CN102194063A - Method and system for secure management and use of key and certificate based on virtual machine technology - Google Patents
Method and system for secure management and use of key and certificate based on virtual machine technology Download PDFInfo
- Publication number
- CN102194063A CN102194063A CN2010101226007A CN201010122600A CN102194063A CN 102194063 A CN102194063 A CN 102194063A CN 2010101226007 A CN2010101226007 A CN 2010101226007A CN 201010122600 A CN201010122600 A CN 201010122600A CN 102194063 A CN102194063 A CN 102194063A
- Authority
- CN
- China
- Prior art keywords
- key
- certificate
- user
- operating system
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a method and system for secure management and use of a key and a certificate based on a virtual machine technology. In the method, a key/certificate management program is isolated from a user operation system in different hardware resource spaces through a virtual machine monitor (VMM), therefore the security in management and use of the key and the certificate with a software method is improved. Accordingly, the invention integrates the advantages of good user experience of a software certificate and high security of a USB key certificate, meanwhile further solves the difficult problem of insufficient storage capacity of a USB key, reduces the customer service and hardware costs, and provides the secure management and use of the key and the certificate with a universal solution taking the interests of users, developers and service providers into consideration.
Description
Technical field
What the present invention was general relates to by the Secure Transaction on voucher (as the PKI certificate) the realization network.In particular, the present invention relates to strengthen and use soft certificate to carry out the method and system of safety of network ID authentication on computers.
Background technology
Along with the appearance of the Internet, the quantity of online transaction also rapidly increases.Along with the increase of this transaction, also brought such as problems such as the authentication of device therefor in the authentication, undeniable transaction of transaction security, transaction each side and this type of transaction and checkings.At these problems, developed a kind of Public Key Infrastructure(PKI), wherein, certification authority (CA) provides digital certificate and a pair of relevant key to the individual who participates in ecommerce by open network (as the Internet) with mechanism.These certificates play the identity that authenticating transactions participates in both sides, realize the effect of undeniable transaction, and with key to being associated, can finish in view of the above by the Internet and carry out transaction encryption.PKI foundation structure type transaction obtained significant development in the past few years.
PKI foundation structure type transaction being most widely used in e-commerce field.With the Web bank is example, sums up and gets up to have two types, and a kind of is soft certificate type, and a kind of is USB Key certificate type.
The application of this two classes certificate, be structured in usually Windows on the integrated cert services interface.At present, two kinds of more common interfaces that encryption device is managed are arranged in the world.A kind of is the PKCS#11 standard interface, and another kind is CSP (Cryptographic Service Provider) standard interface---the CryptoAPI interface of being formulated by Microsoft.Wherein CSP is that Microsoft aims at the bottom encipher interface that Windows series operating system is formulated, and is used for the encryption device of hardware management or form of software, realizes data encryption, deciphering, digital signature, checking and data summarization (being HASH) etc.
CSP is the basis of Windows Secure Application, and the realization https-secure is browsed (being the SSL secure data communication) and realized secure tunnel (as Ipsec) function on Windows operating system, all must have CSP to participate in crypto-operation.Wherein, the basic CSP of Microsoft comprises RSABase, and DssBase etc. provide the enhancement mode CSP of 128 above encryption keys in addition.Basic CSP only provides 40 symmetric cryptographies and 512 RSA asymmetric encryption, and such key length in the scope of sign indicating number of can decoding, is unsafe just.Third party CSP can be developed according to the standard interface that Microsoft formulates by encryption device manufacturer, uses by being installed in the system behind Microsoft's signature.
So-called soft certificate, be meant that the user asks and the PKI certificate of download and personal identification binding to personal computer (perhaps acting on behalf) by bank or other similar means, itself and relevant key can be used for the Internet transaction of safety certification then to combination.
What soft certificate used is the basic CSP program that carries in the Windows operating system, and IE built-in to the support of this built-in CSP program, therefore the user need not install driver or Add-ons, and the process domestic consumer of downloadable authentication generally can finish by page prompts.Therefore, soft certificate possesses bigger advantage aspect ease for use.
The shortcoming of soft certificate is, the operating system on the personal computer has the ability to know PKI certificate, the prompting of key peer-to-peer information China's finance authentication center, and there is potential safety hazard in " soft certificate ".It not force users certificate be set use password, other people login same computer and just can directly use.The private key of " soft certificate " can be derived, thereby gives trojan horse program with opportunity, and credential duplication is used to other computers.Before this, once had bank that the case that " soft certificate " is broken takes place, indivedual banks simply cancelled the online payment function of " soft certificate " in 2008.
In addition, " soft certificate " is downloaded to operating system of user, in case the user reinstalls operating system, will lose soft certificate, and the bank of being obliged to go makes up, and need produce extra-pay usually and make up certificate.This also is " soft certificate " place not as USB Key certificate.
So-called USB Key certificate, be meant that the user asks and the PKI certificate of download and personal identification binding to USB Key hardware unit (perhaps acting on behalf) by bank or other similar means, this USB Key and common U are diverse, its main body is a safety chip, and private key and digital certificate (or quoting digital certificate) are stored in this safety chip hardware unit.And this safety chip possesses computing power, support to generate key to calculation tasks such as, digital signature and encryption and decryption.The advantage of USB Key certificate is that the operating system on the personal computer can't be known PKI certificate, key peer-to-peer information.
But at present USB Key certificate is divided into two kinds of a generation and two generations again, and generation USB Key certificate in the time of on being linked into computing machine, can pass through long-range direct control, and this makes the wooden horse of Remote class have an opportunity to take advantage of.Two generation USB Key certificates, a LCDs is arranged, can echo data to be signed (as amount of money etc.), and an ACK button is arranged on the USB Key, must press ACK button, safety chip just can be finished digital signature and calculate, and can further take precautions against Remote class wooden horse like this, and utilize the echo function, the data that prevent user's signature are distorted by wooden horse in operating system of user and the user knows nothing.
Because safe, each big bank is minimum for the online payment of adopting USB Key certificate to carry out, the restriction of transferring accounts.But the memory capacity of safety chip is very limited in the USBKey certificate, has only 32KB usually, and this has limited USB Key certificate as general solution.At present, each tame bank all independently issues USB Key, has increased user's the difficulty that has cost and keep properly.
In addition, though USB Key need not to install and drives, but be hardware device after all, the CSP program that can't use Windows to carry, therefore the manufacturer of USB Key need develop and provide the CSP program that can manage and use this hardware device, and the user must install this CSP program and could use USB Key.Therefore, the user may need contact staff's support just can finish installation action using USB Key can run into certain trouble for the first time, for bank, has further increased the cost of customer service again.
In the same way, in user's internet usage service process, exist the link that a lot of needs carry out authentication.Such as store login on QQ/MSN login, online game login, online stock exchange, the line etc., these situations are directly related with user's personal property safety all, and adopting USB Key certificate also is safest means undoubtedly.But limited memory capacity, customer service cost, not good user experience, hardware cost hindered USB Key certificate undoubtedly becomes general solution.
Therefore, wish that giving PKI foundation structure develops a kind of system, this system can gather soft certificate user and experience preferable and USB Key certificate is safe, the advantage that is difficult for losing, further solve the difficult problem of USB Key lack of memory capacity simultaneously, reduce customer service cost and hardware cost, can take into account user, developer, the service provider universal solution of interests in many ways for network ID authentication provides a kind of.
This possibility needs a kind of new computer system architecture.And this new framework, it can not be the mode of hardware+Windows+Windows software, as everyone knows, in the Windows architecture, Windows is the direct effector of hardware, and Windows opened the development interface that kernel level drives, and makes the third party can to implant the driver of oneself in Windows, if the task of this driver is to steal key and certificate, we can't thoroughly take precautions against with another one software in Windows in theory.
New computer system architecture is to allow fail-safe software have an opportunity to move outside Windows, but keeps communicating by letter between the operation of Windows and fail-safe software and the Windows again.A kind of typical case realizes being to use virtual machine technique for this new architecture.Virtual machine technique is the technology that simulates some computing machines on a computing machine, and each virtual computing machine can move independent operating system and not disturb mutually, can realize that a computer " simultaneously " moves several operating systems.
Virtual machine technique is divided into virtual and auxiliary virtual (VT) the two big classes of hardware of pure software again.The virtual operating system of user that depends on of pure software, hardware auxiliary virtual (VT) depends on the support of CPU to the virtual machine extension instruction set.In this two classes Intel Virtualization Technology, the security of hardware auxiliary virtual (VT) is higher.
The auxiliary Intel Virtualization Technology of hardware has certain requirement for the hardware environment of user computer, needs the user to be equipped with the CPU that supports VT.This type of CPU provides a kind of execution pattern of the root of being called pattern, operate in program (Virtual Machine Monitor---the virtual machine monitor under this pattern, be commonly called VMM) can monitor the code command and the hardware device interruption that do not move in this pattern (non-root pattern).This means that under the x86 new architecture, Windows runs directly on the bare machine, have and following change has taken place for the situation of controlling all hardware:
1. the program of under the root pattern, moving (VMM) control that can break away from Windows
The program of under the root pattern, moving (VMM) but monitoring Windows to access hardware
That is to say that a kind of feasible selection that addresses the above problem is exactly a virtual machine architecture, and be based on the virtual machine architecture of the auxiliary Intel Virtualization Technology of hardware.
Summary of the invention
The present invention is based on virtual machine technique the solution that addresses the above problem is provided.Particularly, the present invention proposes a kind of safety management and use digital certificate and encryption key method, by virtual machine monitor VMM key/certificate management programme and operating system of user are isolated in different hardware resource spaces, have strengthened the security of software approach management and use key and certificate.This makes the present invention gather soft certificate user and experiences advantage safe with USB Key certificate, that be difficult for losing, further solve the difficult problem of USB Key lack of memory capacity simultaneously, reduce customer service cost and hardware cost, use key certificate to provide a kind of for safety management and can take into account user, developer, the service provider universal solution of interests in many ways.
According to embodiments of the invention, can develop the CSP program that meets the CryptoAPI standard, and the built-in CSP program of alternative Windows, this will make the soft certificate of IE directly be downloaded in key/certificate management programme, manage and use by key/certificate management programme, the risk that can avoid soft certificate to be stolen and to usurp makes soft certificate reach the safe class of USB Key certificate thus, has kept the ease for use of soft certificate simultaneously.
According to embodiments of the invention, can allow virtual machine monitor (VMM) in local hard drive, divide and to be preserved key by the storage space that operating system of user is visited for key/certificate management programme, because the local hard drive space can be thousands of times of USB Key certificate, make key/certificate management programme that the service of key and certificate storage can be provided for any a plurality of different application thus.
According to embodiments of the invention, can also be specific service development CSP program specially, and with the interface of this CSP program as key/certificate management programme, key/certificate management programme be equivalent to the role of USB Key certificate like this, i.e. virtual USB Key certificate.Can carry out seamless integrated with Web bank's USB Key cert services thus.
According to embodiments of the invention, can in key/certificate management programme, show data to be signed, compare with the LED display in two generations of USBKey certificate, key/certificate management programme can utilize computer screen to show data to be signed, is easy to more read, and displayable additional information is more, just do not show information such as dealing money merely, this helps other details of customer inspection transaction, and as payee name, address etc., more effective strick precaution utilizes wooden horse to distort the Transaction Information behavior.
According to embodiments of the invention, key/certificate management programme can support to use the function of PIN code verified users identity, because when key/certificate management programme is in running status, the user can't perception by the data of keyboard input, therefore wooden horse can't steal PIN code, in addition, even gained PIN code by cheating, and remote control operating system of user, because key/certificate management programme and operating system of user physical hardware resources space isolate, the hacker can't pass through Remote mode control key/certificate management programme.That is to say and only utilize local keyboard input PIN code, just can finish the signature action, can take precautions against Remote thus and usurp digital certificate in computing machine this locality.
According to embodiments of the invention, the third party uses can be based on CryptoAPI interface or bottom api function storehouse, the independent encryption and decryption data function of using key/certificate management programme.
With reference to following concrete most preferred embodiment shown in the drawings, other features and advantages of the present invention are given more detailed description subsequently, identical reference number is used to identify identical parts in the accompanying drawing.
Description of drawings
Fig. 1 is the block scheme of the related elementary cell of the embodiment of the invention.
Fig. 2 is the concise and to the point workflow diagram of the embodiment of the invention.
Fig. 3 is the block scheme of the related elementary cell of VMM in the embodiment of the invention.
Fig. 4 is the block scheme of the related elementary cell of key/certificate management programme in the embodiment of the invention.
Fig. 5 is the block scheme of the related elementary cell of CSP program in the embodiment of the invention
Embodiment
To the understanding of principle of the present invention and feature, hereinafter will be illustrated for convenience with reference to the enforcement of an example embodiment.Specifically, The present invention be directed to and use Windows 2000 and above operating system as operating system of user, use has disposed that the computing machine of supporting Intel VT technology CPU is described as device context, in addition, the present invention is in conjunction with PKI Public Key Infrastructure system, and serves at Web bank and to illustrate.
But should be understood that this is not uniquely can implement embodiments of the invention.On the contrary, the present invention can be applied to various operating system, for example (SuSE) Linux OS; Can be applied to different hardware environment, as dispose the computing machine of the auxiliary virtual CPU of AMD support hardware; Retrained by PKI Public Key Infrastructure system, but can be used for the security system that PKI and/or private key use encryption technology and authenticate by digital certificate or other similar techniques; Can not be at Web bank's service, can be stock exchange service on Web bank's service, on-line payment service, network game service, the line, online data backup, data encryption etc.
Fig. 1 shows the block scheme according to the embodiment of the invention.In Fig. 1, the CPU of computing machine provides root operational mode and non-root operational mode by the auxiliary virtualization extensions instruction set of hardware; Virtual machine monitor (being called for short VMM) is one section small routine that size is tens KB, can be implanted among the BIOS, thereby having precedence over Windows is loaded, the special instruction collection that this moment, VMM utilized CPU to provide will oneself be configured in the root pattern of CPU, and Windows loaded with non-root pattern, be loaded during service such as the client software request encrypting and decrypting of key/certificate management programme in Windows, signature, key generation.Say that from hierarchical structure VMM moves outside Windows, and Windows is controlled by VMM.This makes us have an opportunity the code that encrypting and decrypting, signature, key generate is moved on to outside the Windows, and this is consistent with the thought that USB Key certificate utilizes hardware chip to finish cryptographic services outside Windows.
Process flow diagram shown in Figure 2 has provided the concise and to the point workflow of the embodiment of the invention:
1. the user presses hot key
Under the default situations, VMM can't load key/certificate management programme.When the user need carry out paying on the line, press special hot key, VMM will preferentially detect this hot key, so load key/certificate management programme.This program independent operating can guarantee that Hacker Program can't visit outside Windows.
2. the user initiates transaction request
The modes of payments is undertaken by the IE browser on the line that is widely adopted at present, and the secure payment solution based on the certificate mode of PKI system all meets the CryptoAPI/CryptoSPI of Microsoft application architecture again, and the embodiment of the invention is no exception.IE will enumerate cryptographic services supplier (CSP) program of the embodiment of the invention by encrypting application programming interface (CryptoAPI) function in simple terms, and communicate by letter with CSP by encryption system DLL (dynamic link library) (CryptoSPI).
On line in the process of exchange, IE will be by the following operation of CryptoAPI function request:
A. generate and interchange key;
B. encryption and decryption data;
C. Code And Decode certificate;
D. manage and guarantee the security of certificate;
E. create and certifying digital signature, and calculate hash.
3.CSP call program VMM
The CSP program is responsible for the CryptoAPI function services such as encryption is provided, but the CSP program itself is can not comprise any enciphering and deciphering algorithm, and he is the standard security middleware.The CSP program continues to call out the VMM of bottom.
4. the user imports PIN code
VMM resolves the calling from upper layer CS P program, and an independently graphical interfaces is provided in VMM, requires the user to import PIN code, and notice VMM intercepts and captures key.Complexity on the flow process is requiring the user to import the graphical interfaces of PIN code, and key/certificate management programme can show received data to be signed simultaneously, and the user can read Transaction Information earlier, and whether decision imports PIN code again.
5. key/certificate management programme fill order
After the PIN code verification, VMM calls out key/certificate management programme and finishes calculation tasks such as ciphering signature, cryptographic key containers, key generation.
6. return results
VMM is responsible for result of calculation is returned to upper layer CS P program, and the CSP program returns to IE with the result again.IE obtaining through key/certificate management programme encrypt or the data of signature after, can with Web bank's server communication, finish the flow process of online trading.
Fig. 3 shows the block scheme according to VMM in the embodiment of the invention, and VMM is an independently microkernel designs operating system, and it comprises following kernel module: memory management, management of process, the management of VT correlation function, safety management, keyboard management, hard disk management etc.
A) memory management:
1. set up CR3 and hint obliquely at paging structure.
2. enter paging mode.
3. the internal memory pool managing of VMM inside is provided.
B) management of process:
1. manage the associative operation of process among the VMM.As set up process etc.
C) VT correlation function management:
1. make VMM enter protected mode,
2. support the functional framework of VMM, as VMM EXIT, VMM ENTRY.
D) safety management:
1. the functional interface from VMM CALL EXIT to VMM inside.
2. realize the functional interface part of key/certificate management programme respectively according to parameter.
E) keyboard management:
1. realize monitoring to USB internal memory IO and PS2 keyboard port
2. the security of the keyboard input when realizing the supervisory user transaction.
3. support PS2/USB equipment.
F) hard disk management:
1. realize the monitoring of PCI bus and hard disk port and the monitoring of physical memory.
2. be implemented in the read-write operation of VMM inside, support ATA/SATA/AHCI pattern hard disk hard disk.
Because adopted microkernel designs, VMM has following characteristics:
(1) it is few to take resource: micro-kernel is solidificated among the ROM of BIOS, itself takies less code space and data space;
(2) hard real-time: micro-kernel adopts the interruption mode of not exclusively closing, and supports interrupt nesting, when promptly only partial code is carried out in micro-kernel, just closes out interrupt operation, with the raising system to the interruption real-time response;
(3) high stability: the micro-kernel function is oversimplified, and is necessary self-protection, self-error detection and fault tolerance;
(4) transplantability is strong: the micro-kernel code adopts standard C and compilation mixing to become mode, is convenient to from now on to other platform transplantations;
Fig. 4 shows the block scheme according to key/certificate management programme in the embodiment of the invention, and key/certificate management programme is the service module of VMM, and the concrete function realization of these modules can use the kernel module of VMM.
A) key generates
The computation process that key generates is independent of outside the Windows, and other rogue program can't perception.
Generate the right algorithm of key, with the encrypting and decrypting algorithm be one, commonly realize 1024 generations that RSA key is right at random.RSA is a crucial enciphering and deciphering algorithm in the public key cryptography system, and mainly in the searching and index Montgomery Algorithm of big prime number, the generative process that RSA key is right directly relates to above two big bottleneck computational problems to the efficiency bottle neck of RSA.This has crucial effect to grasping a whole set of algorithm of RSA.
B) cryptographic key containers
Realization realizes safe preservation to the key that generates, and is placed on the afterbody of hard disk.And realize protection is realized in this part data field in VMM, the user can't see this part zone.Be treated in VMM and directly hard disk operated the realization read-write capability.Be independent of outside the Windows, other rogue program can't perception.
C) encryption and decryption signature
Realization is treated the encryption/signature algorithm of encryption and decryption/signed data and is handled.Can adopt international enciphering and deciphering algorithm, guarantee security from algorithm.As RSA, DES etc.Be independent of outside the Windows, other rogue program can't perception.
D) PIN code verification
Realization is to the safety check function of PIN code.Be independent of outside the Windows, other rogue program can't perception.
Its workflow is as follows:
1. obtain the functional classification of this request, as encrypting deciphering etc.
2. an independently graphical interfaces is provided in VMM, requires the user to import PIN code, and notice VMM intercepts and captures strong sign indicating number.
3. the user imports PIN code from keyboard, and point is determined.Support PS2/USB keyboard and mouse.
4. realize the verifying function of PIN code, if failure then point out the user to re-enter, maximum 3 time.If all fail then VMM ENTRY to Windows, return failure code.
5. if success then realize function corresponding according to this request function.VMM ENTRY is to Windows again, and returns the corresponding calculated result.
E) data to be signed show
Complexity on the flow process is requiring the user to import the graphical interfaces of PIN code, and key/certificate management programme can show received data to be signed simultaneously, and the user can read Transaction Information earlier, and whether decision imports PIN code again.
Fig. 5 shows the block scheme according to CSP program in the embodiment of the invention, the CSP program is to use the modal form of USB Key certificate Web bank's client, realize the CSP program can so that the embodiment of the invention can with serve seamless integrated based on digital certificate mechanism Web bank now.
The CSP program can't directly be called by upper level applications (as IE), replace, application program comes to communicate with CSP by the number of C ryptoAPI interface function that is provided by Advapi32.dll and Crypt32.dll module is provided, thereby finishes function corresponding.Operating system is filtered these function calls, and they are passed to corresponding C SP function by CryptoSPI (systems programming interface).
The service that function interface and key/certificate management programme provided that CSP provided is one to one substantially, and the CSP program is called bottom VMM by bottom API built-in function service is provided in these functions.
Whole implement of client software process is: at first, according to the VMM device command, finish bottom API built-in function CLIB.By being encapsulated, built-in function generates the LUKEY class, i.e. IUKEY.CPP, and LUKEY.H, and then generate the required dll file of CSP, at last by to Microsoft's application authentication, Microsoft will sign by the back.
The embodiment of the invention provides ease for use and extendability preferably, is embodied in:
A) seamless support is based on the soft cert services of IE
Can develop the CSP program that meets the CryptoAPI standard, and the built-in CSP program of alternative Windows, this will make the soft certificate of IE directly be downloaded in key/certificate management programme, manage and use by key/certificate management programme, and the user has no perception to this, thereby has kept the ease for use of soft certificate.
B) support is based on the USB Key cert services of IE
Can develop the CSP program that meets the CryptoAPI standard, in full accord with the employed CSP routine interface of USB Key certificate based on IE, the code support is revised in the Web bank website can support the embodiment of the invention to the identification of this CSP program.
C) be easy to expansion
1. can provide bottom SDK function and two kinds of middleware interface of CSP to the client, to support client's secondary development.
2. can also provide VMM service customization interface to the client, to support the requirement of premium customers.Such as the close tailor-made algorithm of acceding state or third party's cryptographic algorithm.
Providing and the close security of USB Key certificate of the embodiment of the invention, and be difficult for losing, he has adopted following safety practice to protect the safety of key and certificate and ciphering signature service:
A) safety practice of VMM
Do not distorted or walk around by the hacker in order to ensure the VMM code, VMM designs to such an extent that enough simplify, and can be implanted among the BIOS.Do like this and can guarantee that VMM is preferentially loaded.
Under the prerequisite that VMM is preferentially loaded, VMM can guarantee that key/certificate management programme and Windows isolate fully, the interface communication that can only provide by VMM each other, and not having other approach again can communication.
B) safety practice of key storage
1. in order to ensure the safety of key storage, the storage space design of key/certificate is at the afterbody of disk, VMM can carry out physical hard disk virtual, makes Windows can only " see " key/certificate storage space zone in addition, and also can only visit this zone.
2. in addition, key/certificate storage space is by the VMM transparent encryption, even VMM is bypassed, hacker and trojan horse program still can't get access to user's certificate and private key.
3. for the user, because key is not kept at the hardware resource space of operating system of user, even the user reinstalls operating system, need not also to worry that certificate loses, the user is after reinstalling operating system, only client software need be reinstalled, the operate as normal of key/certificate management programme can be recovered.
C) safety practice of PIN code input
In order to guarantee the security of PIN code input, PIN code input action in Windows will be hidden, the verification of PIN code moves on to the PIN code verification service module of VMM and finishes, enter the PIN code verification during stage, VMM all is directed to PIN code verification module with KeyEvent, Windows can not receive any key-press event, so trojan horse program can't be stolen PIN code.
In addition, the embodiment of the invention makes the problem of USB Key certificate key memory limitations be resolved.USB Key certificate has only the storage space about 32KB usually, only can store a small amount of key, and therefore a USB Key certificate generally can only offer one and use use.And the embodiment of the invention utilizes the local hard drive tail region as storage space, can the mass memory key, and make a key/certificate management programme to use for how tame client (bank, Alipay etc.).This greatly facilitates the user, and the user needn't be worried for a plurality of USB Key certificates of keeping.
From foregoing, as can be seen, the present invention proposes a kind of safety management and use digital certificate and encryption key method, by virtual machine monitor VMM key/certificate management programme and operating system of user are isolated in different hardware resource spaces, have strengthened the security of software approach management and use key and certificate.This makes the present invention gather soft certificate user and experiences advantage safe with USB Key certificate, that be difficult for losing, further solve the difficult problem of USB Key lack of memory capacity simultaneously, reduce customer service cost and hardware cost, for safety management with use digital certificate and key to provide a kind of and can take into account user, developer, the service provider universal solution of interests in many ways.
Those skilled in the art will appreciate that, can implement the present invention with various particular forms under the prerequisite that does not deviate from its spirit or core feature.For example, the present invention is that the basic configuration with personal computer is that device context is described, and subscriber authentication is to have continued to use the PIN code verification mode of using in the USB KEY certificate.But, implement the present invention and can also be to utilize living things feature recognition type verification (as fingerprint, palmmprint, palm shape, people's face, iris, write, voice, neck arteries and veins, DNA, gait etc.) or token type verification (as IC-card, employee's card, I.D. etc.).In addition, the present invention is to be Windows operating system with the operating system of user, and client software is described for the CSP program, can also be to be operating system of user with Linux but implement the present invention, is that interface is realized client software with PKCS#11.
Therefore, disclosed embodiment is considered as illustratively fully in this instructions, but not determinate, the scope of the invention is limited by appended claims, but not the content of aforementioned description, include only belong to this scope and and equivalent scope and implication within all changes.
Claims (10)
1. method and system that uses key certificate based on the virtual machine technique safety management, this system is made up of the client software in virtual machine monitor (VMM), key/certificate management programme, operating system of user, the operating system of user, has realized the safety management and the use of digital certificate and key;
Virtual machine monitor (VMM) is responsible for the visit of control operating system of user to physical hardware, and makes it can't visit the specific hardware resource, only allows described key/certificate management programme to use specific resources;
Key/certificate management programme operates in outside the operating system of user, is responsible for client software in the operating system of user storage of digital certificate and key is provided, generates key to services such as, digital signature and encryption and decryption calculating;
Client software in the operating system of user is responsible for and the interface that above-mentioned functions is provided for key/certificate management programme.
2. method and system according to claim 1, it is characterized in that, described virtual machine monitor (VMM) also can be responsible for control key/certificate management programme operation, suspend and close, just allow key/certificate management programme by suspending or closed condition switches to running status when can the client software in operating system of user calling service; When key/certificate management programme suspended or closes, the part hardware resource can discharge to operating system of user, as cpu resource, memory source etc.
3. method and system according to claim 1, it is characterized in that, described specific hardware resource relates to input equipments such as CPU, physical memory, physical hard disk and keyboard, mouse, handwriting pad, camera, sound collection equipment, fingerprint collecting equipment, can be one (such as wherein 1 nuclear of multi-core CPU) of a plurality of hardware, also can be a part of space (such as a part of space of hard disk afterbody) of a hardware device.
4. method and system according to claim 1, it is characterized in that, it can be password type verification (as the PIN code verification etc.), the verification of living things feature recognition type (as fingerprint, palmmprint, palm shape, people's face, iris, write, voice, neck arteries and veins, DNA, gait etc.) or token type verification (as IC-card, employee's card, I.D. etc.) that described key/certificate management programme also can provide user identity verification service, its form.
5. method and system according to claim 1, it is characterized in that, described key/certificate management programme also can provide data to be signed to show service, the equipment that shows data to be signed can be the regular display of computing machine, also can be the dedicated display of only being controlled by key/certificate management programme, also can be to play to the user by sound device.
6. method and system according to claim 1, it is characterized in that, described key/certificate management programme, can be one section program code, also can be an independently operating system, and described independently operating system can be the micro operation system that only possesses necessary function, it also can be complete or pass through a cutting general-purpose operating system, as Windows, Linux, DOS etc.
7. method and system according to claim 1, it is characterized in that, client software in the described operating system of user, it can be a CSP program that meets the CryptoAPI of Microsoft interface standard, perhaps can replace the CSP program of the CSP program that carries among the Windows, perhaps any meeting based on the third party of PKI/CA secure public key infrastructure system or the program of self defined interface standard, its form can be driver, application program, service, dynamic link library, perhaps the combination of these forms.
8. method and system according to claim 1, it is characterized in that, described key/certificate management programme provides the support to the standard encryption and decryption algorithm, described digital certificate and key can be stored in this locality or exterior storage medium through encrypting, and also can be stored in the special-purpose safety chip (as the TCM chip).
9. method and system according to claim 1, it is characterized in that, described operating system of user, it can be any general-purpose operating system, as Windows, Linux, DOS etc., operating system of user can be installed prior to virtual machine monitor (VMM) and key/certificate management programme simultaneously, also can be later in its installation.
10. method and system according to claim 1, it is characterized in that, described system can use in the service that relates to individual and enterprise assets or safety of secret data arbitrarily, as stock exchange service on Web bank's service, on-line payment service, network game service, the line, online data backup, data encryption service etc., can be used as the client of these services or the part of client, also can be used as the part of its service end.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101226007A CN102194063A (en) | 2010-03-12 | 2010-03-12 | Method and system for secure management and use of key and certificate based on virtual machine technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101226007A CN102194063A (en) | 2010-03-12 | 2010-03-12 | Method and system for secure management and use of key and certificate based on virtual machine technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102194063A true CN102194063A (en) | 2011-09-21 |
Family
ID=44602123
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101226007A Pending CN102194063A (en) | 2010-03-12 | 2010-03-12 | Method and system for secure management and use of key and certificate based on virtual machine technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102194063A (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102984273A (en) * | 2012-12-13 | 2013-03-20 | 华为技术有限公司 | Encryption method, decryption method, encryption device and decryption device of virtual disk and cloud server |
| CN103020543A (en) * | 2012-12-31 | 2013-04-03 | 北京启明星辰信息技术股份有限公司 | System and method for image encryption management of virtual disk |
| CN103036854A (en) * | 2011-09-30 | 2013-04-10 | 中国移动通信集团公司 | Business ordering method and system, business authority authentication method and terminal device |
| CN103107994A (en) * | 2013-02-06 | 2013-05-15 | 中电长城网际系统应用有限公司 | Vitualization environment data security partition method and system |
| CN103368736A (en) * | 2012-04-06 | 2013-10-23 | 汉王科技股份有限公司 | Business information encryption and decryption method and device |
| CN103440448A (en) * | 2013-04-02 | 2013-12-11 | 谢济鸿 | Iris identification method for online bank |
| CN104580188A (en) * | 2014-12-29 | 2015-04-29 | 中国科学院信息工程研究所 | Method and system for protecting root CA certificate in virtualization environment |
| WO2017088316A1 (en) * | 2015-11-27 | 2017-06-01 | 宇龙计算机通信科技(深圳)有限公司 | Payment method and device thereof |
| CN106936567A (en) * | 2015-12-29 | 2017-07-07 | 航天信息股份有限公司 | For the ciphertext conversion method and system of ATM |
| CN108245895A (en) * | 2017-06-30 | 2018-07-06 | 广州华多网络科技有限公司 | A kind of method and system for detecting running environment residing for game |
| WO2019037422A1 (en) * | 2017-08-22 | 2019-02-28 | 深圳市文鼎创数据科技有限公司 | Key and key handle generation method and system, and smart key security device |
| CN109412795A (en) * | 2018-09-17 | 2019-03-01 | 江苏敏行信息技术有限公司 | A kind of Virtual Intelligent cipher key |
| CN109565444A (en) * | 2016-08-11 | 2019-04-02 | 英特尔公司 | Safe public cloud |
| CN111241605A (en) * | 2019-12-31 | 2020-06-05 | 航天信息股份有限公司 | Safety storage device and method based on tax digital certificate |
| CN111510460A (en) * | 2020-04-24 | 2020-08-07 | 武汉火神信息科技有限公司 | Safety service system for centralized management of host and interception of forwarding instruction |
| CN111722894A (en) * | 2019-03-21 | 2020-09-29 | 成都鼎桥通信技术有限公司 | Application processing method and device and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020144109A1 (en) * | 2001-03-29 | 2002-10-03 | International Business Machines Corporation | Method and system for facilitating public key credentials acquisition |
| CN101155112A (en) * | 2006-09-29 | 2008-04-02 | 联想(北京)有限公司 | Virtual special terminal, network service system and service access method |
| CN101409719A (en) * | 2007-10-08 | 2009-04-15 | 联想(北京)有限公司 | Method and client terminal for implementing network safety payment |
| CN101414913A (en) * | 2008-12-04 | 2009-04-22 | 北京世纪红山科技有限公司 | Computer network authentication system and method based on virtual technology |
-
2010
- 2010-03-12 CN CN2010101226007A patent/CN102194063A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020144109A1 (en) * | 2001-03-29 | 2002-10-03 | International Business Machines Corporation | Method and system for facilitating public key credentials acquisition |
| CN101155112A (en) * | 2006-09-29 | 2008-04-02 | 联想(北京)有限公司 | Virtual special terminal, network service system and service access method |
| CN101409719A (en) * | 2007-10-08 | 2009-04-15 | 联想(北京)有限公司 | Method and client terminal for implementing network safety payment |
| CN101414913A (en) * | 2008-12-04 | 2009-04-22 | 北京世纪红山科技有限公司 | Computer network authentication system and method based on virtual technology |
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103036854A (en) * | 2011-09-30 | 2013-04-10 | 中国移动通信集团公司 | Business ordering method and system, business authority authentication method and terminal device |
| CN103036854B (en) * | 2011-09-30 | 2016-03-02 | 中国移动通信集团公司 | Service order method and system, service authority authentication method, terminal equipment |
| CN103368736A (en) * | 2012-04-06 | 2013-10-23 | 汉王科技股份有限公司 | Business information encryption and decryption method and device |
| CN103368736B (en) * | 2012-04-06 | 2016-04-20 | 汉王科技股份有限公司 | Business information encryption, decryption method and device |
| CN102984273B (en) * | 2012-12-13 | 2015-01-07 | 华为技术有限公司 | Encryption method, decryption method, encryption device and decryption device of virtual disk and cloud server |
| CN102984273A (en) * | 2012-12-13 | 2013-03-20 | 华为技术有限公司 | Encryption method, decryption method, encryption device and decryption device of virtual disk and cloud server |
| CN103020543A (en) * | 2012-12-31 | 2013-04-03 | 北京启明星辰信息技术股份有限公司 | System and method for image encryption management of virtual disk |
| CN103020543B (en) * | 2012-12-31 | 2016-08-03 | 北京启明星辰信息技术股份有限公司 | A kind of virtual disk reflection encryption handling system and method |
| CN103107994A (en) * | 2013-02-06 | 2013-05-15 | 中电长城网际系统应用有限公司 | Vitualization environment data security partition method and system |
| CN103107994B (en) * | 2013-02-06 | 2017-02-08 | 中电长城网际系统应用有限公司 | Vitualization environment data security partition method and system |
| CN103440448A (en) * | 2013-04-02 | 2013-12-11 | 谢济鸿 | Iris identification method for online bank |
| CN104580188B (en) * | 2014-12-29 | 2017-11-07 | 中国科学院信息工程研究所 | A kind of method and system of the protection root ca certificate in virtualized environment |
| CN104580188A (en) * | 2014-12-29 | 2015-04-29 | 中国科学院信息工程研究所 | Method and system for protecting root CA certificate in virtualization environment |
| WO2017088316A1 (en) * | 2015-11-27 | 2017-06-01 | 宇龙计算机通信科技(深圳)有限公司 | Payment method and device thereof |
| CN106936567A (en) * | 2015-12-29 | 2017-07-07 | 航天信息股份有限公司 | For the ciphertext conversion method and system of ATM |
| CN106936567B (en) * | 2015-12-29 | 2019-09-17 | 航天信息股份有限公司 | Ciphertext conversion method and system for ATM |
| CN109565444A (en) * | 2016-08-11 | 2019-04-02 | 英特尔公司 | Safe public cloud |
| US11783081B2 (en) | 2016-08-11 | 2023-10-10 | Intel Corporation | Secure public cloud |
| CN109565444B (en) * | 2016-08-11 | 2022-05-27 | 英特尔公司 | Apparatus and method for protecting consumer data in a public cloud environment |
| CN108245895B (en) * | 2017-06-30 | 2020-10-30 | 广州华多网络科技有限公司 | Method and system for detecting running environment of game |
| CN108245895A (en) * | 2017-06-30 | 2018-07-06 | 广州华多网络科技有限公司 | A kind of method and system for detecting running environment residing for game |
| WO2019037422A1 (en) * | 2017-08-22 | 2019-02-28 | 深圳市文鼎创数据科技有限公司 | Key and key handle generation method and system, and smart key security device |
| CN109412795A (en) * | 2018-09-17 | 2019-03-01 | 江苏敏行信息技术有限公司 | A kind of Virtual Intelligent cipher key |
| CN111722894A (en) * | 2019-03-21 | 2020-09-29 | 成都鼎桥通信技术有限公司 | Application processing method and device and electronic equipment |
| CN111722894B (en) * | 2019-03-21 | 2023-04-18 | 成都鼎桥通信技术有限公司 | Application processing method and device and electronic equipment |
| CN111241605A (en) * | 2019-12-31 | 2020-06-05 | 航天信息股份有限公司 | Safety storage device and method based on tax digital certificate |
| CN111510460A (en) * | 2020-04-24 | 2020-08-07 | 武汉火神信息科技有限公司 | Safety service system for centralized management of host and interception of forwarding instruction |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102194063A (en) | Method and system for secure management and use of key and certificate based on virtual machine technology | |
| CN103748594B (en) | For ARM*TRUSTZONETMThe credible platform module based on firmware realized | |
| CN101176100B (en) | Methods and apparatus for generating endorsement credentials for software-based security coprocessors | |
| JP5373997B2 (en) | System and method for using a domain specific security sandbox to facilitate secure transactions | |
| JP5608081B2 (en) | Apparatus and method for conducting secure financial transactions | |
| Eludiora et al. | A user identity management protocol for cloud computing paradigm | |
| US20040044739A1 (en) | System and methods for processing PIN-authenticated transactions | |
| US20090319782A1 (en) | Interconnectable personal computer architectures that provide secure, portable, and persistent computing environments | |
| TWI389003B (en) | Method for enabling a trusted dialog for collection of sensitive data | |
| CN110061842A (en) | With outer remote authentication | |
| CN101436247A (en) | Biological personal identification method and system based on UEFI | |
| He et al. | Security analysis of cryptocurrency wallets in android-based applications | |
| NO335189B1 (en) | Secure data processing system | |
| CN102195940A (en) | Virtual-machine-technology-based data security input and submission method and system | |
| US10635820B1 (en) | Update policy-based anti-rollback techniques | |
| US20100174631A1 (en) | Secure device firmware | |
| Vasudevan et al. | Trustworthy execution on mobile devices | |
| Balfe et al. | e-EMV: emulating EMV for internet payments with trusted computing technologies | |
| Zobaed et al. | Confidential computing across edge-to-cloud for machine learning: A survey study | |
| Yalew et al. | Light-SPD: A platform to prototype secure mobile applications | |
| Balfe et al. | Augmenting internet-based card not present transactions with trusted computing: An analysis | |
| Shepherd | Techniques for Establishing Trust in Modern Constrained Sensing Platforms with Trusted Execution Environments | |
| Bhardwaj et al. | Attack vectors for blockchain and mapping OWASP vulnerabilities to smart contracts | |
| Sun | A survey of payment token vulnerabilities towards stronger security with fingerprint based encryption on Samsung Pay | |
| US8914901B2 (en) | Trusted storage and display |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 100044 Beijing city Xicheng District Xizhimen Street T2 Xihuan Plaza No. 1 block 11 layer C5 Applicant after: Beijing Softlumos Technology Co., Ltd. Address before: 100088 Beijing city Xicheng District Main Street No. 11 Jiang building A401 Applicant before: Beijing Softlumos Technology Co., Ltd. |
|
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110921 |