CN105447390B - Management method that a kind of software version based on digital certificate system is credible - Google Patents
Management method that a kind of software version based on digital certificate system is credible Download PDFInfo
- Publication number
- CN105447390B CN105447390B CN201510783069.0A CN201510783069A CN105447390B CN 105447390 B CN105447390 B CN 105447390B CN 201510783069 A CN201510783069 A CN 201510783069A CN 105447390 B CN105447390 B CN 105447390B
- Authority
- CN
- China
- Prior art keywords
- certificate
- software
- key certificate
- public key
- sign test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 27
- 238000001629 sign test Methods 0.000 claims abstract description 72
- 238000001514 detection method Methods 0.000 claims abstract description 43
- 238000000034 method Methods 0.000 claims description 29
- 230000008569 process Effects 0.000 claims description 23
- 230000003612 virological effect Effects 0.000 claims description 4
- 238000004422 calculation algorithm Methods 0.000 claims description 3
- 238000003745 diagnosis Methods 0.000 claims description 3
- 230000008676 import Effects 0.000 claims description 2
- 238000005259 measurement Methods 0.000 abstract description 4
- 238000013461 design Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 4
- 238000007689 inspection Methods 0.000 description 4
- 239000000470 constituent Substances 0.000 description 3
- 230000007123 defense Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 241000984642 Cura Species 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000002155 anti-virotic effect Effects 0.000 description 1
- 238000012550 audit Methods 0.000 description 1
- 230000005784 autoimmunity Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000012938 design process Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011990 functional testing Methods 0.000 description 1
- 230000008571 general function Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Abstract
Management method that a kind of software version based on digital certificate system is credible, which comprises digital certificate system root certificate successively derives exploitation certificate, detection certificate, administrator's authentication certificate and credibility security management center platform credential;It is signed using exploitation private key certificate to the complete digest value of software;It is signed using detection private key certificate to software;Generation strategy template signs to policy template using credibility security management center platform private key certificate, is stored in trusted software library, policy template is finally issued to operation end server automatically;When operation end server setup, sign test is carried out to policy template using credibility security management center platform public key certificate, detection public key certificate and exploitation public key certificate is reused and sign test is carried out to software therein, software can be run.The present invention ensures software version consistency and safety, realizes the sign test and credible measurement of system software and policy template in operation end.
Description
Technical field
The present invention relates to reliable computing technology application field, in particular to a kind of software version based on digital certificate system
Management method that this is credible.
Background technique
The unsafe root of information system is the simplification due to PC structure, does not verify, leads to process, the program in system
Cause executable program, process arbitrarily to execute in an unauthorized situation, implement malicious act, and traditional firewall, anti-virus,
IDS seals based on stifled, subsequent upgrading viral code library other than being, is unable to Initiative Defense, active defense.Trust computing passes through
Credible chip is introduced on hardware, solves the problems, such as that personal computer architecture simplifies bring fragility, base from structure
In hardware chip, since platform power-up, to the execution of application program, complete trust chain is constructed, level-one authenticates level-one, level-one
Trust level-one, the program for not obtaining certification cannot execute, so that information system be made to realize autoimmunity, construct the letter of high safety grade
Breath system.
It is credible to refer to the component, operation or the process that participate in calculating in any item according to the definition that ISO/IEC 15408 is provided
It is predictable under part, and virus and a degree of physical disturbance can be resisted.In short, trust computing refer to it is hard in computer
Part platform introduces safety chip framework, provided by the security features such as trusted storage, credible measurement, credible report improve
A kind of faith mechanism is established in the safety of terminal system between user and computer, the network platform, thus fundamentally realizing
To the Initiative Defense of various insecurity factors.
Summary of the invention
To overcome above-mentioned the deficiencies in the prior art, it is credible to provide a kind of software version based on digital certificate system by the present invention
Management method, the method for the present invention sign system software program based on SM2 Certification system based on digital root certificate system
Name and sign test, and authenticated under digital root certificate system, the trust chain of certificate is set up, is realized total to system service
Line, the trust authentication of messaging bus and real-time database source and unified version management, realize system software and strategy in operation end
The sign test of template and credible measurement.
Realize solution used by above-mentioned purpose are as follows:
Management method that a kind of software version based on digital certificate system is credible, the credible management method include:
(1) digital certificate system root certificate successively derive exploitation certificate, detection certificate, administrator's authentication certificate and
Credibility security management center platform credential, certificate type are SM2 algorithm digital certificate;
(2) software development link signs to the complete digest value of software using exploitation private key certificate;
(3) software detection link carries out sign test to sign software using exploitation public key certificate, after sign test passes through, to having signed
Name software carries out viral diagnosis and Function detection, is finally signed using detection private key certificate to software;
(4) credibility security management center with administrator's authentication certificate carries out identity identification to administrator, uses exploitation
Public key certificate and detection public key certificate carry out sign test to sign software, and after sign test passes through, generation strategy template uses credible peace
Full administrative center's platform private key certificate signs to policy template, is stored in trusted software library, finally by policy template it is automatic under
It is sent to operation end server;
(5) when operation end server setup, using credibility security management center platform public key certificate to policy template
Sign test is carried out, detection public key certificate and exploitation public key certificate is reused and sign test, after sign test passes through, plan is carried out to software therein
Slightly template enters local white list storehouse, and software can be run.
Preferably, the exploitation certificate includes exploitation public key certificate and exploitation private key certificate;
The detection certificate includes detection public key certificate and detection private key certificate;
The credibility security management center platform credential includes credibility security management center platform public key certificate and credible peace
Full administrative center platform private key certificate.
Preferably, it is offline importing and the carrier using USB-KEY as certificate that the digital certificate, which issues mode,.
Preferably, the digital certificate is for identifying user, process, the identity of service in system;
The management rule of the digital certificate includes: certificate issuance, certificate storage, certificate update, certificate revocation, software label
Name;
The digital certificate is made of Credential Categories, certificate name, sequence number, credential categories.
Preferably, steps are as follows for the operation end server process:
1) exploitation public key certificate, detection public key certificate and credibility security management center platform public key certificate are obtained;
2) the tactful template that credibility security management center issues is obtained;
3) sign test is carried out to tactful template using credibility security management center platform public key certificate;
4) sign test fails, and abandons this template, and it is illegal to export this template source, exits;
5) check that software whether there is;
6) it is not present, output desired value software package is not present, and exits;
7) sign test is carried out to software using detection public key certificate;
8) sign test fails, and abandons this template, and output desired value software package source is illegal, exits;
9) sign test is carried out to software using exploitation public key certificate;
10) sign test fails, and abandons this template, and output desired value software package source is illegal, exits;
11) local white list is added in tactful template after sign test passes through
Compared with prior art, the invention has the following advantages:
(1) software version consistency and safety are ensured.
(2) trust authentication and unified version management are carried out to system service bus, messaging bus and real-time database source.
(3) sign test and credible measurement of system software and policy template are realized in operation end.
Detailed description of the invention
Fig. 1: software version management general function design drawing of the invention;
Fig. 2: software version management functional module of the invention divides figure;
Fig. 3: software version management overview flow chart of the invention;
Fig. 4: data signature and sign test schematic illustration of the invention;
Fig. 5: software development end process flow diagram of the invention;
Fig. 6: software detection end process flow diagram of the invention;
Fig. 7: credibility security management center process flow diagram of the invention;
Fig. 8: operation end server process flow chart of the invention.
Specific embodiment
A specific embodiment of the invention is described in further detail with reference to the accompanying drawing.
Technical solution provided by the invention is a kind of credible management method of the software version based on digital certificate system, software
Version management can be divided into two big modules, be credibility security management center module and operation end server module respectively.Wherein may be used
Believe that security management center module is responsible for carrying out validity checking to the source of software, generates configuration strategy template, and policy template
It is issued to operation end server;Operation end server module is responsible for testing tactful template and software progress source validity checking
Card, after being verified, policy template enters local white list storehouse, and software can be run.
As shown in Fig. 2, software version management function mainly divides two parts:
1, credibility security management center module
It is associated with login certificate
Establish administrator's authentication certificate and safety officer's account, cryptographic association relationship.
Certificate logs in
Using administrator's authentication certificate, while inputting safety officer's account, password progress identity identification.
Software detection processing
Sign test is carried out to software using exploitation public key certificate.
Sign test is carried out to software using detection public key certificate.
Software type is checked, if it is executable file, script or dynamic library file, then just generating software white list plan
Slightly template.
It is signed using credibility security management center platform private key certificate to tactful template.
Generation strategy template
Administrator is platform configuration policies, generation strategy template.
Tactful template issues
Administrator's distributing policy template is to operation end server.
Trusted software issues
Administrator proposes by manual copy mode (USB flash disk), by trusted software from credibility security management center, copies fortune to
Row end server.
2, operation end server module
Tactful template sign test
Sign test, inspection policy template and software are carried out to tactful template using credibility security management center platform public key certificate
Corresponding relationship.
Trusted software sign test
Sign test is carried out to software using exploitation public key certificate.
Sign test is carried out to software using detection public key certificate.
White list verifying
When trusted software program is run, check whether in system white list.
Sign test when software is run
When software is executable file, script or dynamic base type, when load operating, then sign test is carried out to software.
Sign test is carried out to software using exploitation public key certificate.
Sign test is carried out to software using detection public key certificate.
System constructs secure certification architecture using PKI/CA mode to guarantee the reliability and confidentiality of data.Digital certificate
System is divided into multiple ranks, and upper level diploma system is next stage diploma system certificate, and certificate authority mode is offline
It imports.
The basic function of digital certificate is identified to user, process, the identity of service in system, and digital certificate is passed through
It is used in combination and realizes with role-certificate.Digital certificate uses carrier of the USB-KEY as certificate, supports SM2 algorithm.
Digital certificate is the foundation of system identity, Authority Verification, and the design and implementation of credible and secure strategy is needed using system
Foundation of the Certification system of system as verifying and identity.
The certificate branch of version management is individually opened up in highest diploma system, certificate issuance uses unified name side
Formula and sequence number definition, in order to be distinguished with other certificates.Constituent parts can only apply for 1 certificate, by highest level certificate
It is provided after system audit, the certificate of constituent parts and the use needs of key must be used offline by personal management, key and tool,
Stringent safeguard procedures should be carried out when unused, avoid unauthorized application, the peace of strict guarantee key, certificate and signature tool
It is complete reliable.
(1) certificate format is defined
Certificate is made of Credential Categories, certificate name, sequence number, credential categories, and each section is defined as follows:
1) Credential Categories are divided into development company's certificate, detection certificate;
2) certificate is named: KF- software category-trade name;KF- detection.Wherein software category is OS (operating system), DB
(database), BP (basic platform), (the advanced application of APP)
3) sequence number: customized the first byte of part is 01
4) credential categories: other
(2) certificate management rule is defined
The management of certificate is by certificate issuance, certificate storage, certificate update, certificate revocation, software signature tool group in system
At each section is defined as follows:
1) it certificate issuance: is signed and issued by highest level diploma system.By most when development company uses USB-Key certificate carrier
High-level diploma system is uniformly signed and issued, and submits certificate to ask by applying unit when using creditable calculation password module as certificate carrier
It asks, highest level diploma system is uniformly signed and issued.
2) certificate stores: key storage in cryptographic hardware in USB-KEY, public key certificate with PEM format carry out storage and
Transmitting.
3) certificate update: when certificate expired, update request is proposed by constituent parts, after the approval by highest level diploma system
Carry out certificate update.
4) certificate revocation: the producer for having provided certificate no longer carry out business procedure exploitation or certificate and private key leakage, lose,
When cryptographic hardware damage, program development manufacturer must report in time, by highest level diploma system to issued certificate
It is unregistered.
5) software signature tool: each manufacturer can be used unified tool or carry out software version according to this programme self-developing tool
This signature.
As shown in figure 3, overall procedure:
It is related to root certificate system, software development manufacturer, software detection end, credibility security management center in overview flow chart
And 5 parts of operation end server:
Overall procedure explanation:
1. certificate issuance center is using root certificate production signature sign test certificate, (exploitation certificate, detects certificate, administrator's identity
Verify certificate, credibility security management center platform credential), and it is issued to each operation end server.
2. being signed according to the exploitation private key certificate issued to software after software vendor produces software;Then by software
(including signature) sends test side to;
3. software detection end carries out sign test to software using exploitation public key certificate, inspection department's reason is carried out after legal, by rear
It is signed using detection private key certificate to software;Then software (including exploitation is signed and detection is signed) is sent to credible peace
Full administrative center;
4. credibility security management center carries out software using administrator's authentication certificate and cura specialis person's identity logs
Version management carries out sign test to software using exploitation public key certificate and detection public key certificate, and sign test carries out software processing after passing through;
And configuration strategy template is generated, it is signed using credibility security management center platform private key certificate to tactful template, then plan
Slightly template (band signature) is issued to operation end server;Software (including exploitation signature and detection signature) is transmitted to operation end clothes
Business device.
After 5. client receives tactful template, using credibility security management center platform public key certificate to policy template into
Row sign test carries out sign test to software using exploitation public key certificate and detection public key certificate, and sign test is put in storage by rear white list.
6. client has software to run, the legitimacy of software can be first checked for, uses exploitation public key certificate and detection
Public key certificate carries out sign test to software;And there are also carry out white list inspection;All checking can just run after all passing through, otherwise
It will be blocked.
Software development:
1. the condition having
Obtain exploitation private key certificate
Obtain the software of signature
2. signature design
Signature object: the complete digest value of software for calculation signs to complete digest value
Sign test certificate: nothing
Signing certificate: exploitation private key certificate
Signature process: referring to fig. 4
Sign test process: referring to fig. 4
3. master-plan process in software development end is as shown in Figure 5.
Software development end processing step explanation:
1) exploitation private key certificate is obtained;
2) software to be signed, the complete digest value of software for calculation are obtained;
3) it is signed using exploitation private key certificate to the complete digest value of software;
4) software is put in storage after signing.
Software detection:
1. the condition having
Obtain exploitation public key certificate
Obtain detection private key certificate
Obtain the program of sign test
2. signature design
Signature object: the complete digest value of software for calculation signs to complete digest value
Sign test certificate: exploitation public key certificate
Signing certificate: detection private key certificate
Signature process: referring to fig. 4
Sign test process: referring to fig. 4
3. master-plan process in software detection end is as shown in Figure 6.
Software detection end processing step explanation:
1) exploitation public key certificate and detection private key certificate are obtained;
2) sign software is obtained, exploitation this software content of public key certificate sign test is used;
3) sign test fails, and prompts this software source illegal, abandons this software;
4) sign test success carries out viral diagnosis, functional test and feasibility analysis to this software;
5) it is signed using detection private key certificate to the complete digest value of software;
6) software is put in storage after signing.
Credibility security management center:
1. the condition having
Obtain exploitation public key certificate
Obtain detection public key certificate
Obtain credibility security management center platform private key certificate
2. signature design
Signature object: the digest value of calculative strategy template signs to abstract
Sign test certificate: exploitation public key certificate detects public key certificate
Signing certificate: credibility security management center platform private key certificate
Signature process: referring to fig. 4
Sign test process: referring to fig. 4
3. credibility security management center master-plan process is as shown in Figure 7.
Credibility security management center processing step explanation:
1) credibility security management center obtains credibility security management center platform private key certificate, exploitation public key certificate and inspection
Survey public key certificate;
2) administrator's authentication certificate is used, safety officer's account, password login credibility security management center are inputted;
3) upload software, analysis software signature use detection public key certificate and exploitation public key certificate sign test software;
4) analysis software type then generates white list if it is executable file, script or dynamic library file;
5) configuration strategy template is generated according to administrator configurations;
6) credibility security management center platform private key certificate is used, is signed to configuration strategy template;
7) distributing policy template is to operation end server.
Operation end server:
1. the condition having
Obtain exploitation public key certificate
Obtain detection public key certificate
Obtain credibility security management center platform public key certificate
2. signature design
Sign test certificate: exploitation public key certificate detects public key certificate, credibility security management center platform public key certificate
Signature process: referring to fig. 4
Sign test process: referring to fig. 4
3. operation end server design process is as shown in Figure 8.
The processing step of operation end server illustrates:
1) exploitation public key certificate, detection public key certificate and credibility security management center platform public key certificate are obtained;
2) the tactful template that credibility security management center issues is obtained;
3) sign test is carried out to tactful template using credibility security management center platform public key certificate;
4) sign test fails, and abandons this template, and it is illegal to export this template source, exits;
5) check that software whether there is;
6) it is not present, output desired value software package is not present, and exits;
7) sign test is carried out to software using detection public key certificate;
8) sign test fails, and abandons this template, and output desired value software package source is illegal, exits;
9) sign test is carried out to software using exploitation public key certificate;
10) sign test fails, and abandons this template, and output desired value software package source is illegal, exits;
11) local white list is added in tactful template after sign test passes through.
Finally it should be noted that: above embodiments are merely to illustrate the technical solution of the application rather than to its protection scopes
Limitation, although the application is described in detail referring to above-described embodiment, those of ordinary skill in the art should
Understand: those skilled in the art read the specific embodiment of application can still be carried out after the application various changes, modification or
Person's equivalent replacement, but these changes, modification or equivalent replacement, are applying within pending claims.
Claims (4)
1. management method that a kind of software version based on digital certificate system is credible, which is characterized in that the credible management method
Include:
(1) digital certificate system root certificate successively derives exploitation certificate, detection certificate, administrator's authentication certificate and credible
Security management center platform credential, certificate type are SM2 algorithm digital certificate;
(2) software development link signs to the complete digest value of software using exploitation private key certificate;
(3) software detection link carries out sign test to sign software using exploitation public key certificate, soft to having signed after sign test passes through
Part carries out viral diagnosis and Function detection, is finally signed using detection private key certificate to software;
(4) credibility security management center with administrator's authentication certificate to administrator carry out identity identification, using exploitation public key
Certificate and detection public key certificate carry out sign test to sign software, and after sign test passes through, generation strategy template uses credible and secure pipe
Reason central platform private key certificate signs to policy template, is stored in trusted software library, is finally issued to policy template automatically
Operation end server;
(5) when operation end server setup, policy template is carried out using credibility security management center platform public key certificate
Sign test reuses detection public key certificate and exploitation public key certificate and carries out sign test, after sign test passes through, tactful mould to software therein
Plate enters local white list storehouse, and software can be run;
Steps are as follows for the operation end server process:
1) exploitation public key certificate, detection public key certificate and credibility security management center platform public key certificate are obtained;
2) the tactful template that credibility security management center issues is obtained;
3) sign test is carried out to tactful template using credibility security management center platform public key certificate;
4) sign test fails, and abandons this template, and it is illegal to export this template source, exits;
5) check that software whether there is;
6) it is not present, output desired value software package is not present, and exits;
7) sign test is carried out to software using detection public key certificate;
8) sign test fails, and abandons this template, and output desired value software package source is illegal, exits;
9) sign test is carried out to software using exploitation public key certificate;
10) sign test fails, and abandons this template, and output desired value software package source is illegal, exits;
11) local white list is added in tactful template after sign test passes through.
2. credible management method as described in claim 1, which is characterized in that the exploitation certificate include exploitation public key certificate with
Develop private key certificate;
The detection certificate includes detection public key certificate and detection private key certificate;
The credibility security management center platform credential includes credibility security management center platform public key certificate and credible and secure pipe
Manage central platform private key certificate.
3. credible management method as described in claim 1, which is characterized in that it is offline import that the digital certificate, which issues mode,
And the carrier using USB-KEY as certificate.
4. credible management method as described in claim 1, which is characterized in that the digital certificate be used for user in system,
Process, the identity of service are identified;
The management rule of the digital certificate includes: certificate issuance, certificate storage, certificate update, certificate revocation, software signature;
The digital certificate is made of Credential Categories, certificate name, sequence number, credential categories.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510783069.0A CN105447390B (en) | 2015-11-16 | 2015-11-16 | Management method that a kind of software version based on digital certificate system is credible |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510783069.0A CN105447390B (en) | 2015-11-16 | 2015-11-16 | Management method that a kind of software version based on digital certificate system is credible |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105447390A CN105447390A (en) | 2016-03-30 |
| CN105447390B true CN105447390B (en) | 2019-09-06 |
Family
ID=55557554
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510783069.0A Active CN105447390B (en) | 2015-11-16 | 2015-11-16 | Management method that a kind of software version based on digital certificate system is credible |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105447390B (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10142323B2 (en) * | 2016-04-11 | 2018-11-27 | Huawei Technologies Co., Ltd. | Activation of mobile devices in enterprise mobile management |
| CN105897731B (en) * | 2016-05-12 | 2019-09-13 | 北京明华联盟科技有限公司 | A kind of authentication method and authentication device |
| CN106250726A (en) * | 2016-08-10 | 2016-12-21 | 深圳金澜汉源科技有限公司 | Software version state management-control method |
| CN106612183B (en) * | 2016-12-27 | 2020-05-22 | 哈尔滨安天科技集团股份有限公司 | Cross digital signature method and system for application software under domestic operating system |
| CN108667594B (en) * | 2017-03-27 | 2022-10-11 | 格尔软件股份有限公司 | Software program module integrity detection method based on PKI public key algorithm |
| CN109376376B (en) * | 2018-09-04 | 2023-05-02 | 南京航空航天大学 | Logic encryption type hardware security protection method based on key gate insertion algorithm |
| CN110311917A (en) * | 2019-07-08 | 2019-10-08 | 北京可信华泰信息技术有限公司 | Host measure and device |
| CN112445705B (en) * | 2020-11-17 | 2022-05-03 | 中国南方电网有限责任公司 | Software running system, method and device based on trusted verification and computer equipment |
| CN112702312B (en) * | 2020-11-30 | 2023-07-11 | 航天信息股份有限公司 | Lightweight Internet of things digital certificate processing method and system based on cryptographic algorithm |
| US20220237097A1 (en) * | 2021-01-22 | 2022-07-28 | Vmware, Inc. | Providing user experience data to tenants |
| CN114401124B (en) * | 2021-12-29 | 2022-10-28 | 北京中科网威信息技术有限公司 | Firewall login method and device, electronic equipment and computer storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035653A (en) * | 2010-11-30 | 2011-04-27 | 中国联合网络通信集团有限公司 | Controllable distributing method and system used in software examining and verifying stage |
| CN102594558A (en) * | 2012-01-19 | 2012-07-18 | 东北大学 | Anonymous digital certificate system and verification method of trustable computing environment |
| CN103888252A (en) * | 2012-12-19 | 2014-06-25 | 深圳市华营数字商业有限公司 | UID, PID, and APPID-based control application access permission method |
| CN104156638A (en) * | 2014-06-06 | 2014-11-19 | 国家计算机网络与信息安全管理中心 | Implementation method of extended signature for Android system software |
| CN104601330A (en) * | 2014-12-29 | 2015-05-06 | 国家电网公司 | Trusted computing and digital certificate technology-based expected value management method |
-
2015
- 2015-11-16 CN CN201510783069.0A patent/CN105447390B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035653A (en) * | 2010-11-30 | 2011-04-27 | 中国联合网络通信集团有限公司 | Controllable distributing method and system used in software examining and verifying stage |
| CN102594558A (en) * | 2012-01-19 | 2012-07-18 | 东北大学 | Anonymous digital certificate system and verification method of trustable computing environment |
| CN103888252A (en) * | 2012-12-19 | 2014-06-25 | 深圳市华营数字商业有限公司 | UID, PID, and APPID-based control application access permission method |
| CN104156638A (en) * | 2014-06-06 | 2014-11-19 | 国家计算机网络与信息安全管理中心 | Implementation method of extended signature for Android system software |
| CN104601330A (en) * | 2014-12-29 | 2015-05-06 | 国家电网公司 | Trusted computing and digital certificate technology-based expected value management method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105447390A (en) | 2016-03-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105447390B (en) | Management method that a kind of software version based on digital certificate system is credible | |
| US10230756B2 (en) | Resisting replay attacks efficiently in a permissioned and privacy-preserving blockchain network | |
| US8954732B1 (en) | Authenticating third-party programs for platforms | |
| KR102173426B1 (en) | Privacy preserving public key infrastructure based self sign and verification system and method in decentralized identity | |
| US9509720B2 (en) | Techniques for improved run time trustworthiness | |
| CN104104672B (en) | The method that dynamic authorization code is established in identity-based certification | |
| US8839395B2 (en) | Single sign-on between applications | |
| CN107463806B (en) | Signature and signature verification method for Android application program installation package | |
| CN106789059B (en) | A kind of long-range two-way access control system and method based on trust computing | |
| CN103685138A (en) | Method and system for authenticating application software of Android platform on mobile internet | |
| CN110677376A (en) | Authentication method, related device and system and computer readable storage medium | |
| CN112115205B (en) | Cross-chain trust method, device, equipment and medium based on digital certificate authentication | |
| US20210365529A1 (en) | Hardware security | |
| US11133942B1 (en) | Systems and methods of ring usage certificate extension | |
| WO2019178763A1 (en) | Certificate importing method and terminal | |
| US20230033986A1 (en) | Security Device and Methods for End-to-End Verifiable Elections | |
| CN109309645A (en) | A kind of software distribution security guard method | |
| CN111147259B (en) | Authentication method and device | |
| CN113792301A (en) | Block chain-based Internet of things data access method and device | |
| CN116346415A (en) | Multi-factor login authentication method and device for industrial control PLC system and PLC system | |
| CN114329368A (en) | Transaction account management method and device, computer readable medium and electronic equipment | |
| Du et al. | Blockchain-based access control architecture for multi-domain environments | |
| CN104601330B (en) | A kind of desired value management method based on trust computing and digital certificate technique | |
| CN113326527A (en) | Credible digital signature system and method based on block chain | |
| CN111967019A (en) | TEE-based Internet of things secure startup implementation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 102209 Beijing City, Changping District science and Technology Park in the future smart grid research institute hospital Applicant after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Applicant after: Jiangsu Electric Power Company Applicant after: State Grid Corporation of China Applicant after: State Grid Jibei Electric Power Company Limited Applicant after: State Grid Tianjin Electric Power Company Applicant after: Nantong Power Supply Company, Jiangsu Electric Power Co., Ltd. Address before: 102211 Beijing city Changping District Xiaotangshan town big East Village Road No. 270 (future technology city) Applicant before: State Grid Smart Grid Institute Applicant before: Jiangsu Electric Power Company Applicant before: State Grid Corporation of China Applicant before: State Grid Jibei Electric Power Company Limited Applicant before: State Grid Tianjin Electric Power Company Applicant before: Nantong Power Supply Company, Jiangsu Electric Power Co., Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |