CN107688729A - Protection system of application program and method based on trusted host - Google Patents
Protection system of application program and method based on trusted host Download PDFInfo
- Publication number
- CN107688729A CN107688729A CN201710622214.6A CN201710622214A CN107688729A CN 107688729 A CN107688729 A CN 107688729A CN 201710622214 A CN201710622214 A CN 201710622214A CN 107688729 A CN107688729 A CN 107688729A
- Authority
- CN
- China
- Prior art keywords
- key
- ciphertext
- application program
- state data
- generation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000006243 chemical reaction Methods 0.000 claims abstract description 14
- 238000012856 packing Methods 0.000 claims description 10
- 238000004519 manufacturing process Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 abstract description 6
- 230000006870 function Effects 0.000 description 4
- 230000003068 static effect Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Radar, Positioning & Navigation (AREA)
- Remote Sensing (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The present invention discloses a kind of protection system of application program and method based on trusted host; realized based on the trusted host for being provided with credible chip; shell adding processing is carried out for the executable file of application program, and is bound with trusted host, prevents executable file from illegally being solved shell;For the state data file of application program, encryption and decryption processing is carried out using the key of credible chip generation, and further conversion process is carried out to key, improves Information Security, prevent from obtaining the state data file of plaintext, or state data file is obtained by modes such as dis-assemblings;For the dynamic data of application program, dynamic data is stored in the particular safety area of space of memory headroom, is read from the region during use, prevents from illegally intercepting dynamic data from memory headroom.The present invention can improve the Information Security of application program comprehensively.
Description
Technical field
The present invention relates to a kind of protection system of application program and method based on trusted host, belongs to information security technology neck
Domain
Background technology
Application program is the computer program that can be completed specific function and can run on operating system, its general bag
Include some static data files, such as executable file (.exe files), resource file (picture file, audio-video document),
Dynamic link library file etc., when performing application program, specific logical operation is performed by executable file, calls corresponding number
According to file, particular result is obtained after processing, completes specific function, in the process of implementation, it is necessary to dynamic assigning memory space,
Dynamic data, such as input data, intermediate data and output data are preserved in the memory headroom of distribution.
The Information Security of application program directly affects the interests of its owner, and the user of application program also wishes
Application security is reliable used in prestige, and then ensures the security of user's private data.At present, the safety of application program
Following deterrent be present in property:It is important using logical process acquisition of the decompiler of specialty by analyzing state data file
Information;Using the state data file of plaintext version, critical data is directly obtained, and analyzed;Intercepted using professional tool
Dynamic data in memory headroom, causes leaking data.
Current existing encryption lock product has software protection function, but its finite capacity, preserves inconvenient to carry, Wu Fajin
Row hardware binding, it is possible to provide defencive function it is limited.
The content of the invention
In view of the foregoing, it is an object of the invention to provide a kind of protection system of application program based on trusted host and
Method, realized based on trusted host, shell adding processing is carried out to executable file, state data file is encrypted, will
Dynamic data is stored in particular safety space, can improve the security of application program comprehensively.
To achieve the above object, the present invention uses following technical scheme:
A kind of protection system of application program based on trusted host, application program include executable file, static data text
Part, dynamic data, trusted host are provided with credible chip, and system includes:Key production module, encryption processing module, it is credible should
With program generating module, trusted application decryption processing module,
Key production module, asymmetrical public key, private key, and symmetrical key K are generated based on credible chip, utilize the public affairs
Key key K is encrypted generation ciphertext ciphering key;
Encryption processing module, using ciphertext ciphering key, state data file is encrypted generation ciphertext static data text
Part;
Trusted application generation module, by ciphertext ciphering key, ciphertext state data file packing generation trusted application journey
Sequence;
Trusted application decryption processing module, using ciphertext ciphering key, ciphertext state data file is decrypted, it is raw
Into clear data be stored in internal memory, for trusted application call.
Protection system of application program based on trusted host, in addition to shell adding binding module, for the executable text
Part carries out shell adding processing, generates the executable file of shell adding, by setting bound secret to bind application program and trusted host.
Protection system of application program based on trusted host, in addition to trusted application dynamic protection module, for inciting somebody to action
The dynamic data is stored in the particular safety space in memory headroom, and reads the dynamic number out of this particular safety space
According to.
It is described generation ciphertext state data file method be:The private key is obtained, it is close to the ciphertext using the private key
The generation key K is decrypted in key C;Random string S is inputted, the designated word in the key K is replaced with random string S
Symbol string S1, the key K` after generation conversion;It is quiet the state data file to be encrypted using key K` the generation ciphertext
State data file.
The method that ciphertext state data file is decrypted is:The private key is obtained, using the private key to described
The generation key K is decrypted in ciphertext ciphering key;The designated character string in the key K is replaced with the random string S
S1, the key K` after generation conversion;The ciphertext state data file is decrypted using key K`, and by after decryption
Data are read in internal memory and used for application program.
By the ciphertext ciphering key, ciphertext state data file, the executable file of shell adding, random string S packing generations
Trusted application.
Application program guard method based on trusted host, application program include executable file, state data file, moved
State data, trusted host are provided with credible chip, including:
Generate ciphertext ciphering key;
Using ciphertext ciphering key, state data file is encrypted, generates ciphertext state data file;
By ciphertext ciphering key, ciphertext state data file packing generation trusted application;
Using ciphertext ciphering key, ciphertext state data file is decrypted, the clear data of generation is stored in internal memory, supplies
Trusted application uses.
Application program guard method based on trusted host, in addition to:Shell adding processing is carried out to the executable file, it is raw
Into the executable file of shell adding, by setting bound secret to bind application program and trusted host.
Application program guard method based on trusted host, in addition to:The dynamic data is stored in memory headroom
Particular safety space, and read the dynamic data out of this particular safety space.
It is described generation ciphertext state data file method be:The private key is obtained, it is close to the ciphertext using the private key
The generation key K is decrypted in key C;Random string S is inputted, the designated word in the key K is replaced with random string S
Symbol string S1, the key K` after generation conversion;It is quiet the state data file to be encrypted using key K` the generation ciphertext
State data file.
It is described decryption generation state data file method be:The private key is obtained, it is close to the ciphertext using the private key
The generation key K is decrypted in key C;The designated character string S1 in the key K, generation are replaced with the random string S
Key K` after conversion;The ciphertext state data file is decrypted using key K`, the clear data of generation preserves
Used in internal memory for application program.
By the ciphertext ciphering key, ciphertext state data file, the executable file of shell adding, random string S packing generations
Trusted application.
It is an advantage of the invention that:
1st, system and method for the invention, shell adding protection, and and trusted host are carried out to the executable file of application program
Binding, can prevent executable file from illegally being solved shell, prevent application program to be stolen;
2nd, system and method for the invention, the state data file of application program is encrypted, and key is entered
Row encryption and conversion process, prevent from obtaining the state data file of plaintext, or obtain static data by modes such as dis-assemblings
File, improve Information Security;
3rd, system and method for the invention, the dynamic data of application program is stored in the particular safety space of memory headroom
Region, read from the region during use, prevent from illegally intercepting dynamic data from memory headroom.
4th, the present invention improves the number of application program from executable file, state data file, dynamic data etc. comprehensively
According to security.
Brief description of the drawings
Fig. 1 is the block diagram of system of the present invention.
Fig. 2 is the method flow schematic diagram of the generation trusted application of the present invention.
Fig. 3 is the method flow schematic diagram of the load and execution trusted application of the present invention.
Embodiment
Below in conjunction with drawings and examples, the present invention is described in further detail.
As shown in figure 1, the protection system of application program disclosed by the invention based on trusted host, real based on trusted host
Existing, the trusted host is the main frame for being provided with credible chip, and system includes shell adding binding module, key production module, at encryption
Manage module, trusted application generation module, trusted application decryption processing module, trusted application dynamic protection mould
Block.
Shell adding binding module, for carrying out shell adding processing to the executable file of application program, during shell adding, set binding close
Code, bound secret is stored in the credible chip of main frame (in its NV space).Run on the trusted host of binding executable
During file, without solving shell, without inputting bound secret, application program can normal operation.When being intended to carry out solution shell to executable file,
Bound secret need to be inputted on the trusted host of binding, when the bound secret one preserved in the bound secret and credible chip of input
During cause, shell just can be successfully solved, if the bound secret of input is incorrect, shell can not be solved, and is automatically deleted executable file, is prevented
Executable file is illegally accessed.If application program is copied on unbundling main frame, application program can not be performed normally.
Key production module, for generating asymmetrical public key, private key pair using credible chip, generated using credible chip
Symmetrical key K, the public key of generation, private key are to being stored in credible chip;Then, key K is encrypted using the public key
Processing generation ciphertext ciphering key, to ensure key K security.
Encryption processing module, for the state data file of application program to be encrypted, specifically include:Reading can
Believe the private key in chip, ciphertext ciphering key is decrypted using the private key key K of processing generation plaintext;Input random character
String S, the designated character string S1 in key K, the key K` after generation conversion are replaced with random string S;It is corresponding using key K`
It is encrypted with the state data file of program, generates ciphertext state data file.
Trusted application generation module, for by random string S, ciphertext ciphering key, ciphertext state data file, plus
The packings such as the executable file of shell generate trusted application, are used for user installation.
Trusted application decryption processing module, for the ciphertext state data file of security application to be decrypted
Processing, ensures the normal execution of application program.Specifically include:The private key in credible chip is read, it is close to ciphertext using the private key
Processing is decrypted in key C, generates the key K of plaintext, replaces the designated character string S1 in key K with random string S, generation becomes
Key K` after changing, ciphertext state data file is decrypted processing using key K`, the data generated after decryption preserve
In internal memory, there is provided executable file calls.
Above-mentioned encryption processing module with random string S with trusted application decryption processing module, being replaced in key K
Replacement position in key K of designated character string S1, random string S it is identical with Substitution Rules agreement, random string S's
Length is less than key K string length.
Trusted application dynamic protection module, for by the crucial dynamic data in trusted application implementation procedure
The particular safety space being stored in memory headroom, the dynamic data of key is read during use out of this particular safety space.Tool
Body says that crucial dynamic data can include key K`, significant data (such as algorithm data), and pre-defined critical data connects
Mouthful, in trusted application loading procedure, the dynamic data of key is stored in memory headroom by the critical data interface
Particular safety space, when needing to call crucial dynamic data in trusted application implementation procedure, connect by joint data
Mouth reads out the dynamic data of key from the particular safety space, and the data taken out are destroyed after having used.Said process is based on SGX
Technology realizes that it is prior art, and the present invention does not illustrate deeply.
The application program guard method that protection system of application program based on above-mentioned trusted host is realized, including:
1st, trusted application is generated
Carry out shell adding processing to the executable file of application program, during shell adding, bound secret is set, bound secret is preserved
In the credible chip of trusted host, trusted application and trusted host are bound.
Ciphertext key is generated, is specifically, asymmetrical public key, private key pair is generated using credible chip, generates symmetric key
K, public key, private key pair and the key K of generation are stored in credible chip;Life is encrypted to key K using the public key
Into ciphertext ciphering key;
The state data file of application program is encrypted, including:Private key is read from credible chip, utilizes this
Private key ciphertext ciphering key is decrypted processing generation key K;Random string S is inputted, is replaced with random string S in key K
Designated character string S1, generation conversion after key K`;The state data file of application program is encrypted using key K`
Processing, generate ciphertext state data file.
By random string S, ciphertext ciphering key, ciphertext state data file, shell adding the packing such as executable file generation can
Believe application program.
2nd, load and execution trusted application
On the trusted host of binding, the executable file of shell adding can normal operation, without inputting bound secret.
Pre-defined critical data interface, during loading trusted application, by the critical data interface by key
Dynamic data be stored in particular safety space in memory headroom;Need to call key during execution trusted application
During dynamic data, the dynamic data of key is read out from the particular safety space by critical data interface, destruction after having used
The data of taking-up.
During execution trusted application, it is necessary to when calling state data file, read first from credible chip private
Key, processing is decrypted to ciphertext ciphering key using the private key, generates key K, specifying in key K is replaced with random string S
Character string S1, the key K` after generation conversion, processing is decrypted using key K` to ciphertext state data file, generation
Clear data is stored in internal memory, there is provided executable file calls.
Protection system of application program and method disclosed by the invention based on trusted host, based on being provided with credible chip
Trusted host is realized, shell adding processing is carried out for the executable file of application program, and is bound with trusted host, prevents from can perform
File is illegally solved shell;For the state data file of application program, carried out using the key of credible chip generation at encryption and decryption
Reason, and further conversion process is carried out to key, Information Security is improved, prevents from obtaining the state data file of plaintext, or
State data file is obtained by modes such as dis-assemblings;For the dynamic data of application program, dynamic data is stored in internal memory
The particular safety area of space in space, read from the region during use, prevent from illegally intercepting dynamic data from memory headroom.This
Invention can improve the Information Security of application program comprehensively.
The technical principle described above for being presently preferred embodiments of the present invention and its being used, for those skilled in the art
For, without departing from the spirit and scope of the present invention, any equivalent change based on the basis of technical solution of the present invention
Change, the simply obvious change such as replacement, belong within the scope of the present invention.
Claims (12)
1. the protection system of application program based on trusted host, application program includes executable file, state data file, dynamic
Data, trusted host are provided with credible chip, it is characterised in that system includes:Key production module, encryption processing module, can
Believe application program generation module, trusted application decryption processing module,
Key production module, asymmetrical public key, private key, and symmetrical key K are generated based on credible chip, utilize the public key pair
Generation ciphertext ciphering key is encrypted in key K;
Encryption processing module, using ciphertext ciphering key, state data file is encrypted generation ciphertext state data file;
Trusted application generation module, by ciphertext ciphering key, ciphertext state data file packing generation trusted application;
Trusted application decryption processing module, using ciphertext ciphering key, ciphertext state data file is decrypted, generation
Clear data is stored in internal memory, is called for trusted application.
2. the protection system of application program according to claim 1 based on trusted host, it is characterised in that also including shell adding
Binding module, for carrying out shell adding processing to the executable file, the executable file of shell adding is generated, by setting binding close
Code binds application program and trusted host.
3. the protection system of application program according to claim 2 based on trusted host, it is characterised in that also including credible
Application program dynamic protection module, for the particular safety space being stored in the dynamic data in memory headroom, and from this
The dynamic data is read in particular safety space.
4. the protection system of application program according to claim 3 based on trusted host, it is characterised in that the generation is close
The method of literary state data file is:The private key is obtained, the ciphertext ciphering key is decrypted described in generation using the private key
Key K;Random string S is inputted, the designated character string S1 in the key K is replaced with random string S, after generation conversion
Key K`;The state data file is encrypted using key K` the generation ciphertext state data file.
5. the protection system of application program according to claim 4 based on trusted host, it is characterised in that described to ciphertext
The method that state data file is decrypted is:The private key is obtained, life is decrypted to the ciphertext ciphering key using the private key
Into the key K;The designated character string S1 in the key K, the key K after generation conversion are replaced with the random string S
`;The ciphertext state data file is decrypted using key K`, and the data after decryption are read in into internal memory supply journey
Sequence uses.
6. the protection system of application program according to claim 5 based on trusted host, it is characterised in that by the ciphertext
Ciphering key, ciphertext state data file, the executable file of shell adding, random string S packing generation trusted applications.
7. the application program guard method based on trusted host, application program includes executable file, state data file, dynamic
Data, trusted host are provided with credible chip, it is characterised in that including:
Generate ciphertext ciphering key;
Using ciphertext ciphering key, state data file is encrypted, generates ciphertext state data file;
By ciphertext ciphering key, ciphertext state data file packing generation trusted application;
Using ciphertext ciphering key, ciphertext state data file is decrypted, the clear data of generation is stored in internal memory, and confession is credible
Application program uses.
8. the application program guard method according to claim 7 based on trusted host, it is characterised in that also include:It is right
The executable file carries out shell adding processing, generates the executable file of shell adding, by set bound secret by application program with
Trusted host is bound.
9. the application program guard method according to claim 8 based on trusted host, it is characterised in that also include:Will
The dynamic data is stored in the particular safety space in memory headroom, and reads the dynamic number out of this particular safety space
According to.
10. the application program guard method according to claim 9 based on trusted host, it is characterised in that the generation
The method of ciphertext state data file is:The private key is obtained, the ciphertext ciphering key is decrypted using the private key generation institute
State key K;Random string S is inputted, the designated character string S1 in the key K is replaced with random string S, after generation conversion
Key K,;Using key K, the state data file is encrypted the generation ciphertext state data file.
11. the application program guard method according to claim 10 based on trusted host, it is characterised in that the decryption
Generating the method for state data file is:The private key is obtained, the ciphertext ciphering key is decrypted using the private key generation institute
State key K;The designated character string S1 in the key K, the key K` after generation conversion are replaced with the random string S;Profit
The ciphertext state data file is decrypted with key K`, the clear data of generation is stored in internal memory to be made for application program
With.
12. the application program guard method according to claim 11 based on trusted host, it is characterised in that will be described close
Literary ciphering key, ciphertext state data file, the executable file of shell adding, random string S packing generation trusted applications.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710622214.6A CN107688729B (en) | 2017-07-27 | 2017-07-27 | Application program protection system and method based on trusted host |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710622214.6A CN107688729B (en) | 2017-07-27 | 2017-07-27 | Application program protection system and method based on trusted host |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107688729A true CN107688729A (en) | 2018-02-13 |
CN107688729B CN107688729B (en) | 2020-11-27 |
Family
ID=61153090
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710622214.6A Active CN107688729B (en) | 2017-07-27 | 2017-07-27 | Application program protection system and method based on trusted host |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107688729B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113553125A (en) * | 2020-04-26 | 2021-10-26 | 中移(成都)信息通信科技有限公司 | Calling method, device and equipment of trusted application program and computer storage medium |
Citations (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7003111B2 (en) * | 2001-10-11 | 2006-02-21 | International Business Machines Corporation | Method, system, and program, for encoding and decoding input data |
CN1740940A (en) * | 2005-09-09 | 2006-03-01 | 北京兆日科技有限责任公司 | Method for realizing computer software intruder preventing edition based on confidence computation module chip |
US7149783B2 (en) * | 2001-04-12 | 2006-12-12 | Hewlett-Packard Development Company, L.P. | Delivery of sequential information |
CN1987882A (en) * | 2005-12-23 | 2007-06-27 | 联想(北京)有限公司 | Software protecting method and system based on safety chip |
CN101064595A (en) * | 2006-04-27 | 2007-10-31 | 联想(北京)有限公司 | Computer network safe input authentication system and method |
CN101123506A (en) * | 2007-09-24 | 2008-02-13 | 北京飞天诚信科技有限公司 | Sensitive information monitoring and automatic recovery system and method |
CN101150398A (en) * | 2007-10-26 | 2008-03-26 | 宇龙计算机通信科技(深圳)有限公司 | A method, system and communication terminal for updating communication secret key |
CN101470789A (en) * | 2007-12-28 | 2009-07-01 | 中国长城计算机深圳股份有限公司 | Encryption and decryption method and device of computer |
CN101789861A (en) * | 2009-01-22 | 2010-07-28 | 深圳市文鼎创数据科技有限公司 | Secure information transmission method |
CN101833623A (en) * | 2010-05-07 | 2010-09-15 | 华为终端有限公司 | Digital rights management method and system |
WO2010139258A1 (en) * | 2009-06-01 | 2010-12-09 | Xue Ming | Device, method and system for software copyright protection |
US20110246785A1 (en) * | 2010-03-30 | 2011-10-06 | Microsoft Corporation | Hardware supported virtualized cryptographic service |
WO2012071168A2 (en) * | 2010-11-22 | 2012-05-31 | Intel Corporation | Secure software licensing and provisioning using hardware based security engine |
CN102594842A (en) * | 2012-03-21 | 2012-07-18 | 江苏新大诚信息技术有限公司 | Device-fingerprint-based network management message authentication and encryption scheme |
CN102624520A (en) * | 2012-05-02 | 2012-08-01 | 西安电子科技大学 | 192 bit key expansion system and method based on AES (Advanced Encryption Standard) |
US8271799B2 (en) * | 2009-06-15 | 2012-09-18 | Hon Hai Precision Industry Co., Ltd. | System and method for generating a disguised password based on a real password |
CN103152178A (en) * | 2013-02-04 | 2013-06-12 | 浪潮(北京)电子信息产业有限公司 | Cloud computing verification method and system |
CN103714299A (en) * | 2013-12-25 | 2014-04-09 | 北京握奇数据系统有限公司 | Method and system for encryption and decryption of file of mobile terminal |
CN104038336A (en) * | 2014-06-20 | 2014-09-10 | 上海动联信息技术股份有限公司 | Data encryption method based on 3DES |
CN104539420A (en) * | 2014-12-15 | 2015-04-22 | 南京中新赛克科技有限责任公司 | General intelligent hardware safe secret key management method |
CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
CN104991526A (en) * | 2015-05-04 | 2015-10-21 | 中国科学院软件研究所 | Industrial control system safe support framework and data safe transmission and storage method thereof |
CN105306200A (en) * | 2014-06-09 | 2016-02-03 | 腾讯科技(深圳)有限公司 | Method and device for encrypting network account password |
CN105653994A (en) * | 2016-02-22 | 2016-06-08 | 浪潮通用软件有限公司 | Method for preventing memory password from leakage |
CN106534176A (en) * | 2016-12-08 | 2017-03-22 | 西安交大捷普网络科技有限公司 | Data safety storage method in cloud environment |
CN106709375A (en) * | 2016-11-11 | 2017-05-24 | 大唐高鸿信安(浙江)信息科技有限公司 | File protection method based on credible chip |
CN106934303A (en) * | 2015-12-29 | 2017-07-07 | 大唐高鸿信安(浙江)信息科技有限公司 | Trusted operating system based on credible chip creates the system and method for trusted process |
-
2017
- 2017-07-27 CN CN201710622214.6A patent/CN107688729B/en active Active
Patent Citations (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7149783B2 (en) * | 2001-04-12 | 2006-12-12 | Hewlett-Packard Development Company, L.P. | Delivery of sequential information |
US7003111B2 (en) * | 2001-10-11 | 2006-02-21 | International Business Machines Corporation | Method, system, and program, for encoding and decoding input data |
CN1740940A (en) * | 2005-09-09 | 2006-03-01 | 北京兆日科技有限责任公司 | Method for realizing computer software intruder preventing edition based on confidence computation module chip |
CN1987882A (en) * | 2005-12-23 | 2007-06-27 | 联想(北京)有限公司 | Software protecting method and system based on safety chip |
CN101064595A (en) * | 2006-04-27 | 2007-10-31 | 联想(北京)有限公司 | Computer network safe input authentication system and method |
CN101123506A (en) * | 2007-09-24 | 2008-02-13 | 北京飞天诚信科技有限公司 | Sensitive information monitoring and automatic recovery system and method |
CN101150398A (en) * | 2007-10-26 | 2008-03-26 | 宇龙计算机通信科技(深圳)有限公司 | A method, system and communication terminal for updating communication secret key |
CN101470789A (en) * | 2007-12-28 | 2009-07-01 | 中国长城计算机深圳股份有限公司 | Encryption and decryption method and device of computer |
CN101789861A (en) * | 2009-01-22 | 2010-07-28 | 深圳市文鼎创数据科技有限公司 | Secure information transmission method |
WO2010139258A1 (en) * | 2009-06-01 | 2010-12-09 | Xue Ming | Device, method and system for software copyright protection |
US8271799B2 (en) * | 2009-06-15 | 2012-09-18 | Hon Hai Precision Industry Co., Ltd. | System and method for generating a disguised password based on a real password |
US20110246785A1 (en) * | 2010-03-30 | 2011-10-06 | Microsoft Corporation | Hardware supported virtualized cryptographic service |
CN101833623A (en) * | 2010-05-07 | 2010-09-15 | 华为终端有限公司 | Digital rights management method and system |
WO2012071168A2 (en) * | 2010-11-22 | 2012-05-31 | Intel Corporation | Secure software licensing and provisioning using hardware based security engine |
CN102594842A (en) * | 2012-03-21 | 2012-07-18 | 江苏新大诚信息技术有限公司 | Device-fingerprint-based network management message authentication and encryption scheme |
CN102624520A (en) * | 2012-05-02 | 2012-08-01 | 西安电子科技大学 | 192 bit key expansion system and method based on AES (Advanced Encryption Standard) |
CN103152178A (en) * | 2013-02-04 | 2013-06-12 | 浪潮(北京)电子信息产业有限公司 | Cloud computing verification method and system |
CN103714299A (en) * | 2013-12-25 | 2014-04-09 | 北京握奇数据系统有限公司 | Method and system for encryption and decryption of file of mobile terminal |
CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
CN105306200A (en) * | 2014-06-09 | 2016-02-03 | 腾讯科技(深圳)有限公司 | Method and device for encrypting network account password |
CN104038336A (en) * | 2014-06-20 | 2014-09-10 | 上海动联信息技术股份有限公司 | Data encryption method based on 3DES |
CN104539420A (en) * | 2014-12-15 | 2015-04-22 | 南京中新赛克科技有限责任公司 | General intelligent hardware safe secret key management method |
CN104991526A (en) * | 2015-05-04 | 2015-10-21 | 中国科学院软件研究所 | Industrial control system safe support framework and data safe transmission and storage method thereof |
CN106934303A (en) * | 2015-12-29 | 2017-07-07 | 大唐高鸿信安(浙江)信息科技有限公司 | Trusted operating system based on credible chip creates the system and method for trusted process |
CN105653994A (en) * | 2016-02-22 | 2016-06-08 | 浪潮通用软件有限公司 | Method for preventing memory password from leakage |
CN106709375A (en) * | 2016-11-11 | 2017-05-24 | 大唐高鸿信安(浙江)信息科技有限公司 | File protection method based on credible chip |
CN106534176A (en) * | 2016-12-08 | 2017-03-22 | 西安交大捷普网络科技有限公司 | Data safety storage method in cloud environment |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113553125A (en) * | 2020-04-26 | 2021-10-26 | 中移(成都)信息通信科技有限公司 | Calling method, device and equipment of trusted application program and computer storage medium |
CN113553125B (en) * | 2020-04-26 | 2024-03-19 | 中移(成都)信息通信科技有限公司 | Method, device and equipment for calling trusted application program and computer storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN107688729B (en) | 2020-11-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102890758B (en) | Method and system for protecting executable file | |
CN1276363C (en) | Method of actualizing safety data storage and algorithm storage in virtue of semiconductor memory device | |
CN104794388B (en) | application program access protection method and application program access protection device | |
CN106650327A (en) | so file dynamic recovery-based Android application reinforcement method | |
CN101853363A (en) | File protection method and system | |
CN105022936A (en) | Class file encryption and decryption method and class file encryption and decryption device | |
CN103617401A (en) | Method and device for protecting data files | |
CN109992987B (en) | Script file protection method and device based on Nginx and terminal equipment | |
CN104834835A (en) | Universal digital rights protection method under Windows platform | |
JP2004511031A (en) | Digital data protection configuration | |
CN105303074A (en) | Method for protecting security of Web application | |
CN114547558B (en) | Authorization method, authorization control device, equipment and medium | |
CN104778954B (en) | A kind of CD subregion encryption method and system | |
CN106326733A (en) | Method and apparatus for managing applications in mobile terminal | |
WO2017181968A1 (en) | Method for processing application file, method and device for accessing application file, and storage medium | |
CN107257282A (en) | A kind of full bag encryption method of code based on RC4 algorithms | |
JP2005216027A (en) | Encryption device, encryption system therewith, decryption device and semiconductor system therewith | |
WO2015154469A1 (en) | Database operation method and device | |
CN1898623A (en) | Software execution protection using an active entity | |
CN107688729A (en) | Protection system of application program and method based on trusted host | |
CN109543433B (en) | Software development kit encryption method, device, computer and storage medium | |
CN101266639A (en) | Computer-aided design data encrypted protecting method based on hardware environment | |
CN106372464A (en) | Anti-piracy encryption method for static library files in embedded system | |
CN113542303B (en) | Software importing system and method for secret key in non-trusted environment | |
US20150039900A1 (en) | Program execution method and decryption apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |