CN112685708A - Trusted device and trusted system - Google Patents
Trusted device and trusted system Download PDFInfo
- Publication number
- CN112685708A CN112685708A CN202110019258.6A CN202110019258A CN112685708A CN 112685708 A CN112685708 A CN 112685708A CN 202110019258 A CN202110019258 A CN 202110019258A CN 112685708 A CN112685708 A CN 112685708A
- Authority
- CN
- China
- Prior art keywords
- security
- interfaces
- interface
- user
- trusted device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Stored Programmes (AREA)
Abstract
The embodiment of the specification provides a trusted device and a trusted system. The trusted device includes an Operating System (OS) kernel and a plurality of security service middleware; the OS kernel comprises a first set of interfaces including interfaces provided for the plurality of security services middleware; the plurality of security service middleware respectively comprise a second group of interfaces, the second group of interfaces comprise a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interact with an OS kernel through the first interface, wherein the first group of interfaces and the second group of interfaces meet the security requirements of the same target standard, and the target standard belongs to the information technology security evaluation standard.
Description
Technical Field
Embodiments of the present description relate to the field of computer technology, and in particular, to a trusted device and a trusted system.
Background
In recent years, the popularization and rapid development of the IOT (Internet of Things) technology has enabled more and more devices to be intelligentized, and the IOT technology has been applied in the public field, the field of intelligent environments (such as homes, offices, factories, etc.), the personal field, the social field, and other fields. Because the IOT belongs to new things at present, each manufacturer has different equipment functions, implementations, versions and the like, and the situation of fragmentation exists, so that a plurality of safety problems are inevitable.
Therefore, a reasonable and reliable scheme for integrating fragmentation and reducing the occurrence of safety problems is urgently needed.
Disclosure of Invention
The embodiment of the specification provides a trusted device and a trusted system.
In a first aspect, embodiments of the present specification provide a trusted device comprising an operating system, OS, kernel and a plurality of security services middleware; the OS kernel comprises a first set of interfaces comprising interfaces provided for the plurality of security services middleware; the plurality of security service middleware respectively comprise a second group of interfaces, the second group of interfaces comprise a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interacts with the OS kernel through the first interface, wherein the first group of interfaces and the second group of interfaces meet the security requirements of the same target standard, and the target standard belongs to information technology security evaluation standards.
In some embodiments, a single secure service middleware is used to provide one of the following services: the method comprises the steps of service data protection, user data protection, key management, identity identification, user resource access, privacy protection, communication protection and data audit.
In some embodiments, the trusted device further comprises at least one of: memory, communication equipment, board level equipment; wherein the first set of interfaces further comprises interfaces provided for the at least one device; the at least one device includes an abstraction layer and a third set of interfaces, respectively, that satisfy security requirements of the target standard and that include a third interface for the abstraction layer to interact with the OS kernel.
In some embodiments, the trusted device further comprises the runtime environment, the runtime environment comprising a fourth set of interfaces that meet the security requirements of the target standard and include client interfaces provided for the upper layer applications, policy interfaces provided for the plurality of security services middleware, and client interfaces or policy interfaces provided for associated hardware devices.
In some embodiments, the trusted device further comprises an underlying hardware platform; the first set of interfaces further includes interfaces provided for the underlying hardware platform; the underlying hardware platform includes a fifth set of interfaces that meet security requirements of the target standard and that include interfaces provided for the OS kernel.
In some embodiments, the underlying hardware platform includes at least one of the following components: the platform static configuration registry comprises a platform static configuration registry, a security resource abstraction layer and a user resource abstraction layer, wherein the security resource abstraction layer comprises security-related hardware, and the user resource abstraction layer comprises general-purpose hardware.
In some embodiments, the security-related hardware includes a random number generator and/or a non-volatile memory for storing a root key; the general hardware comprises a hard disk.
In some embodiments, the interface provided for the underlying hardware platform comprises a kernel-mode first privileged program interface provided for the secure resource abstraction layer and the user resource abstraction layer.
In some embodiments, the first privileged program interface has a first user resource requirement function including at least one of: user security attribute management, security attribute static initialization, information flow control, access control and fault tolerance.
In some embodiments, the first privileged program interface has a first secure resource requirement function that includes at least one of: security role management, security attribute management, security data management, and security function failure protection.
In some embodiments, the fifth set of interfaces includes, in particular, the secure resource abstraction layer and the user resource abstraction layer are second privileged program interfaces of a kernel state provided by the OS kernel, respectively.
In some embodiments, the second privileged program interface has a second user resource requirement function that includes, a user binding.
In some embodiments, the second privileged program interface has a second secure resource requirement function that includes at least one of: trusted pipe, physical protection, external entity detection.
In some embodiments, the interface provided for the plurality of security services middleware comprises a user mode application program interface.
In some embodiments, the first set of interfaces further includes a user-mode application program interface provided for the upper layer application.
In some embodiments, the user-mode application program interface comprises a user-operation-related interface having at least one of the following functions: resource quota limit, resource priority, concurrent access limit, user locking, unlocking and closing, user access denial, user identification, user data band attribute import, user data export, user data internal transmission, user data confidentiality, user data integrity, integrity check, data storage rollback, and residual information protection.
In some embodiments, the user-mode application program interface comprises a security operations-related interface having at least one of the following: the method comprises the steps of safety function data confidentiality, time stamping, encryption and decryption, key generation, safety function data integrity, safety function data internal transmission, safety function functions, credible reception, safety function data consistency, safety function data recovery, authenticity verification, key distribution and key destruction.
In some embodiments, the target criteria include information technology security evaluation general criteria.
In a second aspect, embodiments of the present specification provide a trusted system comprising a trusted device and an external device, the trusted device comprising an operating system, OS, kernel and a plurality of security services middleware; the OS kernel comprises a first set of interfaces comprising interfaces provided for the plurality of security services middleware; the plurality of security service middleware respectively comprise a second group of interfaces, wherein the second group of interfaces comprise a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interacts with the OS kernel through the first interfaces, wherein the first group of interfaces and the second group of interfaces meet the security requirements of the same target standard, and the target standard belongs to information technology security evaluation standards; the external equipment comprises a uniform ecological standard interface and is accessed to the trusted equipment through the ecological standard interface.
In some embodiments, the trusted device includes a runtime environment with which the external device interacts through the ecological standard interface.
The above embodiments of the present specification provide a trusted device, which includes an OS (Operating System) kernel and a plurality of secure service middleware. The OS kernel includes a first set of interfaces including interfaces provided for the plurality of security services middleware. The plurality of security service middleware respectively comprises a second set of interfaces, the second set of interfaces comprises a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interacts with the OS kernel through the first interfaces. The first group of interfaces and the second group of interfaces meet the safety requirements of the same target standard, and the target standard belongs to the information technology safety evaluation standard. Thus, the OS kernel and the plurality of security services middleware each comprise a unified, normalized interface. The OS kernel and the plurality of security services middleware may interact through a unified, standardized interface, regardless of whether they originate from the same vendor. Therefore, by providing interfaces for the OS kernel and the plurality of security service middleware that satisfy the security requirements of the target standards, fragmentation can be effectively integrated, reducing the occurrence of security problems as much as possible.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments disclosed in the present specification, the drawings needed to be used in the description of the embodiments will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments disclosed in the present specification, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a schematic diagram of a trusted device according to the present description;
FIG. 2 is another schematic diagram of a trusted device according to the present description;
FIG. 3 is yet another schematic diagram of a trusted device according to the present description;
FIG. 4 is yet another schematic diagram of a trusted device according to the present description;
fig. 5 is a schematic diagram of a trusted system according to the present description.
Detailed Description
The present specification will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. The described embodiments are only a subset of the embodiments described herein and not all embodiments described herein. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step are within the scope of the present application.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present description may be combined with each other without conflict. In addition, the terms "first", "second", "third", and the like in the present specification are used only for information distinction and do not play any limiting role.
As mentioned above, IOT is a new-generation object, and each manufacturer has different device functions, implementations, versions, etc., so that the current situation of fragmentation exists, and many security problems are inevitable.
Based on this, some embodiments of the present description provide a trusted device and a trusted system, which can effectively integrate fragmented manufacturers, solutions, and the like together, establish a unified and standardized trusted device for a terminal, and reduce the occurrence of security problems as much as possible.
Referring to fig. 1, a schematic diagram of a trusted device according to the present description is shown.
As shown in fig. 1, the trusted device may include an OS kernel, and a plurality of secure services middleware. The plurality of security service middleware includes, for example, security service middleware 1, security service middleware 2, security service middleware 3, security service middleware 4, …, security service middleware M. Wherein M may be an integer greater than 1.
The OS kernel may include a first set of interfaces that may include, but are not limited to, interfaces provided for the plurality of security services middleware described above. Wherein the first set of interfaces may include one or more interfaces. It should be noted that, the number of interfaces of the OS kernel shown in fig. 1 may be one or more.
It should be noted that the interfaces respectively provided by the OS kernel for the multiple security service middleware may be the same interface or different interfaces, which is not limited herein.
Further, the interfaces respectively provided by the OS kernel to the plurality of security service middleware may be complete, self-sufficient, and independent from each other. Further, the Interface may be an Application Program Interface (API).
The plurality of security service middleware may respectively include a second set of interfaces. The second set of interfaces may include, but is not limited to, a first interface, and a second interface provided for a Run-Time Environment (RTE) or an upper layer application. The plurality of security service middleware may interact with the OS kernel through a first interface included therein.
Specifically, any one of the security service middleware may call, through a first interface included therein, an interface provided by the OS kernel for the security service middleware to implement interaction with the OS kernel. When the trusted device includes a runtime environment, the security services middleware may provide a second interface to the runtime environment such that the runtime environment can directly invoke the second interface. It should be appreciated that the upper layer application may implement an indirect call to the second interface through the runtime environment. When the trusted device does not include a runtime environment, the security services middleware may provide a second interface for the upper layer application such that the upper layer application can directly invoke the second interface.
In general, the second interface may be referred to as a policy interface, and the policy interfaces provided by the plurality of security service middleware for the runtime environment or the upper layer application are complete, self-sufficient, and independent of each other.
In this specification, the upper layer application may be an application installed in the OS of the trusted device, such as a payment-type application, a terminal-wind application, a digital identity authentication application, and/or an AI (Artificial Intelligence) model security application, and the like. As shown in fig. 1, the trusted device may be installed with application 1, application 2, application 3, application 4, …, application N. Wherein N may be an integer of 1 or more.
It should be noted that the first group of interfaces and the second group of interfaces satisfy the security requirements of the same target standard, and the target standard belongs to the information technology security evaluation standard. For example, The target Criteria may include, but is not limited to, The Common criterion for Information Technology security Evaluation (CC Criteria for short). The CC standard is an information technology security evaluation standard, which can be used to evaluate the security of information systems and information products, and is also an information security certification standard recognized by various countries in the world at present, and is often used to evaluate some systems with important security.
In practice, the security service middleware may be a component for providing security services. A single secure service middleware is typically used to provide one of the following services: service data protection, user data protection, key management, identity identification, user resource access, privacy protection, communication protection, data audit and the like.
The service data protection service can guarantee the safety of the service data. The service data may include, but is not limited to, data of an upper layer application, for example. The user data protection service can guarantee the safety of the user data. The user data may include, for example, a telephone number, an identification number, and/or personal image information (e.g., a face image, a fingerprint image, and/or an iris image, etc.) of the user, and so forth. The key management service may be used, for example, to manage keys for upper layer applications, and/or device keys for trusted devices, among others. The identification service may be used, for example, to identify a user when the user performs a particular operation. The specific operation may include, for example, a payment operation and/or an account login operation, etc. The user resource access service may provide the corresponding user resource to the user resource requester, for example, according to the request of the user resource requester. Wherein the user resources may include data related to the user's persona. The privacy protection service, for example, may encrypt, sign, and the like the privacy data to avoid disclosure of the privacy data and ensure security of the privacy data. The communication protection service can guarantee the safety of communication. The data auditing service can, for example, perform integrity checks on the data, etc.
It should be understood that the plurality of security service middleware described above may provide various security-related services. The number of the plurality of security service middleware and the services specifically provided by the security service middleware may be set according to actual requirements, which is not specifically limited herein.
Optionally, the interface provided by the OS kernel for the plurality of security service middleware may include a user mode application program interface. Optionally, the first set of interfaces may further include a user-mode application program interface provided for the upper layer application.
In this specification, the user mode application program interface may include a user operation related interface, and/or a security operation related interface.
The user operation-related interface may have, for example, at least one of the following functions: resource quota limits, resource priorities, concurrent access limits, locking, unlocking and closing of users, user access denial, user identification, user data band attribute import, user data export, user data internal transmission, user data confidentiality, user data integrity, integrity check, data storage rollback, residual information protection, and the like. The user data confidentiality function can encrypt the user data and the like. User data integrity function, which can sign user data, etc. And the integrity checking function can be used for checking the user data added with the signature and the like.
The safety-operation-related interface may, for example, have at least one of the following functions: the method comprises the steps of safety function data confidentiality, time stamping, encryption and decryption, key generation, safety function data integrity, safety function data internal transmission, safety function functions, credible reception, safety function data consistency, safety function data recovery, authenticity verification, key distribution, key destruction and the like. The security function data confidentiality function can encrypt the security function data and the like. And the safety function data integrity function can be used for signing the safety function data and the like.
It should be understood that the user operation-related interface, as well as the safety operation-related interface, may have various functions, and the functions of the two interfaces are not particularly limited in this specification.
Optionally, the trusted device may also include a runtime environment. The runtime environment may include a fourth set of interfaces that meet the security requirements of the target standard and include client interfaces provided for upper layer applications, policy interfaces provided for the plurality of security services middleware, and client interfaces or policy interfaces provided for the associated hardware devices.
The related hardware devices may include, for example, a memory, a communication device, a board level device, and/or an external device. Board level devices are typically other devices that are not on the same chip as the processor core. The external device is generally a device connected to the outside of the computer host, and is generally divided into an input device, an output device and an external memory, and the external device is an important component in the computer system and plays a role in information transmission, transfer and storage.
The related hardware devices can comprise a unified ecological standard interface and interact with the runtime environment through the ecological standard interface. In addition, the above-mentioned related hardware device may obtain client data by calling a corresponding client interface, and obtain policy data by calling a corresponding policy interface, for example, the policy data may include a security policy, and the like.
Optionally, the trusted device may further include at least one of: memory, communication devices, board level devices, etc. The first set of interfaces may also include interfaces provided for the at least one device. It should be noted that the interface provided by the OS kernel for the at least one device may be the same interface or different interfaces, and is not limited herein.
The at least one device may include an abstraction layer and a third set of interfaces, respectively, the third set of interfaces meeting security requirements of a target standard and including a third interface for the abstraction layer to interact with the OS kernel. The abstraction layer included in each of the at least one device may be, for example, a hardware abstraction layer, and may be obtained by abstracting hardware.
As shown in fig. 2, in addition to the contents in fig. 1, the trusted device includes a memory, a communication device, and a board level device. Fig. 2 is another schematic diagram of a trusted device according to the present specification.
Further, the interface provided by the OS kernel to the at least one device may include an interface provided to an abstraction layer in the at least one device. For any one of the above at least one device, the abstraction layer in the device may call, through the third interface of the device, an interface provided by the OS kernel for the abstraction layer, so as to implement interaction with the OS kernel.
Optionally, at least one of the devices may include other components, such as a driver component, a service component, etc., in addition to the abstraction layer. The driving component and the service component of the memory may be referred to as a memory driver and a memory service, respectively. The driver component and the service component of the communication device may be referred to as a communication device driver and a communication service, respectively. The driver components and service components of the board level device may be referred to as board level device drivers and system services, respectively.
Based on this, the third set of interfaces may further comprise a fourth interface, the fourth interface being an interface of the service component. For any one of the at least one device, the abstraction layer in the device may call the fourth interface through the third interface to implement interaction with the service component in the device. Accordingly, the service component may call the third interface through the fourth interface to enable interaction with the abstraction layer.
In addition, the at least one device may further include a unified ecological standard interface, and may interact with the runtime environment or the upper layer application through the ecological standard interface. Further, the service component of the at least one device may interact with the runtime environment or the upper layer application through the ecological standard interface.
Optionally, the interface provided by the OS kernel to the at least one device may further include an interface provided to a service component in the at least one device.
Optionally, the trusted device may also include an external device. The external device may include a unified, ecological standard interface and access the trusted device through the ecological standard interface. Further, the external device may interact with the runtime environment or the upper layer application through the ecological standard interface.
Optionally, the trusted device may also include an underlying hardware platform. The first set of interfaces may also include interfaces provided for the underlying hardware platform. The underlying hardware platform may include a fifth set of interfaces that meet the security requirements of the target standard and include interfaces provided for the OS kernel.
As shown in fig. 3, 4, which illustrate the underlying hardware platform in a trusted device. Fig. 3 and 4 are schematic structural diagrams of the trusted device.
Specifically, FIG. 3 shows the contents of FIG. 1 in addition to the underlying hardware platform. According to what is shown in fig. 3, the trusted device may include, but is not limited to: the system comprises an OS kernel, a plurality of security service middleware and a bottom hardware platform.
FIG. 4 shows the contents of FIG. 2 in addition to the underlying hardware platform. According to what is shown in fig. 4, the trusted device may include, but is not limited to: the system comprises an OS kernel, a plurality of security service middleware, a memory, a communication device, a board level device and a bottom layer hardware platform.
It should be noted that the interfaces of the underlying hardware platforms shown in fig. 3 and fig. 4 may be one or more, and are not limited in this respect.
In practice, the underlying hardware platform may include components such as a platform static configuration registry, a secure resource abstraction layer, and/or a user resource abstraction layer. Wherein the security resource abstraction layer may include security related hardware and the user resource abstraction layer may include general purpose hardware. In particular, the security-related hardware may include a random number generator and/or a non-volatile memory for storing root keys, and the like. Common hardware may include hard disks and the like.
In addition, the Interface provided by the OS kernel for the underlying hardware platform and the Interface provided by the underlying hardware platform for the OS kernel may be a kernel-mode Privileged Program Interface (PPI).
Further, the interface provided by the OS kernel to the underlying hardware platform may include a kernel-mode first privileged program interface provided for the secure resource abstraction layer and the user resource abstraction layer. The first privileged program interface may have a first user resource requirement function and/or a first secure resource requirement function, and/or the like. The first user resource requirement function may include at least one of: user security attribute management, security attribute static initialization, flow control, access control, fault tolerance, and the like. The first security resource requirement function may include at least one of: security role management, security attribute management, security data management, security function failure protection, and the like.
The fifth set of interfaces may specifically include a second privileged program interface in kernel state provided by the secure resource abstraction layer and the user resource abstraction layer, respectively, for the OS kernel. The second privileged program interface may have a second user resource requirement function and/or a second secure resource requirement function. The second user resource requirement function may include sub-functions such as user binding. The second security resource requirement function may include at least one of: trusted pipelines, physical protection, external entity detection, etc.
Optionally, the trusted device in this specification may comprise a generic trusted device framework, which may include an OS kernel and a plurality of security services middleware as described above. Further, the frame may further comprise at least one of: runtime environment, external device, at least one of the above. It is noted that for components or devices from any vendor, the framework can be accessed as long as the security requirements of the target standard are met. By effectively utilizing the framework, more upstream and downstream manufacturers can be integrated, the problem of safe fragmentation is solved, and uniform and standardized terminal trusted equipment is established.
It should be noted that, at least some of the components of the trusted device provided in this specification may be from the same vendor or from different vendors. By providing the at least some of the components with interfaces that meet the safety requirements of the target standard, fragmentation can be effectively integrated, reducing the occurrence of safety problems as much as possible.
Further reference is made to fig. 5, which is a schematic diagram of a trusted system according to the present description.
As shown in fig. 5, the trusted system may include a trusted device and an external device. The trusted device may include, among other things, an OS kernel and a plurality of security services middleware. The OS kernel may include a first set of interfaces that may include interfaces provided for the plurality of security services middleware. The plurality of security service middleware may respectively include a second set of interfaces, which may include the first interface and a second interface provided for a runtime environment or an upper layer application, and may interact with the OS kernel through the first interface included therein. The first group of interfaces and the second group of interfaces meet the safety requirements of the same target standard, and the target standard belongs to the information technology safety evaluation standard. The external device may include a unified, ecological standard interface and access the trusted device through the ecological standard interface.
It should be noted that the trusted device in this embodiment may be the trusted device described in the embodiment corresponding to fig. 1.
In this embodiment, the external device may interact with the runtime environment or the upper layer application through the ecological standard interface. Specifically, if the trusted device includes a runtime environment, the external device may interact with the runtime environment through the ecological standard interface.
According to the trusted system provided by the embodiment, by introducing the trusted device, the OS kernel and the plurality of security service middleware in the trusted device are respectively provided with the interfaces meeting the security requirements of the target standard, fragmentation can be effectively integrated, and the occurrence of security problems is reduced as much as possible.
Embodiments of the present specification further provide a trusted device framework, including an OS kernel and a plurality of security service middleware; the OS kernel comprises a first set of interfaces including interfaces provided for the plurality of security services middleware; the plurality of security service middleware respectively comprise a second group of interfaces, the second group of interfaces comprise a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interact with an OS kernel through the first interface, wherein the first group of interfaces and the second group of interfaces meet the security requirements of the same target standard, and the target standard belongs to the information technology security evaluation standard.
The above-mentioned embodiments, objects, technical solutions and advantages of the embodiments disclosed in the present specification are further described in detail, it should be understood that the above-mentioned embodiments are only specific embodiments of the embodiments disclosed in the present specification, and are not intended to limit the scope of the embodiments disclosed in the present specification, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the embodiments disclosed in the present specification should be included in the scope of the embodiments disclosed in the present specification.
Claims (20)
1. A trusted device comprising an operating system, OS, kernel and a plurality of secure services middleware;
the OS kernel comprises a first set of interfaces comprising interfaces provided for the plurality of security services middleware;
the plurality of security service middleware respectively comprise a second group of interfaces, the second group of interfaces comprise a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interacts with the OS kernel through the first interface, wherein the first group of interfaces and the second group of interfaces meet the security requirements of the same target standard, and the target standard belongs to information technology security evaluation standards.
2. The trusted device of claim 1, wherein a single secure service middleware is to provide one of: the method comprises the steps of service data protection, user data protection, key management, identity identification, user resource access, privacy protection, communication protection and data audit.
3. The trusted device of claim 1, wherein the trusted device further comprises at least one of: memory, communication equipment, board level equipment; wherein the content of the first and second substances,
the first set of interfaces further comprises interfaces provided for the at least one device;
the at least one device includes an abstraction layer and a third set of interfaces, respectively, that satisfy security requirements of the target standard and that include a third interface for the abstraction layer to interact with the OS kernel.
4. The trusted device of claim 1, wherein the trusted device further comprises the runtime environment, the runtime environment comprising a fourth set of interfaces that meet security requirements of the target standard and that include a client interface provided for the upper layer application, a policy interface provided for the plurality of security services middleware, and a client interface or policy interface provided for an associated hardware device.
5. The trusted device of one of claims 1-4, wherein the trusted device further comprises an underlying hardware platform;
the first set of interfaces further includes interfaces provided for the underlying hardware platform;
the underlying hardware platform includes a fifth set of interfaces that meet security requirements of the target standard and that include interfaces provided for the OS kernel.
6. The trusted device of claim 5, wherein the underlying hardware platform comprises at least one of: the platform static configuration registry comprises a platform static configuration registry, a security resource abstraction layer and a user resource abstraction layer, wherein the security resource abstraction layer comprises security-related hardware, and the user resource abstraction layer comprises general-purpose hardware.
7. The trusted device of claim 6,
the security-related hardware includes a random number generator and/or a non-volatile memory for storing a root key;
the general hardware comprises a hard disk.
8. The trusted device of claim 6, wherein the interface provided for the underlying hardware platform comprises a kernel-mode first privileged program interface provided for the secure resource abstraction layer and the user resource abstraction layer.
9. The trusted device of claim 8, wherein said first privileged program interface has a first user resource requirement function that includes at least one of: user security attribute management, security attribute static initialization, information flow control, access control and fault tolerance.
10. The trusted device of claim 8 or 9, wherein said first privileged program interface has a first secure resource requirement function comprising at least one of: security role management, security attribute management, security data management, and security function failure protection.
11. The trusted device of claim 6, wherein the fifth set of interfaces specifically includes a second privileged program interface in kernel state provided by the secure resource abstraction layer and the user resource abstraction layer, respectively, for the OS kernel.
12. The trusted device of claim 11, wherein said second privileged program interface has a second user resource requirement function comprising a user binding.
13. The trusted device of claim 11 or 12, wherein said second privileged program interface has a second secure resource requirement function comprising at least one of: trusted pipe, physical protection, external entity detection.
14. The trusted device of claim 1, wherein said interface provided for said plurality of security services middleware comprises a user-mode application program interface.
15. The trusted device of claim 1, wherein said first set of interfaces further comprises a user-mode application program interface provided for said upper layer application.
16. A trusted device according to claim 14 or 15, wherein the user-mode application program interface comprises a user-operation-related interface having at least one of the following functionalities: resource quota limit, resource priority, concurrent access limit, user locking, unlocking and closing, user access denial, user identification, user data band attribute import, user data export, user data internal transmission, user data confidentiality, user data integrity, integrity check, data storage rollback, and residual information protection.
17. A trusted device according to claim 14 or 15, wherein the user-mode application program interface comprises a security operation related interface having at least one of the following functions: the method comprises the steps of safety function data confidentiality, time stamping, encryption and decryption, key generation, safety function data integrity, safety function data internal transmission, safety function functions, credible reception, safety function data consistency, safety function data recovery, authenticity verification, key distribution and key destruction.
18. The trusted device of claim 1, wherein the target criteria comprises information technology security assessment common criteria.
19. A trusted system comprising a trusted device and an external device, the trusted device comprising an operating system, OS, kernel and a plurality of security services middleware;
the OS kernel comprises a first set of interfaces comprising interfaces provided for the plurality of security services middleware;
the plurality of security service middleware respectively comprise a second group of interfaces, wherein the second group of interfaces comprise a first interface and a second interface provided for a runtime environment or an upper layer application, and the plurality of security service middleware interacts with the OS kernel through the first interfaces, wherein the first group of interfaces and the second group of interfaces meet the security requirements of the same target standard, and the target standard belongs to information technology security evaluation standards;
the external equipment comprises a uniform ecological standard interface and is accessed to the trusted equipment through the ecological standard interface.
20. The system of claim 19, wherein the trusted device further comprises a runtime environment with which the external device interacts through the ecological standard interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110019258.6A CN112685708A (en) | 2021-01-07 | 2021-01-07 | Trusted device and trusted system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110019258.6A CN112685708A (en) | 2021-01-07 | 2021-01-07 | Trusted device and trusted system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112685708A true CN112685708A (en) | 2021-04-20 |
Family
ID=75456297
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110019258.6A Pending CN112685708A (en) | 2021-01-07 | 2021-01-07 | Trusted device and trusted system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112685708A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114844672A (en) * | 2022-03-22 | 2022-08-02 | 华为技术有限公司 | Application trusted identity confirmation method, management unit and equipment |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102255924A (en) * | 2011-08-29 | 2011-11-23 | 浙江中烟工业有限责任公司 | Multi-stage security interconnection platform based on trusted computing and processing flow thereof |
| CN103051525A (en) * | 2011-10-14 | 2013-04-17 | 海尔集团公司 | Gateway service middleware system and method as well as device and system comprising gateway service middleware system |
| CN104036303A (en) * | 2013-03-04 | 2014-09-10 | 中国移动通信集团广东有限公司 | RFID middleware and communication realization method thereof |
| US20150012487A1 (en) * | 2013-07-03 | 2015-01-08 | International Business Machines Corporation | Method to optimize provisioning time with dynamically generated virtual disk contents |
| US20150160937A1 (en) * | 2012-06-04 | 2015-06-11 | Oracle International Corporation | System and method for supporting in-band/side-band firmware upgrade of input/output (i/o) devices in a middleware machine environment |
| CN105022954A (en) * | 2015-07-07 | 2015-11-04 | 中国人民解放军国防科学技术大学 | Dynamic running method for security kernel service of tristate operating system in Feiteng CPU |
| CN106874771A (en) * | 2017-02-16 | 2017-06-20 | 浪潮(北京)电子信息产业有限公司 | A kind of method and device for building reliable hardware trust chain |
| CN107066885A (en) * | 2016-10-11 | 2017-08-18 | 深圳市华威世纪科技股份有限公司 | Cross-platform credible middleware realizes system and implementation method |
| CN110971614A (en) * | 2019-12-17 | 2020-04-07 | 软通动力信息技术(集团)有限公司 | Internet of things adaptation method and system, computer equipment and storage medium |
-
2021
- 2021-01-07 CN CN202110019258.6A patent/CN112685708A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102255924A (en) * | 2011-08-29 | 2011-11-23 | 浙江中烟工业有限责任公司 | Multi-stage security interconnection platform based on trusted computing and processing flow thereof |
| CN103051525A (en) * | 2011-10-14 | 2013-04-17 | 海尔集团公司 | Gateway service middleware system and method as well as device and system comprising gateway service middleware system |
| US20150160937A1 (en) * | 2012-06-04 | 2015-06-11 | Oracle International Corporation | System and method for supporting in-band/side-band firmware upgrade of input/output (i/o) devices in a middleware machine environment |
| CN104036303A (en) * | 2013-03-04 | 2014-09-10 | 中国移动通信集团广东有限公司 | RFID middleware and communication realization method thereof |
| US20150012487A1 (en) * | 2013-07-03 | 2015-01-08 | International Business Machines Corporation | Method to optimize provisioning time with dynamically generated virtual disk contents |
| CN105022954A (en) * | 2015-07-07 | 2015-11-04 | 中国人民解放军国防科学技术大学 | Dynamic running method for security kernel service of tristate operating system in Feiteng CPU |
| CN107066885A (en) * | 2016-10-11 | 2017-08-18 | 深圳市华威世纪科技股份有限公司 | Cross-platform credible middleware realizes system and implementation method |
| CN106874771A (en) * | 2017-02-16 | 2017-06-20 | 浪潮(北京)电子信息产业有限公司 | A kind of method and device for building reliable hardware trust chain |
| CN110971614A (en) * | 2019-12-17 | 2020-04-07 | 软通动力信息技术(集团)有限公司 | Internet of things adaptation method and system, computer equipment and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 朱元 等: "《基于AUTOSAR规范的车用电机控制器软件开发》", 31 August 2017, 同济大学出版社 * |
| 蔡增玉 等: "一种基于中间件的可信软件保护模型", 《计算机应用与软件》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114844672A (en) * | 2022-03-22 | 2022-08-02 | 华为技术有限公司 | Application trusted identity confirmation method, management unit and equipment |
| CN114844672B (en) * | 2022-03-22 | 2023-08-22 | 华为技术有限公司 | Method, management unit and equipment for confirming application trusted identity |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10361998B2 (en) | Secure gateway communication systems and methods | |
| US7930760B2 (en) | Centralized enforcement of name-based computer system security rules | |
| US8909940B2 (en) | Extensible pre-boot authentication | |
| RU2360368C2 (en) | Delegated management of distributed resources | |
| US20120054741A1 (en) | User authentication virtual machine | |
| US20100024016A1 (en) | Method and apparatus for protection domain based security | |
| US20110029779A1 (en) | Information processing apparatus, program, storage medium and information processing system | |
| US20090319806A1 (en) | Extensible pre-boot authentication | |
| EP1056010A1 (en) | Data integrity monitoring in trusted computing entity | |
| CN112805708B (en) | Protecting selected disks on a computer system | |
| EP1958116A1 (en) | A practical platform for high risk applications | |
| AU2018201934A1 (en) | Network based management of protected data sets | |
| US20180268156A1 (en) | Methods and apparatus for containerized secure computing resources | |
| Gallery et al. | Trusted computing: Security and applications | |
| KR101076405B1 (en) | Telecommunication terminal comprising two execution spaces | |
| CN112685708A (en) | Trusted device and trusted system | |
| US20230074455A1 (en) | System and method for monitoring delivery of messages passed between processes from different operating systems | |
| KR20020035582A (en) | Resource access control system | |
| Markantonakis | The case for a secure multi-application smart card operating system | |
| Fu et al. | Component‐based permission management of Android applications | |
| Sadeghi et al. | Bridging the gap between TCPA/Palladium and personal security | |
| Hicks et al. | Integrating SELinux with security-typed languages | |
| CN112784263B (en) | Bit-locked disk handler management system and method | |
| Girard et al. | New security issues raised by open cards | |
| Avancha | A Framework for Trustworthy Service-Oriented Computing (Short Paper) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210420 |