of credible platform module after the TPM module encrypt.
Effect of the present invention is: adopt method of the present invention, can be implemented on the existing portable terminal host and add credible platform, and can carry out the real-time and dynamic telemanagement to credible platform.This method has broken through the difficult point that existing TPM module can't realize supporting remote dynamic management, thereby provides practicable unified management method for the safe operation of network operation service.
Description of drawings
Fig. 1 is the process flow diagram of the method for the invention;
Fig. 2 is a credible platform module structural drawing of the present invention.
Embodiment
Below in conjunction with drawings and Examples the present invention is specifically described in detail:
As shown in Figure 1, a kind of method of adding credible platform on portable terminal host comprises the steps:
(1) initialization credible platform module;
Credible platform module (also claiming TPM module or portable TPM module) is preceding allotting, and uses authentication PIN code or fingerprint template information to generate by special-purpose key management system and device unsymmetrical key group (the key corresponding algorithm includes but not limited to RSA commonly used now, ECC algorithm etc.), symmetric key group (the key corresponding algorithm includes but not limited to AES, DES, 3DES algorithm commonly used now), key earlier; Secure Application supervisory routine, system image file, VM program are write separately independently secure storage areas by the instrument safety of special use;
At first security management center can carry out the key and the security application initialization of off-line according to application need to end host and portable TPM module.The initialization of portable TPM module is related to a pair of unsymmetrical key PRA and PUA and external authentication key EXB and Secure Application supervisory routine SECADM, system image file SYSIMG and virtual machine (Virtual Machine, VM) program etc. at least.
As shown in Figure 2, above-mentioned TPM module is made up of master controller 1, TPM chip 2, large-capacity storage media 3.Wherein, be divided into secure data storage district 4, system image file storage area 5, security management program memory block 6 on the large-capacity storage media 3, store secure data, system image file, safety management and application program respectively.
(2) allot portable TPM module, TPM module and end host carry out external authentication, and system sets up isolation environment at end host;
Portable TPM module is being got in touch with back the breaking the wall of mistrust with it of end host security of system authentication, leave then that Secure Application supervisory routine on the large-capacity storage media on the portable TPM module can be imported on the host computer system operation automatically in and by it with virtual machine (Virtual Machine, VM) program or system image file import the operation of end host system, in the end host system, form new system environments by the system image file that on virtual machine, recovers to import, thereby set up the system running environment of relative isolation with original system in the end host system, portable TPM module is in encrypted state in all exchanges data with the end host system simultaneously;
Because TPM generally is a passive components during as the crypto-operation function, need to arrange other security application to drive and management to its use, security application is carried out safe and reliable renewal and management is a key of setting up Trusted Computing; And scope and function in order to enlarge Trusted Computing, also be very crucial to the security requirement of the supporting remote dynamic management of the security application that distributes with end host equipment.
Portable TPM module with carry out external authentication after end host is connected earlier: promptly produce a random number RA NDOM by portable TPM module earlier and issue end host, end host is used and is returned to the TPM module after authenticate key is encrypted this random number RA NDOM, the TPM module will with external authentication key EXB to the data decryption that receives and with random number RA NDOM relatively, if unanimity then prove that this moment, portable TPM module can be set up credible the connection with end host.Secure Application supervisory routine SECADM on the TPM delivers to VM program and system image file SYSIMG the system running environment of end host and operation thereon and the isolation of structure safety at this moment.
(3) TPM module and security management center server are set up the telesecurity communication;
The Secure Application supervisory routine of moving on the main frame isolation environment is set up the encryption communication passage by the communication basis of main frame with the security management center server, set up the security function that is also started the TPM chip of portable TPM module in the process of encrypted tunnel by the Secure Application supervisory routine, above-mentioned security function comprises the generation of session key, encryption, digital signature, deciphering, authentication etc.
The communication module that Secure Application supervisory routine SECADM on the while TPM will start on the end host is set up long-range the connection with security management center.In the process that starts long-range connection, end host will be set up two-way authentication by the server of TPM module and administrative center: at first end host is issued security management center with the PUA in the TPM (or digital certificate), security management center will be to the data in these data and database comparisons, if correctly then receive otherwise refusal; The server of security management center will produce a random number and encrypt with the PUA that receives then, send end host back to; Random number after end host will be encrypted is delivered to and is used corresponding PRA deciphering in the TPM module, the result after the deciphering will be compressed after the compression algorithm for DATA encrypt with PRA again after again with the PUB encryption of server after send back to the security management center server by end host; After receiving, will adopt the security management center server server PRB deciphering, result behind the successful decryption obtains data DDATA by the PUA deciphering again, if the random number that these data and server produce before this is through the comparison of same compression algorithm calculated result, if unanimity then TPM can set up credible the connection with security management center.Communication simultaneously can be set up the passage of the encryption of sharing key, and the shared key of encrypted tunnel can be produced after the PUB of server encrypts by the TPM of end host and issue server, and the PRB deciphering by server obtains again.
After TPM module and security management center server are set up remote encryption and are connected, can be mutually swap data and information safely.The TPM module will be upgraded data or data on the storage medium or the security application on the TPM chip on it, need manage by security management program and receive and send, reception all has result after PRB key through security administration server carries out digital signature from security management center data in server bag, the result of digital signature through the TPM chip authentication by after just can require packet is left on the TPM module according to safe class; The PRA key that the packet that will upload on the same TPM module also all has through the TPM chip carries out digital signature result, the result of digital signature through server authentication by after just packet can be received and leave on the server.
(4) realization is to the supporting remote dynamic management of TPM module safety;
After encrypted tunnel is set up, the safety management module that starts portable TPM module and security management center server by the Secure Application supervisory routine carries out the strictness authentication, after authentication is passed through, the security management center server can telesecurity ground upgrade and TPM chip that managing portable formula TPM module is interior on security information and the security application on the safe storage.
(5) the end host system preserves data and recovers original system;
Credible platform module and end host break away from connects before, all data of the isolation running environment generation in the end host system comprise that ephemeral data is automatically through being saved on the large-capacity storage media of credible platform module after the TPM module encrypt.Credible platform module connect with end host break away from after, the end host system is reduced into automatically and connects preceding state with credible platform module.
In sum, utilization of the present invention is by various safety practices, with the end host is trust bridge, successfully set up the TPM module and be connected, realized a kind of method of on portable terminal, adding credible platform and credible platform being carried out the Remote Dynamic safety management with the credible and secure of security management center.
Method of the present invention is not limited to the embodiment described in the embodiment, so long as those skilled in the art's technical scheme according to the present invention draws other embodiment, belongs to technological innovation scope of the present invention equally.
Claims (15)
1. method of adding credible platform on portable terminal host may further comprise the steps:
(1) credible platform module is carried out initialization;
(2) allot credible platform module, credible platform module and end host carry out external authentication, set up in the end host system and isolate running environment; Described external authentication process is: produce a random number RA NDOM by credible platform module earlier and issue end host, end host returns to credible platform module after encrypting this random number RA NDOM with authenticate key, credible platform module will with external authentication key EXB to the data decryption that receives and with random number RA NDOM relatively, if consistent then set up credible platform module and be connected with the credible of end host;
(3) credible platform module and security management center server carry out two-way authentication;
(4) credible platform module and security management center server carry out the outer remote encryption communication;
(5) credible platform module and security management center server security swap data;
(6) credible platform module and end host break away from connects before, the isolation running environment automatic safe in the end host system is saved on the credible platform module, the end host system is reduced into automatically and connects preceding state with credible platform module.
2. a kind of method of on portable terminal host, adding credible platform as claimed in claim 1, it is characterized in that: during the initialization credible platform module, the security module of security management center server is carried out the key and the security application initialization of off-line to credible platform module in the step (1).
3. a kind of method of on portable terminal host, adding credible platform as claimed in claim 2, it is characterized in that: when in the step (1) credible platform module being carried out initialization, the key management system of security management center and device generate unsymmetrical key group, symmetric key group, key use authentication PIN code or fingerprint template information, and they are write credible platform module by key management system safety.
4. a kind of method of adding credible platform on portable terminal host as claimed in claim 3, it is characterized in that: above-mentioned unsymmetrical key corresponding algorithm comprises RSA, ECC.
5. a kind of method of adding credible platform on portable terminal host as claimed in claim 3, it is characterized in that: above-mentioned symmetric key corresponding algorithm comprises DES, 3DES, AES.
6. as claim 4 or 5 described a kind of methods of on portable terminal host, adding credible platform, it is characterized in that: state in the use in the process that algorithm authenticates and used compression algorithm MD5 or SHA-1.
7. as claim 1,2,3,4 or 5 described a kind of methods of on portable terminal host, adding credible platform, it is characterized in that: when in the step (1) credible platform module being carried out initialization, the writing station of security management center server writes separately independently secure storage areas with Secure Application supervisory routine SECADM, system image file SYSIMG, virtual machine program safety.
8. as claim 1,2,3,4 or 5 described a kind of methods of on portable terminal host, adding credible platform, it is characterized in that: in the step (2), described allocation credible platform module is to install credible platform module additional or portable terminal host is connected with credible platform module by external interface in portable terminal host.
9. a kind of method of adding credible platform on portable terminal host as claimed in claim 8 is characterized in that: further, in the step (2), credible platform module breaks the wall of mistrust with it after carrying out safe external authentication with the end host system and gets in touch.
10. a kind of method of on portable terminal host, adding credible platform as claimed in claim 9, it is characterized in that: after carrying out external authentication in the step (2), leaving Secure Application supervisory routine on the large-capacity storage media on the credible platform module in is imported in the end host system operation automatically and by it virtual program or system image file is imported the operation of end host system, in the end host system, form new system environments by the system image file that on virtual machine, recovers to import, thereby set up the system running environment of relative isolation with the end host original system, portable trusted platform module is in encrypted state in all exchanges data with the end host system simultaneously.
11. as claim 1,2,3,4 or 5 described a kind of methods of on portable terminal host, adding credible platform, it is characterized in that: in the step (4), the Secure Application supervisory routine of moving on the end host isolation environment is set up the remote encryption communication channel by the communication basis of end host with long-range security management center server.
12. a kind of method of on portable terminal host, adding credible platform as claimed in claim 11, it is characterized in that: setting up in the process of remote encryption passage is the security function that is started the TPM chip of credible platform module by the Secure Application supervisory routine, and above-mentioned security function comprises the generation of session key, encryption, digital signature, deciphering, authentication.
13. as claim 1,2,3,4 or 5 described a kind of methods of on portable terminal host, adding credible platform, it is characterized in that: in the step (5), after the remote encryption passage is set up, the safety management module that starts credible platform module and security management center server by the Secure Application supervisory routine carries out the strictness authentication, after authentication was passed through, the security management center server can upgrade and manage security information and the safe storage security application thereon on the interior TPM chip of credible platform module long-range, dynamically, safely.
14. a kind of method of on portable terminal host, adding credible platform as claimed in claim 13, it is characterized in that: in the step (5), long-range at the security management center server, dynamically, upgrade safely and manage in the process of security information on the TPM chip in the credible platform module and safe storage security application thereon, these carry out digital signature and necessary encryption through the security module of security management center server earlier from security information and the security application that the security management center server sends out, after the incoming terminal host computer system by the advanced line number word signature authentication of credible platform module, authentication by after carry out necessary deciphering again; Security information and the security application that sends out from credible platform module carries out digital signature and necessary encryption through credible platform module earlier equally, arrive after the security module of security management center server by the advanced line number word signature authentication of the security module of security management center server, authentication by after carry out necessary deciphering again.
15. as claim 1,2,3,4 or 5 described a kind of methods of on portable terminal host, adding credible platform, it is characterized in that: in the step (6), credible platform module and end host break away from connects before, all data of the isolation running environment generation in the end host system comprise that ephemeral data is automatically through being saved on the large-capacity storage media of credible platform module after the TPM module encrypt.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100079644A CN100550030C (en) | 2006-02-24 | 2006-02-24 | On portable terminal host, add the method for credible platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100079644A CN100550030C (en) | 2006-02-24 | 2006-02-24 | On portable terminal host, add the method for credible platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1808456A CN1808456A (en) | 2006-07-26 |
| CN100550030C true CN100550030C (en) | 2009-10-14 |
Family
ID=36840351
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100079644A Expired - Fee Related CN100550030C (en) | 2006-02-24 | 2006-02-24 | On portable terminal host, add the method for credible platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100550030C (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101155112B (en) * | 2006-09-29 | 2010-05-12 | 联想(北京)有限公司 | Virtual special terminal, network service system and service access method |
| CN101034991B (en) * | 2007-04-06 | 2011-05-11 | 中兴通讯股份有限公司 | Secure guiding system, method, code signature construction method and authentication method |
| US8751802B2 (en) * | 2010-06-30 | 2014-06-10 | Sandisk Il Ltd. | Storage device and method and for storage device state recovery |
| CN103595530B (en) * | 2012-08-17 | 2017-04-26 | 华为技术有限公司 | Software secret key updating method and device |
| CN103888429B (en) * | 2012-12-21 | 2017-11-03 | 华为技术有限公司 | Virtual machine starts method, relevant device and system |
| CN103258150B (en) * | 2013-06-24 | 2016-02-10 | 北京深思数盾科技有限公司 | A kind of system of local and remote software protecting equipment collaborative work |
| CN103646214B (en) * | 2013-12-18 | 2016-08-31 | 国家电网公司 | A kind of method setting up trusted context in distribution terminal |
| CN105930730A (en) * | 2015-09-22 | 2016-09-07 | 中国银联股份有限公司 | Terminal system security update method and apparatus in trusted execution environment |
| CN113783846B (en) * | 2021-08-16 | 2023-09-19 | 德威可信(北京)科技有限公司 | Trusted data transmission system and method |
-
2006
- 2006-02-24 CN CNB2006100079644A patent/CN100550030C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1808456A (en) | 2006-07-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110784491B (en) | Internet of things safety management system | |
| CN100550030C (en) | On portable terminal host, add the method for credible platform | |
| JP6151402B2 (en) | Inclusive verification of platform to data center | |
| US7953977B2 (en) | Security and ticketing system control and management | |
| CN100478975C (en) | Method and system for using a compact disk as a smart key device | |
| CN103888251B (en) | A kind of method of virtual machine credible security in cloud environment | |
| US8607045B2 (en) | Tokencode exchanges for peripheral authentication | |
| CN106603487B (en) | Method for improving security of TLS protocol processing based on CPU space-time isolation mechanism | |
| CN101102180B (en) | Inter-system binding and platform integrity verification method based on hardware security unit | |
| CN108345806A (en) | A kind of hardware encryption card and encryption method | |
| CN101241528A (en) | Terminal access trusted PDA method and access system | |
| US8145917B2 (en) | Security bootstrapping for distributed architecture devices | |
| CN105873031A (en) | Authentication and key negotiation method of distributed unmanned aerial vehicle based on trusted platform | |
| CN113014444B (en) | Internet of things equipment production test system and safety protection method | |
| CN112651037A (en) | Off-chain data access method and system of block chain system | |
| CN1808457B (en) | Portable trusted device for remote dynamic management | |
| US20030053630A1 (en) | Method and system for key usage control in an embedded security system | |
| CN102594564A (en) | Equipment for traffic guidance information security management | |
| CN2914500Y (en) | Portable and reliable platform module | |
| CN114338091B (en) | Data transmission method, device, electronic equipment and storage medium | |
| CN104899480A (en) | Software copyright protection and management method based on combined public key identity authentication technology | |
| CN102647273B (en) | Generation methods and devices of user root key and user key for trusted computing platform | |
| CN112926983A (en) | Block chain-based deposit certificate transaction encryption system and method | |
| CN113285934A (en) | Server cipher machine client IP detection method and device based on digital signature | |
| US20070234033A1 (en) | Method for establishing secure distributed cryptographic objects |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20091014 Termination date: 20170224 |