CN109245895A - System and method for detecting damaged data - Google Patents

System and method for detecting damaged data Download PDF

Info

Publication number
CN109245895A
CN109245895A CN201810840630.8A CN201810840630A CN109245895A CN 109245895 A CN109245895 A CN 109245895A CN 201810840630 A CN201810840630 A CN 201810840630A CN 109245895 A CN109245895 A CN 109245895A
Authority
CN
China
Prior art keywords
message
mac
data
record
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810840630.8A
Other languages
Chinese (zh)
Other versions
CN109245895B (en
Inventor
德米特里·A·库拉基尼
帕维尔·V·迪亚金
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Kaspersky Lab AO
Original Assignee
Kaspersky Lab AO
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from RU2018104435A external-priority patent/RU2697953C2/en
Application filed by Kaspersky Lab AO filed Critical Kaspersky Lab AO
Publication of CN109245895A publication Critical patent/CN109245895A/en
Application granted granted Critical
Publication of CN109245895B publication Critical patent/CN109245895B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Abstract

The invention discloses the system and method for damaged data.Ensure the system and method for data safety.To calculate MAC from the selected message sequence of each of data record for containing at least two message.In order to construct data block, preset encryption key is used for first message, and the encryption key for preceding one is used for subsequent message.It can determine that data record is impaired based on the independent calculating of MAC block data and MAC.

Description

System and method for detecting damaged data
Related application
This application claims the priority that the Russia submitted on 2 6th, 2018 applies for No. 2018104435, pass through Reference is fully incorporated herein.
Technical field
The present invention relates to data storage technologies, and ensure more particularly, to using the computing resource of limited quantity The system and method for the information security of data.
Background technique
With various calculating equipment (personal computer, notebook, smart phone etc.) and especially embedded system is (micro- Controller, data-storage system etc.) it is universal, the nearest fast development of computer technology already leads to this equipment in various work Use in dynamic field and considerable task (surfing collects data to refrigerator control to from automobile sensor from network).With make The growth for calculating number of devices is parallel, is also increased by the data volume that these equipment are handled, this also ensures receipts in turn The information security of collection and the data of processing.
It will cause extensive damage and financial losses using inaccuracy or incomplete information.For example, in banking, user The replacement of personal data may cause bank client monetary losses.In financial circles, inaccurate or incomplete information may cause number 1000000000 loss, and make the operated paralysis of securities trading.In insurance, the information of forgery may result in illegal payment, and give Insurance company causes damages.
For the information security for ensuring data, i.e. protection data are not modified, delete or replace, various skills currently in use Art, including data backup, the symmetrical and asymmetric encryption to data, the coding to combat noise to data and block chain technology.
For example, U.S. Patent Application Publication the 2003/0236992nd describes one kind for protecting data record (log) From the system of no unauthorized modifications.In order to confirm each message from the record, recognized using symmetric cryptographic key and message Demonstrate,prove code.Each new received message is all based on the symmetric key encryption that the message of previous receipt calculates from data record;In order to The correctness of confirmation message, calculating message authentication code are simultaneously associated with current message by it.This allows to determine previously had disappeared in processing Any change that record is done after breath and before processing current message.
Above system can protect data and be not modified, deletes or replace, but only working as has enough computing resources available When (processor time, RAM, space on removable media etc.) just can be with.In addition, working as the quantity or data processing of computing resource When permitted limited time, such solution lacks efficiency.
Therefore, it is necessary to use the computing resource of limited quantity to ensure the information security of data.
Summary of the invention
Embodiment, which solves the above problem, ensures the information security of data to use the computing resource of limited quantity.
In embodiment, a kind of system for detecting damaged data includes computing platform, which includes at least The computing hardware of one processor and the memory for being operatively coupled at least one processor;Instruction, when flat in calculating When executing instruction on platform, realize computing platform: encryption key the build tool is configured as constructing work based on the encryption key At least one characteristic of tool constructs encryption key based on the key previously constructed to construct initial preset key;Message relating Code (MAC) calculating instrument is configured as receiving initial preset key and encryption key, interception and thing from encryption key the build tool The relevant first message of part and second message relevant to event, and be sequentially the first message and the second message MAC is generated, wherein be the first message generation MAC based on the initial preset key and the first message, and It is second message generation based on the encryption key for the second message and for data block constructed by second message MAC, the data block include the second message and the MAC for first message generation, and wherein for second message The key previously constructed is initial preset key, data record is written in record, which includes first message and second message With the MAC generated for second message, and by data record from data record be written message library;It checks the tool of determination, is configured to Intercept the event based on preset rules, and using interception event and message library data determine whether that executing corrupted data examines It looks into;And checking tool, be configured as analyzing from each record that the determining tool of inspection receives is to determine the MAC in record It is no to match with expected MAC, and as the MAC and expected MAC mismatch in record, designation date is impaired.
In embodiment, a kind of method for the damaged data in detection data record includes: in data record Second message in first message and data record sequentially calculates MAC, wherein being disappeared based on initial preset key and described first Breath is that the first message generates MAC, and based on the encryption key for the second message and is directed to second message institute structure The data block built is that the second message generates MAC, which includes the second message and generate for the first message MAC, and be wherein the initial preset key for the key previously constructed of the second message;To message database Write-in record, the record include the first message and second message and the MAC for second message generation;Analysis is every Whether a record is matched with the MAC in the determination record with expected MAC;And when in the record MAC with it is described pre- When the MAC of phase is mismatched, designation date is impaired.
In embodiment, a kind of system for detecting the damaged data in Vehicular data recording includes: vehicle comprising At least one vehicle sensors engine, is configured as in the fisrt feature for detecting the vehicle at the first time, and will include institute It states the first message of the fisrt feature of vehicle and the vehicle data note is written in the first time stamp corresponding to the first time It records, and detects the second feature of the vehicle in the second time, and second of the second feature including the vehicle is disappeared Breath and the second timestamp corresponding to second time are written the Vehicular data recording, at least one processor and can operate Ground is coupled to the memory of at least one processor, and the memory includes instruction, when at least one described processor So that at least one described processor is realized message relating code (MAC) calculating instrument when upper execution described instruction, is configured as, is The first message and the second message are sequentially generated MAC, wherein being disappeared based on the initial preset key and described first Breath is that the first message generates the MAC, and based on the encryption key for the second message and is directed to second message Constructed data block is that the second message generates MAC, which includes the second message and be the first message The MAC of generation, and be wherein the initial preset key for the key of the second message previously constructed, remember to data Record write-in record, the record include the first message and second message and the MAC generated for the second message;And Server, is operatively coupled to the vehicle and including message library, is configured to storing data record, at least one service Device processor and the server memory for being operatively coupled at least one processor-server, including instruction, when When executing described instruction at least one described processor-server, realizes at least one described processor-server and check really Determine tool, is configured as receiving the first message or the second message, and use received message and the number Determine whether to execute corrupted data inspection according to record;And checking tool, analysis, which is configured as, from the inspection determines work Have whether each data record received is matched with the MAC in the determination data record with expected MAC, and when number When mismatching according to the MAC and expected MAC in record, designation date is impaired.
It is outlined above to be not intended to each embodiment for describing each illustrated embodiment or its theme.Following attached drawing and in detail Various embodiments are more particularly exemplified in description.
Detailed description of the invention
Consider that subject of the present invention can be more fully understood to the detailed description of various embodiments below in conjunction with attached drawing, In the accompanying drawings:
Fig. 1 is according to the embodiment for detecting the block diagram of the system of damaged data.
Fig. 2 is according to the embodiment for detecting the flow chart of the method for damaged data.
Fig. 3 is according to the embodiment for detecting the block diagram of the system of damaged vehicle data.
Fig. 4 is configured as implementing the block diagram of the computer system of embodiment.
Although various embodiments are suitable for various modifications and alternative form, details has passed through example and has shown in the accompanying drawings Out and it will be described in detail.It will be appreciated, however, that its purpose be not claimed invention is limited to it is described specific Embodiment.On the contrary, the purpose is to cover all modifications fallen into the spirit and scope of theme as defined by the following claims, etc. Jljl and alternative solution.
Specific embodiment
Embodiment described herein purpose be to ensure that the information securities of data.Technical result of the invention is by dividing The difference between the MAC (message relating code) calculated based on data is analysed to determine the generation of any damaged data.
Correspondingly, system is determined by using corrupted data to realize technical result, in embodiment includes that MAC is calculated Tool is configured as sequentially calculating MAC for each selected message from the data record for containing at least two message;It calculates MAC includes: to calculate MAC based on predetermined encryption key and selected message for the first selected message;Disappear for being selected first Each subsequent message after breath is based upon the encryption key of previous selected message building to construct encryption key;Based on selected Message and the MAC calculated for previous selected message construct data block;It is calculated based on constructed encryption key and data block MAC;Include the record (record) of the MAC and all selected messages that finally calculate to message library write-in;Check the tool of determination, quilt It is configured that the event that interception and preset rules match, this event occurs when message is recorded in data record;It determines Whether it is necessary to execute the inspection to corrupted data based on the event intercepted, and the record that will then be selected from message library It is transferred to checking tool;Checking tool is configured as analyzing the record, comprising: to include every in received record Calculate MAC to a message sequence comprising: for first message, calculated based on preset encryption key and selected message MAC;For each subsequent message after first message, it is based upon the encryption key building encryption of previous selected message building Key;Data block is constructed based on selected message and the MAC calculated for previous selected message;Based on constructed encryption key sum number MAC is calculated according to block;The MAC for including in MAC calculated and selected record is compared;If MAC calculated and institute The MAC for including in choosing record is mismatched, it is determined that corrupted data.
In embodiment, data record analysis tool and message library interactive tool are in client side operations, and message library is handed over Mutual tool records and analyzes tool and determines tool in server-side operations.
In embodiment, corrupted data determines that system uses Cryptographic Hash Function (cryptographic hash Function) encryption key is constructed.
In embodiment, record is saved in message library according to request by message library interactive tool.
In embodiment, the method for determining damaged data includes determining that the tool of system is held using from corrupted data Capable processing.For example, processing may include for each selected message sequence from the data record for containing at least two message The MAC of calculating;For this purpose, for the first selected message, MAC is calculated based on preset encryption key and selected message; For each subsequent message after the first selected message, it is based upon the encryption key building encryption of previous selected message building Key;Data block is constructed based on selected message and the MAC calculated for previous selected message;Based on constructed encryption key sum number MAC is calculated according to block;Record comprising the MAC and all selected messages that finally calculate is saved to message library;To from message library Each of selected record execute analysis, for this purpose, to include each message sequence in selected record execute first MAC calculation stages;By the MAC of calculating with include that MAC in selected record is compared;Negative based on performed comparison As a result, determining that data record is impaired.
In embodiment, encryption key building can be executed in client-side and MAC is calculated, and execute note in server side Whether record analysis and data are damaged.
In embodiment, the method for damaged data is determined by using Cryptographic Hash Function to construct encryption key.
By reference to example embodiment, object and feature of the present invention and for realizing the method for these object and feature It will be apparent.However, the present invention is not limited to exemplary embodiments disclosed herein, and may be realized in various forms.This The content provided in specification only represents the detail needed to help those skilled in the art that the present invention is understood completely; The present invention is defined within the scope of the appended claims.
As run through certain terms referenced by the disclosure, the person skilled in the art will easily understand.For example, message authentication can To include data of the protection to cryptographic communication system or another encryption system to avoid application mistake.In other words, message Certification provides data protection, to prevent unwarranted modification or protection message integrity.
In another example, message relating code (MAC) can be to ensure that message authentication protocols are trusted each other with participant Message authentication element.In embodiment, MAC may include be added to message and be intended for message integrity verification and One group of additional character of data source authentication.
In another example, symmetric key algorithm may include data encryption system or process, wherein identical password Key is used for the encryption and decryption of data.
In another example, asymmetric key algorithm (for example, common key cryptosystem) may include encryption system or mistake Journey, wherein sending public key and for encrypting the message using public (i.e. unprotect or observable) channel.Disappear to decrypt this Breath, uses private key.Private key maintains secrecy to the personnel for needing to decrypt encryption data;Private key is not applied to other people.
In another example, Cipher Strength (cryptographic strength) (or Cipher Strength (cryptostrength)) may include cryptographic algorithm resist cryptanalysis ability.If to it, successfully attack requires to attack The person of hitting has actually unapproachable amount of computational resources or intercepts open or encryption message, or to spend in decryption upper such The important time, then algorithm can be considered strong so that protected information loses its value when being decrypted.
With reference to Fig. 1, the block diagram of the system 100 for detecting damaged data is depicted according to embodiment.Corrupted data determines System 100 generally includes data record 130, encryption key the build tool 110, MAC calculating instrument 120, message library 140, checks Determine tool 150 and checking tool 160.
Some subsystems of system 100 include various engines or tool, each of these be constructed, program, configuring or It is otherwise adapted to independently to execute a kind of function or one group of function.Terms used herein " engine " are defined as use example Such as hardware (such as passing through specific integrated circuit (ASIC) or field programmable gate array (FPGA)) or as hardware and software Combination (such as instructed by the microprocessor system of adaptation engine and batch processing to realize specific function, (when being performed When) microprocessor system is converted into special equipment) equipment, the arrangement of component or component of real world realized.Engine Combination be can also be used as to realize, some of them function is only assisted by hardware, and other function is then by hardware and soft The combination of part assists.In some implementations, at least part of engine, and engine all may be used in some cases With by hardware (for example, one or more processors, data storage device (such as memory or driver store), input/ Export facility (network interface device, video equipment, keyboard, mouse or touch panel device etc.)) composition it is one or more It is executed on one or more processors of a computing platform, executes operating system, system program and application program, simultaneously also Using it is appropriate when multitasking, multiple threads, distributed treatment (such as cluster, point-to-point, cloud etc.) processing or other Such technology implement engine.Correspondingly, each engine can be with various physically realizable configurations to realize, and do not answer usually This is limited to any specific implementation of example illustrated herein, unless clearly recalling these limitations.In addition, engine itself can be by More than one sub- engine composition, wherein each sub- engine can be viewed as the engine of oneself.In addition, in implementation described herein In example, each of various engines correspond to the autonomic function of definition;It will be appreciated, however, that in the embodiment of other imaginations In, each function can be assigned to more than one engine.Similarly, in the embodiment that other are imagined, the function of multiple definition It may can abreast be executed with other function, or draw at one group by executing the single engine implementations of those multiple functions It is differently distributed in holding up, and be different from specifically illustrating in exemplified here.
In embodiment, system 100 is configured on client-server architecture: client-side includes data note It records 130 and executes encryption key the build tool 110 and MAC calculating instrument 120;Server side includes message library 140, check gauge Then 151, and execute inspection and determine tool 150 and checking tool 160.
For example, client part can be located in automobile and collect the number about motor vehicle behavior parameter for insurance company According to, and server section can be located at insurance company (working using the equipment of insurance company).In this case, client end Point it may be easily affected by malicious attack (for example, attempt modification about data-speed of motor vehicle behavior parameter, engine-operated feature, Geographical location etc.), while server section can be reliably protected from any kind of malicious attack, because using server Part resource client data analysis the result is that believable.It is also described in Fig. 3 about the additional thin of this embodiment Section.
In response to various external actions, event 101 can occur within system 100.In embodiment, it is constructed for each event At least one obtained message 102.Message 102 can indicate to include the feature of event 101 and/or the data of timestamp.
For example, every 0.01 second (generation of event 101- data collection time), the sensor being mounted in car engine Receive engine RPM value.Message 102 is established based on received data comprising about Time To Event, event type and thing The information of part feature:
163625324 → timer → engine → RPM → 8450
And there is following hexadecimal format:
0x09C0B96C00010210000100002102.
The characteristic building that coded key the build tool 110 is configured for encryption key the build tool 110 is initial pre- Shared key pk0And encryption key pk is constructed based on the encryption key previously constructedn:
pkn=g (pkn-1),
Wherein:
G is encryption key constructor;
pkn-1It is the encryption key previously constructed;
pknIt is the encryption key currently constructed;
Encryption key the build tool 110 is additionally configured to for the encryption key of building to be sent to MAC calculating instrument 120。
In embodiment, encryption key is constructed according to the request from MAC calculating instrument 120.
In another embodiment, the characteristic of encryption key the build tool 110 by from building in encryption key the build tool 110 In precision clock time for receiving indicate.
In another embodiment, initial wildcard pk0It is constructed based at least one of the following: first message sample This 102m1Time or by first message 102m1The time of origin of the event 101 of characterization.
In another embodiment, encryption key the build tool 110 provides hardware security module (HSM) or operates at HSM Program means.HSM physically defends hacker, makes it impossible to access encryption key the build tool 110 without permission Function.In other words, HSM physically prevents malice from attempting the control obtained to encryption key the build tool 110 or being come From the data etc. of the control of encryption key the build tool 110.
In another embodiment, initial wildcard pk0Included in encryption key the build tool 110 and in data Impaired determine is pre-arranged before system operatio starts.For example, when using HSM, creation of the initial wildcard in HSM It is constructed with during programming.
In embodiment, encryption key is constructed using the strong hash function of one-way cipher.In another embodiment, at least with Lower content is used as the Cryptographic Hash Function for constructing key: public key asymmetric cryptosystem function;In this case, public to add Key is comprised in encryption key the build tool 110, and is pre-arranged before system operatio starts, and individual adds Key is comprised in checking tool 160;Or encryption key asymmetric encryption function;In this case, the encryption key It is comprised in encryption key the build tool 110, in checking tool 160, and set in advance before system operatio starts It sets.
Therefore, the tool using physics defence hacker and the encryption method etc. using building encryption key, which ensure, is based on The encryption intensity of the encryption key of the building of computer, this inhibits or prevents lawbreaker from using encryption key the build tool 110 Alternative features (for example, creation time of the time of building encryption key and message 102) construct themselves encryption key.
When asymmetric encryption function is used as constructing the Cryptographic Hash Function of encryption key, server side be can be confirmed just In the validity (and thereby determining that whether encryption key is forged) of the encryption key used.Make when using asymmetric encryption function When Cryptographic Hash Function to construct encryption key, server side can decrypt encryption key currently in use and obtain for structure Build the data (and to exclude the encryption key of any forgery) of encryption key.
MAC calculating instrument 120 is configurable for intercepting the message 102 of at least two buildings, is then each interception Message 102 sequentially calculates MAC.In embodiment, the calculating (algorithm I) of MAC includes: to intercept message m for first1:
Based on the encryption key pk requested from encryption key the build tool 1101With the message m of interception1To calculate MAC:
μ1=f (m1, pk1),
Wherein:
F is cipher function;
pk1It is preset encryption key;
m1It is first message;
μ1It is message m1MAC;
For each subsequent message m after the first interception messagen:
Use the message m of interceptionnWith the MAC μ calculated for the message more early interceptedn-1Construct data block:
bn=h (μn-1, mn),
Wherein:
H is data block constructor (data block building rule);
bnIt is nth data block;
mnIt is n-th of message;
μn-1It is message mn-1MAC;
Use the encryption key pk requested from encryption key the build tool 110nWith the data block b of buildingnTo calculate MAC:
μn=f (bn, pkn),
Wherein:
F is cipher function;
pknIt is the encryption key of n-th of message;
bnIt is nth data block;
μnIt is message mnMAC.
In embodiment, MAC calculating instrument 120 is additionally configured to record for being written to data record 130, the record packet Message containing the MAC and all interceptions that finally calculate, and message library 140 is written into from data record 130 in data.
In one embodiment, it before processing first intercepts message 102, is requested just from encryption key the build tool 110 Beginning wildcard.The wildcard is constructed using the method different from subsequent key is constructed.In processing first message During the message 102 of subsequent interception, it can be used from 110 encryption key request of encryption key the build tool The same procedure of the key of all similar types constructs.
In another embodiment, when completing above-mentioned record database 130 is written, the message of interception is deleted from system 102 processing all intermediate results (MAC including calculating, in addition to the last one, the data block of building, the encryption of request are close Key etc.).Do not allow lawbreaker to construct it using alternate message 102 thus, there is no above-mentioned intermediate data and data record is recorded 130。
In another embodiment, if since the limited quantity of available computational resources is (for example, as precedence record to data The result of record 130 is caused by precedence record to data record 130) and make write-in data record 130 seem can not Can, then it can execute following operation: firstly, deleting data record 130 (thus discharging computing resource), and create new (sky It is white) data record 130 (information from legacy data record 130 is lost).Secondly, being used after creating new data records 130 The initial wildcard requested from encryption key the build tool 110 constructs to execute the first of MAC.
Therefore, encryption key the build tool 110 provides key using following mode:
pk0(param1)→g(pk0)→g(pk1)→…→g(pkn-1)→…deletion
creation…→pk0(param2)→g(pk0)→g(pk1)→…→g(pkn-1)
For example, coming from data record 130 after data record 130 is completely filled up (without available computing resource) Loss of data, and data record itself 130 start from the beginning fill (i.e. client-side has available computing resource again).
In another embodiment, HSM tool provides time and key (depending on the time).Therefore, in subsequent inspection In the process, restore initial key (knowing the time) and analysis time and assess its reasonability to be possible.
In conventional systems, when equipment is damaged, nothing can prevent attacker from deleting existing record, request Xinmi City Key simultaneously creates new record, and is purportedly to fill the latter from past chance event.However, including features described above when using When HSM, since initial key will be with stringent binding in real time, it is difficult to realize such attack.This means that attacker will be unable to by Record is sent to over and (distributes to creation time of the record earlier than actual time).This is the essence of protection described herein.By Include in HSM or generates time itself (for example, HSM may include real-time clock), to prevent attacker from manipulating this tool (clock), Anti- hacker is also needed to require.
In another embodiment, for corrupted data determine system many accessible resources can be utilized it is (and corresponding Ground is used or is exhausted).For example, the space distributed on the information medium of record 130 for storing data can be limited.At this In the case of kind, information medium is a part of system users end side (if it is constructed using client-server architecture ).In another example, distributing to MAC calculating instrument 120 can use for analyzing the processor time of interception message 102 To the greatest extent.In another example, the Connecting quantity between the client-side of system and the tool of server portion can be used to table A possibility that data from available message library 140 are executed write-in and read is levied (that is, writing data into the speed of message library 140 Degree).In another example, the maximum ruler of data record 130 or the message 102 analyzed by MAC calculating instrument 120 can be written into It is very little to be depleted.
In one example, it for storing data record 130, is distributed on the medium of the client-side aspects of system The free space of 100Mb.If a message need the storage of 1Kb and it is per second by MAC calculating instrument 120 be written data record 130 (for example, in mobile automobiles), then data record will be filled (the available space general of all distribution in~28 hours It is used up).In designing system, developer is pointed out, in one day, is agreed between the client-side and server portion of system Surely connection can be established, and the data from data record 130 will be written into message after being analyzed by MAC calculating instrument 120 Library 140.If the only free space (this memory space, or even smaller storage that are assigned with 1Mb of data record 130 Space is present in many built-in systems), then data record 130 will fill up in 17 minutes, and data may occur not The case where server-side portion can be sent to and (or capped) can be lost.
In another embodiment, the data block of building includes selected message and the MAC for the calculating of previous selected message.
In another embodiment, it is at least executed from data record 130 to the write-in of the data of message library 140: if in data There is connection between the impaired client-side aspects and server portion for determining system, at any time;Remember in previous success from data After data are written to message library 140 in record 130, preset time is used;When handling message 102 more than preset quantity;Or such as The data available of fruit predetermined amount is impaired to determine that system resource is available.
In embodiment, once all data from data record 130 are written in message library 140, then data are remembered Record is removed, and next message 102 that data record 130 is written is considered as first message.In other words, data record 130 are deleted (thus discharging computing resource), and create new (blank) data record 130.It is constructed using from encryption key The initial wildcard that tool 110 is requested constructs to execute first of the MAC after creation new data records 130.
Data record 130 is the database of the message 102 comprising being handled by MAC calculating instrument 120.
In one embodiment, the feature of data record 130 is by resource definition available in system.In another embodiment In, at least the following contents feature for being used as data record 130: the maximum of the message (record) 102 of writable data record 130 Quantity;Or the maximum amount of data (total amount of write-in message 102) of writable data record 130.In another embodiment, data are remembered Record 130 is configured to additionally store the sequence that message 102 therein is written.
Message library 140 is the database of the data comprising being sent by MAC calculating instrument 120, and the data are in each record The combination of the MAC including at least message 102 and finally calculated.
It checks and determines that tool 150 is configured for intercepting the event 101 for meeting preset rules 151.For example, if message 102 are written into data record 130, then event 101 occurs.It checks and determines that tool 150 is additionally configured to determine whether using interception Event 101 execute corrupted data inspection and selected record from message library 140 be transferred to checking tool 160.
In one embodiment, at least make the decision for executing corrupted data inspection in a case where: data interception is write The event or corrupted data for entering data record 130 determine that stablizing between the client-side of system and server portion connects It connects.
Checking tool 160 be configured as according to requirement analysis from determine the received each record of tool 150.In embodiment In, such analysis include each message sequence using algorithm I to including in received record calculate MAC, compare The MAC for including in the MAC of calculating and selected record, and if the MAC for including in the MAC and selected record calculated is mismatched, Then determine whether data record 130 has been damaged.
In one embodiment, carry out self-recording message 102 and be located at the sequence in the record according to them to select.
In another embodiment, it is used in predetermined encryption key and checking tool 160 used in MAC calculating instrument 120 Predetermined encryption key be identical, and construct corrupted data determine system when be set.
In another embodiment, the predetermined encryption key used in checking tool 160 is selected using from message library 140 What the timestamp for including in the record selected constructed.
In another embodiment, encryption key is constructed using Cryptographic Hash Function.
In another embodiment, public key asymmetric cryptosystem function can be used to dissipate as the password for constructing encryption key Array function.For example, common encryption key is comprised in encryption key the build tool 110 and the quilt before system operatio starts It presets, and private encryption key is comprised in checking tool 160.In another example, encryption key symmetrically adds Close function may be used as the Cryptographic Hash Function of building encryption key.For example, encryption key can be contained in encryption key structure It builds in tool 110, be pre-arranged in checking tool 160, and before system operatio starts.
In another embodiment, the data block of building includes selected message and the MAC for the calculating of previous selected message.
In another embodiment, the comparison of MAC carries out by turn.
In another embodiment, if the MAC compared is mismatched, then it is assumed that data record 130 is impaired.For example, can be with Compare the MAC calculated by MAC calculating instrument 120 and another MAC calculated by checking tool 160.
In another embodiment, in order to determine whether data record 130 is damaged, at least the following contents is by additional analysis: by The encryption key that checking tool 160 is constructed using the data selected from record;It and/or include message in selected record The temporal characteristics of 102 foundation.
Discussion below in relation to the operation of system 100 describes vehicle operating characteristics.In order in the event of an accident to insurance Payment is maked decision, and the system for collecting data from automobile sensor is installed in the automobile of its client by insurance company.According to The analysis for the data being collected into, determines whether the operation characteristic-of vehicle exceeds the speed limit when accident occurs, and the position of vehicle driving is driven The person of sailing drives the action etc. taken when vehicle.Identified operating characteristics be used for determining insurance payment, car insurance at This (if the people's driving " laxatively it is more than rate limitation etc., actuarial cost increases).The impaired of the data being collected into may lead Cause the financial losses of error analysis and insurance company (for example, the speed that vehicle when accident occurs artificially is underestimated, so as to cause guarantor Danger claim determines mistake and causes additionally to compensate).
When car speed flowmeter sensor is activated, occur " speed change " #1 101, with the present speed of vehicle with And timestamp of speed when being registered is characterized (when event #1 101 occurs).For example, v=85,75km/h, t= 1067256253,232 (Conventional Time units, such as Unix time format).
Above-mentioned event #1101 initiates to establish the message m comprising data listed above1102:
V=85,75km/h, t=1067256253,232.
And data record 130 then is written into message.Later, the client-side aspects of system are determined as corrupted data The MAC calculating instrument 120 of component uses encryption key K1And message m1102μ1To calculate MAC, and message library is written into MAC 140。
Event #1101 is also delivered to inspection and determines tool 150, is the server portion that corrupted data determines system Component.Based on rule 151 and received data (in this case, event #1101) is checked, based on intercepted thing Part #1101 determines whether that it is necessary to execute corrupted data inspection.For example, one of rule can be car speed change dramatically or More than the acceleration (such as 2g) of preset value.These data can come from another speedometer transducer.In embodiment, as long as Such event is not registered, corrupted data inspection would not be carried out.
Determine that tool 150 makes related determination until checking, data are saved to data record 130 and message library 140.
When another car speed flowmeter sensor is activated, " speed change " #N 101 occurs, with the current of vehicle Timestamp when speed and the speed are registered is characterized (when event #1101 occurs) for example, v=15,21km/h, t =1067279253,008.
Above-mentioned event #N 101 initiates to establish the message m comprising data listed aboven102:
V=15,21km/h, t=1067279253,008.
And data record 130 then is written into message.Later, the client-side aspects of system are determined as corrupted data The MAC calculating instrument 120 of component uses encryption key KnAnd message mn102μnTo calculate MAC, and message library is written into MAC 140。
Event #N 101 is also sent to inspection and determines tool 150.Based on check rule 151 and received data ( In this case it is event #N 101), determine whether that it is necessary to execute corrupted data inspection based on intercepted event #N 101. Determine that velocity variations are more than preset threshold (for example, Δ v=50km/h), and acceleration also above preset threshold (for example, g= 5.6).As a result, check determine tool 150 according to whether the data in write-in message library 140 are executed check and to inspection Tool 160 sends request.
Checking tool 160 is sequentially selected all records from message library 140, and recalculates in selected record and include The MAC (use method identical with MAC calculating instrument 120) of all message.Then, the final MAC that checking tool 160 will obtain With include that MAC in last selected record is compared.If MAC value is different, it is determined that data record 130 is impaired.In number According to comprising from the embodiment for the information that vehicle sensors are collected, it can be deduced that conclusion: user (vehicle owner) examination of system Figure forges the data from sensor to hide the information about vehicle condition.Therefore, insurance company has reason refusal to user Disbursement insurance gold or modification insurance clause.
With reference to Fig. 2, the flow chart of the method 200 for detecting damaged data is depicted according to embodiment.In general, method 200 are commonly included in calculating MAC at 210, keep records of at 220, analysis is executed at 230, execute analysis and at 240 Determine damaged data.
More specifically, at 210, for each selected message from the data record 130 for containing at least two message 102 Sequentially calculate MAC.For example, calculating MAC using preset encryption key and selected message for the first selected message.It is right Each subsequent message after the first selected message, the encryption key for being based upon previous selected message building are close to construct encryption Key, using interception message and for previous selected message calculate MAC construct data block, and using building encryption key and Data block calculates MAC.
At 220, the record of the last MAC and all message selected at 210 that calculate at 210 are saved to Message library 140.
At 230, execute from the selected analysis recorded of each of message library 140.For example, by executing needle at 210 Above-mentioned processing to the first selected message and the second selected message is calculated for each message sequence for including in selected record MAC.The MAC for including in the MAC finally calculated and selected record is compared.
At 240, based on the comparison result carried out at 230, determine whether data record 130 is damaged.
With reference to Fig. 3, the block diagram of the system 300 for detecting damaged vehicle data is depicted according to embodiment.In embodiment In, the method 200 for being used for vehicle data as described above may be implemented in system 300.
In embodiment, system 300 generally includes vehicular client device 302 and server 304.In embodiment, objective Family end equipment 302 and server 304 can be operatively coupled by network, so that they are communicated always or intermittently.
Client device 302 generally includes processor 306 and operably coupled memory 308.Processor 306 can be Receive numerical data any programmable device as input, is configured as according to instruction or algorithm process input, and knot is provided Fruit is as output.In embodiment, processor 306 can be configured as executing the central processing list of the instruction of computer program First (CPU).Therefore processor 306 is configured as executing at least basic arithmetical operation, logical operation and input/output operations.
The memory 308 for being operatively coupled to processor 306 may include volatibility required for coupling processor 306 Or nonvolatile memory, executed instruction or the space of algorithm with not only providing, but also provide space to store instruction itself.? In embodiment, for example, volatile memory may include random access memory (RAM), dynamic random access memory (DRAM) or static random access memory (SRAM).In embodiment, for example, nonvolatile memory may include read-only deposits Reservoir, flash memory, ferroelectric RAM, hard disk, floppy disk, tape or disc memory.Previous list is never limited in the memory that can be used Type because these embodiments are merely given as examples, it is not intended to limit the scope of the invention.
Processor 306 and/or memory 308 may include realizing encryption key the build tool 310, MAC when executed The instruction of calculating instrument 312, data record 314.In embodiment, encryption key the build tool 310, MAC calculating instrument 312 with And data record 314 can substantially with discussed above (respectively encryption key the build tool 110, MAC calculating instrument 120 with data record 130) it is similar.
Processor 306 can further include for realizing the instruction of vehicle sensors engine 316, vehicle sensors engine 316 Including being configured to the feature of detection vehicle or the vehicle sensors of measurement.Vehicle sensors engine 316 is additionally configured to vehicle Feature and the timestamp of generation of feature or measurement Vehicular data recording 314 is written.
Server 304 generally includes processor 318 and operably coupled memory 320.Processor 318 and/or storage Device 320 may include realizing message library, one group of inspection rule 324 upon being performed, checking determining tool 326 and checking tool 328 instruction.In embodiment, message library, one group of inspection rule 324, check and determine that tool 326 and checking tool 328 can be with Being essentially similar to discussed above, (respectively message library 140, inspection rule 151, inspection determine tool 150 and check Tool 160).
With reference to Fig. 4, illustrated in greater detail according to discribed various embodiments can realize on it is described herein Invention aspect computer system 400 figure.
Computer system 400 may include calculating equipment, and such as personal computer 420 includes that one or more processing are single Member 421, system storage 422 and system bus 423, it includes various system components, including single with one or more processing The memory of 421 connection of member.In various embodiments, processing unit 421 may include be capable of handling be stored in it is computer-readable Multiple logic cores of information on medium.System bus 423 is implemented as any total knot known to the relevant technologies level Structure, and include bus memory or bus memory controller, peripheral bus and local bus, it can be with any other bus Architectural framework interaction.System storage may include nonvolatile memory (such as read-only memory (ROM) 424) or volatibility Memory (such as random access memory (RAM) 425).Basic input/output (BIOS) 426 includes to ensure to count in individual The basic process of information is transmitted between the element of calculation machine 420, for example, during using the os starting of ROM 424.
Personal computer 420 has again for reading data and the hard disk drive 427 of write-in, in removable disk The disc driver 428 read and write on 429 and the CD drive for being read and write in removable optical disk 431 430, such as CD-ROM, DVD-ROM and other optical mediums.Hard disk drive 427, disc driver 428 and CD drive 430 pass through hard disk drive interface 432, magnetic driven device interface 433 and CD-ROM drive interface 434 and system bus 423 respectively Connection.Driver and corresponding computerized information medium are indicated for storing computer instruction, data on personal computer 420 The device unrelated with energy of structure, program module and other data.
Discribed system includes hard disk drive 427, removable disk driver 429 and removable optical disk driver 431, but it is to be understood that can be used can be with the other kinds of computer media of computer-reader form storing data (solid state drive, flash card, dial, random access memory (RAM) etc.), is connected to system bus by controller 455 423。
Computer 420 include store recorded operating system 435 file system 436 and appendage using 437, Other program engines 438 and program data 439.User can be used input equipment (keyboard 440, mouse 442) and will order and believe Breath is input in personal computer 420.Other input equipment (not shown) can also be used, such as: microphone, control stick, trip Play console, scanner etc..These input equipments usually pass through serial port 446 and are connected to computer system 400, wherein connect again Be connected to system bus, but they can also connect in different ways-for example, using parallel port, game port or general string Row bus (USB).Monitor 447 or another type of display equipment are connected to also by interface (such as video adapter 448) System bus 423.Other than monitor 447, personal computer 420 may be fitted with other peripheral output devices and (not show Out), such as loudspeaker, printer etc..
Personal computer 420 can work in a network environment;In this case, its use and one or several its The network connection of his remote computer 449.One or more remote computers 449 are similar to personal computer or server, It has the largely or entirely said elements mentioned when the content for being previously described personal computer 420 shown in Fig. 4.It calculates Network also can have other equipment, such as router, network station, peer device or other network nodes.
Network connection may be constructed local area network (LAN) 450 and wide area network (WAN).These networks are used for enterprise computer net Network or intranet, and usually accessible internet.In LAN or WAN network, personal computer 420 passes through network Adapter or network interface 451 are connected to local area network 450.When using network, modulation /demodulation is can be used in personal computer 420 Device 454 or other devices are connected to wide area network, such as internet.Modem 454 as internal or external equipment passes through string Row port 446 is connected to system bus 423.It is noted that these network connections are only example, it might not reflect essence True network configuration there are in fact other means that connection is established with the communication technique between computer.
There have been described herein the various embodiments of system, apparatus and method.These embodiments are merely given as examples, and It is not intended to limit the range of claimed invention.Moreover, it should be appreciated that the various features for the embodiment having been described can be with It is combined to produce many other embodiments in various ways.In addition, although it have been described that together with the disclosed embodiments A variety of materials, size, shape, configuration and position for using etc., but other other than those of disclosed can be used, And without departing from the range of claimed invention.
Those of ordinary skill in the related art are it will be recognized that the theme of this paper may include than above-mentioned any separate embodiments Shown in less feature.Embodiment described herein be not meant to be the mode that can combine the various features of its theme Detailed presentation.Therefore, these embodiments are not the mutual exclusion combinations of feature;On the contrary, as understood by those of ordinary skill in the art , various embodiments may include the combination of the independent feature of difference selected from different separate embodiments.In addition, about one The element of a embodiment description can be realized in other embodiments, even if do not describe in such embodiments, unless It is otherwise noted.
Although dependent claims can be quoted specific with other one or more claims in the claims Combination, but other embodiments can also include the theme of dependent claims and other each dependent claims combination or The combination of one or more features of person and other subordinates or independent claims.It is not intended that except non-declarative with specific group It closes, otherwise this paper presents such combinations.
Any be incorporated to by quoting above-mentioned file is all limited, thus be not included in it is explicitly disclosed herein opposite Theme.Any be incorporated to by quoting above-mentioned file is also restricted, and draws so that not passing through including claim hereof With being incorporated herein.Any be incorporated to by quoting above-mentioned file is also restricted, so that any definition provided in file is obstructed It crosses and is incorporated herein by reference, unless clearly including herein.
In order to explain the purpose of claim, clear stipulaties must not quote the clause of 35U.S.C. § 112 (f), unless weighing The concrete term of " device being used for ... " or " the step of being used for ... " is listed in benefit requirement.

Claims (20)

1. a kind of system for detecting damaged data, the system comprises:
Computing platform comprising the computing hardware of at least one processor and be operatively coupled at least one described processor Memory;
Instruction, when being executed in the computing platform, so that the computing platform is realized:
Encryption key the build tool, be configured as-
At least one characteristic based on described encryption key the build tool constructs initial preset key, and
Encryption key is constructed based on the key previously constructed;
Message relating code (MAC) calculating instrument, be configured as-
The initial preset key and the encryption key are received from described encryption key the build tool,
First message relevant to event and second message relevant with the event are intercepted, and
It is sequentially generated MAC for the first message and the second message, wherein based on the initial preset key and described First message is that the first message generates the MAC, and based on the encryption key for the second message and is directed to institute Stating data block constructed by second message is that the second message generates the MAC, and the data block includes the second message It and is wherein described for the key previously constructed of the second message with the MAC generated for the first message Initial preset key,
It is written and records to data record, the record includes the first message and the second message and disappears for described second The MAC generated is ceased, and
Message library is written into from the data record in data record;
Check the tool of determination, be configured as-
The event is intercepted based on default rule, and
Intercepted event and the message library data are used to determine whether to execute corrupted data inspection;And
Checking tool, be configured as-
Analyze from it is described check each record for receiving of the tool of determination with the MAC in the determination record whether with expection MAC match, and
As the MAC and expected MAC mismatch in the record, designation date is impaired.
2. system according to claim 1 disappears wherein described encryption key the build tool is configured with described first At least one of the time of breath or the time of the event construct the initial preset key.
3. system according to claim 1, wherein before executing the described instruction in the computing platform, in the meter It calculates in hardware and presets the initial preset key.
4. system according to claim 1, wherein the initial preset key is to execute the institute in the computing platform State before instruction the preset public code key in described encryption key the build tool, and wherein execute it is described calculate it is flat Corresponding private code key is preset before described instruction on platform in the checking tool.
5. system according to claim 1, wherein the MAC calculating instrument is additionally configured to record institute is being written After stating data record, other than the MAC finally calculated, the MAC, encryption key and data block of all calculating are deleted.
6. system according to claim 1, wherein the MAC calculating instrument is also configured to
The mistake of the data record is written in the record by detection;
Delete the data record;And
New data record is created, is generated with subsequent message and from the subsequent message and the initial preset key MAC initialization.
7. system according to claim 1, wherein the MAC calculating instrument is additionally configured to through at least one in following It is a that the data record data from the data record are written to the message library:
The connection of client device and server apparatus;
Preset time after the message library successfully previously is written in data record data;
More than the interception message of preset quantity;Or
Available computing platform resource predetermined amount.
8. system according to claim 1, wherein the inspection determine tool be additionally configured to based in following at least One determines whether to execute the corrupted data inspection:
Detection has write data into the event of the data record;Or
What is connected between detection client device and server apparatus is stably connected with.
9. system according to claim 1, wherein the checking tool is configured as analyzing selected record by following:
The expected MAC is generated based on including the message in the selected record;
The expected MAC is compared in the selected record by the MAC that the MAC calculating instrument generates; And
When the MAC in the expected MAC and the selected record is mismatched, designation date record is impaired.
10. system according to claim 1, wherein the first message includes Time To Event, event type and thing Part feature.
11. system according to claim 1, wherein the computing platform includes:
Client mobile devices, including make the computing platform realize the data record, described encryption key the build tool with And the instruction of the MAC calculating instrument;And
Server apparatus, including the computing platform is made to realize that the message library, inspection rule, the inspection determine tool With the instruction of the checking tool.
12. system according to claim 1, wherein described encryption key the build tool is also configured to
Intercept third message relevant to the event;And
MAC is generated for the third message sequence, wherein based on the encryption key for the third message and for described Data block constructed by third message is that the third message generates MAC, and the data block includes the third message and for institute The MAC of second message generation is stated, and is wherein for described for the key of the third message previously constructed The encryption key of two message.
13. system according to claim 1, wherein described encryption key the build tool includes hardware security module (HSM), It is physically against tampering.
14. system according to claim 13, wherein the HSM is configured to supply current time and new initial preset Key and the MAC calculating instrument are additionally configured to assess the new initial preset key for the current time Validity.
15. a kind of method for the damaged data in detection data record, which comprises
MAC is sequentially calculated for the second message in the first message and the data record in the data record, wherein base It is that the first message generates the MAC, and is disappeared based on being used for described second in initial preset key and the first message The encryption key of breath and be that the second message generates the MAC, the number for data block constructed by the second message The MAC for including the second message according to block and being generated for the first message, and wherein for the second message The key previously constructed is the initial preset key;
It is written and records to message database, the record includes the first message and the second message and is described second The MAC that message generates;
Analyze whether each record is matched with the MAC in the determination record with expected MAC;And
As the MAC and expected MAC mismatch in the record, designation date is impaired.
16. according to the method for claim 15, wherein the selected record of analysis further include:
The expected MAC is generated based on including the message in the selected record;
The expected MAC is compared with the MAC being previously calculated in the selected record;And
When the MAC in the expected MAC and the selected record is mismatched, designation date record is impaired.
17. according to the method for claim 15, further includes:
The initial preset key is constructed based at least one characteristic for the computing hardware for executing the method on it;And
Encryption key is constructed based on the key previously constructed.
18. according to the method for claim 15, further includes:
It presents hardware security module (HSM), is physically protected in order to avoid being tampered, it is close to be configurable to generate the initial preset Key.
19. according to the method for claim 18, wherein the HSM is configured to supply current time and new initial preset Key and the MAC calculating instrument are additionally configured to assess the new initial preset key for the current time Validity.
20. a kind of system for detecting the damaged data in Vehicular data recording, the system comprises:
Vehicle, comprising:
At least one vehicle sensors engine, be configured as-
In the fisrt feature for detecting the vehicle at the first time, and by include the vehicle the fisrt feature first message The Vehicular data recording is written with the first time stamp for corresponding to the first time, and
Detect the second feature of the vehicle in the second time, and by include the vehicle the second feature second message The Vehicular data recording is written with the second timestamp for corresponding to second time,
At least one processor and the memory for being operatively coupled at least one processor, the memory include referring to It enables, realizes at least one described processor when executing described instruction at least one described processor:
Message relating code (MAC) calculating instrument, be configured as-
It is sequentially generated MAC for the first message and the second message, wherein based on the initial preset key and described First message is that the first message generates the MAC, and based on the encryption key for the second message and is directed to institute Stating data block constructed by second message is that the second message generates the MAC, and the data block includes the second message It and is wherein described for the key previously constructed of the second message with the MAC generated for the first message Initial preset key,
It is written and records to data record, the record includes the first message and the second message and disappears for described second Cease the MAC generated;And
Server is operatively coupled to the vehicle and includes:
Message library is configured as storing data record,
At least one processor-server and the server storage for being operatively coupled at least one processor-server Device, including instruction make at least one described server when executing described instruction at least one described processor-server Processor is realized:
Check the tool of determination, be configured as-
The first message or the second message are received, and
Determine whether to execute corrupted data inspection using the received message of institute and the data record;And
Checking tool, be configured as-
Analyze from each data record for checking that the tool of determination receives is with the MAC in the determination data record It is no to match with expected MAC, and
As the MAC and expected MAC mismatch in the data record, designation date is impaired.
CN201810840630.8A 2018-02-06 2018-07-27 System and method for detecting corrupted data Active CN109245895B (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
RU2018104435 2018-02-06
RU2018104435A RU2697953C2 (en) 2018-02-06 2018-02-06 System and method of deciding on data compromising
US16/005,158 2018-06-11
US16/005,158 US10778695B2 (en) 2018-02-06 2018-06-11 System and method for detecting compromised data

Publications (2)

Publication Number Publication Date
CN109245895A true CN109245895A (en) 2019-01-18
CN109245895B CN109245895B (en) 2021-06-11

Family

ID=65073132

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810840630.8A Active CN109245895B (en) 2018-02-06 2018-07-27 System and method for detecting corrupted data

Country Status (1)

Country Link
CN (1) CN109245895B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5978475A (en) * 1997-07-18 1999-11-02 Counterpane Internet Security, Inc. Event auditing system
US20040078594A1 (en) * 2002-10-22 2004-04-22 Logan Scott Data loader using location identity to provide secure communication of data to recipient devices
CN101127062A (en) * 2006-08-14 2008-02-20 北京握奇数据系统有限公司 Binding function implement method for electronic key and computer
CN101222316A (en) * 2007-01-10 2008-07-16 华为技术有限公司 Construction method and device for cipher synchronization, data transmission method using the same
US20090016534A1 (en) * 2006-07-14 2009-01-15 Kinamik Data Integrity, S.L. Method and system of generating immutable audit logs
CN102361481A (en) * 2011-07-07 2012-02-22 上海凯卓信息科技有限公司 Method for binding hardware encryption trans-flash (TF) card with mobile phone subscriber identity module (SIM) card
CN106919163A (en) * 2015-12-18 2017-07-04 丰田自动车株式会社 Communication system and the formation gathering method for performing in a communications system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5978475A (en) * 1997-07-18 1999-11-02 Counterpane Internet Security, Inc. Event auditing system
US20040078594A1 (en) * 2002-10-22 2004-04-22 Logan Scott Data loader using location identity to provide secure communication of data to recipient devices
US20090016534A1 (en) * 2006-07-14 2009-01-15 Kinamik Data Integrity, S.L. Method and system of generating immutable audit logs
CN101127062A (en) * 2006-08-14 2008-02-20 北京握奇数据系统有限公司 Binding function implement method for electronic key and computer
CN101222316A (en) * 2007-01-10 2008-07-16 华为技术有限公司 Construction method and device for cipher synchronization, data transmission method using the same
CN102361481A (en) * 2011-07-07 2012-02-22 上海凯卓信息科技有限公司 Method for binding hardware encryption trans-flash (TF) card with mobile phone subscriber identity module (SIM) card
CN106919163A (en) * 2015-12-18 2017-07-04 丰田自动车株式会社 Communication system and the formation gathering method for performing in a communications system

Also Published As

Publication number Publication date
CN109245895B (en) 2021-06-11

Similar Documents

Publication Publication Date Title
Bellare et al. Forward integrity for secure audit logs
US8539551B2 (en) Trusted virtual machine as a client
US10893057B2 (en) Hardware security module systems and methods
RU154072U1 (en) SMART CARD READER WITH SAFE JOURNALING FUNCTION
US5109413A (en) Manipulating rights-to-execute in connection with a software copy protection mechanism
JP4818542B2 (en) Executing services on computing platforms
US5978475A (en) Event auditing system
CN106687980B (en) Management program and virtual machine protection
CN108604275A (en) Hardware device and its authentication method
EP1055990A1 (en) Event logging in a computing platform
WO2000045358A1 (en) Method for securing safety of electronic information
JP2016531508A (en) Data secure storage
MX2013006157A (en) Device for and method of handling sensitive data.
CN110263544A (en) In conjunction with the receipt storage method and node of type of transaction and Rule of judgment
CN108768963A (en) The communication means and system of trusted application and safety element
CN110245947A (en) The receipt storage method and node limited in conjunction with the condition of transaction and user type
US20090072030A1 (en) System for paper-free verifiable electronic voting
CN110276684A (en) In conjunction with the receipt storage method and node of type of transaction and event functions type
TWI268077B (en) Remote unblocking with a security agent
Mavrovouniotis et al. Hardware security modules
CN111666591A (en) Online underwriting data security processing method, system, equipment and storage medium
CN109214204A (en) Data processing method and storage equipment
CN108632040A (en) Information management terminal device
CN105303093A (en) Token verification method for cryptographic smart token
US20090072031A1 (en) method for paper-free verifiable electronic voting

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant