CN106127059A - The realization of credible password module and method of servicing on a kind of ARM platform - Google Patents
The realization of credible password module and method of servicing on a kind of ARM platform Download PDFInfo
- Publication number
- CN106127059A CN106127059A CN201610497918.0A CN201610497918A CN106127059A CN 106127059 A CN106127059 A CN 106127059A CN 201610497918 A CN201610497918 A CN 201610497918A CN 106127059 A CN106127059 A CN 106127059A
- Authority
- CN
- China
- Prior art keywords
- tcme
- cpu core
- trusted service
- credible
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses realization and the method for servicing of credible password module on a kind of ARM platform: first, the credible efficient agency being positioned at common world receives and asks to carry out pretreatment to the trusted service from application program, transfer to communication agent to forward request, preserve and switch the duty of host CPU core;Then credible password module simulator TCME receives and parses through the request of forwarding, initialize from CPU core according to platform actual CPU core number, with round robin by all TCME process requesting assignment to and running on master-slave cpu core, TCME is according to the trusted service of wall scroll service request offer standard;Finally, security password storehouse provides cryptographic algorithm support to TCME, and by the root key encryption protection being stored in Secure Boot ROM;The invention have the advantage that and processed trusted service request by multinuclear simultaneously, improve system trusted service efficiency;By utilizing the root key encryption protection security password storehouse of safety storage, it is ensured that cryptographic algorithm and the safety of key.
Description
Technical field
The present invention relates to mobile message security fields, relate generally on a kind of ARM platform credible password module and efficiently
The method of service.
Background technology
At present, there is the mobile intelligent terminal of powerful disposal ability, more memory space and SOS
Become the development trend of mobile terminal.As the development of PC, the universal of mobile intelligent terminal brings greatly
Simultaneously easily, great potential safety hazard has also been brought.Owing to having less size, and the complexity of local environment
Property and uncertainty, more complicated than PC system of its safety problem faced, and the loss caused is bigger.Therefore, make
It is that user builds a safe and reliable calculating platform and becomes extremely important with reliable computing technology.
Now, the mobile platform processor of main flow has ARM, Intel and MIPS.Wherein, arm processor is simplified by employing
Instruction set (RISC) and low-power consumption technique, be especially suitable for the embedded device of limited storage space and power limited, therefore at ARM
Reason device is widely used to the various products such as Industry Control, consumer electronics product, communication system, network system, wireless system
Market.ARM company releases TrustZone technology and ensures system and the data safety of ARM platform, ARM TrustZone technology
It is substantially a kind of Intel Virtualization Technology, depends on the function that arm processor provides, safe and non-by processor state is divided into
Two kinds of mode of operations of safety, and coordinate the security attribute on other buses and peripheral hardware to realize spreading all over whole hardware system
Safety.
Each physics arm processor core provides two class virtual core, and a class is non-safe kernel (Non-Secure), another kind of is
Safe kernel (Secure).Non-security core operates under common world, and safe kernel operates under safe space.Both of which and two classes
Virtual core is all integrated in a physical core, is that same physical core is empty in both of which and two classes according to different needs
Nucleoid simply switches.The software of common world can use SMC (Secure Monitor Call) instruct or pass through hardware
One subset of abnormal mechanism enters into Monitor pattern, thus arm processor switches to the pattern of safe space and transports
The shielded fail-safe software of row.Monitor pattern main task is to preserve contextual information when CPU runs, in order to from safety
When space returns common world, CPU and OS can normally work.
On the other hand, 2003, the company such as Intel, Compaq, HP, IBM and Microsoft the Trusted Computing Group participated in
(Trusted Computing Group, TCG) sets up, and proposes by calculating increase credible platform module on platform
(Trusted Platform Module, TPM) and mobile trusted module (Mobile Trusted Module, MTM) are used for protecting
Protect tradition and mobile computing environment.
Trust computing group of Beijing Jiaotong University propose based on EFI (Extensible Firmware Interface) and
The Portable TPM scheme of USB interface, reduces tradition LPC interface TPM and the degree of coupling calculating platform so that TPM possesses
Hot plug and i.e. insert the characteristic i.e. serviced.
A kind of based on mobile device the trusted module implementation method that the Institute of Software, Chinese Academy of Science proposes.Pass through software
The function of simulation trusted module, primary clustering includes trusted service process, trusted module storehouse and cryptographic libraries.Main trusted function exists
The safer world of TrustZone technical support realizes, needs when being positioned at the application call trusted service of common world to cut
Changing the duty of arm processor and mobile computing platform, single trusted service expense is bigger.
Along with mobile device is fast-developing towards polycaryon processor, mobile computing mode has calculated towards multi-core parallel concurrent
Direction changes.Different from server or desktop edition system, mobile computing platform has for the current process resource distribution of user
Sizable inclination.So the use process that user is current often can take the resource of CPU completely, if user is when advancing
Journey calculates one of them CPU core of platform only with multinuclear, then the efficiency of program will not known where to begin.
In sum, existing mobile computing platform builds trusted module by the way of increasing hardware or software simulation,
Do not take into full account calculating resource limited under mobile computing environment and the problem of hardware platform autgmentability, it is impossible to meet mobile
Equipment is to easily extension and the demand of efficient trusted service.
Summary of the invention
In order to overcome the deficiencies in the prior art, the TrustZone technology that the present invention provides based on arm processor, it is provided that
Plant in the method realizing credible password module High-effective Service in safer world by the way of software is simulated, on the one hand utilize many
The method of core parallel computation improves the efficiency that the trusted module of software simulation services on the mobile apparatus, on the other hand by utilizing
The security password storehouse of the root key encryption protection trusted module being stored in Secure Boot ROM, it is ensured that cryptographic algorithm and close
The safety of key.
The present invention solves that above-mentioned technical problem be the technical scheme is that
First, by credible efficient agency (Trusted Efficient Agent, TEA) receive from application program can
Telecommunications services is asked, to being appropriate to module status read operation, Hash, signature and the sign test of Parallel Service, symmetrical and asymmetric
Encryption and decryption Password Operations is packaged session number and the special command number of also distributing uniform, is not suitable for carrying out Parallel Service to other
Operation (including: module status write operation, key generate and management operation) the most directly distribution session number and command number.TEA
Calling communication agency (Communication Monitor, CM), forwards these trusted service request bag, preserves and switch main place
Reason CPU core and platform duty.
Then, trusted service request is transmitted on main process CPU core the credible password module simulator run by CM
(Trusted Cryptography Module Emulator, TCME), trusted service request bag is unsealed by TCME, and root
The CPU core number actual according to ARM platform initializes from CPU core, in the way of Cycle arranging, transfers to main by the request of all trusted service
The TCME process run from CPU core, and return behaviour's result by command parameter and return value.
Finally, TCME receive forwarded by CM or self distribution trusted service request after, by being positioned at safe generation
The safe OS on boundary reads the root key RK being positioned at Secure Boot ROM, and is decrypted, security password storehouse SCL by SCL
Cryptographic algorithm and the key generation support meeting country's commercial cipher algorithm standard rules is provided to TCME.Support based on SCL, TCME
The module management of offer standard, identity and checking, data protection and the operation of tolerance report.
The method that the present invention provides has following major advantage compared with other technology existing: compared to hard-wired
Trusted module, is independent of particular hardware platform by the trusted module of software simulated implementation, has higher extensibility;Pass through
Utilize the method that multi-core parallel concurrent calculates, utilize the request of arm processor master-slave cpu core parallel processing trusted service to decrease at ARM
Reason device and the number of times of whole platform status switching, improve the efficiency of the trusted service of entirety;It is stored in Secure by utilization
The security password storehouse of the root key encryption protection trusted module in Boot ROM, it is ensured that cryptographic algorithm and the safety of key.
Accompanying drawing explanation
Fig. 1: the implementation method of credible password module, composition and graph of a relation in mobile device
Fig. 2: the data preprocessing method of credible efficient agency
Fig. 3: master-slave cpu core starts and the method for parallel running
Fig. 4: the method that in master-slave cpu, the protection of security password storehouse and TCME provide trusted service
Detailed description of the invention
Present invention TrustZone based on arm processor technology, it is provided that one is simulated by software in " safer world "
The mode method that realizes credible password module High-effective Service, as shown in Figure 1: received from should by the credible TEA that efficiently acts on behalf of
Asking with the trusted service of program, these requests carry out pretreatment formation can multi-core parallel concurrent or the trusted service of monokaryon process
Request bag, TEA calling communication is acted on behalf of CM and asks bag to pass to CM trusted service;CM preserve and switch main process CPU core and
Whole working platform state, is transmitted to credible password module simulator TCME by trusted service request, and TCME is according to request type
Carry out module management, identity processes with checking, data protection and the multi-core parallel concurrent of tolerance report or monokaryon;Finally, by pacifying
Full cryptographic libraries SCL provides to TCME and uses the cryptographic algorithm meeting country's commercial cipher algorithm standard rules, and by being stored in
The code of the root key RK encipherment protection SCL in Secure Boot ROM and the key of generation.
In conjunction with Fig. 1, Fig. 2, Fig. 3 and Fig. 4, the tool of the High-effective Service of credible password module in the mobile device that the present invention proposes
Body implementation method is:
The realization of credible password module and method of servicing on a kind of ARM platform, idiographic flow is as follows:
(1) the credible TEA that efficiently acts on behalf of receives the trusted service request from application program, and these requests are carried out pretreatment
Formation can the trusted service request bag that processes of multi-core parallel concurrent or monokaryon, TEA calling communication is acted on behalf of CM and is asked by trusted service
Bag passes to CM.
In this step, it is embodied as being divided into following details:
(1.1) the credible TEA that efficiently acts on behalf of accepts to ask from the trusted service of application program, and trusted service request comprises:
Order ID, command parameter Operation and tri-parts of return value Ret;
(1.2) the credible TEA that efficiently acts on behalf of is according to order ID, classifies trusted service request, for being suitable for parallel place
The service request (including: module status read operation, hashing operation, signature and sign test operation, symmetrical encryption and decryption operation) of reason, enters
The unified encapsulation of row, for session number Session_0 of request distributing uniform and the special command ID_0 of encapsulation, and by shared
Internal memory transmission parameter in addition to Session_0 and ID_0;
(1.3) the service request processed for applicable wall scroll (including: module status write operation, key generate and management
Operation), then classification by function is trusted service request distribution session number;
(1.4) the credible TEA that efficiently acts on behalf of will be to communication agent CM by the trusted service request through pretreatment.
(2) CM preserves and switches host CPU core and whole working platform state, and trusted service request is transmitted to host CPU core.
Trusted service request bag is processed by host CPU core by running credible password module simulator TCME.
If what TCME received is the trusted service request encapsulated data packet being suitable for parallel processing, then actual according to ARM platform
CPU core number initialize from CPU core, in the way of Cycle arranging, by all trusted service request transfer on master-slave cpu core run
TCME process, and return behaviour's result by command parameter and return value.
In this step, it is embodied as being divided into following details:
(2.1) communication agent CM preserves and switches host CPU core and whole working platform state, credible by through pretreatment
Service request is transmitted to host CPU core, if receive is the trusted service request encapsulated data packet being suitable for parallel processing, then by leading
CPU core carries out deblocking process by running credible password module simulator TCME to trusted service request encapsulated data packet;
(2.2) credible password module simulator TCME is Session_0 to session number, and command number is that the packed of ID_0 can
Telecommunications services request unseals, the order Id of each bar that reduces request, command parameter Operation and return value Ret, and is every
Request is plus unified session number Session_0;To other non-encapsulated common trusted service requests without deblocking, directly by
Host CPU core runs TCME and carries out trusted service according to request, and idiographic flow sees step (3);
(2.3) if selected ARM platform is monokaryon or double-core platform, step (2.4) is carried out;Otherwise actual according to ARM platform
CPU core number num, by be in safer world host CPU core initialize quantity be num/2-1 from CPU core, by these from CPU
Core is set to safer world pattern, and runs TCM simulator TCME, carries out step (2.5);
(2.4) if selected ARM platform is monokaryon or double-core platform, then run credible by the host CPU core being in safer world
Crypto module simulator TCME, and complete the process of all trusted service request, by command parameter Operation and return value
Ret returns operating result;
(2.5) if selected ARM platform is not monokaryon or double-core platform, then the host CPU core being in safer world divides with round
All trusted service are asked the TCME transferring to host CPU core to run or transfer to run from CPU core by CM forwarding by the mode joined
TCME process, and return operating result by command parameter Operation and return value Ret.
(3) forwarded by CM or the wall scroll trusted service request of self distribution, then by being positioned at safer world if TCME receives
Safe OS read and be positioned at the root key RK of Secure Boot ROM, and security password storehouse SCL is decrypted, by SCL to
TCME provides cryptographic algorithm and the key generation support meeting country's commercial cipher algorithm standard rules.Support based on SCL, TCME carries
For the module management of standard, identity and checking, data protection and the operation of tolerance report.
In this step, it is embodied as being divided into following details:
(3.1) TCME is when receiving the wall scroll trusted service request that CM forwards or self distributes, and is positioned at safer world
Safe OS read and be positioned at the root key RK of Secure Boot ROM, and security password storehouse SCL is decrypted, obtains
Hold the cryptographic algorithm of SCL and generate the plaintext of key;
(3.2) credible password module simulator TCME asks according to wall scroll trusted service, it is provided that the module management of standard, body
Part mark and checking, data protection and the operation of tolerance report
(3.3) when there being password related needs, security password storehouse SCL employing is provided to meet country's commercial cipher to TCME
The cryptographic algorithm of algorithm standard rules, i.e. SM2, SM3 and SM4 algorithm, it is provided that the key of SM2 and SM4 algorithm generates and storage service, with
And the key produced by TCME standard operation.
The part not illustrated in description is prior art or common knowledge.The present embodiment is merely to illustrate this invention,
Rather than restriction the scope of the present invention, the equivalent replacement that those skilled in the art are made for the present invention etc. is revised and is all considered
Fall in this invention claims institute protection domain.
Claims (6)
1. the realization of credible password module and method of servicing on an ARM platform, it is characterised in that: idiographic flow is as follows:
Step 1, is received by the credible TEA that efficiently acts on behalf of being positioned at " common world " and is asked the trusted service from application program
Carry out pretreatment, transfer to communication agent CM to forward request, preserve host CPU core duty;
Step 2, the credible password module simulator TCME that host CPU core runs receives and parses through the request of forwarding, according to platform
Actual CPU core number initializes from CPU core, with round robin by all TCME process requesting assignment to and running on master-slave cpu core;
Step 3, on CPU core run TCME receive forwarded by CM or self distribution wall scroll trusted service ask it
After, the safe OS being positioned at " safer world " read the root key RK being positioned at Secure Boot ROM, and to security password storehouse
SCL is decrypted, SCL meet cryptographic algorithm and the key generation support of country's commercial cipher standard to TCME offer;Based on
The support of SCL, TCME provides the module management of standard, identity and checking, data protection and the trusted service of tolerance report.
The realization of credible password module and method of servicing on a kind of ARM platform the most according to claim 1, its feature exists
In: described step 1 idiographic flow is as follows:
Step 101, the credible TEA that efficiently acts on behalf of accepts to ask from the trusted service of application program, and trusted service request comprises: life
Make ID, command parameter Operation and tri-parts of return value Ret;
Step 102, trusted service request, according to order ID, is classified, for applicable parallel processing by the credible TEA that efficiently acts on behalf of
Service request, carry out unified encapsulation, for session number Session_0 of request distributing uniform and the special command number of encapsulation
ID_0, and by shared drive transmission parameter in addition to Session_0 and ID_0;
Step 103, the service request processed for applicable wall scroll, then classification by function is trusted service request distribution session
Number;
Step 104, the credible TEA that efficiently acts on behalf of will be to communication agent CM by the trusted service request through pretreatment.
The realization of credible password module and method of servicing on a kind of ARM platform the most according to claim 2, its feature exists
In: described step 2 idiographic flow is as follows:
Step 201, communication agent CM preserves and switches host CPU core and whole working platform state, credible by through pretreatment
Service request is transmitted to host CPU core, if receive is the trusted service request encapsulated data packet being suitable for parallel processing, then by leading
CPU core carries out deblocking process by running credible password module simulator TCME to trusted service request;
Step 202, credible password module simulator TCME is Session_0 to session number, and command number is that the packed of ID_0 can
Telecommunications services request unseals, the order Id of each bar that reduces request, command parameter Operation and return value Ret, and is every
Request is plus unified session number Session_0;To other non-encapsulated common trusted service requests without deblocking, directly by
Host CPU core runs TCME and carries out trusted service according to request;
Step 203, if selected ARM platform is monokaryon or double-core platform, carries out step 204;Otherwise according to ARM platform reality
CPU core number num, by be in " safer world " host CPU core initialize quantity be num/2-1 from CPU core, by these from CPU
Core is set to " safer world " pattern, and runs credible password module simulator TCME, carries out step 205;
Step 204, if selected ARM platform is monokaryon or double-core platform, is then run credible by the host CPU core being in " safer world "
Crypto module simulator TCME, and complete the process of all trusted service request, by command parameter Operation and return value
Ret returns operating result;
Step 205, if selected ARM platform is not monokaryon or double-core platform, then the host CPU core being in " safer world " divides with round
All trusted service are asked the TCME transferring to host CPU core to run or transfer to run from CPU core by CM forwarding by the mode joined
TCME process, and return operating result by command parameter Operation and return value Ret.
The realization of credible password module and method of servicing on a kind of ARM platform the most according to claim 3, its feature exists
In: the idiographic flow of described step 3 is as follows:
Step 301, TCME, when receiving the wall scroll trusted service request that CM forwards or self distributes, is positioned at " safer world "
Safe OS read and be positioned at the root key RK of Secure Boot ROM, and security password storehouse SCL is decrypted, obtains
Hold the cryptographic algorithm of security password storehouse SCL and generate the plaintext of key;
Step 302, credible password module simulator TCME asks according to wall scroll trusted service, it is provided that the module management of standard, body
Part mark and checking, data protection and the operation of tolerance report;
Step 303, when there being password related needs, is provided employing to meet country's commercial cipher by security password storehouse SCL to TCME
The cryptographic algorithm of algorithm standard rules, i.e. SM2, SM3 and SM4 algorithm, it is provided that the key of SM2 and SM4 algorithm generates and storage service, with
And the key produced by TCME standard operation.
The realization of credible password module and method of servicing on a kind of ARM platform the most according to claim 2, its feature exists
Service request in: the applicable parallel processing described in step 102 include module status read operation, hashing operation, signature and
Sign test operation, symmetrical encryption and decryption operation.
The realization of credible password module and method of servicing on a kind of ARM platform the most according to claim 2, its feature exists
In: the service request that the applicable wall scroll described in step 103 processes includes that module status write operation, key generate and management behaviour
Make.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610497918.0A CN106127059B (en) | 2016-06-30 | 2016-06-30 | The realization of credible password module and method of servicing on a kind of ARM platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610497918.0A CN106127059B (en) | 2016-06-30 | 2016-06-30 | The realization of credible password module and method of servicing on a kind of ARM platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106127059A true CN106127059A (en) | 2016-11-16 |
| CN106127059B CN106127059B (en) | 2019-03-29 |
Family
ID=57285449
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610497918.0A Active CN106127059B (en) | 2016-06-30 | 2016-06-30 | The realization of credible password module and method of servicing on a kind of ARM platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106127059B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107577953A (en) * | 2017-10-19 | 2018-01-12 | 郑州云海信息技术有限公司 | A kind of system and method based on CUSE simulation credible password modules |
| CN110868416A (en) * | 2019-11-15 | 2020-03-06 | 北京握奇智能科技有限公司 | Method and equipment for realizing cryptographic function service based on trusted execution environment |
| CN111177773A (en) * | 2019-12-10 | 2020-05-19 | 中国电子科技网络信息安全有限公司 | Full disk encryption and decryption method and system based on network card ROM |
| JPWO2021234820A1 (en) * | 2020-05-19 | 2021-11-25 | ||
| CN114047948A (en) * | 2021-11-08 | 2022-02-15 | 可信计算科技(无锡)有限公司 | Reconfigurable trusted cryptographic module simulator, implementation method and simulation reconstruction method |
| CN115618328A (en) * | 2022-12-16 | 2023-01-17 | 飞腾信息技术有限公司 | Security architecture system, security management method, computing device, and readable storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080034364A1 (en) * | 2006-08-02 | 2008-02-07 | Lam Monica S | Sharing Live Appliances |
| CN102844762A (en) * | 2010-01-22 | 2012-12-26 | 意法爱立信有限公司 | Secure environment management during switches between different modes of multicore systems |
| CN103150514A (en) * | 2013-03-07 | 2013-06-12 | 中国科学院软件研究所 | Mobile equipment-based credible module and credible service method thereof |
| CN104657115A (en) * | 2015-03-12 | 2015-05-27 | 浪潮集团有限公司 | Cluster file system client-side multi-core concurrence and load implementation method |
-
2016
- 2016-06-30 CN CN201610497918.0A patent/CN106127059B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080034364A1 (en) * | 2006-08-02 | 2008-02-07 | Lam Monica S | Sharing Live Appliances |
| CN102844762A (en) * | 2010-01-22 | 2012-12-26 | 意法爱立信有限公司 | Secure environment management during switches between different modes of multicore systems |
| CN103150514A (en) * | 2013-03-07 | 2013-06-12 | 中国科学院软件研究所 | Mobile equipment-based credible module and credible service method thereof |
| CN104657115A (en) * | 2015-03-12 | 2015-05-27 | 浪潮集团有限公司 | Cluster file system client-side multi-core concurrence and load implementation method |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107577953A (en) * | 2017-10-19 | 2018-01-12 | 郑州云海信息技术有限公司 | A kind of system and method based on CUSE simulation credible password modules |
| CN107577953B (en) * | 2017-10-19 | 2020-02-21 | 郑州云海信息技术有限公司 | System and method for simulating trusted cryptographic module based on CUSE |
| CN110868416A (en) * | 2019-11-15 | 2020-03-06 | 北京握奇智能科技有限公司 | Method and equipment for realizing cryptographic function service based on trusted execution environment |
| CN111177773A (en) * | 2019-12-10 | 2020-05-19 | 中国电子科技网络信息安全有限公司 | Full disk encryption and decryption method and system based on network card ROM |
| JPWO2021234820A1 (en) * | 2020-05-19 | 2021-11-25 | ||
| JP7267505B2 (en) | 2020-05-19 | 2023-05-01 | 三菱電機株式会社 | Equipment, network equipment and command execution method |
| CN114047948A (en) * | 2021-11-08 | 2022-02-15 | 可信计算科技(无锡)有限公司 | Reconfigurable trusted cryptographic module simulator, implementation method and simulation reconstruction method |
| CN115618328A (en) * | 2022-12-16 | 2023-01-17 | 飞腾信息技术有限公司 | Security architecture system, security management method, computing device, and readable storage medium |
| CN115618328B (en) * | 2022-12-16 | 2023-06-13 | 飞腾信息技术有限公司 | Security architecture system, security management method, computing device, and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106127059B (en) | 2019-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106127059A (en) | The realization of credible password module and method of servicing on a kind of ARM platform | |
| CN111143890B (en) | Calculation processing method, device, equipment and medium based on block chain | |
| CN100487715C (en) | Date safety storing system, device and method | |
| US8566934B2 (en) | Apparatus and method for enhancing security of data on a host computing device and a peripheral device | |
| US20060230439A1 (en) | Trusted platform module apparatus, systems, and methods | |
| CN108418817B (en) | Encryption method and device | |
| CN104951712B (en) | A kind of data security protection method under Xen virtualized environment | |
| EP3602368B1 (en) | Hardware trusted data communications over system-on-chip (soc) architectures | |
| CN108460282A (en) | A kind of computer safety start method based on multi-core chip | |
| CN103885725B (en) | A kind of virtual machine access control system and its control method based on cloud computing environment | |
| EP2863329A1 (en) | Establishing physical locality between secure execution environments | |
| CN116418522A (en) | Cloud server crypto-engine system based on virtualization technology | |
| US20240028759A1 (en) | Database access method and apparatus | |
| CN109547450A (en) | Method, apparatus, electronic equipment and the computer media in operational safety execution domain | |
| CN102664887A (en) | Input information protecting method, device and system | |
| CN114844693B (en) | Lightweight communication data encryption method, device, equipment and storage medium | |
| CN116821020A (en) | BMC controller, information security system and information interaction method | |
| KR101531833B1 (en) | Multi-channel method and device for smartwork security framework based on mobile virtualization environment | |
| CN111209544B (en) | Web application security protection method and device, electronic equipment and storage medium | |
| CN100517290C (en) | Method for realizing universal series bus key compound equipment | |
| KR101380895B1 (en) | Apparatus for providing security service and method of security service using the same | |
| CN111460464A (en) | Data encryption and decryption method and device, electronic equipment and computer storage medium | |
| US11343083B2 (en) | Method for key sharing between accelerators in virtual channel | |
| US11405336B2 (en) | Method for key sharing between accelerators in virtual channel with switch | |
| Gao et al. | The research and design of embed RSA encryption algorithm network encryption card driver |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |