CN105184196B - Electronic system information safety protection system and method - Google Patents
Electronic system information safety protection system and method Download PDFInfo
- Publication number
- CN105184196B CN105184196B CN201510555655.XA CN201510555655A CN105184196B CN 105184196 B CN105184196 B CN 105184196B CN 201510555655 A CN201510555655 A CN 201510555655A CN 105184196 B CN105184196 B CN 105184196B
- Authority
- CN
- China
- Prior art keywords
- extension set
- equipment
- safety management
- device keys
- management extension
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
Abstract
The present invention relates to information security fields, disclose a kind of electronic system information safety protection system and method, which includes:Programmable key injection device, safety management extension set and at least one by protection equipment;Wherein, programmable key injection device be relative to safety management extension set can plug equipment comprising the nonvolatile memory of cryptographic key is stored with plaintext version;Safety management extension set includes:With ciphertext form solidification the equipment interface chip communicated to connect and volatile memory are established by the nonvolatile memory of the device keys of protection equipment, with by protection equipment;Include that the nonvolatile memory of function program is stored with ciphertext form by protection equipment;The cryptographic key is used to the device keys being decrypted into plaintext version from ciphertext form, and the device keys of plaintext version are used to the function program being decrypted into plaintext version from ciphertext form.The present invention carries out prevention and control in a manner of double-encryption to the core content of equipment, ensure that the information security of equipment to greatest extent.
Description
Technical field
The present invention relates to electronic system field of information security technology, and in particular to a kind of electronic system information safety protection system
System and method.
Background technology
With the development of electronic science and technology and software technology, especially daily equipment is turned by electric mechanical intensity
Become software intensive, the scale of software is more and more huger, and more and more functions are all changed into from original hardware realization soft
Part is realized.Modern Large-Scale Equipment such as aircraft etc. often carries up to ten million a embedded softwares, in addition there are may contain concerning security matters,
Sensitive information, radar, communication, navigation, electronic countermeasure, enemy and we's identification, guided missile tracking etc. are related to military electronic systems key
The software code and encrypted message of equipment.
Since the various functions of electronic system are realized by the processor of execution specific software code, sensitive information
Also it is stored in processor inside or its external memory unit mostly.As electronic system software size is increasing, in processor
The classified information that application program includes is also more and more, more and more important.In order to ensure the software code and sensitive information
Safety, needs a kind of technical measures to protect it, to prevent situations such as personnel divulge a secret, equipment is trapped, equipment is damaged
Lower event of giving away secrets.It, can be by reversely compiling if in addition software code is stored directly in plaintext version in memory
Engineering obtains the workflow of software, accordingly can be with the operation principle and running parameter of decryption device, currently, embedded electronic is set
Standby multiple application programs are centrally stored with plaintext version, and single hardware platform, which is divulged a secret, will undoubtedly cause institute in the system functional
Operation principle is divulged a secret with running parameter.
Invention content
In view of the above defects of the prior art, the technical problem to be solved by the present invention is to how protect Department of Electronics
The information security of system.
In order to solve the above technical problems, on the one hand, the present invention provides a kind of electronic system information safety protection system, packet
It includes:Programmable key injection device, safety management extension set and at least one by protection equipment;Wherein, the programmable key injection device is relative to described
Safety management extension set is can plug equipment comprising the nonvolatile memory of cryptographic key is stored with plaintext version;The peace
Management extension set includes entirely:With ciphertext form cure the device keys by protection equipment nonvolatile memory, with it is described
The equipment interface chip and volatile memory of communication connection are established by protection equipment;Described by protection equipment includes with ciphertext
Form stores the nonvolatile memory of function program;The cryptographic key is used to decrypt the device keys from ciphertext form
At plaintext version, the device keys of plaintext version are used to the function program being decrypted into plaintext version from ciphertext form.
Preferably, the safety management extension set further includes:Dsp processor, FPGA processor, equipment interface chip, control
Interface chip, power monitoring chip and backup battery;Wherein, the dsp processor respectively with the safety management extension set
Nonvolatile memory, volatile memory, FPGA processor, control interface chip are mutually coupled with power monitoring chip, are completed
The decryption of the device keys and/or pin are close;The FPGA processor is also mutually coupled with equipment interface chip, passes through the equipment
Interface chip and corresponding interface are interacted with described by protection equipment;The backup battery and the power monitoring chip phase coupling
It connects, starts erasing move in due course in the protection system power failure.
Preferably, the bootstrap and pipe that plaintext version is also built-in on the nonvolatile memory of protection equipment
Manage program.
Preferably, non-volatile in the programmable key injection device, the safety management extension set and the equipment by protection is deposited
Reservoir is Nand FLASH, Nor FLASH, SD card, CF cards, hard disk or general semiconductor storage medium;The safety management point
Volatile memory in machine is RAM, SDRAM, DDR or DSP internal RAM memory.
Preferably, the safety management extension set external equipment interface and/or control interface is asynchronous serial port, synchronous string
Mouth, CAN bus or RapidIO buses.
On the other hand, the present invention goes back while providing a kind of electronic system information safety protecting method, including step:
Safety management extension set is run, and completes system initialization work;
Judge whether cryptographic key is effective, if cryptographic key is invalid, cryptographic key is read out of programmable key injection device, then make
The device keys of the ciphertext form in the nonvolatile memory of safety management extension set are decrypted with cryptographic key;If password
Key is effective, then is used directly to decryption device key;
After obtaining the plaintext of device keys, it is stored in the volatile memory of safety management extension set;
It waits for by protection equipment to safety management extension set application device keys, if equipment application is passed through, to being protected
Equipment issues the device keys of corresponding plaintext version.
Preferably, the guard method further includes step:
When safety management extension set is run, if receiving the close instruction of pin, interruption, control safety management extension set erasing are generated
The device keys of ciphertext form in the nonvolatile memory of extension set, and wipe plaintext version in the volatile memory of extension set
Device keys;
Sell close instruction to being sent by protection equipment simultaneously, it is desirable that erasing by the function program of ciphertext form in protection equipment,
The device keys of plaintext version and the function program of plaintext version.
Preferably, the guard method further includes step:
When safety management extension set is run, if monitoring system power failure, judge whether to start according to backup battery electricity
Backup battery;
If not starting backup battery, directly start to execute erasing move;If starting backup battery, start to backup electricity
Source usage time carries out timing, prescribes a time limit when more than setting, then starts to execute erasing move;
Wherein, the erasing move is:The equipment for wiping ciphertext form in the nonvolatile memory of safety management extension set
The device keys of plaintext version in key and volatile memory;The function journey of ciphertext form in the simultaneously erased equipment by protection
The function program of sequence, the device keys of plaintext version and plaintext version.
Preferably, the guard method further includes step:
It completes to extract programmable key injection device after cryptographic key is read in safety management extension set, being stored in general staff can not
The other positions of acquisition.
Preferably, the algorithm used of decrypting includes exclusive or, 3DES, Geff generator, MD5 or AES.
The method and system of the present invention can be in the case where not influencing to be protected functions of the equipments, not changing its hardware case to function
Software implementation cryptoguard prevents functional software from divulging a secret, and realizes simply, improves and upgrades convenient for system.Typically, can have
The reduction Large-size Arms and Equipments of effect crash, defect, it is captured when risk of giving away secrets, enemy is not obtain decryption close
Key, obtaining function program ciphertext will be without any value, and the cryptographic key in system sdram memory is in plain text and by protection equipment
Function program in RAM memory can not also be restored because of power down in plain text.
Description of the drawings
Fig. 1 is present system preferred embodiment flow chart;
Fig. 2 is present system cryptographic key protection management flow chart;
Fig. 3 is the close control work flow diagram of present system pin.
Specific implementation mode
Some vocabulary has such as been used to censure specific components in specification and claim.Those skilled in the art answer
It is understood that hardware manufacturer may call the same component with different nouns.This specification and claims are not with name
The difference of title is used as the mode for distinguishing component, but is used as the criterion of differentiation with the difference of component functionally.In addition,
" coupling " word includes any direct and indirect electric property coupling means herein.Therefore, if it is described herein that a first device couples
In a second device, then represent the first device and can be directly electrically coupled to the second device, or by other devices or
Coupling means are electrically coupled to the second device indirectly.Specification subsequent descriptions are to implement the preferable embodiment party of the present invention
Formula, so description is being not limited to the scope of the present invention for the purpose of the rule for illustrating the present invention.It below will knot
The attached drawing in the embodiment of the present invention is closed, technical scheme in the embodiment of the invention is clearly and completely described.Obviously, institute
The embodiment of description is to implement the better embodiment of the present invention, and the description is to illustrate the rule of the present invention as mesh
, it is not limited to the scope of the present invention.Protection scope of the present invention should be as defined in claim, based on this
Embodiment in invention, those of ordinary skill in the art are obtained every other without making creative work
Embodiment shall fall within the protection scope of the present invention.
, can be by reversely compiling work it is well known that if software code is stored directly in plaintext version in memory
Journey obtains the workflow of software, accordingly can be with the operation principle and running parameter of decryption device.Currently, EMBEDDED AVIONICS
Multiple application programs are centrally stored with plaintext version, and single hardware platform, which is divulged a secret, will undoubtedly cause the functional work of institute in the system
Make principle to divulge a secret with running parameter;Also, the cores such as FPGA, DSP, PowerPC, FLASH that EMBEDDED AVIONICS software uses
Piece and corresponding software compiler are provided by several renowned companies, this also gives embedded software and information
Safety belt come very big hidden danger.
The present invention provides software code, the sensitive information in electronic system with cura specialis system using cryptological technique
Safeguard protection.In each preferred embodiment of the present invention, cryptographic algorithm safe to use is realized with management program by protection equipment
Function program encryption storage is loaded with decryption;Using the means of double-encryption to by the encryption of protection device keys, decryption;Using
Security management program is realized to being distributed and being managed by protection device keys;Method is stored separately using key and ciphertext and improves safety
Property.Appropriate application through the above way provides comprehensive safeguard measure to the information security of electronic system.
As shown in Figure 1, in a preferred embodiment of the invention, providing firstly a kind of electronic system information security guarantor
Protecting system, the protection system include:Programmable key injection device 10, safety management extension set 20 and at least one by protection equipment;Wherein, close
Key injector is relative to safety management extension set can plug equipment comprising stores the non-volatile of cryptographic key with plaintext version
Memory;Safety management extension set includes:With ciphertext form solidification by the nonvolatile memory of the device keys of protection equipment, with
The equipment interface chip and volatile memory of communication connection are established by protection equipment;Include with ciphertext form by protection equipment
Store the nonvolatile memory of function program;The cryptographic key is used to the device keys being decrypted into from ciphertext form bright
Literary form is simultaneously temporarily stored in the volatile memory of the safety management extension set, and the device keys of plaintext version are used for institute
It states function program and is decrypted into plaintext version from ciphertext form.
By the protection system, to carrying out prevention and control by the core content of protection equipment in a manner of double-encryption, due to password
Key (plaintext) is stored separately the isolation protection, it can be achieved that physically with device keys (ciphertext), only passes through by protection equipment
Apply and could normally decrypt operation when can obtain programmable key injection device, ensure that the information security of equipment to greatest extent.
In preferred embodiment shown in Fig. 1, further, the component that safety management extension set includes has:Dsp processor
It is 21 (preferably model TMS320C6416), volatibility SDRAM memory 23 (preferably model MT48LC32M16A2), non-volatile
Property FLASH memory 22 (preferably model S29GL512N), FPGA processor 24 (preferably model XC5VSX50T), equipment connect
Mouth chip 25 (preferably model SN65LBC175), control interface chip 26 (preferably model MAX490E), power monitoring chip
27 (preferably model ADM698) and backup battery 28 (preferably model 18650).Wherein, dsp processor 21 respectively with
FLASH memory 22, SDRAM memory 23, FPGA, control interface chip, power monitoring chip be connected, equipment interface chip with
FPGA is connected, and backup battery is connected with power monitoring chip.Solidification has N number of device keys (ciphertext) in FLASH memory 22.It is close
The nonvolatile memory of key injector is EEPROM (preferably model 24LC512).In addition, by the non-volatile of protection equipment
Bootstrap (plaintext) 31 and management program (plaintext) 32 are also built-in in FLASH memory.
The wherein described dsp processor be can runs software DSP, ARM, PowerPC, microcontroller or universal PC processor
Deng;FPGA processor is the logical device that can be programmed;Power monitoring chip is with monitoring voltage state and can to provide power down
The power management chip etc. of protection.
Programmable key injection device, safety management extension set and be Nand FLASH, Nor by the nonvolatile memory in protection equipment
FLASH, SD card, CF cards, hard disk or general semiconductor storage medium.Volatile memory 23 is in RAM, SDRAM, DDR or DSP
Portion's RAM memory etc..The equipment interface 25 and/or control interface 26 of system external are asynchronous serial port, synchronous serial interface, CAN bus
Or RapidIO buses etc..
Referring back to Fig. 2, the flow that above-mentioned protection system carries out cryptographic key protection management is described in detail:Safety management extension set
Whether effectively when operation, system initialization work (step 110) is completed first, cryptographic key (step 120) is then judged, if close
Code key is invalid, then cryptographic key (plaintext) (step 130) is read out of programmable key injection device, reuses cryptographic key and extension set
Device keys (ciphertext) in FLASH memory 22 carry out XOR operation and complete decryption (step 140);If cryptographic key is effective,
Then it is used directly to decryption device key.After obtaining the plaintext of device keys, it is stored in the SDRAM memory 23 of extension set.
After completing above step, wait for by protection equipment to safety management extension set application device keys, if equipment application is passed through (step
150), then corresponding device keys (plaintext) (step 160) is issued to it.The enciphering and deciphering algorithm wherein used include exclusive or,
The cryptographic algorithms such as 3DES, Geff generator, MD5, AES.
In the present embodiment, completes to extract programmable key injection device after cryptographic key is read in safety management extension set, be stored in
The other positions that general staff can not obtain, realize cryptographic key (plaintext), device keys (ciphertext) be stored separately and physics
Isolation.
With further reference to Fig. 3, the protection system is described in detail into the workflow for being on sale throughout close control:Work as safety management
When extension set is run, if control interface 26 receives the close instruction of pin, generates and interrupt (step 300), control safety management extension set is wiped
Except device keys (ciphertext) (step 310) in the FLASH 22 of extension set, then to wipe device keys in the SDRAM 23 of extension set (bright
Text) (step 320), finally the close instruction (step 330) of pin is sent to by the management program 32 of protection equipment, it is desirable that erasing is protected
Function program (ciphertext), device keys (plaintext), function program (plaintext) in equipment;When safety management extension set is run, if electric
Source monitoring chip 27 monitors system power failure (step 200), then is judged whether to start backup battery according to 28 electricity of backup battery
(step 210) enters step 310 and starts to execute erasing move, if starting backup battery, open if not starting backup battery
Beginning starts timing (step 220) to backup battery usage time, prescribes a time limit when more than setting, then enters step 310 and start to execute
Erasing move.
It is the software code for ensureing to be protected in equipment, the last resort of the safety of sensitive information to sell close control flow.From
The incoming close control instruction of pin of control interface can be the close action of driving pin of operator, can also be when sensor is triggered
Passively sell close action.In the present invention, the plaintext of device keys and be to be saved in RAM by the plaintext of protection functions of the equipments program
Interior, when system power failure, clear data is all lost in RAM, the ciphertext only preserved on a flash in system.If equipment quilt
Unauthorized user obtain, since decruption key can not be obtained, cannot by reversely compile learn by the workflow of protection equipment,
Operation principle and running parameter.Meanwhile it in order to avoid equipment is accidentally wiped in the normal powering down safeguarded, also being set in system
Power down time timing has been set, can manually stop timing by being inserted into programmable key injection device, ensure system integrity.The present embodiment
In, timing deadlines are 30 minutes, since device keys length is 1M bytes, there is 28388608Kind combination, far beyond current
The operational capability of any computer successful decryption and cannot complete decompiling within the time limit.
The method and system of the present invention can be in the case where not influencing to be protected functions of the equipments, not changing its hardware case to function
Software implementation cryptoguard prevents functional software from divulging a secret, and realizes simply, improves and upgrades convenient for system.Typically, can have
The various equipment of reduction of effect it is unexpected or when actively divulge a secret by the risk of giving away secrets after non-authorization user from obtaining, unauthorized use
When not obtaining decruption key, the function program ciphertext that is obtained will be and close in system sdram memory without any value at family
Code key plain and by protection equipment RAM memory function program in plain text can not also restore because of power down.
Obviously, those skilled in the art can be suitable for electronic system information safety protection system and side to the present invention
Method carries out thought and range of the various modification and variations without departing from the present invention.If in this way, these modifications and change of the present invention
Within the scope of the claims of the present invention and its equivalent technology, then the present invention is also intended to exist comprising these modification and variations type
It is interior.
Claims (3)
1. a kind of electronic system information safety protecting method, which is characterized in that the guard method includes step:
Safety management extension set is run, and completes system initialization work;
Judge whether cryptographic key is effective, if cryptographic key is invalid, cryptographic key is read out of programmable key injection device, reuses close
The device keys of ciphertext form in the nonvolatile memory of code key pair safety management extension set are decrypted;If cryptographic key
Effectively, then it is used directly to decryption device key;
After obtaining the plaintext of device keys, it is stored in the volatile memory of safety management extension set;
It waits for by protection equipment to safety management extension set application device keys, if equipment application is passed through, to by protection equipment
Issue the device keys of corresponding plaintext version;The guard method further includes step:
When safety management extension set is run, if receiving the close instruction of pin, interruption is generated, control safety management extension set wipes extension set
Nonvolatile memory in ciphertext form device keys, and the equipment for wiping plaintext version in the volatile memory of extension set
Key;
The close instruction of pin is sent to by protection equipment, it is desirable that erasing is by the function program of ciphertext form, plaintext in protection equipment simultaneously
The device keys of form and the function program of plaintext version;The guard method further includes step:
When safety management extension set is run, if monitoring system power failure, judged whether to start backup according to backup battery electricity
Power supply;
If not starting backup battery, directly start to execute erasing move;If starting backup battery, start to make backup battery
Timing is carried out with the time, is prescribed a time limit when more than setting, then starts to execute erasing move;
Wherein, the erasing move is:Wipe the device keys of ciphertext form in the nonvolatile memory of safety management extension set
With the device keys of plaintext version in volatile memory;It is the function program of ciphertext form in the simultaneously erased equipment by protection, bright
The device keys of literary form and the function program of plaintext version.
2. guard method according to claim 1, which is characterized in that the guard method further includes step:
It completes to extract programmable key injection device after cryptographic key is read in safety management extension set, being stored in general staff can not obtain
Other positions.
3. guard method according to claim 1, which is characterized in that it is described decrypt the algorithm that uses include exclusive or, 3DES,
Geff generators, MD5 or AES.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510555655.XA CN105184196B (en) | 2015-09-02 | 2015-09-02 | Electronic system information safety protection system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510555655.XA CN105184196B (en) | 2015-09-02 | 2015-09-02 | Electronic system information safety protection system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105184196A CN105184196A (en) | 2015-12-23 |
CN105184196B true CN105184196B (en) | 2018-09-11 |
Family
ID=54906269
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510555655.XA Active CN105184196B (en) | 2015-09-02 | 2015-09-02 | Electronic system information safety protection system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105184196B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105930115B (en) * | 2016-04-25 | 2018-11-16 | 杭州旗捷科技有限公司 | A kind of critical data reduction consumable chip and storing data guard method |
CN109492418A (en) * | 2018-11-22 | 2019-03-19 | 中国电子科技集团公司第五十八研究所 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
CN110162317B (en) * | 2019-04-02 | 2022-11-18 | 苏州摩比信通智能系统有限公司 | Singlechip structure and method for improving upgrading safety of singlechip firmware |
CN110166240B (en) * | 2019-06-25 | 2024-05-03 | 南方电网科学研究院有限责任公司 | Network isolation password board card |
CN112231716A (en) * | 2019-07-15 | 2021-01-15 | 珠海艾派克微电子有限公司 | Data anti-theft device and anti-theft method |
CN112256313B (en) * | 2020-10-14 | 2024-04-30 | 四川九洲空管科技有限责任公司 | Secondary radar equipment FPGA program remote upgrading system management method and system |
CN112541186B (en) * | 2020-12-21 | 2022-03-18 | 中国电子科技集团公司第三十研究所 | Password out-of-control resisting system and method based on motion state perception |
CN116070292B (en) * | 2023-03-07 | 2023-06-16 | 苏州宏存芯捷科技有限公司 | SM4 encryption heterogeneous acceleration system based on FPGA |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101038568A (en) * | 2007-04-16 | 2007-09-19 | 丁万年 | Method and device for encrypting date of external computer hard disk. |
WO2010126636A2 (en) * | 2009-01-20 | 2010-11-04 | Microsoft Corporation | Hardware encrypting storage device with physically separable key storage device |
CN101094073B (en) * | 2006-06-22 | 2011-05-25 | 捷讯研究有限公司 | Two-factor content protection |
CN102324006A (en) * | 2011-09-06 | 2012-01-18 | 四川九洲电器集团有限责任公司 | Processor program safety protection device and method |
US8438401B2 (en) * | 2009-09-22 | 2013-05-07 | Raytheon BBN Technologies, Corp. | Device and method for securely storing data |
CN104239820A (en) * | 2013-06-13 | 2014-12-24 | 普天信息技术研究院有限公司 | Secure storage device |
-
2015
- 2015-09-02 CN CN201510555655.XA patent/CN105184196B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101094073B (en) * | 2006-06-22 | 2011-05-25 | 捷讯研究有限公司 | Two-factor content protection |
CN101038568A (en) * | 2007-04-16 | 2007-09-19 | 丁万年 | Method and device for encrypting date of external computer hard disk. |
WO2010126636A2 (en) * | 2009-01-20 | 2010-11-04 | Microsoft Corporation | Hardware encrypting storage device with physically separable key storage device |
US8438401B2 (en) * | 2009-09-22 | 2013-05-07 | Raytheon BBN Technologies, Corp. | Device and method for securely storing data |
CN102324006A (en) * | 2011-09-06 | 2012-01-18 | 四川九洲电器集团有限责任公司 | Processor program safety protection device and method |
CN104239820A (en) * | 2013-06-13 | 2014-12-24 | 普天信息技术研究院有限公司 | Secure storage device |
Also Published As
Publication number | Publication date |
---|---|
CN105184196A (en) | 2015-12-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105184196B (en) | Electronic system information safety protection system and method | |
CN111095213B (en) | Secure boot method, device, equipment and storage medium for embedded program | |
CN102799832B (en) | Ensure the safe method and apparatus of programming device using switch is deleted | |
CN103221961B (en) | Comprise the method and apparatus of the framework for the protection of multi-ser sensitive code and data | |
EP3259698B1 (en) | Autonomously booting system with a security module | |
KR101303278B1 (en) | FPGA apparatus and method for protecting bitstream | |
CN102324006B (en) | Processor program safety protection device and method | |
CN102609665B (en) | Method and device for signing user program and method and device for verifying signature of user program | |
CN104573490A (en) | Method for protecting installed software on Android platform | |
CN106503494A (en) | A kind of firmware protection location and guard method with flash memory microcontroller on piece | |
CN114785503B (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
CN103198247A (en) | Computer safety protection method and computer safety protection system | |
CN102231115A (en) | Method and system for safely starting set top box | |
RU2458389C2 (en) | Single-chip computer and tachograph | |
CN112149190A (en) | Hot start attack mitigation for non-volatile memory modules | |
Choudary et al. | Infiltrate the vault: Security analysis and decryption of lion full disk encryption | |
CN105046115A (en) | Method and apparatus for detecting tampering with software operation time | |
CN101950345B (en) | Hardware decryption-based high-reliability terminal equipment and working method thereof | |
CN104361298A (en) | Method and device for information safety and confidentiality | |
CN101901629A (en) | Nonvolatile memory protecting system and method | |
CN106326782A (en) | Information processing method and electronic device | |
KR101214899B1 (en) | USB Security Device and Security Method thereof | |
US20140157004A1 (en) | Apparatus and method for encryption in virtualized environment using auxiliary medium | |
CN110932853B (en) | Key management device and key management method based on trusted module | |
CN109583196B (en) | Key generation method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |