WO2018149110A1 - Key protection method and apparatus - Google Patents
Key protection method and apparatus Download PDFInfo
- Publication number
- WO2018149110A1 WO2018149110A1 PCT/CN2017/099285 CN2017099285W WO2018149110A1 WO 2018149110 A1 WO2018149110 A1 WO 2018149110A1 CN 2017099285 W CN2017099285 W CN 2017099285W WO 2018149110 A1 WO2018149110 A1 WO 2018149110A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- key
- execution
- secure
- data
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 102
- 230000000903 blocking effect Effects 0.000 claims abstract description 13
- 230000006870 function Effects 0.000 claims description 84
- 238000012795 verification Methods 0.000 claims description 54
- 238000003860 storage Methods 0.000 claims description 45
- 238000013507 mapping Methods 0.000 claims description 24
- 230000005540 biological transmission Effects 0.000 claims description 23
- 230000008569 process Effects 0.000 abstract description 56
- 230000000977 initiatory effect Effects 0.000 abstract description 11
- 238000013461 design Methods 0.000 description 56
- 238000004422 calculation algorithm Methods 0.000 description 46
- 238000004891 communication Methods 0.000 description 22
- 238000012545 processing Methods 0.000 description 15
- 238000012546 transfer Methods 0.000 description 15
- 238000010586 diagram Methods 0.000 description 14
- 238000004590 computer program Methods 0.000 description 8
- 238000004364 calculation method Methods 0.000 description 7
- 238000002347 injection Methods 0.000 description 6
- 239000007924 injection Substances 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 239000000243 solution Substances 0.000 description 3
- 238000013478 data encryption standard Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000000873 masking effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 102100022582 (3R)-3-hydroxyacyl-CoA dehydrogenase Human genes 0.000 description 1
- KLDZYURQCUYZBL-UHFFFAOYSA-N 2-[3-[(2-hydroxyphenyl)methylideneamino]propyliminomethyl]phenol Chemical compound OC1=CC=CC=C1C=NCCCN=CC1=CC=CC=C1O KLDZYURQCUYZBL-UHFFFAOYSA-N 0.000 description 1
- 102100031438 E3 ubiquitin-protein ligase RING1 Human genes 0.000 description 1
- 101001045206 Homo sapiens (3R)-3-hydroxyacyl-CoA dehydrogenase Proteins 0.000 description 1
- 101000707962 Homo sapiens E3 ubiquitin-protein ligase RING1 Proteins 0.000 description 1
- 101001095815 Homo sapiens E3 ubiquitin-protein ligase RING2 Proteins 0.000 description 1
- 208000035217 Ring chromosome 1 syndrome Diseases 0.000 description 1
- 208000032825 Ring chromosome 2 syndrome Diseases 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000012517 data analytics Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 201000001098 delayed sleep phase syndrome Diseases 0.000 description 1
- 208000033921 delayed sleep phase type circadian rhythm sleep disease Diseases 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000006266 hibernation Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000007958 sleep Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The present application discloses a key protection method and apparatus, pertaining to the technical field of network security. In the present application, a user equipment sends a key identifier of at least one user key to a server, so that a user application running on the server can transmit, when initiating an operation involving use of a user key, an operation parameter set containing a corresponding key identifier to an execution node in a secure execution space, the secure execution space being capable of blocking external access to privileged code, thereby enabling the internal execution node to acquire the user key from a key store by using the key identifier when the privileged code is invisible, so as to execute the above operation involving use of the user key and return an execution result. It can be seen that the present application encapsulates both a user key and a process of cryptographic operation within a secure execution space, and can therefore be used to reduce a security threat to a user key caused by privileged software in a cloud server.
Description
本申请涉及网络安全技术领域,特别涉及一种密钥保护方法及装置。The present application relates to the field of network security technologies, and in particular, to a key protection method and apparatus.
虚拟化技术是云计算领域的关键技术之一,可将物理计算机的物理资源虚拟成多个虚拟机(Virtual Machine,VM),例如虚拟机监视器(Virtual Machine Monitor,VMM)的虚拟化平台可以将物理资源以虚拟资源池的形式提供给各个虚拟机,不同的虚拟机上分别运行不同的操作系统(Operating System,OS)以分配给多个用户使用,虚拟机之间共享物理计算机的物理资源。Virtualization technology is one of the key technologies in the field of cloud computing. It can virtualize the physical resources of a physical computer into multiple virtual machines (VMs). For example, the virtualization platform of Virtual Machine Monitor (VMM) can be used. The physical resources are provided to each virtual machine in the form of a virtual resource pool. Different virtual machines respectively run different operating systems (OSs) for allocation to multiple users, and virtual machines share physical resources of physical computers. .
在云服务场景下,云服务提供商可以向海量用户提供云服务业务,为用户分配虚拟机。在云服务的使用过程中,用户通常会使用密钥结合相应的密钥算法来保护用户的数据或者完成关键业务步骤。比如在云存储场景下,用户的数据在云服务器中需要使用密钥加密,在读取数据时用户应用需要使用密钥对数据进行解密,对解密数据处理产生的新数据也要加密以后存储到云服务器中。再比如,安全的云上的大数据分析系统通常需要通过使用加密密钥来保护节点之间消息数据的机密性,使用完整性密钥来提供消息完整性的保护。In a cloud service scenario, a cloud service provider can provide cloud service services to a large number of users and allocate virtual machines to users. During the use of cloud services, users typically use keys in conjunction with corresponding key algorithms to protect user data or complete critical business steps. For example, in a cloud storage scenario, the user's data needs to be encrypted by the key in the cloud server. When the data is read, the user application needs to use the key to decrypt the data, and the new data generated by the decrypted data processing is also encrypted and stored. In the cloud server. As another example, a big data analytics system on a secure cloud typically requires the use of cryptographic keys to protect the confidentiality of message data between nodes and the use of integrity keys to provide message integrity protection.
而在云服务架构中,用户应用和用户数据一般由用户提供,例如OS和VMM的底层软件一般由云服务商(CSP)提供并处于云服务商的控制之下。由此,云服务器上运行在特权级的OS和VMM可以随意访问用户应用的进程空间,包括用户所使用的密钥。例如,云服务商的恶意管理员可能通过管理工具或者管理域窃取用户应用使用的密钥,恶意虚拟机也可能通过技术手段攻击同一物理服务器上的其它虚拟机,窃取用户应用使用的密钥。此外,黑客也可能利用VMM、OS的安全漏洞入侵云服务器,窃取用户应用使用的密钥。In the cloud service architecture, user applications and user data are generally provided by users. For example, the underlying software of the OS and VMM is generally provided by a cloud service provider (CSP) and under the control of a cloud service provider. Thus, the OS and VMM running on the privileged level on the cloud server can freely access the process space of the user application, including the key used by the user. For example, a malicious administrator of a cloud service provider may steal a key used by a user application through a management tool or an administrative domain. The malicious virtual machine may also attack other virtual machines on the same physical server by technical means to steal the key used by the user application. In addition, hackers may also use VMM, OS security vulnerabilities to invade cloud servers and steal keys used by user applications.
可以看出,目前云服务架构下用户所私有的密钥很容易泄露给云服务器上运行的特权级软件,使得用户的数据和业务的完整性都受到了严重的威胁。It can be seen that the key of the user's private key under the cloud service architecture is easily leaked to the privileged software running on the cloud server, which makes the data and service integrity of the user seriously threatened.
发明内容Summary of the invention
本申请提供一种密钥保护方法及装置,可以降低服务器中的特权级软件对用户密钥造成的安全威胁。The present application provides a key protection method and apparatus, which can reduce the security threat caused by the privilege level software in the server to the user key.
第一方面,本申请提供一种密钥保护方法,包括:In a first aspect, the application provides a key protection method, including:
在发起使用用户密钥的运算时,用户应用获取与所要使用的用户密钥对应的密钥标识,以添加至与所述使用用户密钥的运算对应的运算参数集中;When initiating an operation using the user key, the user application acquires a key identifier corresponding to the user key to be used to be added to the operation parameter set corresponding to the operation using the user key;
所述用户应用通过预设接口将所述运算参数集传递给安全执行空间内的执行节点,以使所述执行节点在所述安全执行空间内:从密钥库中获取与所述密钥标识对应的用户密钥,使用获取到的用户密钥执行与所述运算参数集对应的运算,并返回执行结果;Transmitting, by the user application, the operation parameter set to an execution node in a secure execution space by using a preset interface, so that the execution node is in the secure execution space: acquiring the key identifier from a keystore Corresponding user key, performing an operation corresponding to the operation parameter set by using the obtained user key, and returning an execution result;
其中,所述密钥库存储在所述安全执行空间内;所述用户应用运行在服务器中,所述安全执行空间预先建立在所述服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问。
Wherein the key store is stored in the secure execution space; the user application runs in a server, the secure execution space is pre-established in the server, and the secure execution space is configured to block a privilege level External access to the code.
本实施例提供的密钥保护方法,将用户密钥和进行密码运算的过程全部封装在安全执行空间内部,而外部的用户应用采用密钥标识代替用户密钥来发起密码运算,使得用户密钥和进行密码运算的过程对于操作系统和虚拟机监视器等特权级软件而言不可见,从而降低云服务器中的特权级软件对用户密钥造成的安全威胁。In the key protection method provided in this embodiment, the user key and the process of performing the cryptographic operation are all encapsulated in the secure execution space, and the external user application uses the key identifier instead of the user key to initiate the cryptographic operation, so that the user key The process of performing cryptographic operations is invisible to privileged software such as operating systems and virtual machine monitors, thereby reducing the security threats posed by privileged software in the cloud server to user keys.
在一个可能的设计中,所述用户应用通过预设接口将所述运算参数集传递给安全执行空间内的执行节点,包括:In a possible design, the user application passes the operation parameter set to the execution node in the secure execution space through a preset interface, including:
所述用户应用调用配置在所述执行节点中的接入函数,以在经过所述预设接口的访问权限验证之后,将所述运算参数集作为函数参数传递给所述执行节点。The user application invokes an access function configured in the execution node to pass the operation parameter set as a function parameter to the execution node after verifying access rights through the preset interface.
本实施例中,执行节点对用户应用而言相当于可供调用的外部函数,而预设接口则可以通过访问权限验证阻挡无访问权限的程序(包括特权级代码)的调用,利用函数调用机制整合数据传递过程和访问权限验证过程,有助于提升用户应用通过执行节点执行密码运算的过程中的逻辑处理效率In this embodiment, the execution node is equivalent to an external function that can be called for the user application, and the preset interface can block the call of the program (including the privilege level code) that blocks the access permission by using the access authority, and utilize the function calling mechanism. Integrating the data transfer process and the access authority verification process helps to improve the efficiency of logical processing in the process of user application performing cryptographic operations through the execution node
在一个可能的设计中,所述运算参数集包括用于定义运算规则的运算子集和用于携带运算数据的参数子集,所述用户应用通过预设接口将所述运算参数集传递给安全执行空间内的执行节点,包括:In a possible design, the operation parameter set includes a subset of operations for defining an operation rule and a subset of parameters for carrying the operation data, and the user application passes the operation parameter set to the security through a preset interface. Execution nodes within the execution space, including:
所述用户应用通过所述预设接口将包含所述暂存标记的运算参数集传递给所述执行节点,以使所述执行节点在所述安全执行空间内:根据所述运算子集和所述参数子集进行运算以获取运算结果,将所述运算结果存储在所述安全执行空间内,为存储后的所述运算结果分配对应的数据标识,并返回所述数据标识;Transmitting, by the user application, the set of operation parameters including the temporary storage tag to the execution node by using the preset interface, so that the execution node is in the secure execution space: according to the operation subset and the The parameter subset is operated to obtain an operation result, and the operation result is stored in the security execution space, and the corresponding data identifier is allocated to the stored operation result, and the data identifier is returned;
所述用户应用接收来自所述执行节点的数据标识;The user application receives a data identifier from the execution node;
所述用户应用通过所述预设接口将参数子集中包含所述数据标识的运算参数集传递给所述执行节点,以使所述执行节点在所述安全执行空间内:在所述安全执行空间内获取与所述数据标识对应的运算结果,以使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。Transmitting, by the user application, the operation parameter set including the data identifier in the parameter subset to the execution node by using the preset interface, so that the execution node is in the security execution space: in the security execution space The operation result corresponding to the data identifier is obtained internally to perform an operation according to the operation subset and the parameter subset using the obtained operation result to obtain an operation result.
本实施例中,由于运算参数集中可以设置暂存标记,并且执行节点能够在接收到暂存标记时存储运算结果并返回替代运算结果的数据标识,使得用户可以使用包含暂存标记的运算参数集来保护包含有秘密数据的中间数据。而且,由于运算参数集中可以设置数据标识,并且执行节点能够在接收到数据标识时提取所存储的运算结果并用于密码运算,使得用户可以使用包含数据标识的运算参数集来提取所存储的数据以进行密码运算,即能够使得存储在安全执行空间内的数据仍能根据运算参数集参与密码运算。由此,可以在完成密码运算的基础上避免由此引起的秘密数据泄露,增强密码运算过程的安全性。In this embodiment, the temporary storage flag can be set in the operation parameter set, and the execution node can store the operation result when receiving the temporary storage mark and return the data identifier of the replacement operation result, so that the user can use the operation parameter set including the temporary storage mark. To protect intermediate data containing secret data. Moreover, since the operation parameter set can set the data identifier, and the execution node can extract the stored operation result and use it for the cryptographic operation when receiving the data identifier, so that the user can extract the stored data using the operation parameter set including the data identifier. Performing a cryptographic operation enables data stored in the secure execution space to still participate in cryptographic operations based on the set of operational parameters. Thereby, the secret data leakage caused thereby can be avoided on the basis of completing the cryptographic operation, and the security of the cryptographic operation process is enhanced.
在一种可能的设计中,在所述用户应用通过预设接口将所述运算参数集传递给执行节点之前,还包括:In a possible design, before the user application passes the operation parameter set to the execution node through a preset interface, the method further includes:
在配置有所述执行节点的安全执行空间建立之后,所述用户应用与所述执行节点交互以建立用户端与所述执行节点之间的安全信道,以使所述用户端:通过所述安全信道将密钥信息发送给所述执行节点,以通过所述执行节点根据所述密钥信息中包含的用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。After the security execution space configured with the execution node is established, the user application interacts with the execution node to establish a secure channel between the client and the execution node, so that the user: through the security Transmitting, by the channel, key information to the execution node, to complete the secret in the secure execution space by the execution node according to a mapping relationship between a user key and a key identifier included in the key information. The configuration of the keystore.
本实施例中,基于用户端与所述执行节点之间的安全信道的建立,能够在用户端与安全执行空间通信的过程中保护通信数据的私密性和完整性,避免包括OS和VMM的服务器
程序从传输数据流中窃取用户的秘密数据,例如在用户端通过安全信道将密钥信息发送给执行节点的过程中保护密钥信息不被数据传输的中间节点窃取或者篡改,从而与其他方面的安全保护手段相结合实现云服务场景下的密钥保护。In this embodiment, based on the establishment of the secure channel between the UE and the execution node, the privacy and integrity of the communication data can be protected during the communication between the UE and the secure execution space, and the server including the OS and the VMM is avoided.
The program steals the user's secret data from the transmission data stream, for example, in the process of transmitting the key information to the execution node through the secure channel, the protection key information is not stolen or tampered by the intermediate node of the data transmission, thereby Security protection means combine to implement key protection in a cloud service scenario.
在一个可能的设计中,所述方法还包括:In one possible design, the method further includes:
在所述用户端通过所述安全信道将密钥信息发送给所述执行节点之前,所述用户应用通过所述执行节点获取所述安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;Before the user end sends the key information to the execution node through the secure channel, the user application acquires a hash value of data in a preset range of the secure execution space by using the execution node, where The data within the preset range includes all executable code in the secure execution space;
所述用户应用将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。Sending, by the user application, the hash value to the user end, so that the user end: performing integrity check on the data in the preset range according to the hash value, in the integrity check By blocking the transmission of the user key to the server before.
本实施例中,基于对安全执行空间的预置范围内的数据的完整性校验,至少可以使用户端远程确认安全执行空间内所有可执行代码的完整性(包括确认可执行代码是否全部是用户配置的,以及可执行代码是否经过恶意删除或篡改),保护用户密钥的安全。In this embodiment, based on the integrity check of the data within the preset range of the secure execution space, at least the client can remotely confirm the integrity of all executable code in the secure execution space (including confirming whether the executable code is all User-configured, and executable code is maliciously deleted or tampered with to protect the security of the user's key.
在一个可能的设计中,所述用户应用与所述执行节点交互以建立用户端与所述执行节点之间的安全信道之前,还包括:In a possible design, before the user application interacts with the execution node to establish a secure channel between the client and the execution node, the method further includes:
所述用户应用在服务器中创建安全执行空间;The user application creates a secure execution space in the server;
所述用户应用向所述安全执行空间中注入与所述执行节点对应的数据,以在所述安全执行空间内完成所述执行节点的配置。The user application injects data corresponding to the execution node into the secure execution space to complete configuration of the execution node in the secure execution space.
本实施例中,执行节点可以作为用户应用的额外代码创建,从而将执行节点与用户应用之间的数据传递限制在同一程序内部进行,不仅有利于省去程序间数据传递所需要的程序接口的设置,还有利于消除程序间数据传递所带来的安全隐患。In this embodiment, the execution node can be created as additional code of the user application, thereby restricting data transfer between the execution node and the user application within the same program, which not only facilitates the elimination of the program interface required for data transfer between programs. The setting also helps to eliminate the security risks caused by data transfer between programs.
第二方面,本申请还提供一种密钥保护方法,包括:In a second aspect, the application further provides a key protection method, including:
用户端向服务器发送至少一个用户密钥的密钥标识,以使所述服务器中运行的第一用户应用能够在发起使用用户密钥的运算时,能够获取到与所要使用的用户密钥对应的密钥标识;The client sends a key identifier of the at least one user key to the server, so that the first user application running in the server can obtain the user key corresponding to the user key to be used when initiating the operation using the user key. Key identification
其中,所述第一用户应用被配置为将获取到的密钥标识添加至与所述使用用户密钥的运算对应的运算参数集中,通过预设接口将所述运算参数集传递给安全执行空间内的执行节点;The first user application is configured to add the obtained key identifier to an operation parameter set corresponding to the operation using the user key, and transmit the operation parameter set to the secure execution space through a preset interface. Execution node inside;
所述执行节点被配置为在所述安全执行空间内:从密钥库中获取与所述密钥标识对应的用户密钥,使用获取到的用户密钥执行与所述运算参数集对应的运算,并将执行结果返回给所述第一用户应用;The execution node is configured to: in the secure execution space, acquire a user key corresponding to the key identifier from a keystore, and perform an operation corresponding to the operation parameter set by using the obtained user key And returning an execution result to the first user application;
所述密钥库存储在所述安全执行空间内;所述安全执行空间预先建立在所述服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问。The key store is stored in the secure execution space; the secure execution space is pre-established in the server, the secure execution space being configured to be able to block external access of privileged level code.
在一种可能的设计中,所述方法还包括:In one possible design, the method further includes:
在配置有所述执行节点的安全执行空间建立之后,所述用户端通过所述服务器中运行的第二用户应用与所述执行节点交互以建立所述用户端与所述执行节点之间的安全信道;After the security execution space configured with the execution node is established, the user end interacts with the execution node by using a second user application running in the server to establish security between the client and the execution node. channel;
所述用户端通过所述安全信道将密钥信息发送至所述执行节点,以通过所述执行节点根据所述密钥信息中包含的用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。
Sending, by the user terminal, key information to the execution node by using the security channel, by using, by the execution node, according to a mapping relationship between a user key and a key identifier included in the key information, The configuration of the keystore is completed in the secure execution space.
在一种可能的设计中,所述用户端通过所述服务器中运行的第二用户应用与用户端交互以建立所述用户端与所述执行节点之间的安全信道,包括:In a possible design, the user end interacts with the client by using a second user application running in the server to establish a secure channel between the client and the execution node, including:
所述用户端通过与所述执行节点之间的密钥协商得到共有密钥,以建立使用所述共有密钥进行加密通信的安全信道。The UE obtains a common key by key negotiation with the execution node to establish a secure channel for performing encrypted communication using the shared key.
在一种可能的设计中,在所述用户端通过所述安全信道将密钥信息发送至所述执行节点之前,还包括:In a possible design, before the user sends the key information to the execution node through the secure channel, the method further includes:
所述用户端通过所述执行节点对所述安全执行空间的预置范围内的数据进行完整性校验,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;Performing, by the execution terminal, integrity verification on data in a preset range of the secure execution space by using the execution node, where data in the preset range includes all executable code in the secure execution space;
在完整性校验通过之前,所述用户端阻止用户密钥向服务器的发送。The client blocks the transmission of the user key to the server before the integrity check is passed.
在一种可能的设计中,在所述用户端通过所述服务器中运行的第二用户应用与所述执行节点交互以建立所述用户端与所述执行节点之间的安全信道之后,还包括:In a possible design, after the user end interacts with the execution node by the second user application running in the server to establish a secure channel between the client and the execution node, :
所述用户端通过所述安全信道向所述执行节点发送第一操作指令,以使所述执行节点在所述安全执行空间内:接收所述第一操作指令,屏蔽除来自所述安全信道以外的用户指令;Transmitting, by the user terminal, the first operation instruction to the execution node by using the secure channel, so that the execution node is in the secure execution space: receiving the first operation instruction, and shielding from the secure channel User instruction
和/或,and / or,
所述用户端通过所述安全信道向所述执行节点发送第二操作指令,以使所述执行节点在所述安全执行空间内:接收所述第二操作指令,对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;Transmitting, by the user terminal, a second operation instruction to the execution node by using the secure channel, so that the execution node is in the secure execution space: receiving the second operation instruction, and checking a security execution space, to Sending the obtained verification report to the client through the secure channel;
和/或,and / or,
所述用户端通过所述安全信道接收来自所述执行节点的核查报告,以根据接收到的核查报告确定所述安全执行空间的安全风险等级;Receiving, by the UE, the verification report from the execution node by using the security channel, to determine a security risk level of the security execution space according to the received verification report;
和/或,and / or,
所述用户端在所述安全执行空间的安全风险等级高于或等于预设等级时通过所述安全信道向所述执行节点发送第三操作指令,以使所述执行节点在所述安全执行空间内:接收所述第三操作指令,删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;The user terminal sends a third operation instruction to the execution node by using the secure channel when the security risk level of the security execution space is higher than or equal to a preset level, so that the execution node is in the security execution space. Receiving, by the third operation instruction, deleting secret data or all secret data of a predetermined part in the secure execution space;
和/或,and / or,
所述用户端通过所述安全信道向所述执行节点发送第四操作指令,以使所述执行节点在所述安全执行空间内:接收所述第四操作指令,将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道返回用于读取密钥库和对密钥库进行解密的数据;Transmitting, by the user terminal, the fourth operation instruction to the execution node by using the secure channel, so that the execution node is within the secure execution space: receiving the fourth operation instruction, and the security execution space The keystore is encrypted and stored in a memory of the server, and returns data for reading the keystore and decrypting the keystore through the secure channel;
和/或,and / or,
所述用户端通过所述安全信道向所述执行节点发送第五操作指令,所述第五操作指令包括地址标识和解密密钥,以使所述执行节点在所述安全执行空间内:接收所述第五操作指令,根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。Sending, by the user terminal, a fifth operation instruction to the execution node by using the secure channel, where the fifth operation instruction includes an address identifier and a decryption key, so that the execution node is in the secure execution space: receiving the location The fifth operation instruction is configured to obtain an encrypted keystore in a memory of the server according to the address identifier, and decrypt the encrypted keystore by using the decryption key to decrypt the decrypted keystore. Configured in the secure execution space.
在一种可能的设计中,在所述用户端通过所述服务器中运行的第二用户应用与所述执行节点交互以建立所述用户端与所述执行节点之间的安全信道之前,还包括:In a possible design, before the user end interacts with the execution node by the second user application running in the server to establish a secure channel between the client and the execution node, :
所述用户端通过所述服务器中运行的第三用户应用创建安全执行空间;The user end creates a secure execution space by using a third user application running in the server;
所述用户端通过所述服务器中运行的第三用户应用向所述安全执行空间内注入与所述
执行节点对应的数据,以在所述安全执行空间内完成所述执行节点的配置。The user end injects into the secure execution space by using a third user application running in the server
Executing data corresponding to the node to complete configuration of the execution node in the secure execution space.
第三方面,本申请还提供一种密钥保护方法,应用于配置在安全执行空间内的执行节点;其中,所述安全执行空间建立在服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问;所述方法包括:In a third aspect, the present application further provides a key protection method for an execution node configured in a secure execution space; wherein the secure execution space is established in a server, and the secure execution space is configured to block privilege External access to the level code; the method includes:
所述执行节点接收所述用户应用通过预设接口传递的运算参数集,所述运算参数集包括与所要使用的用户密钥对应的密钥标识;The execution node receives an operation parameter set that is transmitted by the user application through a preset interface, where the operation parameter set includes a key identifier corresponding to a user key to be used;
所述执行节点从密钥库中获取与所述密钥标识对应的用户密钥;其中,所述密钥库存储在所述安全执行空间内;Obtaining, by the execution node, a user key corresponding to the key identifier from a keystore; wherein the keystore is stored in the secure execution space;
所述执行节点使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果;Executing, by the execution node, an operation corresponding to the operation parameter set in the secure execution space using an acquired user key to obtain an execution result;
所述执行节点向所述用户应用返回所述执行结果。The execution node returns the execution result to the user application.
在一种可能的设计中,在所述执行节点从密钥库中获取与所述密钥标识对应的用户密钥之前,还包括:In a possible design, before the execution node obtains the user key corresponding to the key identifier from the keystore, the method further includes:
所述执行节点与用户端交互以建立所述用户端与执行节点之间的安全信道;The execution node interacts with the client to establish a secure channel between the client and the execution node;
所述执行节点通过所述安全信道接收所述用户端发送的密钥信息;其中,所述密钥信息中包括用户密钥与密钥标识之间的映射关系;Receiving, by the security node, the key information sent by the user end, where the key information includes a mapping relationship between the user key and the key identifier;
所述执行节点根据所述用户密钥与密钥标识之间的映射关系,在所述安全执行空间内完成所述密钥库的配置。The executing node completes the configuration of the keystore in the secure execution space according to the mapping relationship between the user key and the key identifier.
在一种可能的设计中,在所述执行节点通过所述安全信道接收所述用户端发送的密钥信息之前,还包括:In a possible design, before the receiving node receives the key information sent by the UE by using the secure channel, the method further includes:
所述执行节点获取所述安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;The execution node acquires a hash value of data within a preset range of the secure execution space, and the data in the preset range includes all executable code in the secure execution space;
所述执行节点将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。The executing node sends the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, and performs integrity check. By blocking the transmission of the user key to the server before.
在一种可能的设计中,在所述执行节点与用户端交互以建立所述用户端与所述执行节点之间的安全信道之后,还包括:所述执行节点通过所述安全信道接收来自所述用户端的用户指令;以及,In a possible design, after the execution node interacts with the client to establish a secure channel between the client and the execution node, the method further includes: the executing node receiving the source through the secure channel User instructions of the client; and,
在所述用户指令为第一操作指令时,所述执行节点屏蔽除来自所述安全信道以外的用户指令;The execution node blocks user instructions other than the secure channel when the user instruction is the first operation instruction;
和/或,and / or,
在所述用户指令为第二操作指令时,所述执行节点对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;When the user instruction is the second operation instruction, the executing node checks the security execution space to send the obtained verification report to the user terminal through the secure channel;
和/或,and / or,
在所述用户指令为第三操作指令时,所述执行节点删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;When the user instruction is a third operation instruction, the execution node deletes a predetermined part of the secret data or all the secret data in the secure execution space;
和/或,and / or,
在所述用户指令为第四操作指令时,所述执行节点将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道向所述用户端返回用于读取密钥库
和对密钥库进行解密的数据;When the user instruction is the fourth operation instruction, the execution node encrypts and stores the keystore in the secure execution space into the memory of the server, and returns to the client through the secure channel. Read keystore
And data that decrypts the keystore;
和/或,and / or,
在所述用户指令为包括地址标识和解密密钥的第五操作指令时,所述执行节点根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。When the user instruction is a fifth operation instruction including an address identifier and a decryption key, the execution node acquires an encrypted keystore in a memory of the server according to the address identifier, and uses the decryption key The encrypted keystore is decrypted to configure the decrypted keystore in the secure execution space.
在一种可能的设计中,所述运算参数集包括用于定义运算规则的运算子集和用于携带运算数据的参数子集,所述执行节点使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果,包括:In one possible design, the operational parameter set includes a subset of operations for defining an operational rule and a subset of parameters for carrying operational data, the execution node performing the secure execution using the obtained user key Performing an operation corresponding to the operation parameter set in the space to obtain an execution result includes:
所述执行节点根据所述运算子集和所述参数子集进行运算以获取运算结果;Performing, by the execution node, an operation according to the operation subset and the parameter subset to obtain an operation result;
当检测到所述运算参数集中还包括暂存标记时,所述执行节点将所述运算结果存储在所述安全执行空间内,并为存储后的所述运算结果分配对应的数据标识;When it is detected that the operation parameter set further includes a temporary storage mark, the execution node stores the operation result in the security execution space, and allocates a corresponding data identifier to the stored operation result;
相应的,所述执行节点向所述用户应用返回所述执行结果,包括:Correspondingly, the executing node returns the execution result to the user application, including:
所述执行节点向所述用户应用返回所述数据标识。The execution node returns the data identification to the user application.
在一种可能的设计中,当所述参数子集中包含有至少一个数据标识时,所述执行节点在所述安全执行空间内获取与所述至少一个数据标识对应的运算结果,并使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。In a possible design, when the parameter subset includes at least one data identifier, the execution node acquires an operation result corresponding to the at least one data identifier in the secure execution space, and uses the acquired The operation result is calculated according to the operation subset and the parameter subset to obtain an operation result.
在一种可能的设计中,所述运算参数集还包括指令标识和输入数据;所述执行节点使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果,包括:In a possible design, the operation parameter set further includes an instruction identifier and input data; the execution node performs an operation corresponding to the operation parameter set in the secure execution space using the acquired user key to Get execution results, including:
所述执行节点确定与所述指令标识对应的运算指令函数;其中,所述运算指令函数与所述指令标识相互对应地配置在所述安全执行空间内的运算指令库中;The execution node determines an operation instruction function corresponding to the instruction identifier; wherein the operation instruction function and the instruction identifier are mutually arranged in an operation instruction library in the secure execution space;
所述执行节点将所述输入数据和获取到的用户密钥输入到所述运算指令函数中以获取执行结果。The execution node inputs the input data and the acquired user key into the operation instruction function to obtain an execution result.
在一种可能的设计中,所述执行节点中配置有接入函数,所述执行节点接收所述用户应用通过预设接口传递的运算参数集,包括:In a possible design, the execution node is configured with an access function, and the execution node receives the operation parameter set transmitted by the user application through the preset interface, including:
在所述用户应用对所述接入函数的调用经过所述预设接口的访问权限验证之后,所述执行节点通过所述接入函数接收作为函数参数的所述运算参数集。After the user application invokes the access function to verify the access authority of the preset interface, the execution node receives the operation parameter set as a function parameter through the access function.
第四方面,本申请还提供一种密钥保护装置,应用于服务器中运行的用户应用,所述装置包括:In a fourth aspect, the application further provides a key protection apparatus, which is applied to a user application running in a server, where the apparatus includes:
第一获取模块,在发起使用用户密钥的运算时,获取与所要使用的用户密钥对应的密钥标识,以添加至与所述使用用户密钥的运算对应的运算参数集中;The first obtaining module, when initiating an operation using the user key, acquires a key identifier corresponding to the user key to be used, to be added to the operation parameter set corresponding to the operation using the user key;
传递模块,用于通过预设接口将所述运算参数集传递给安全执行空间内的执行节点,以使所述执行节点在所述安全执行空间内:从密钥库中获取与所述密钥标识对应的用户密钥,使用获取到的用户密钥执行与所述运算参数集对应的运算,并返回执行结果;a delivery module, configured to pass the operation parameter set to an execution node in a secure execution space through a preset interface, so that the execution node is in the secure execution space: obtaining the key from the keystore Identifying a corresponding user key, performing an operation corresponding to the operation parameter set by using the obtained user key, and returning an execution result;
其中,所述密钥库存储在所述安全执行空间内;所述用户应用运行在服务器中,所述安全执行空间预先建立在所述服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问。Wherein the key store is stored in the secure execution space; the user application runs in a server, the secure execution space is pre-established in the server, and the secure execution space is configured to block a privilege level External access to the code.
在一种可能的设计中,所述传递模块包括:In one possible design, the delivery module includes:
调用单元,用于调用配置在所述执行节点中的接入函数,以在经过所述预设接口的访
问权限验证之后,将所述运算参数集作为函数参数传递给所述执行节点。a calling unit, configured to invoke an access function configured in the execution node to access the preset interface
After the permission verification is performed, the operation parameter set is passed as a function parameter to the execution node.
在一种可能的设计中,所述运算参数集包括用于定义运算规则的运算子集和用于携带运算数据的参数子集;所述传递模块包括:In one possible design, the operational parameter set includes a subset of operations for defining an operational rule and a subset of parameters for carrying operational data; the delivery module includes:
第一传递单元,用于通过所述预设接口将包含所述暂存标记的运算参数集传递给所述执行节点,以使所述执行节点在所述安全执行空间内:根据所述运算子集和所述参数子集进行运算以获取运算结果,将所述运算结果存储在所述安全执行空间内,为存储后的所述运算结果分配对应的数据标识,并返回所述数据标识;a first transfer unit, configured to pass, by the preset interface, an operation parameter set including the temporary storage tag to the execution node, so that the execution node is in the secure execution space: according to the operation The set and the parameter subset are operated to obtain an operation result, and the operation result is stored in the security execution space, and the corresponding data identifier is allocated to the stored operation result, and the data identifier is returned;
接收单元,用于接收来自所述执行节点的数据标识;a receiving unit, configured to receive a data identifier from the execution node;
第二传递单元,用于通过所述预设接口将参数子集中包含所述数据标识的运算参数集传递给所述执行节点,以使所述执行节点在所述安全执行空间内:在所述安全执行空间内获取与所述数据标识对应的运算结果,以使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。a second transfer unit, configured to pass, by the preset interface, a set of operation parameters including the data identifier in the parameter subset to the execution node, so that the execution node is in the secure execution space: The operation result corresponding to the data identifier is obtained in the secure execution space, and the operation result is obtained according to the operation subset and the parameter subset using the obtained operation result to obtain the operation result.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
建立模块,用于在配置有所述执行节点的安全执行空间建立之后,与所述执行节点交互以建立用户端与所述执行节点之间的安全信道,以使所述用户端:通过所述安全信道将密钥信息发送给所述执行节点,以通过所述执行节点根据所述密钥信息中包含的用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。Establishing a module, after the security execution space configured with the execution node is established, interacting with the execution node to establish a secure channel between the user end and the execution node, so that the user end: The secure channel sends the key information to the execution node to complete, by the execution node, the security execution space according to a mapping relationship between the user key and the key identifier included in the key information. The configuration of the keystore.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
第二获取模块,用于在所述用户端通过所述安全信道将密钥信息发送给所述执行节点之前,通过所述执行节点获取所述安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;a second acquiring module, configured to acquire, by the execution node, a hash of data in a preset range of the secure execution space before the user end sends the key information to the execution node by using the secure channel a value, the data in the preset range includes all executable code in the secure execution space;
发送模块,用于将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。a sending module, configured to send the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, and performs integrity verification The transmission of the user key to the server is blocked before the pass.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
创建模块,用于所述建立模块与所述执行节点交互以建立用户端与所述执行节点之间的安全信道之前,在服务器中创建安全执行空间;a creating module, configured to create a secure execution space in the server before the establishing module interacts with the executing node to establish a secure channel between the client and the executing node;
注入模块,用于向所述安全执行空间中注入与所述执行节点对应的数据,以在所述安全执行空间内完成所述执行节点的配置。And an injection module, configured to inject data corresponding to the execution node into the secure execution space to complete configuration of the execution node in the secure execution space.
第五方面,本申请还提供一种密钥保护装置,应用于用户端,包括:In a fifth aspect, the application further provides a key protection device, which is applied to a client, and includes:
第一发送模块,用于向服务器发送至少一个用户密钥的密钥标识,以使所述服务器中运行的第一用户应用能够在发起使用用户密钥的运算时,能够获取到与所要使用的用户密钥对应的密钥标识;a first sending module, configured to send a key identifier of the at least one user key to the server, so that the first user application running in the server can obtain and use the operation when using the user key Key identifier corresponding to the user key;
其中,所述第一用户应用被配置为将获取到的密钥标识添加至与所述使用用户密钥的运算对应的运算参数集中,通过预设接口将所述运算参数集传递给安全执行空间内的执行节点;The first user application is configured to add the obtained key identifier to an operation parameter set corresponding to the operation using the user key, and transmit the operation parameter set to the secure execution space through a preset interface. Execution node inside;
所述执行节点被配置为在所述安全执行空间内:从密钥库中获取与所述密钥标识对应的用户密钥,使用获取到的用户密钥执行与所述运算参数集对应的运算,并将执行结果返回给所述第一用户应用;
The execution node is configured to: in the secure execution space, acquire a user key corresponding to the key identifier from a keystore, and perform an operation corresponding to the operation parameter set by using the obtained user key And returning an execution result to the first user application;
所述密钥库存储在所述安全执行空间内;所述安全执行空间预先建立在所述服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问。The key store is stored in the secure execution space; the secure execution space is pre-established in the server, the secure execution space being configured to be able to block external access of privileged level code.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
建立模块,用于在配置有所述执行节点的安全执行空间建立之后,通过所述服务器中运行的第二用户应用与所述执行节点交互以建立所述用户端与所述执行节点之间的安全信道;Establishing a module, after the security execution space configured with the execution node is established, interacting with the execution node by using a second user application running in the server to establish a relationship between the client and the execution node Secure channel
第二发送模块,用于通过所述安全信道将密钥信息发送至所述执行节点,以通过所述执行节点根据所述密钥信息中包含的用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。a second sending module, configured to send, by using the secure channel, key information to the execution node, to perform, according to the mapping relationship between the user key and the key identifier included in the key information by the executing node The configuration of the keystore is completed within the secure execution space.
在一种可能的设计中,所述建立模块进一步用于通过与所述执行节点之间的密钥协商得到共有密钥,以建立使用所述共有密钥进行加密通信的安全信道。In a possible design, the establishing module is further configured to obtain a common key by key negotiation with the execution node to establish a secure channel for performing encrypted communication using the shared key.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
校验模块,用于在所述第二发送模块通过所述安全信道将密钥信息发送至所述执行节点之前,通过所述执行节点对所述安全执行空间的预置范围内的数据进行完整性校验,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;a verification module, configured to complete, by the execution node, data in a preset range of the secure execution space, before the second sending module sends the key information to the execution node by using the secure channel a verification, the data in the preset range includes all executable code in the secure execution space;
阻止模块,用于在完整性校验通过之前,阻止用户密钥向服务器的发送。A blocking module that blocks the sending of a user key to the server before the integrity check passes.
在一种可能的设计中,所述装置还包括第三发送模块,所述第三发送模块用于在所述建立模块通过所述服务器中运行的第二用户应用与所述执行节点交互以建立所述用户端与所述执行节点之间的安全信道之后:In a possible design, the apparatus further includes a third sending module, wherein the third sending module is configured to interact with the executing node by using the second user application running in the server by the establishing module to establish After the secure channel between the client and the execution node:
通过所述安全信道向所述执行节点发送第一操作指令,以使所述执行节点在所述安全执行空间内:接收所述第一操作指令,屏蔽除来自所述安全信道以外的用户指令;Transmitting, by the secure channel, a first operation instruction to the execution node, so that the execution node is within the secure execution space: receiving the first operation instruction, and masking a user instruction other than the secure channel;
和/或,and / or,
通过所述安全信道向所述执行节点发送第二操作指令,以使所述执行节点在所述安全执行空间内:接收所述第二操作指令,对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;Sending, by the secure channel, a second operation instruction to the execution node, so that the execution node is in the secure execution space: receiving the second operation instruction, checking a security execution space, to obtain a verification The report is sent to the client through the secure channel;
和/或,and / or,
通过所述安全信道接收来自所述执行节点的核查报告,以根据接收到的核查报告确定所述安全执行空间的安全风险等级;Receiving, by the secure channel, a verification report from the execution node to determine a security risk level of the secure execution space according to the received verification report;
和/或,and / or,
在所述安全执行空间的安全风险等级高于或等于预设等级时通过所述安全信道向所述执行节点发送第三操作指令,以使所述执行节点在所述安全执行空间内:接收所述第三操作指令,删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;Sending, by the safety channel, a third operation instruction to the execution node when the security risk level of the security execution space is higher than or equal to a preset level, so that the execution node is in the security execution space: receiving the location Deleting the third operation instruction, deleting the secret data or all the secret data of the predetermined part in the secure execution space;
和/或,and / or,
通过所述安全信道向所述执行节点发送第四操作指令,以使所述执行节点在所述安全执行空间内:接收所述第四操作指令,将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道返回用于读取密钥库和对密钥库进行解密的数据;Transmitting, by the secure channel, a fourth operation instruction to the execution node, so that the execution node is in the secure execution space: receiving the fourth operation instruction, encrypting a keystore in the secure execution space Storing into a memory of the server, and returning data for reading the keystore and decrypting the keystore through the secure channel;
和/或,and / or,
通过所述安全信道向所述执行节点发送第五操作指令,所述第五操作指令包括地址标识和解密密钥,以使所述执行节点在所述安全执行空间内:接收所述第五操作指令,根据
所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。Transmitting, by the secure channel, a fifth operation instruction to the execution node, where the fifth operation instruction includes an address identifier and a decryption key, so that the execution node is in the secure execution space: receiving the fifth operation Instruction, according to
The address identifier acquires an encrypted keystore in a memory of the server, and decrypts the encrypted keystore by using the decryption key to configure the decrypted keystore in the secure execution space. Inside.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
创建模块,用于在所述建立模块通过所述服务器中运行的第二用户应用与所述执行节点交互以建立所述用户端与所述执行节点之间的安全信道之前,通过所述服务器中运行的第三用户应用创建安全执行空间;a creating module, configured to pass through the server before the establishing module interacts with the executing node by using a second user application running in the server to establish a secure channel between the client and the executing node The third user application running creates a secure execution space;
注入模块,用于通过所述服务器中运行的第三用户应用向所述安全执行空间内注入与所述执行节点对应的数据,以在所述安全执行空间内完成所述执行节点的配置。And an injection module, configured to inject data corresponding to the execution node into the secure execution space by a third user application running in the server, to complete configuration of the execution node in the secure execution space.
第六方面,本申请还提供一种密钥保护装置,应用于配置在安全执行空间内的执行节点;其中,所述安全执行空间建立在服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问;所述装置包括:In a sixth aspect, the present application further provides a key protection apparatus for an execution node configured in a secure execution space; wherein the secure execution space is established in a server, and the secure execution space is configured to block privilege External access to the level code; the device includes:
第一接收模块,用于接收所述用户应用通过预设接口传递的运算参数集,所述运算参数集与所要使用的用户密钥对应的密钥标识;a first receiving module, configured to receive an operation parameter set that is sent by the user application through a preset interface, where the operation parameter set is associated with a key identifier corresponding to the user key to be used;
第一获取模块,用于从密钥库中获取与所述密钥标识对应的用户密钥;其中,所述密钥库存储在所述安全执行空间内;a first acquiring module, configured to acquire a user key corresponding to the key identifier from a keystore; wherein the keystore is stored in the secure execution space;
执行模块,用于使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果;An execution module, configured to perform an operation corresponding to the operation parameter set in the secure execution space by using the obtained user key to obtain an execution result;
返回模块,用于向所述用户应用返回所述执行结果。And returning a module, configured to return the execution result to the user application.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
建立模块,用于在所述第一获取模块从密钥库中获取与所述密钥标识对应的用户密钥之前,与用户端交互以建立所述用户端与所述执行节点之间的安全信道;Establishing a module, configured to interact with the user end to establish security between the user end and the execution node before the first obtaining module acquires the user key corresponding to the key identifier from the keystore channel;
第二接收模块,用于通过所述安全信道接收所述用户端发送的密钥信息;其中,所述密钥信息中包括用户密钥与密钥标识之间的映射关系;a second receiving module, configured to receive the key information sent by the user end by using the secure channel, where the key information includes a mapping relationship between the user key and the key identifier;
配置模块,用于根据所述用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。And a configuration module, configured to complete configuration of the keystore in the secure execution space according to a mapping relationship between the user key and a key identifier.
在一种可能的设计中,所述装置还包括:In one possible design, the device further includes:
第二获取模块,用于在所述第二接收模块通过所述安全信道接收所述用户端发送的密钥信息之前,获取所述安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;a second acquiring module, configured to acquire a hash value of data in a preset range of the secure execution space before the second receiving module receives the key information sent by the user end by using the secure channel, where The data within the preset range includes all executable code in the secure execution space;
发送模块,用于将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。a sending module, configured to send the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, and performs integrity verification The transmission of the user key to the server is blocked before the pass.
在一种可能的设计中,所述装置还包括还包括第三接收模块,所述第三接收模块用于在所述建立模块与用户端交互以建立所述用户端与所述执行节点之间的安全信道之后:通过所述安全信道接收来自所述用户端的用户指令;以及,In a possible design, the apparatus further includes a third receiving module, the third receiving module is configured to interact with the user end at the establishing module to establish the user end and the executing node After the secure channel: receiving user commands from the client over the secure channel; and,
在所述用户指令为第一操作指令时,屏蔽除来自所述安全信道以外的用户指令;Blocking user instructions from the secure channel when the user command is the first operational command;
和/或,and / or,
在所述用户指令为第二操作指令时,对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;
When the user instruction is the second operation instruction, check the security execution space to send the obtained verification report to the user terminal through the secure channel;
和/或,and / or,
在所述用户指令为第三操作指令时,删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;Deleting a predetermined portion of secret data or all secret data in the secure execution space when the user instruction is a third operation instruction;
和/或,and / or,
在所述用户指令为第四操作指令时,将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道向所述用户端返回用于读取密钥库和对密钥库进行解密的数据;And when the user instruction is the fourth operation instruction, encrypting the keystore in the secure execution space into the memory of the server, and returning to the client for reading the secret through the secure channel. a keystore and data that decrypts the keystore;
和/或,and / or,
在所述用户指令为包括地址标识和解密密钥的第五操作指令时,根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。And when the user instruction is a fifth operation instruction including an address identifier and a decryption key, acquiring an encrypted keystore in a memory of the server according to the address identifier, and encrypting the encrypted key pair The keystore is decrypted to configure the decrypted keystore in the secure execution space.
在一种可能的设计中,所述运算参数集包括用于定义运算规则的第一子集和用于携带运算数据的的参数子集,所述执行模块包括:In one possible design, the set of operational parameters includes a first subset for defining operational rules and a subset of parameters for carrying operational data, the execution module comprising:
执行单元,用于根据所述运算子集和所述参数子集进行运算以获取运算结果;An execution unit, configured to perform an operation according to the operation subset and the parameter subset to obtain an operation result;
存储单元,用于在检测到所述运算参数集中还包括暂存标记时,将所述运算结果存储在所述安全执行空间内,并为存储后的所述运算结果分配对应的数据标识;a storage unit, configured to store the operation result in the secure execution space when the operation parameter set is further included in the operation parameter set, and allocate a corresponding data identifier to the stored operation result;
相应的,所述返回模块进一步用于向所述用户应用返回所述数据标识。Correspondingly, the returning module is further configured to return the data identifier to the user application.
在一种可能的设计中,所述执行单元进一步用于:In one possible design, the execution unit is further configured to:
当所述参数子集中包含有至少一个数据标识时,所述执行节点在所述安全执行空间内获取与所述至少一个数据标识对应的运算结果,并使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。When the parameter subset includes at least one data identifier, the execution node acquires an operation result corresponding to the at least one data identifier in the secure execution space, and uses the obtained operation result according to the operator The set and the subset of parameters are operated to obtain an operation result.
在一种可能的设计中,所述运算参数集还包括指令标识和输入数据;所述执行模块包括:In a possible design, the operation parameter set further includes an instruction identifier and input data; the execution module includes:
确定单元,用于确定与所述指令标识对应的运算指令函数;其中,所述运算指令函数与所述指令标识相互对应地配置在所述安全执行空间内的运算指令库中;a determining unit, configured to determine an operation instruction function corresponding to the instruction identifier; wherein the operation instruction function and the instruction identifier are respectively arranged in an operation instruction library in the safety execution space;
输入单元,用于将所述输入数据和获取到的用户密钥输入到所述运算指令函数中以获取执行结果。And an input unit, configured to input the input data and the obtained user key into the operation instruction function to obtain an execution result.
在一种可能的设计中,所述执行节点中配置有接入函数;所述第一接收模块进一步用于:In a possible design, an access function is configured in the execution node; the first receiving module is further configured to:
在所述用户应用对所述接入函数的调用经过所述预设接口的访问权限验证之后,所述执行节点通过所述接入函数接收作为函数参数的所述运算参数集。After the user application invokes the access function to verify the access authority of the preset interface, the execution node receives the operation parameter set as a function parameter through the access function.
本申请的实施例提供的密钥保护方法及装置,能够将用户密钥和进行密码运算的过程全部封装在安全执行空间内部,而外部的用户应用采用密钥标识代替用户密钥来发起密码运算,使得用户密钥和进行密码运算的过程对于操作系统和虚拟机监视器等特权级软件而言不可见,从而降低云服务器中的特权级软件对用户密钥造成的安全威胁,有效保障用户数据和用户业务的完整性。The key protection method and apparatus provided by the embodiments of the present application can encapsulate the user key and the process of performing the cryptographic operation in the secure execution space, and the external user application uses the key identifier instead of the user key to initiate the cryptographic operation. The process of making user keys and performing cryptographic operations is invisible to privileged software such as operating systems and virtual machine monitors, thereby reducing the security threats caused by privileged software in the cloud server to user keys, and effectively protecting user data. And the integrity of the user's business.
图1是本申请的实施例所涉及的一种云服务的架构示意图;
1 is a schematic structural diagram of a cloud service according to an embodiment of the present application;
图2是本申请的实施例所涉及的一种密钥保护方法的流程图;2 is a flowchart of a key protection method according to an embodiment of the present application;
图3至图6是本申请的实施例所涉及的一种密钥保护方法中建立安全执行空间的过程示意图;3 to FIG. 6 are schematic diagrams showing a process of establishing a secure execution space in a key protection method according to an embodiment of the present application;
图7是本申请的实施例所涉及的一种密钥保护装置的结构框图;7 is a structural block diagram of a key protection apparatus according to an embodiment of the present application;
图8是本申请又一实施例所涉及的一种密钥保护装置的结构框图;FIG. 8 is a structural block diagram of a key protection apparatus according to still another embodiment of the present application;
图9是本申请又一实施例所涉及的一种密钥保护装置的结构框图;9 is a structural block diagram of a key protection apparatus according to still another embodiment of the present application;
图10是本申请的实施例所涉及一种计算机设备的结构示意图。FIG. 10 is a schematic structural diagram of a computer device according to an embodiment of the present application.
此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本申请的实施例,并与说明书一起用于解释本申请的原理。The drawings herein are incorporated in and constitute a part of the specification,
为了使本申请的目的、技术方案和优点更加清楚,下面将结合附图对本申请作进一步地详细描述,显然,所描述的实施例仅仅是本申请的一部分实施例,而不是全部的实施例。The present invention will be further described in detail with reference to the accompanying drawings, in which FIG.
本申请的实施例描述的网络架构以及业务场景是为了更加清楚的说明本申请的实施例的技术方案,并不构成对于本申请的实施例提供的技术方案的限定,本领域普通技术人员可知,随着网络架构的演变和新业务场景的出现,本申请的实施例提供的技术方案对于类似的技术问题,同样适用。The network architecture and the service scenario described in the embodiments of the present application are for the purpose of more clearly explaining the technical solutions of the embodiments of the present application, and do not constitute a limitation of the technical solutions provided by the embodiments of the present application. With the evolution of the network architecture and the emergence of new service scenarios, the technical solutions provided by the embodiments of the present application are equally applicable to similar technical problems.
图1是本申请的实施例所涉及一种云服务的架构示意图。参见图1,用户110可以通过例如个人计算机120或是便携式终端130等用户设备上运行的用户端,藉由用户设备与云服务器140之间的网络连接登录虚拟机(Virtual Machine,VM),从而通过虚拟机上运行的操作系统(Operating System,OS)和应用使用云服务器的物理资源。FIG. 1 is a schematic structural diagram of a cloud service according to an embodiment of the present application. Referring to FIG. 1 , the user 110 can log in to a virtual machine (VM) through a network connection between the user equipment and the cloud server 140 through a client running on a user equipment such as the personal computer 120 or the portable terminal 130. The physical resources of the cloud server are used by the operating system (OS) running on the virtual machine and the application.
用户端:用户通过该用户端接入云服务器,用户可以通过用户端申请开通云服务业务,申请虚拟机,以及申请重置虚拟机OS登录密码等业务,该用户端可以基于例如WebPortal,IOS,安卓,以及Windows等等的平台。该用户端可以安装在用户设备上,本申请所涉及到的用户设备可以包括各种具有通信功能的手持设备、车载设备、可穿戴设备、计算设备或连接到各类网络的其它处理设备,以及各种形式的用户设备(User Equipment,简称UE),移动台(Mobile Station,简称MS),终端设备(Terminal Equipment)等等。为方便描述,本申请中,这些设备统称为用户设备。需要说明的是,用户设备可以是任意一个与所述安全执行空间所在物理设备不同的物理设备,不仅可以是由云服务业务的用户实际控制的设备,还可以是计算服务提供商(如云服务提供商)实际控制的设备,并可以不限于此。User terminal: The user accesses the cloud server through the user terminal. The user can apply for the cloud service service, apply for the virtual machine, and apply for resetting the VM OS login password. The client can be based on, for example, WebPortal, IOS. Android, as well as platforms for Windows and more. The user equipment can be installed on the user equipment, and the user equipment involved in the present application can include various communication devices, vehicle devices, wearable devices, computing devices, or other processing devices connected to various types of networks, and Various forms of user equipment (User Equipment, UE for short), mobile station (Mobile Station, MS for short), terminal equipment (Terminal Equipment) and so on. For convenience of description, in the present application, these devices are collectively referred to as user devices. It should be noted that the user equipment may be any physical device different from the physical device where the security execution space is located, and may be not only a device actually controlled by a user of the cloud service service, but also a computing service provider (such as a cloud service). Provider) The device that is actually controlled and may not be limited to this.
云服务器:可以为各种类型的服务器设备,用于提供物理资源。在一种可能的设计中,云服务器上运行有虚拟机监视器(Virtual Machine Monitor,VMM),该VMM是云服务器中位于操作系统和物理硬件之间的程序,VMM可将物理资源虚拟成多个虚拟机。虚拟机是一台虚拟的计算机,也即一台逻辑计算机。VMM可以隔离并且管理上层运行的多个虚拟机,仲裁它们对物理硬件的访问,并为每个虚拟机各自虚拟出一套独立于实际硬件的虚拟硬件环境(包括处理器,内存,输入输出设备等等)。Cloud server: Can be used to provide physical resources for various types of server devices. In a possible design, the cloud server runs a virtual machine monitor (VMM), which is a program between the operating system and the physical hardware in the cloud server, and the VMM can virtualize the physical resources into multiple Virtual machines. A virtual machine is a virtual computer, or a logical computer. The VMM can isolate and manage multiple virtual machines running at the upper layer, arbitrate their access to physical hardware, and virtualize a virtual hardware environment (including processor, memory, input and output devices) that is independent of the actual hardware for each virtual machine. and many more).
如图1所示,示例性的,云服务器140中的VMM将物理资源虚拟成若干个虚拟机,其中一个虚拟机为用户110租用的虚拟机,该虚拟机上安装有云服务商(CSP)提供的操作系统,使用户110可以基于个人计算机120或便携式终端130与云服务器140之间的网络
通信使用该操作系统上安装的各个应用。As shown in FIG. 1 , for example, a VMM in the cloud server 140 virtualizes a physical resource into a plurality of virtual machines, where one virtual machine is a virtual machine leased by the user 110, and the virtual machine is installed with a cloud service provider (CSP). The operating system is provided such that the user 110 can be based on a network between the personal computer 120 or the portable terminal 130 and the cloud server 140.
Communication uses the various applications installed on the operating system.
在一个示例中,用户110基于便携式终端130与云服务器140之间的网络通信在虚拟机的操作系统上运行视频播放器的应用,视频播放器在用户指令下使用该虚拟机的虚拟硬件环境所提供的物理资源依次完成视频文件加载、视频解码和视频流输出的流程,输出的视频流再通过网络传输到达便携式终端130,使得便携式终端130播放接收到的视频流,实现视频播放器的视频文件播放。可以看出,视频播放器的运行环境是云服务器140上的虚拟机提供的,而例如视频文件加载、视频解码和视频流输出的过程实际上是由云服务器140的物理硬件通过执行计算机指令来完成的。在此过程中,便携式终端130主要负责提供用户输入和用户输出,以及与云服务器140上的虚拟机进行网络通信。In one example, the user 110 runs an application of the video player on the operating system of the virtual machine based on network communication between the portable terminal 130 and the cloud server 140, and the video player uses the virtual hardware environment of the virtual machine under user instruction. The provided physical resources sequentially complete the processes of video file loading, video decoding, and video stream output, and the output video stream is transmitted to the portable terminal 130 through the network, so that the portable terminal 130 plays the received video stream to implement the video file of the video player. Play. It can be seen that the running environment of the video player is provided by the virtual machine on the cloud server 140, and the processes such as video file loading, video decoding, and video stream output are actually performed by the physical hardware of the cloud server 140 by executing computer instructions. Completed. In this process, the portable terminal 130 is primarily responsible for providing user input and user output, as well as for network communication with virtual machines on the cloud server 140.
为方便描述,本实施例中将虚拟机的操作系统上运行的用户可用的程序(Program)、应用(Application)、服务(Service)等等软件统称为用户应用。在上述视频播放的场景下,存储在云服务器140上的视频文件属于用户110的私有数据,可以通过存储前加密、读取时解密的方式保障其数据安全,加密和解密时所使用的密钥均为用户110私有的用户密钥。值得注意的是,对视频文件进行解密的过程发生在云服务器140中,所以在此之前用户110需要向云服务器140提供用于解密的用户密钥,例如预先将该用户密钥与视频文件在云服务器140中对应存储。然而,云服务器140中存储明文的用户密钥会带来用户密钥泄露的风险。为克服这一缺陷,云服务商会配置硬件安全模块(HSM)来对用户密钥进行硬件加密,采用密文存储用户密钥、使用时再通过硬件解密读取的方式来保护用户密钥的安全。For convenience of description, in the embodiment, the programs, applications, services, and the like available to the user running on the operating system of the virtual machine are collectively referred to as user applications. In the scenario of the video playing, the video file stored on the cloud server 140 belongs to the private data of the user 110, and the data security, encryption, and decryption keys can be secured by means of pre-encryption and decryption. All are user keys private to the user 110. It is worth noting that the process of decrypting the video file occurs in the cloud server 140, so before this the user 110 needs to provide the cloud server 140 with a user key for decryption, for example, the user key and the video file are previously Corresponding storage in the cloud server 140. However, storing the user key of the plaintext in the cloud server 140 risks the leakage of the user key. To overcome this shortcoming, the cloud service provider will configure the hardware security module (HSM) to encrypt the user key, protect the user key by storing the user key in ciphertext, and then decrypting it by hardware. .
但是,HSM的应用并不能消除云服务器上特权级软件所带来的安全威胁。如图1所示,用户应用在使用物理资源进行加密或解密时,外存储器和内存储器中的数据对于操作系统和虚拟机监视器这些运行在特权级的底层软件而言都是可见的,通过操作系统或虚拟机监视器可以很容易地窃取到用户应用在加密或解密时所使用的用户密钥,。However, the application of HSM does not eliminate the security threats posed by privileged software on cloud servers. As shown in Figure 1, when a user application uses physical resources for encryption or decryption, the data in the external and internal memory is visible to the underlying software running on the privilege level, such as the operating system and the virtual machine monitor. The operating system or virtual machine monitor can easily steal the user key that the user application uses when encrypting or decrypting.
针对上述问题,图2是本申请的实施例提供的一种密钥保护方法的流程图,该密钥保护方法可以应用于如图1所示的云服务架构,以降低云服务器中的特权级软件对用户密钥造成的安全威胁。参见图2,该方法包括:For the above problem, FIG. 2 is a flowchart of a key protection method provided by an embodiment of the present application. The key protection method can be applied to the cloud service architecture shown in FIG. 1 to reduce the privilege level in the cloud server. The security threat that the software poses to the user's key. Referring to Figure 2, the method includes:
步骤201、用户端向服务器发送至少一个用户密钥的密钥标识。Step 201: The UE sends a key identifier of at least one user key to the server.
其中,至少一个用户密钥的密钥标识的示例如下表1所示。An example of the key identifier of at least one user key is as shown in Table 1 below.
表1用户密钥的密钥标识示例Table 1 Example of Key Identification for User Keys
需要说明的是,本实施例中的用户密钥指的是用户所私有的、主要在加密和解密时使用的数据,可以通过字符或数字等形式表示。而本实施例中的密钥标识可以是任意一种能够将各个用户密钥相互区分开的标识数据,例如密钥名称(如“RSA签名密钥”)、密钥在用户设备中的存储位置、密钥在密钥序列的序号、任意程序为密钥分配的ID,或者其中至少两项的组合,等等。本实施例中,密钥标识将会代替用户密钥在不安全的数据路径中传
输,因此根据密钥标识的数据在不知晓对应关系的情况下推导出用户密钥(比如在不知道对应关系的情况下根据数据“key_1”推导出数据“0xA4B790”)的难度越大,越有利于保护用户密钥的安全。而且,建立用户密钥与密钥标识之间的对应关系的主体可以例如是第三方服务器、用户端、应用程序、用户自身,或者其组合。此外,密钥标识的数据量越小,越有利于相关处理过程和传输过程的效率的提升。It should be noted that the user key in this embodiment refers to data that is private to the user and used mainly during encryption and decryption, and can be represented by characters or numbers. The key identifier in this embodiment may be any identifier data that can distinguish each user key from each other, such as a key name (such as "RSA signature key"), and a storage location of the key in the user equipment. The serial number of the key in the key sequence, the ID assigned to the key by any program, or a combination of at least two of them, and so on. In this embodiment, the key identifier will be transmitted in the insecure data path instead of the user key.
Therefore, it is difficult to derive the user key based on the data identified by the key without knowing the correspondence (for example, the data "0xA4B790" is derived from the data "key_1" without knowing the correspondence). Helps protect the security of user keys. Moreover, the body that establishes the correspondence between the user key and the key identifier may be, for example, a third party server, a client, an application, the user itself, or a combination thereof. In addition, the smaller the amount of data identified by the key, the better the efficiency of the related processing and transmission processes.
在一个示例中,用户端通过网络接口向服务器发送一个映射表,该映射表中记载了虚拟机内部使用的密钥标识符与上述至少一个用户密钥的密钥标识之间的映射关系,使得虚拟机上运行的用户应用能够根据密钥标识符获取到对应的密钥标识。In an example, the UE sends a mapping table to the server through the network interface, where the mapping table records the mapping relationship between the key identifier used by the virtual machine and the key identifier of the at least one user key. The user application running on the virtual machine can obtain the corresponding key identifier according to the key identifier.
步骤202、在发起使用用户密钥的运算时,用户应用获取与所要使用的用户密钥对应的密钥标识。Step 202: When initiating an operation using the user key, the user application acquires a key identifier corresponding to the user key to be used.
其中,所述使用用户密钥的运算可以例如是对称加密、非对称加密、对称解密、非对称解密、签名、签名验证、密钥共识运算、消息认证码(Message Authentication Code,MAC)运算,或者其中至少两项的结合等等,为叙述方便,下文统称为密码运算。本实施例中,每一个密码运算都对应一个运算参数集,运算参数集中包含与所要使用的用户密钥对应的密钥标识。在一个示例中,可以预先设置运算参数集(key_1,key_3)与下述密码运算对应:采用用户密钥“C1DB921F”对用户密钥“0xA4B790”以默认算法加密,运算结果为加密后得到的数据。在具体实施时,本领域技术人员可以根据所要实现的密码运算设置运算参数集的元素数量和每个元素所代表的参数的含义,例如设置第3个元素代表使用算法的类型,设置第4个元素代表第一个输入数据等等,本申请不做限制。The operation using the user key may be, for example, symmetric encryption, asymmetric encryption, symmetric decryption, asymmetric decryption, signature, signature verification, key consensus operation, Message Authentication Code (MAC) operation, or The combination of at least two of them, etc., is conveniently referred to as cryptographic operations. In this embodiment, each cryptographic operation corresponds to an operational parameter set, and the operational parameter set includes a key identifier corresponding to the user key to be used. In an example, the operation parameter set (key_1, key_3) may be preset to correspond to the following cryptographic operation: the user key "0xA4B790" is encrypted by the default algorithm using the user key "C1DB921F", and the operation result is the encrypted data. . In a specific implementation, a person skilled in the art can set the number of elements of the operation parameter set and the meaning of the parameter represented by each element according to the cryptographic operation to be implemented, for example, setting the third element to represent the type of the algorithm used, and setting the fourth The elements represent the first input data and the like, and the application is not limited.
需要说明的是,用户应用在本步骤中获取的是密钥标识而不是用户密钥,这意味着用户应用在发起密码运算不需要获取明文的用户密钥。在一个示例中,作为用户应用的视频播放器需要加载存储在服务器中经过加密的视频文件,因而视频播放器可以在上述来自用户端的映射表中,根据外存储器解密密钥的密钥标识符查找到对应的密钥标识为“key_2”,完成与所要使用的用户密钥对应的密钥标识的获取,而无需获取其对应的用户密钥“0xC4BE17F”。It should be noted that the user application obtains the key identifier instead of the user key in this step, which means that the user application does not need to obtain the plaintext user key when initiating the cryptographic operation. In one example, the video player as the user application needs to load the encrypted video file stored in the server, so the video player can look up the key identifier based on the external memory decryption key in the above-mentioned mapping table from the client. The corresponding key identifier is "key_2", and the acquisition of the key identifier corresponding to the user key to be used is completed without acquiring the corresponding user key "0xC4BE17F".
在其他可能的设计中,服务器上的密钥标识除了可以来自于用户端的发送之外,还可以来源于上述任意一种网络设备,使得用户应用可以通过其他方式获取密钥标识。而且,用户应用可以在发起密码运算时再获取对应的密钥标识,即在其他可能的设计中,上述至少一个用户密钥的密钥标识并不一定要存储在服务器上。In other possible designs, the key identifier on the server may be derived from any one of the foregoing network devices, and the user application may obtain the key identifier in other manners. Moreover, the user application may obtain the corresponding key identifier when initiating the cryptographic operation, that is, in other possible designs, the key identifier of the at least one user key does not have to be stored on the server.
在一个示例中,用户可以将用户密钥保管在受信任的第三方服务器上,由第三方服务器为每个用户密钥分配密钥标识,从而用户在登录虚拟机之后,可以通过用户应用从该第三方服务器上获取密钥标识,具体方式可以是用户应用从该第三方服务器上下载上述映射表,也可以是用户应用在发起运算时通过该第三方服务器获取对应的密钥标识。In one example, the user can store the user key on a trusted third-party server, and the third-party server assigns a key identifier to each user key, so that the user can log in from the virtual machine through the user application. The third-party server obtains the key identifier. The specific method may be that the user application downloads the mapping table from the third-party server, or the user application obtains the corresponding key identifier through the third-party server when initiating the operation.
步骤203、用户应用通过预设接口将运算参数集传递给执行节点。Step 203: The user application passes the operation parameter set to the execution node through a preset interface.
其中,所述执行节点配置在安全执行空间内。本实施例中,安全执行空间指的是预先建立在服务器上的一个能够阻止特权级代码(例如特权级为RING0,RING1和RING2的代码,包括而不仅限于操作系统和虚拟机监视器的程序代码)的外部访问的特殊空间,安全执行空间内可以存储数据、配置程序代码以及容纳计算机指令的执行。需要说明的是,上述能够阻止特权级代码的外部访问的功能可以是安全执行空间在建立之后才具有的,还可
以被配置为在外部控制指令下开启和关闭,或是在生存周期内始终开启,本申请对此不做限制。而且可以理解的是,上述预设接口被配置为允许从外部访问安全执行空间的途径。The execution node is configured in a secure execution space. In this embodiment, the secure execution space refers to a program code pre-established on the server that can block privilege level code (for example, privilege levels RING0, RING1 and RING2, including but not limited to operating system and virtual machine monitor). A special space for external access, where the secure execution space can store data, configure program code, and accommodate the execution of computer instructions. It should be noted that the above function capable of preventing external access of the privilege level code may be that the secure execution space is provided after the establishment, and
It is configured to be turned on and off under an external control command, or is always turned on during the life cycle, and this application does not limit this. Moreover, it can be understood that the above preset interface is configured to allow access to the secure execution space from the outside.
在一个示例中,安全执行空间被配置为只允许内部代码(例如上述执行节点)以及一部分最底层CPU指令(对应于上述预设接口)的访问,因而全部的特权级代码(包括操作系统和虚拟机监视器)都不能通过预设接口以外的方式从外部访问安全执行空间。而且,安全执行空间在内存中的数据都是经过加密的,直接从内存中读取数据不能得到明文数据。上述预设接口被配置为能够在被调用时验证调用来源的访问权限,并在验证通过时将调用来源请求传递的数据传递给安全执行空间内的执行节点,以触发执行节点的对应操作。In one example, the secure execution space is configured to allow only internal code (such as the above-described execution nodes) and a portion of the underlying CPU instructions (corresponding to the aforementioned preset interfaces) to be accessed, thus all privilege level code (including operating system and virtual) The machine monitor cannot access the secure execution space from outside by means other than the preset interface. Moreover, the data in the secure execution space in the memory is encrypted, and the plaintext data cannot be obtained by directly reading the data from the memory. The preset interface is configured to be able to verify the access authority of the calling source when called, and pass the data passed by the calling source request to the execution node in the secure execution space when the verification passes, to trigger the corresponding operation of the execution node.
步骤204、执行节点接收用户应用通过预设接口传递的运算参数集。Step 204: The execution node receives an operation parameter set that is transmitted by the user application through the preset interface.
其中,执行节点是配置在安全执行空间内的代码,能够不受限制地访问安全执行空间内的数据,并且其受到安全执行空间的保护,代码本身和代码的执行过程对外部程序而言不可见。Wherein, the execution node is code configured in the secure execution space, has unrestricted access to data in the secure execution space, and is protected by the secure execution space, and the code itself and the execution process of the code are invisible to the external program. .
在本实施例中,上述预设接口配置在安全执行空间的边界上,主要用于将外部数据传递至安全执行空间的执行节点。在一个示例中,执行节点中配置有接入函数,接入函数的入口地址位于安全执行空间的受保护的内存空间中,因此调用接入函数需要进入安全执行空间。在运算参数集的传递过程中,用户应用将运算参数集作为函数参数调用执行节点中的接入函数,此时预设接口在检测到接入函数的调用时,验证调用接入函数的程序是否具有安全执行空间的访问权限,并在判定验证失败时,将所请求的接入函数的入口地址替换为中止(abort)函数的入口地址,使得调用接入函数的程序中止运行,以阻止不能通过访问权限验证的程序访问安全执行空间。而在预设接口判定用户应用通过访问权限验证时,则允许用户应用对接入函数的调用,以通过函数参数传递的方式,实现运算参数集在用户应用和执行节点之间的传递。在该示例中,执行节点对用户应用而言相当于可供调用的外部函数,而预设接口则可以通过访问权限验证阻挡无访问权限的程序(包括特权级代码)的调用,利用函数调用机制整合数据传递过程和访问权限验证过程,有助于提升用户应用通过执行节点执行密码运算的过程中的逻辑处理效率。In this embodiment, the preset interface is configured on the boundary of the secure execution space, and is mainly used to transfer external data to the execution node of the secure execution space. In one example, the access node is configured with an access function, and the entry address of the access function is located in the protected memory space of the secure execution space, so the call access function needs to enter the secure execution space. In the process of transferring the operation parameter set, the user application calls the operation parameter set as a function parameter to call the access function in the execution node. At this time, when the preset interface detects the call of the access function, it verifies whether the program calling the access function is Have access to the secure execution space, and when determining that the verification fails, replace the entry address of the requested access function with the entry address of the abort function, so that the program calling the access function stops running to prevent the access failure. The access verification program accesses the secure execution space. When the preset interface determines that the user application is authenticated by the access authority, the user is allowed to apply the call to the access function to implement the transfer of the operation parameter set between the user application and the execution node by means of function parameter passing. In this example, the execution node is equivalent to the external function available to the user application, and the default interface can use the access function to block the call of the program (including privilege level code) that does not have access rights, using the function call mechanism. Integrating the data transfer process and the access rights verification process helps to improve the logic processing efficiency of the user application in performing cryptographic operations through the execution node.
步骤205、执行节点从密钥库中获取与密钥标识对应的用户密钥。Step 205: The execution node acquires a user key corresponding to the key identifier from the keystore.
其中,密钥库属于安全执行空间内存储的数据,可以包含若干组相互对应的用户密钥和密钥标识,记录用户密钥与密钥标识之间的映射关系。在一个示例中,密钥库包含如表1所示的用户密钥和密钥标识,从而可以根据密钥标识“key_1”获取到对应的用户密钥“0xA4B790”,根据密钥标识“key_3”获取到对应的用户密钥“C1DB921F”,用以在安全执行空间内进行密码运算。The keystore belongs to the data stored in the secure execution space, and may include a plurality of sets of mutually corresponding user keys and key identifiers, and records a mapping relationship between the user key and the key identifier. In one example, the keystore contains the user key and the key identifier as shown in Table 1, so that the corresponding user key "0xA4B790" can be obtained according to the key identifier "key_1", according to the key identifier "key_3" The corresponding user key "C1DB921F" is obtained for performing cryptographic operations in the secure execution space.
步骤206、执行节点使用获取到的用户密钥在安全执行空间内执行与运算参数集对应的运算。Step 206: The execution node performs an operation corresponding to the operation parameter set in the secure execution space by using the obtained user key.
在一个示例中,执行节点按照预先设置的对应关系,执行与运算参数集(key_1,key_3)对应的密码运算:采用用户密钥“C1DB921F”对用户密钥“0xA4B790”以默认算法加密,得到加密后的数据作为执行结果。在另一个示例中,执行节点按照预先设置的对应关系,执行与运算参数集("RSA签名密钥",RSA,data2)对应的密码运算:使用获取到的与“RSA签名密钥”对应的用户密钥,通过与参数“RSA”对应的RSA算法,对变量“data2”的值进行数字签名,并将得到的签名数据作为执行结果。需要说明的是,运算参数集所包含的
参数数量可以是变化的;相应的,执行节点可以针对不同的参数数量的运算参数集分别执行不同的运算流程,以同时支持多种类型的密码运算。In an example, the execution node performs a cryptographic operation corresponding to the operation parameter set (key_1, key_3) according to a preset correspondence relationship: the user key "0xA4B790" is encrypted by a default algorithm using the user key "C1DB921F", and is encrypted. The latter data is used as the execution result. In another example, the execution node performs a cryptographic operation corresponding to the operation parameter set ("RSA Signing Key", RSA, data2) according to a preset correspondence: using the obtained corresponding "RSA Signing Key" The user key digitally signs the value of the variable "data2" through the RSA algorithm corresponding to the parameter "RSA", and takes the obtained signature data as an execution result. It should be noted that the operation parameter set contains
The number of parameters may be changed; correspondingly, the execution node may perform different operation processes for different parameter sets of operation parameters to support multiple types of cryptographic operations at the same time.
在一种实现方式中,安全执行空间内可以预先配置有分别与若干个算法标识中的一个对应的算法函数,算法函数被配置为能够被执行节点调用,并在被调用时根据调用时的参数结合实现指定的算法。比如,上述参数“RSA”作为算法标识与配置在安全执行空间内的算法函数“RSAencrypt”对应。该算法函数可以根据输入的用户密钥key_a和输入量Data_in计算出输出量Data_out,即使用用户密钥key_a对输入量Data_in进行加密从而得到输出量Data_out。此外,可以将算法函数与算法标识对应存储以形成算法库,以使执行节点能够根据运算参数集中的算法标识获取到对应的算法函数以进行调用。在实施时,可以预先根据可能被使用到的算法(比如数据加密标准算法DES、高级加密标准算法AES、RSA算法、数字签名算法DSA、椭圆曲线密码算法ECC、消息认证码算法MAC等等中的一个或多个)构建算法函数,构建时可以将固定不变的参量固化在算法函数中,将可能会改变的参量作为算法函数的函数参数。基于构建好的算法函数,可以设置对应的算法标识以形成算法库。在一种示例中,算法标识可以与密钥标识以相同方式提供给用户应用,而算法库可以与密钥库以相同方式配置在安全执行空间中,本申请对此不做限制。In an implementation manner, an algorithm function corresponding to one of several algorithm identifiers may be pre-configured in the security execution space, and the algorithm function is configured to be invoked by the execution node, and is called according to the parameter when invoked. Combine the implementation of the specified algorithm. For example, the above parameter "RSA" corresponds to the algorithm identifier and the algorithm function "RSAencrypt" configured in the secure execution space. The algorithm function can calculate the output amount Data_out according to the input user key key_a and the input amount Data_in, that is, the input amount Data_in is encrypted using the user key key_a to obtain the output amount Data_out. In addition, the algorithm function may be stored corresponding to the algorithm identifier to form an algorithm library, so that the execution node can acquire the corresponding algorithm function according to the algorithm identifier in the operation parameter set to make the call. In implementation, it may be based in advance on algorithms that may be used (such as data encryption standard algorithm DES, advanced encryption standard algorithm AES, RSA algorithm, digital signature algorithm DSA, elliptic curve cryptography algorithm ECC, message authentication code algorithm MAC, etc.) One or more of the construction algorithm functions can be constructed by solidifying the fixed parameters in the algorithm function and using the parameters that may be changed as the function parameters of the algorithm function. Based on the constructed algorithm function, the corresponding algorithm identifier can be set to form an algorithm library. In one example, the algorithm identifier may be provided to the user application in the same manner as the key identifier, and the algorithm library may be configured in the secure execution space in the same manner as the keystore, which is not limited in this application.
步骤207、执行节点向用户应用返回执行结果。Step 207: The execution node returns an execution result to the user application.
可理解的是,执行结果可以包括密码运算的输出量,可以包括运算完成情况的标识符,还可以为空,具体取决于运算参数集与执行节点的配置。在一个示例中,作为执行结果的签名数据以接入函数的返回值的形式传递给用户应用,使得用户应用在得到返回值之后继续执行后续的代码。It can be understood that the execution result may include an output of the cryptographic operation, may include an identifier of the operation completion condition, and may also be empty, depending on the operation parameter set and the configuration of the execution node. In one example, the signature data as a result of the execution is passed to the user application in the form of a return value of the access function, such that the user application continues to execute the subsequent code after getting the return value.
基于上述过程可以理解的是,本实施例中的用户应用可以发起密码运算,但用户应用本身不进行具体的密码运算,而是转由执行节点在安全执行空间内进行,相当于安全执行空间内的执行节点能够为用户应用提供密码运算的服务。由此,用户应用的进程空间内存在密钥标识而不存在用户密钥,因而操作系统和虚拟机监视器虽然能够访问到用户应用的进程空间,但并不能由此窃取用户密钥。Based on the above process, it can be understood that the user application in this embodiment can initiate a cryptographic operation, but the user application itself does not perform a specific cryptographic operation, but is performed by the execution node in a secure execution space, which is equivalent to a secure execution space. The execution node is capable of providing a cryptographic operation for the user application. Thus, there is a key identifier in the process space of the user application without the user key, and thus the operating system and the virtual machine monitor can access the process space of the user application, but cannot steal the user key.
可以看出的是,本实施例的方法将用户密钥和进行密码运算的过程全部封装在安全执行空间内部,而外部的用户应用采用密钥标识代替用户密钥来发起密码运算,使得用户密钥和进行密码运算的过程对于操作系统和虚拟机监视器等特权级软件而言不可见,从而降低云服务器中的特权级软件对用户密钥造成的安全威胁。例如,在安全执行空间的保护下,操作系统和虚拟机监视器无法访问到密钥库以及执行节点的进程空间,因而其管理工具的恶意使用和安全漏洞的出现并不会威胁到用户密钥的安全。It can be seen that the method of the embodiment encapsulates the user key and the process of performing the cryptographic operation in the secure execution space, and the external user application uses the key identifier instead of the user key to initiate the cryptographic operation, so that the user is dense. The process of keying and cryptographic operations is invisible to privileged software such as operating systems and virtual machine monitors, thereby reducing the security threats posed by privileged software in cloud servers to user keys. For example, under the protection of the secure execution space, the operating system and virtual machine monitors cannot access the keystore and the process space of the execution node, so the malicious use of management tools and the emergence of security vulnerabilities do not threaten the user key. Security.
需要说明的是,本实施例的安全执行空间能够存储数据、配置程序代码以及容纳计算机指令的执行,并具有能够阻止特权级代码的外部访问的特性。It should be noted that the secure execution space of the present embodiment is capable of storing data, configuring program code, and accommodating execution of computer instructions, and has characteristics capable of preventing external access of privileged level code.
在一个示例中,上述安全执行空间具有以下特性:第一,安全执行空间内的数据与外部空间相互隔离,只有安全执行空间内的代码才能读写安全执行空间的数据,而外部代码无论在什么当前特权级别(Current Privilege Level,CPL)和处理器模式(CPU mode)下都无法读取或写入安全执行空间的数据。第二,访问安全执行空间的方式只有配置有保护性检查的预设接口,而传统形式的函数调用(function call)、跳转(jump)、寄存器操作(register manipulation)和堆栈操作(stack manipulation)等都不能访问安全执行空间。第三,安全执
行空间使用加密的内存,加密密钥在每个电源周期(例如启动时,以及从睡眠和休眠状态中恢复时)内随机变更,并且加密密钥存储在处理器中而不可访问。第四,除了配套设置的专用调试器,安全执行空间不能被其他软件或硬件调试器调试。在一种实现方式中,安全执行空间包含受保护的外存储器空间、受保护的内存储器空间,并且有可执行代码配置在这些空间内。In one example, the secure execution space has the following characteristics: First, the data in the secure execution space is isolated from the external space, and only the code in the secure execution space can read and write data of the secure execution space, and the external code is no matter what. Data in the secure execution space cannot be read or written under the current privilege level (CPL) and processor mode (CPU mode). Second, access to the secure execution space is only provided with a default interface configured with a protective check, while traditional forms of function calls, jumps, register manipulations, and stack manipulations. Nothing can access the secure execution space. Third, security
The line space uses encrypted memory that is randomly changed during each power cycle (such as when booting and when recovering from sleep and hibernation), and the encryption key is stored in the processor and is not accessible. Fourth, in addition to the dedicated debugger that is set up, the secure execution space cannot be debugged by other software or hardware debuggers. In one implementation, the secure execution space includes a protected outer memory space, a protected inner memory space, and executable code is disposed within the spaces.
在该示例中,安全执行空间能够通过读写控制、访问控制、内存控制、以及调试控制等方面来降低由外部代码带来的安全威胁,提升配置在安全执行空间的内部的执行节点和密钥库的安全性。在具体实施时,可以在本实施例能够实现的范围内基于任意一种可信执行环境(Trusted Execution Environment,TEE)技术实现安全执行空间,例如OP-TEE、Open-TEE、TLK、ARM TrustZone、Intel SGX、SecuriTEE、Trustonic TEE等等。In this example, the secure execution space can reduce the security threats caused by external code through read-write control, access control, memory control, and debug control, and improve the execution nodes and keys configured inside the secure execution space. The security of the library. In a specific implementation, a secure execution space may be implemented based on any Trusted Execution Environment (TEE) technology, such as OP-TEE, Open-TEE, TLK, ARM TrustZone, within the scope of implementation of this embodiment. Intel SGX, SecuriTEE, Trustonic TEE, etc.
在一个相对特殊的场景下,用户应用所发起的一次密码运算的运算结果是一系列密码运算的中间数据,并且该中间数据包含有用户的秘密数据。此时,若将中间数据添加在执行结果中发送给用户应用,则可能会导致秘密数据的泄露。为改善这一缺陷,在图2所示流程的基础上,可以在运算参数集中设置一个参数位置用来设置暂存标记,即设置运算参数集包括用于定义运算指令的第一子集(包含至少一个的参数位置)和用于设置暂存标记的第二子集(除了包含用来设置暂存标记的参数位置之外,还可以包含任意数量的参数位置来容纳其他与运算指令无关的运算参数)。从而,可以将执行节点配置为:先执行与第一子集对应的运算指令以获取运算结果,然后在第二子集中包含暂存标记时,执行节点将运算结果存储在安全执行空间内,为存储后的运算结果分配对应的数据标识,并将数据标识代替运算结果添加在执行结果中。基于此,在预先确定密码运算的执行结果中包含有用户的秘密数据时,可通过暂存标记的设置使运算结果存储在安全执行空间中而不返回给用户应用,因此可以改善上述缺陷。当然,在第二子集中不包含暂存标记时,可以直接将运算结果添加在执行结果中并返回给用户应用,即在一般情况下可以默认地将运算结果返回给用户应用。In a relatively special scenario, the result of a cryptographic operation initiated by the user application is intermediate data of a series of cryptographic operations, and the intermediate data contains the user's secret data. At this time, if the intermediate data is added to the execution result and sent to the user application, the leakage of the secret data may be caused. In order to improve this defect, based on the flow shown in Figure 2, a parameter position can be set in the operation parameter set to set the temporary storage mark, that is, the set operation parameter set includes the first subset for defining the operation instruction (including At least one parameter position) and a second subset for setting the scratch flag (in addition to the parameter position for setting the scratch flag, any number of parameter positions may be included to accommodate other operations independent of the operation instruction parameter). Therefore, the execution node may be configured to: first execute an operation instruction corresponding to the first subset to obtain an operation result, and then, when the second subset includes a temporary storage mark, the execution node stores the operation result in the secure execution space, The stored operation result is assigned a corresponding data identifier, and the data identifier replacement operation result is added to the execution result. Based on this, when the secret data of the user is included in the execution result of the cryptographic operation in advance, the calculation result can be stored in the secure execution space by the setting of the temporary storage flag without being returned to the user application, and thus the above drawback can be improved. Of course, when the second subset does not include the temporary storage mark, the operation result can be directly added to the execution result and returned to the user application, that is, the operation result can be returned to the user application by default.
在此基础之上,上述执行与所述第一子集对应的运算指令可以具体包括:在所述第一子集中包含有至少一个数据标识时,所述执行节点在所述安全执行空间内获取与所述至少一个数据标识对应的运算结果,以使用获取到的运算结果执行与所述第一子集对应的运算指令。基于此,对于在暂存标记的指示下存储在安全执行空间中的中间数据,用户应用可以使用其对应的数据标识来发起使用中间数据的密码运算,即可以在中间数据不出安全执行空间的情况下实现所需要的密码运算,保障用户的秘密数据的安全。On the basis of the above, the execution of the operation instruction corresponding to the first subset may include: when the first subset includes at least one data identifier, the execution node acquires in the secure execution space. And an operation result corresponding to the at least one data identifier, to execute an operation instruction corresponding to the first subset by using the obtained operation result. Based on this, for the intermediate data stored in the secure execution space under the indication of the temporary storage mark, the user application can use the corresponding data identifier to initiate the cryptographic operation using the intermediate data, that is, the intermediate data can not be safely executed. In the case of the implementation of the required cryptographic operations to ensure the security of the user's secret data.
在一个示例中,用户应用所要执行的操作包括:先将用户密钥key_1与用户密钥key_2按照密钥共识协议(key Agreement Protocol,KAP)得到共识密钥key_kap,然后在获取到数据data1时采用共识密钥key_kap对其加密。其中,共识密钥key_kap属于用户的秘密数据,在OS和VMM不受信任的情况下不应添加在执行结果中返回给用户应用。在该示例下,用户应用需要先后发起“密钥共识运算”和“加密运算”这两次密码运算,也就是说先以第一运算参数集进行一遍上述步骤202至步骤207的流程,再以第二运算参数集进行一遍上述步骤202至步骤207的流程。其中,第一运算参数集(key_1,key_2,KAP,1)包括可表示为{KAP}的运算子集、可表示为{key_1,key_2}的参数子集,以及暂存标记“1”;第二运
算参数集(#005,data_1,RSA,)包括可表示为{RSA}的运算子集和可表示为{#005,data_1}的参数子集(第二运算参数集的第四个参数位置留空,即不包含暂存标记)。In an example, the operation to be performed by the user application includes: first obtaining the consensus key key_kap according to the key agreement protocol (KAP) of the user key key_1 and the user key key_2, and then adopting the data data1 when acquiring the data1 The consensus key key_kap encrypts it. The consensus key key_kap belongs to the user's secret data, and should not be added to the user application in the execution result if the OS and the VMM are not trusted. In this example, the user application needs to initiate the two key operations of "key consensus operation" and "encryption operation" successively, that is, the flow of the above steps 202 to 207 is performed first with the first operation parameter set, and then The second operation parameter set performs the flow of the above steps 202 to 207. The first operation parameter set (key_1, key_2, KAP, 1) includes a subset of operations that can be represented as {KAP}, a subset of parameters that can be represented as {key_1, key_2}, and a temporary storage flag of "1"; Second luck
The calculation parameter set (#005, data_1, RSA,) includes a subset of operations that can be represented as {RSA} and a subset of parameters that can be represented as {#005,data_1} (the fourth parameter position of the second operational parameter set remains Empty, that is, does not contain a staging flag).
本示例中,上述步骤203中用户应用将运算参数集传递给执行节点的过程具体包括附图中未示出的两个子步骤:In this example, the process of the user application transmitting the operation parameter set to the execution node in the above step 203 specifically includes two sub-steps not shown in the figure:
步骤2031、执行节点根据所述运算子集和所述参数子集进行运算以获取运算结果。其中,在参数子集中包含有至少一个数据标识时,执行节点在安全执行空间内获取与至少一个数据标识对应的运算结果,并使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。Step 2031: The execution node performs an operation according to the operation subset and the parameter subset to obtain an operation result. The execution node acquires an operation result corresponding to the at least one data identifier in the security execution space, and uses the obtained operation result according to the operation subset and the parameter sub-key when the parameter subset includes at least one data identifier. The set performs an operation to obtain the result of the operation.
步骤2032、当检测到参数子集中还包括暂存标记时,执行节点将运算结果存储在安全执行空间内,并为存储后的运算结果分配对应的数据标识。Step 2032: When it is detected that the parameter subset further includes a temporary storage mark, the execution node stores the operation result in the secure execution space, and allocates a corresponding data identifier for the stored operation result.
相对应地,上述步骤207、执行节点向用户应用返回执行结果,具体包括:Correspondingly, in step 207, the execution node returns an execution result to the user application, which specifically includes:
执行节点向用户应用返回所述数据标识。The execution node returns the data identification to the user application.
在与上述第一运算参数集对应的密码运算过程中,上述步骤2031包括根据运算子集{KAP}和参数子集{key_1,key_2}进行运算(其中,“key_1”和“key_2”为上述密钥标识,“KAP”为与密钥共识的算法函数对应的算法标识),即具体包括:分别获取与“key_1”对应的用户密钥和与“key_2”对应的用户密钥;将与“key_1”对应的用户密钥和与“key_2”对应的用户密钥作为函数参数,调用与“KAP”对应的算法函数,以得到作为运算结果的共识密钥key_kap。In the cryptographic operation process corresponding to the first operation parameter set, the above step 2031 includes performing an operation according to the operation subset {KAP} and the parameter subset {key_1, key_2} (where "key_1" and "key_2" are the above-mentioned secrets The key identifier, "KAP" is an algorithm identifier corresponding to the algorithm function of the key consensus), that is, specifically: obtaining a user key corresponding to "key_1" and a user key corresponding to "key_2" respectively; The corresponding user key and the user key corresponding to "key_2" are used as function parameters, and an algorithm function corresponding to "KAP" is called to obtain a consensus key key_kap as a result of the operation.
在与上述第一运算参数集对应的密码运算过程中,上述步骤2032包括:在得到共识密钥key_kap之后,执行节点通过判断确定运算参数集的第四个参数位置上是“1”,即包含暂存标记,因而将共识密钥存储在安全执行空间内的一个数据链表中,并将数据链表的存储序号“#005”作为共识密钥的数据标识,直接在步骤207中作为执行结果返回给用户应用。In the cryptographic operation process corresponding to the first operation parameter set, the step 2032 includes: after obtaining the consensus key key_kap, the execution node determines that the fourth parameter position of the operation parameter set is “1”, that is, includes The temporary mark is stored, so that the consensus key is stored in a data link table in the secure execution space, and the storage sequence number "#005" of the data link table is used as the data identifier of the consensus key, and is directly returned as an execution result in step 207. User application.
在与上述第一运算参数集对应的密码运算过程结束之后,用户应用得到的执行结果中包含了共识密钥key_kap的数据标识“#005”,因此可以将该数据标识“#005”暂存,以等到数据data1的获取过程完成之后,再生成第二运算参数集(#005,data_1,RSA,),以发起与上述第二运算参数集对应的密码运算。在第二运算参数集中,除了数据标识“#005”之外,“data_1”为与数据data1对应的变量名,“RSA”为与RSA加密算法的算法函数对应的算法标识,第四个参数位置的空白表示没有暂存标记。After the cryptographic operation process corresponding to the first operation parameter set is completed, the execution result obtained by the user application includes the data identifier “#005” of the consensus key key_kap, so the data identifier “#005” can be temporarily stored. After the acquisition process of the data data1 is completed, the second operation parameter set (#005, data_1, RSA,) is generated to initiate a cryptographic operation corresponding to the second operation parameter set. In the second operational parameter set, except for the data identifier "#005", "data_1" is the variable name corresponding to the data data1, "RSA" is the algorithm identifier corresponding to the algorithm function of the RSA encryption algorithm, and the fourth parameter position is The blank indicates that there is no scratch tag.
在与上述第二运算参数集对应的密码运算过程中,用户应用将上述第二运算参数集传递给执行节点,以使执行节点在上述步骤2031中:通过判断确定参数子集中的“#005”为数据标识,根据数据标识“#005”从上述数据链表中提取出共识密钥key_kap,从而根据运算子集{RSA}和参数子集{#005,data_1}进行运算,即:将提取出来的共识密钥key_kap和变量“data_1”的值作为函数参数,调用与“RSA”对应的RSA加密算法的算法函数,以得到加密后的数据data1,作为运算结果。In the cryptographic operation process corresponding to the second operation parameter set, the user application passes the second operation parameter set to the execution node, so that the execution node determines the "#005" in the parameter subset by determining in the above step 2031. For data identification, the consensus key key_kap is extracted from the above data link table according to the data identifier "#005", thereby performing operations according to the operation subset {RSA} and the parameter subset {#005, data_1}, that is, the extracted The value of the consensus key key_kap and the variable "data_1" is used as a function parameter, and the algorithm function of the RSA encryption algorithm corresponding to "RSA" is called to obtain the encrypted data data1 as the operation result.
在与上述第二运算参数集对应的密码运算过程中,上述步骤2032包括:在得到加密后的数据data1之后,执行节点通过判断确定第二运算参数集中不包含暂存标记“1”,因此直接将加密后的数据data1作为执行结果,在上述步骤207中返回给用户应用。In the cryptographic operation process corresponding to the second operation parameter set, the step 2032 includes: after obtaining the encrypted data data1, the execution node determines that the second operation parameter set does not include the temporary storage flag “1”, so The encrypted data data1 is used as an execution result, and is returned to the user application in the above step 207.
可以看出的是,由于运算参数集中可以设置暂存标记,并且执行节点能够在接收到暂存标记时存储运算结果并返回替代运算结果的数据标识,使得用户可以使用包含暂存标记
的运算参数集来保护包含有秘密数据的中间数据。而且,由于运算参数集中可以设置数据标识,并且执行节点能够在接收到数据标识时提取所存储的运算结果并用于密码运算,使得用户可以使用包含数据标识的运算参数集来提取所存储的数据以进行密码运算,即能够使存储在安全执行空间内的数据仍能根据运算参数集参与密码运算。由此,可以在完成密码运算的基础上避免由此引起的秘密数据泄露,增强密码运算过程的安全性。It can be seen that the temporary storage flag can be set in the operation parameter set, and the execution node can store the operation result when receiving the temporary storage mark and return the data identification of the replacement operation result, so that the user can use the temporary storage mark.
The set of operational parameters to protect intermediate data containing secret data. Moreover, since the operation parameter set can set the data identifier, and the execution node can extract the stored operation result and use it for the cryptographic operation when receiving the data identifier, so that the user can extract the stored data using the operation parameter set including the data identifier. By performing cryptographic operations, it is possible to enable data stored in the secure execution space to participate in cryptographic operations based on the set of operational parameters. Thereby, the secret data leakage caused thereby can be avoided on the basis of completing the cryptographic operation, and the security of the cryptographic operation process is enhanced.
在本申请的一个实施例中,在服务器中建立安全执行空间的过程具体包括:In an embodiment of the present application, the process of establishing a secure execution space in a server specifically includes:
参见图3,基于用户设备310与服务器320之间的网络连接,用户设备310上的用户端在服务器320的一个虚拟机的操作系统上创建用户应用APP,并通过用户应用APP:在服务器320中创建安全执行空间TEE,并向安全执行空间TEE内注入与执行节点D1对应的数据,以在安全执行空间内完成执行节点D1的配置。在一个示例中,用户应用APP触发安全执行空间TEE的创建流程,使服务器320的中央处理器在服务器320中划定出安全执行空间TEE的边界,并将与执行节点D1对应的数据(例如实现执行节点的全部可执行代码,以及可执行代码在运行过程中所需要利用的资源数据,等等)分批地写入到安全执行空间TEE内,使执行节点最终被配置为运行状态或可运行状态。这里需要说明的是,由于安全执行空间具有保护内部数据安全的特性,所以执行节点D1的代码在配置完成后无法被添加、更改或删除,因而执行节点D1的全部代码都预先由用户根据实际应用需求进行配置。Referring to FIG. 3, based on the network connection between the user equipment 310 and the server 320, the user terminal on the user equipment 310 creates a user application APP on the operating system of a virtual machine of the server 320, and passes the user application APP: in the server 320. A secure execution space TEE is created, and data corresponding to the execution node D1 is injected into the secure execution space TEE to complete the configuration of the execution node D1 in the secure execution space. In one example, the user application APP triggers the creation process of the secure execution space TEE, causing the central processor of the server 320 to delineate the boundary of the secure execution space TEE in the server 320 and to associate data with the execution node D1 (eg, implement All executable code of the execution node, and the resource data that the executable code needs to utilize during the running process, etc.) are written into the secure execution space TEE in batches, so that the execution node is finally configured to be running or runable. status. It should be noted here that since the secure execution space has the feature of protecting internal data security, the code of the execution node D1 cannot be added, changed or deleted after the configuration is completed, and thus all the code of the execution node D1 is pre-defined by the user according to the actual application. Requirements are configured.
如图3所示,此时的密钥库D2的数据(包括用户密钥和密钥标识)还安全地保存在用户设备310上,但由于用户设备310与服务器320之间的网络通信,以及服务器320的整个软件运行环境均是不受信任的,因此在图3所示的过程中创建的用户应用APP、安全执行空间TEE,以及配置在安全执行空间TEE内的执行节点D1也都不受信任(此时安全执行空间能够阻止特权级代码的外部访问,但是执行节点可能已经被注入了恶意代码)。因此在图3所示的场景下,如果用户端为了在安全执行空间TEE内配置密钥库而向服务器320发送密钥库D2的数据,则有可能导致用户密钥的泄露。As shown in FIG. 3, the data of the keystore D2 at this time (including the user key and the key identifier) is also securely stored on the user equipment 310, but due to network communication between the user equipment 310 and the server 320, and The entire software running environment of the server 320 is untrusted, so the user application APP, the secure execution space TEE created in the process shown in FIG. 3, and the execution node D1 configured in the secure execution space TEE are also untrusted. Any time (the secure execution space can block external access to privileged code, but the execution node may have been injected with malicious code). Therefore, in the scenario shown in FIG. 3, if the UE sends the data of the keystore D2 to the server 320 in order to configure the keystore in the secure execution space TEE, there is a possibility that the user key is leaked.
为了保障用户密钥的安全,本实施例中首先进行用户端对安全执行空间的远程验证。其中,远程验证指的是用户端确定安全执行空间中的内容是否与预期一致的过程。本实施例中,安全执行空间TEE是用户端通过用户应用APP建立的,因此用户端可以记录或者推测安全执行空间TEE在建立后的内容,也就是能够获取到预期情况下的一定安全执行空间的预置范围内的数据的散列值(预期值)。从而,用户端可以通过执行节点D1获取预置范围内的数据的散列值,以根据该散列值结合其预期值对该预置范围内的数据进行完整性校验,从而确定安全执行空间中的内容是否与所预期的一致。其中,预置范围可以是预先由用户指定的,并可以包含安全执行空间内全部的可执行代码,以确保没有预期之外的代码被注入安全执行空间;而预置范围内的数据的散列值可以例如是在安全执行空间的建立过程中由中央处理器计算得到的,还可以例如是在获取散列值的过程中由执行节点计算得到的,本申请对此不做限制。In order to ensure the security of the user key, in this embodiment, the remote verification of the secure execution space by the user end is first performed. Wherein, remote verification refers to a process in which the UE determines whether the content in the secure execution space is consistent with expectations. In this embodiment, the security execution space TEE is established by the user end through the user application APP, so the user end can record or speculate the content of the secure execution space TEE after the establishment, that is, can obtain a certain security execution space under the expected situation. The hash value (expected value) of the data within the preset range. Therefore, the UE can obtain the hash value of the data in the preset range by executing the node D1, and perform integrity check on the data in the preset range according to the hash value and the expected value, thereby determining the secure execution space. Whether the content in the content is consistent with what is expected. Wherein, the preset range may be pre-specified by the user, and may include all executable code in the secure execution space to ensure that no unexpected code is injected into the secure execution space; and the hash of the data within the preset range The value can be calculated by the central processing unit in the process of establishing the secure execution space, for example, and can be calculated by the execution node in the process of obtaining the hash value, which is not limited in this application.
如图4所示,在一个示例中,用户端通过用户应用APP向执行节点D1传递一个随机数(nonce),以使执行节点D1计算安全执行空间TEE中全部存储数据(包括执行节点的全部代码)的散列值,并结合该随机数生成校验报告(校验报告中,散列值经过该随机数的加密),从而通过用户应用APP发送给用户端。在接收到校验报告之后,用户端可以根据随机数从校验报告中获取到上述散列值,并通过该散列值与其预期值的比较判断安全执行空
间TEE中全部存储数据是否与所预期的完全一致,在确认完全一致时确定服务器中的安全执行空间TEE能够通过用户端的完整性校验。在不能通过时,说明安全执行空间TEE内可能混入了预期之外的存储数据,此时用户端可以对用户密钥向服务器的发送保持阻止,并且可以采取终止安全执行空间的建立、销毁该安全执行空间TEE、发起对虚拟机的安全性检测等手段来保护秘密数据的安全。在完整性校验通过时,说明包括执行节点D1的全部代码的存储数据是可信的,用户端可以在此基础上在安全执行空间内完成密钥库D2的配置。As shown in FIG. 4, in one example, the UE passes a random number (nonce) to the execution node D1 through the user application APP, so that the execution node D1 calculates all the stored data in the secure execution space TEE (including all the codes of the execution node). And a hash value is generated in combination with the random number to generate a verification report (in the verification report, the hash value is encrypted by the random number), and is sent to the client through the user application APP. After receiving the verification report, the UE may obtain the above hash value from the verification report according to the random number, and judge the security execution by comparing the hash value with the expected value.
Whether all stored data in the inter-TEE is exactly the same as expected, and it is determined that the secure execution space TEE in the server can pass the integrity check of the UE when the confirmation is completely consistent. When it cannot pass, it indicates that the storage data in the security execution space TEE may be mixed with the expected storage data. At this time, the user terminal can keep the transmission of the user key to the server, and can terminate the establishment of the security execution space and destroy the security. Perform space TEE, initiate security detection of virtual machines, and other means to protect the security of secret data. When the integrity check is passed, it is stated that the stored data including all the codes of the execution node D1 is trusted, and the client can complete the configuration of the keystore D2 in the secure execution space on this basis.
此外,为了避免出现执行节点利用伪造的散列值来通过完整性校验的情况,可以要求上述散列值中携带由可信任的第三方提供的签名。比如,可将中央处理器作为可信任的第三方,在使执行节点获取散列值时由中央处理器在散列值中添加签名,以证明执行节点确实地进行了散列值的计算,并且计算的可靠性由中央处理器予以保证。In addition, in order to avoid the case where the execution node passes the integrity check using the forged hash value, the above hash value may be required to carry the signature provided by the trusted third party. For example, the central processor can be used as a trusted third party, and the central processor adds a signature to the hash value when the execution node acquires the hash value to prove that the execution node has performed the hash value calculation, and The reliability of the calculation is guaranteed by the central processor.
如图5所示,在通过用户端的远程验证之后,执行节点D1基于自行生成的随机数(为描述方便以n1表示)采用预先配置好的曲线参数(包含椭圆曲线上的基点G0)以椭圆曲线加密(Elliptic Curve Cryptography,ECC)方式计算得到第一公钥KEY_A,其中KEY_A=n1*G0,从而将第一公钥KEY_A通过用户应用APP发送给用户设备310的用户端。另一方面,用户端预先生成了另一随机数(为描述方便以n2表示),并基于该随机数n2使用相同的曲线参数以ECC方式计算得到第二公钥KEY_B,其中KEY_B=n2*G0,并在执行节点D1配置完成之后通过用户应用APP将第二公钥KEY_B传递给执行节点D1。As shown in FIG. 5, after remote verification by the user end, the execution node D1 uses a pre-configured curve parameter (including the base point G0 on the elliptic curve) to form an elliptic curve based on the self-generated random number (represented by n1 for convenience of description). The first public key KEY_A is calculated by the Elliptic Curve Cryptography (ECC) method, wherein KEY_A=n1*G0, so that the first public key KEY_A is sent to the user end of the user equipment 310 through the user application APP. On the other hand, the UE pre-generates another random number (represented by n2 for convenience of description), and calculates the second public key KEY_B by ECC method using the same curve parameter based on the random number n2, where KEY_B=n2*G0 And transmitting the second public key KEY_B to the execution node D1 through the user application APP after the execution node D1 configuration is completed.
基于ECC的特性,由第一公钥KEY_A和基点G0难以求解出随机数n1,由第二公钥KEY_B和基点G0也难以求解出随机数n2,所以用户端与执行节点D1之间进行的不安全通信并不会导致随机数n1和随机数n2的泄露。而且,根据交换律和结合律可以推知:n2*KEY_A=n2*(n1*G0)=n2*n1*G0=n1*n2*G0=n1*(n2*G0)=n1*KEY_B。由此,可以设置共有密钥KEY_Q=n2*KEY_A=n1*KEY_B,使得用户端在接收到第一公钥KEY_A之后由第一公钥KEY_A和随机数n2计算得到共有密钥KEY_Q,并使得执行节点D1在接收到第二公钥KEY_B之后由第二公钥KEY_B和随机数n1得到共有密钥KEY_Q。Based on the characteristics of ECC, it is difficult to solve the random number n1 by the first public key KEY_A and the base point G0, and it is also difficult to solve the random number n2 by the second public key KEY_B and the base point G0, so the user terminal and the execution node D1 do not Secure communication does not cause leakage of random number n1 and random number n2. Moreover, according to the commutative law and the combination law, it can be inferred that n2*KEY_A=n2*(n1*G0)=n2*n1*G0=n1*n2*G0=n1*(n2*G0)=n1*KEY_B. Therefore, the common key KEY_Q=n2*KEY_A=n1*KEY_B can be set, so that the user terminal calculates the common key KEY_Q from the first public key KEY_A and the random number n2 after receiving the first public key KEY_A, and causes the execution. The node D1 obtains the common key KEY_Q from the second public key KEY_B and the random number n1 after receiving the second public key KEY_B.
通过上述过程,用户端通过与执行节点D1之间通过密钥协商得到了安全的共有密钥,从而使用该共有密钥进行加密通信的安全信道CH得以建立。在一个示例中,用户端将发送给执行节点的数据采用上述共有密钥加密,并将加密后的数据通过用户应用APP传递给执行节点D1(包括加密后的数据在用户端与服务器之间的传输,以及服务器的网络接口与用户应用之间的传输),使执行节点D1使用共有密钥对加密后的数据进行解密。执行节点D1向用户端发送数据的过程与之对应,由此实现了用户端与执行节点D1之间的安全通信。Through the above process, the UE obtains a secure shared key through key negotiation with the execution node D1, so that the secure channel CH for encrypted communication using the shared key is established. In an example, the client transmits the data sent to the execution node by using the above-mentioned common key, and transmits the encrypted data to the execution node D1 through the user application APP (including the encrypted data between the client and the server). The transmission, as well as the transmission between the server's network interface and the user application, causes the execution node D1 to decrypt the encrypted data using the common key. The process of the node D1 transmitting data to the client corresponds to it, thereby realizing secure communication between the client and the execution node D1.
需要说明的是,共有密钥可以例如是由机密性保护密钥和完整性保护密钥组成的两个密钥,还可以例如是一个能够作为种子来分别生成机密性保护密钥和完整性保护密钥的主密钥,并可以不限于此。It should be noted that the shared key may be, for example, two keys composed of a confidentiality protection key and an integrity protection key, and may also be, for example, a seed to separately generate a confidentiality protection key and integrity protection. The master key of the key, and may not be limited to this.
如图6所示,在安全信道CH建立之后,用户端可以将密钥信息——包含用户密钥与密钥标识之间的映射关系的数据发送给执行节点D1,以通过执行节点D1根据所述用户密钥与密钥标识之间的映射关系在安全执行空间TEE内完成密钥库D2的配置,由此完成了安全执行空间的建立。可以看出,远程验证使用户确认了安全执行空间内代码的完整性,安全信道保障了用户密钥在传输过程中的安全性,而安全执行空间则能够保护内部的用户密钥不被特权级代码窃取,共同实现了云服务场景下的密钥保护。
As shown in FIG. 6, after the establishment of the secure channel CH, the UE may send the key information, that is, the data including the mapping relationship between the user key and the key identifier, to the executing node D1 to perform the node D1 according to the The mapping relationship between the user key and the key identifier completes the configuration of the keystore D2 in the secure execution space TEE, thereby completing the establishment of the secure execution space. It can be seen that remote verification allows the user to confirm the integrity of the code in the secure execution space. The secure channel guarantees the security of the user key during transmission, while the secure execution space protects the internal user key from being privileged. Code stealing, together to achieve key protection in the cloud service scenario.
在本申请的又一实施例中,基于建立在用户端与执行节点之间安全信道,可以实现用户端对安全执行空间的远程控制。In still another embodiment of the present application, remote control of the secure execution space by the user terminal may be implemented based on establishing a secure channel between the client and the execution node.
在一个示例中,用户端通过安全信道向执行节点发送第一操作指令,使得执行节点能够通过安全信道接收来自用户端的用户指令。执行节点在确定该用户指令为第一操作指令时,屏蔽除来自该安全信道以外的用户指令。在安全信道建立后屏蔽来自该安全信道以外的用户指令,能够将发送用户指令的权限限制到指定的用户端上,从而利用安全信道的机密性管理用户指令的相关权限。In one example, the UE transmits a first operational instruction to the execution node over the secure channel such that the execution node can receive user instructions from the client over the secure channel. The execution node masks user instructions other than the secure channel when determining that the user command is the first operational command. After the establishment of the secure channel, the user command from outside the secure channel is blocked, and the authority to send the user command can be restricted to the designated client, thereby utilizing the confidentiality of the secure channel to manage the relevant authority of the user command.
在又一个示例中,用户端通过安全信道向执行节点发送第二操作指令,使得执行节点能够通过安全信道接收来自用户端的用户指令。执行节点在确定该用户指令为第二操作指令时,对安全执行空间进行核查(核查范围可以是指定的一部分或者全部,可以预先配置在执行节点的代码中),以将得到的核查报告通过安全信道发送给用户端。例如,执行节点将安全执行空间内的全部的可执行代码使用一个用户密钥加密压缩,并附在核查报告中发送给用户端。通过核查报告的生成和发送,用户端可以根据需要获取安全执行空间内存储数据的实际情况,作为进一步分析或用户操作的依据。In yet another example, the UE transmits a second operational instruction to the execution node over the secure channel such that the execution node can receive user instructions from the client over the secure channel. When the execution node determines that the user instruction is the second operation instruction, the security execution space is checked (the verification scope may be part or all of the specified, and may be pre-configured in the code of the execution node) to pass the obtained verification report through security. The channel is sent to the client. For example, the execution node encrypts all executable code in the secure execution space with a user key and attaches it to the verification report for transmission to the client. Through the generation and transmission of the verification report, the user can obtain the actual situation of storing data in the secure execution space as needed, as a basis for further analysis or user operation.
承接上例,在接收到来自执行节点的核查报告之后,用户端根据接收到的核查报告确定安全执行空间的安全风险等级。例如,用户端使用相应的用户密钥解压缩得到可执行代码,并通过与原始可执行代码进行比较、分析不同之处的安全风险等等,确定安全风险等级属于安全、轻度危险还是重度危险。基于安全风险等级的确定,用户端可以根据需要确认安全执行空间的安全状态,以及时应对可能导致秘密数据泄露的突发状况。In the above example, after receiving the verification report from the execution node, the user determines the security risk level of the security execution space according to the received verification report. For example, the client decompresses the executable code with the corresponding user key, and compares it with the original executable code, analyzes the security risks of the differences, etc., to determine whether the security risk level is safe, mild, or dangerous. . Based on the determination of the security risk level, the UE can confirm the security status of the secure execution space as needed, and cope with unexpected situations that may lead to leakage of secret data.
承接上例,在安全风险等级高于或等于预设等级时,用户端通过安全信道向执行节点发送第三操作指令,使得执行节点能够通过安全信道接收来自用户端的用户指令。例如,用户可以事前设置预设等级为重度危险,即在用户端确定接收到的核查报告表示安全执行空间的安全风险等级为重度危险时,通过安全信道向执行节点发送第三操作指令。执行节点在确定该用户指令为第三操作指令时,删除安全执行空间内的预定部分的秘密数据或者全部的秘密数据。例如,在确定用户指令为第三操作指令时,执行节点可以调用预先配置在安全执行空间中的擦除操作函数,将安全执行空间内所有秘密数据的清除。基于删除至少部分秘密数据的操作,用户端可以根据需要清除安全执行空间内的秘密数据,以应对突发状况下的数据泄露风险。In the above example, when the security risk level is higher than or equal to the preset level, the UE sends a third operation instruction to the execution node through the secure channel, so that the execution node can receive the user instruction from the user end through the secure channel. For example, the user may set the preset level as a serious risk beforehand, that is, when the user end determines that the received verification report indicates that the security risk level of the security execution space is a serious risk, the third operation instruction is sent to the execution node through the secure channel. The execution node deletes the secret data or all the secret data of the predetermined portion in the secure execution space when determining that the user instruction is the third operation instruction. For example, when it is determined that the user instruction is the third operation instruction, the execution node may call an erase operation function pre-configured in the secure execution space to clear all secret data in the secure execution space. Based on the operation of deleting at least part of the secret data, the UE can clear the secret data in the secure execution space as needed to cope with the risk of data leakage in an emergency situation.
在又一个示例中,用户端通过安全信道向执行节点发送第四操作指令,使得执行节点能够通过安全信道接收来自用户端的用户指令。执行节点在确定该用户指令为第四操作指令时,将安全执行空间内的密钥库加密存储至服务器的存储器中,并通过安全信道返回用于读取密钥库和对密钥库进行解密的数据。例如,执行节点在接收到第四操作指令时可以调用预先配置在安全执行空间内的封存函数,以通过该封存函数在安全执行空间内完成对密钥库的加密,并将加密后的密钥库存储在服务器的外存储器中,最后通过安全信道向用户端发送加密时所使用的用户密钥的密钥标识,以及加密后的密钥库的存储位置。基于对密钥库的加密存储,使得服务器中任意一个安全执行空间都可能通过读取和解密完成密钥库的配置,而不需要用户端重复发送密钥库的数据,有助于降低网络带宽的占用,并能够减低用户密钥在传输过程中泄露的风险。In yet another example, the UE transmits a fourth operational instruction to the execution node over the secure channel such that the execution node is capable of receiving user instructions from the client over the secure channel. When the execution node determines that the user instruction is the fourth operation instruction, the keystore in the secure execution space is encrypted and stored in the memory of the server, and is returned through the secure channel for reading the keystore and decrypting the keystore. The data. For example, the execution node may invoke a storage function pre-configured in the secure execution space when receiving the fourth operation instruction, to complete the encryption of the keystore in the secure execution space by the archive function, and the encrypted key The inventory is stored in the external storage of the server, and finally the key identifier of the user key used for encryption and the storage location of the encrypted keystore are transmitted to the client through the secure channel. Based on the encrypted storage of the keystore, any secure execution space in the server may complete the configuration of the keystore by reading and decrypting, without requiring the client to repeatedly send the data of the keystore, which helps to reduce the network bandwidth. Occupation, and can reduce the risk of user keys leaking during transmission.
承上例,作为配置密钥库的一种示例,用户端可以通过安全信道向执行节点发送第五
操作指令,第五操作指令包括与密钥库对应的地址标识和解密密钥,使得执行节点能够通过安全信道接收来自用户端的用户指令。执行节点在确定该用户指令为第五操作指令时,根据地址标识在服务器的存储器中获取加密后的密钥库,使用解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于安全执行空间内。在这一过程中,安全信道的机密性保障了解密密钥和地址标识的安全,而执行节点在安全执行空间内的操作是外部程序不可见的,因此密钥库可以通过上述过程安全地配置在安全执行空间内。在一个示例中,一个安全执行空间在生命周期结束前在第四操作指令的指示下完成了密钥库的加密存储,此后另一个安全执行空间在创建后则在第五操作指令的指示下完成了密钥库的配置,从而省去了用户端向后创建的安全执行空间发送密钥信息的过程。According to the above example, as an example of configuring a keystore, the UE can send a fifth to the execution node through the secure channel.
The operation instruction, the fifth operation instruction includes an address identifier and a decryption key corresponding to the keystore, so that the execution node can receive the user instruction from the user terminal through the secure channel. When determining that the user instruction is the fifth operation instruction, the execution node obtains the encrypted keystore in the memory of the server according to the address identifier, and decrypts the encrypted keystore by using the decryption key to decrypt the decrypted key. The keystore is configured in the secure execution space. In this process, the confidentiality of the secure channel guarantees the security of the decryption key and the address identifier, and the operation of the execution node in the secure execution space is invisible to the external program, so the keystore can be securely configured through the above process. In the secure execution space. In one example, a secure execution space completes the encrypted storage of the keystore under the direction of the fourth operational instruction before the end of the lifecycle, after which another secure execution space is created after the fifth operational instruction is created. The configuration of the keystore eliminates the process of sending key information by the client to the secure execution space created later.
此外,一方面,在本申请可实现的范围内,除了可以基于ECC进行密钥交换来建立安全信道之外,还可以采用其他方式实现密钥协商,例如迪菲-赫尔曼密钥交换(Diffie–Hellman key exchange,DH)算法,或者DH与公钥加密算法(如RSA、ECC)的组合等等。此外,还可以采用其他方式建立安全信道,比如直接基于公钥加密算法,使用公钥加密发送数据、使用私钥解密接收数据,来实现安全信道的建立。基于用户端与所述执行节点之间的安全信道的建立,能够在用户端与安全执行空间通信的过程中保护通信数据的私密性和完整性,避免包括OS和VMM的服务器程序从传输数据流中窃取用户的秘密数据,例如在用户端通过安全信道将密钥信息发送给执行节点的过程中保护密钥信息不被数据传输的中间节点窃取或者篡改,从而与其他方面的安全保护手段相结合实现云服务场景下的密钥保护。而基于密钥协商的结合,用户端与执行节点可以在用户应用、OS和VMM均不受信任的情况下实现安全信道的建立,进一步提升数据传输的安全性。In addition, on the one hand, in addition to the scope of the present application, in addition to the key exchange can be established based on ECC to establish a secure channel, other methods can be used to implement key negotiation, such as Diffie-Hellman key exchange ( Diffie–Hellman key exchange, DH) algorithm, or a combination of DH and public key encryption algorithms (such as RSA, ECC). In addition, the security channel can be established in other ways, such as directly based on the public key encryption algorithm, using the public key to encrypt the data, and using the private key to decrypt the received data to achieve the establishment of a secure channel. Based on the establishment of the secure channel between the client and the execution node, the privacy and integrity of the communication data can be protected during the communication between the client and the secure execution space, and the server program including the OS and the VMM can be prevented from transmitting the data stream. Stealing the user's secret data, for example, in the process of transmitting the key information to the executing node through the secure channel, the protection key information is not stolen or tampered by the intermediate node of the data transmission, thereby combining with other aspects of security protection. Implement key protection in a cloud service scenario. Based on the combination of key negotiation, the client and the execution node can implement the establishment of a secure channel without the user application, the OS, and the VMM being trusted, thereby further improving the security of data transmission.
又一方面,在本申请可实现的范围内,除了可以基于由随机数加密的散列值实现完整性校验之外,还可以在散列值计算范围、散列值计算算法等方面上增强远程验证的机密性。比如,执行节点D1可以进一步根据来自用户端的随机数在预先设置的若干个预置范围中确定散列值的计算范围,和/或,根据来自用户端的随机数在预先设置的若干个散列算法中确定散列值的计算算法,从而增加伪造校验报告的难度,提升远程校验的可靠程度。在其他实示例中,执行节点D1可以在配置完成后主动通过用户应用APP向用户端发送散列值未经加密的校验报告,而不需要来自用户端的触发。在其他示例中,所述预置范围内的数据除了可以是安全执行空间的全部存储数据之外,还可以是外部存储器空间和内部存储器空间中任意一种至少包含全部可执行代码的数据集合。基于对安全执行空间的预置范围内的数据的完整性校验,至少可以使用户端远程确认安全执行空间内所有可执行代码的完整性(包括确认可执行代码是否全部是用户配置的,以及可执行代码是否经过恶意删除或篡改),并使用户端在安全执行空间通过完整性校验之前阻止用户密钥向用户端的发送,以保护用户密钥的安全。In another aspect, in addition to the integrity check that can be implemented based on the hash value encrypted by the random number, the hash value calculation range, the hash value calculation algorithm, and the like can be enhanced in the range that can be implemented by the present application. The confidentiality of remote verification. For example, the execution node D1 may further determine a calculation range of the hash value in a preset number of preset ranges according to a random number from the user end, and/or a plurality of hash algorithms preset according to the random number from the user end. The calculation algorithm for determining the hash value is added, thereby increasing the difficulty of forging the verification report and improving the reliability of the remote verification. In other real examples, the execution node D1 may actively send a hash value unencrypted verification report to the client through the user application APP after the configuration is completed, without triggering from the user end. In other examples, the data within the preset range may be, in addition to all stored data of the secure execution space, a data set containing at least all executable code in any of the external memory space and the internal memory space. Based on the integrity check of the data within the preset range of the secure execution space, at least the client can remotely confirm the integrity of all executable code in the secure execution space (including confirming whether the executable code is all user-configured, and Whether the executable code has been maliciously deleted or tampered with, and the client prevents the user key from being sent to the client before the security execution space passes the integrity check to protect the security of the user key.
又一方面,在本申请可实现的范围内,安全信道的建立可以在远程验证之后进行,也可以在远程验证之前进行,还可以与远程验证并列地地进行,或是由同一个过程同时完成,本申请对此不做限制。其中,在远程验证之后建立安全信道的方式中,所建立的安全信道的秘密数据的安全性可由执行节点保障,因此更有利于通信安全的保障;而在远程验证之前建立安全信道的方式中,远程验证的数据传输可以使用所建立的安全信道,因此更有利于提升远程验证的可信度。
On the other hand, within the scope of the present application, the establishment of the secure channel can be performed after remote verification, before remote verification, in parallel with remote verification, or simultaneously by the same process. This application does not limit this. Wherein, in the manner of establishing a secure channel after remote verification, the security of the secret data of the established secure channel can be guaranteed by the execution node, thereby facilitating the security of communication security; and in the manner of establishing a secure channel before remote verification, Remotely authenticated data transmission can use the established secure channel, which is more conducive to improving the credibility of remote verification.
又一方面,在本申请可实现的范围内,配置有执行节点的安全执行空间除了可以由用户端通过用户应用建立之外,还可以由用户指定的第三方程序或第三方设备建立。例如,用户可以通过用户应用向第三方服务器请求配置数据,以使用户应用根据配置数据在服务器中建立配置有执行节点的安全执行空间;或者,用户可以通过服务器上的第三方应用在租用的虚拟机的操作系统中建立与安全执行空间对应的服务程序,以供操作系统上的用户应用使用。而在安全执行空间直接由用户应用建立的方式中,执行节点可以作为用户应用的额外代码创建,从而将执行节点与用户应用之间的数据传递限制在同一程序内部进行,不仅有利于省去程序间数据传递所需要的程序接口的设置,还有利于消除程序间数据传递所带来的安全隐患。On the other hand, within the scope of the present application, the secure execution space configured with the execution node may be established by a third-party program or a third-party device specified by the user, in addition to being established by the user end through the user application. For example, the user may request configuration data from the third-party server through the user application, so that the user application establishes a secure execution space configured with the execution node in the server according to the configuration data; or the user can use the third-party application on the server to rent the virtual A service program corresponding to the secure execution space is established in the operating system of the machine for use by the user application on the operating system. In the manner that the secure execution space is directly established by the user application, the execution node can be created as additional code of the user application, thereby restricting data transfer between the execution node and the user application within the same program, which is beneficial to save the program. The setting of the program interface required for data transfer also helps to eliminate the security risks caused by data transfer between programs.
需要说明的是,由于安全执行空间能够保护内部数据不受外部程序影响,因此执行节点在配置完成后可能是无法变更的。由此,上述安全执行空间的建立过程以及密码运算的执行过程中所涉及的执行节点的操作都需要事先体现在与执行节点对应的可执行代码中。即,创建配置有执行节点的安全执行空间时,向安全执行空间中注入的数据与执行节点被配置的能够实现的功能之间相互对应。另外,虽然本实施例中所涉及的用户应用均指同一个用户应用,但在其他可能的设计中,发起密码运算、建立安全信道、创建安全执行空间等等不同功能,可以按任意方式分配给若干个不同的用户应用来实现,比如用户端通过第一用户应用发起密码运算,用户端通过第二用户应用建立安全信道,用户端通过第三用户应用创建安全执行空间等等,本申请对此不做限制。It should be noted that since the secure execution space can protect the internal data from external programs, the execution node may not be changed after the configuration is completed. Therefore, the establishment process of the above-mentioned secure execution space and the operation of the execution node involved in the execution of the cryptographic operation need to be embodied in the executable code corresponding to the execution node in advance. That is, when the secure execution space in which the execution node is configured is created, the data injected into the secure execution space and the achievable function in which the execution node is configured correspond to each other. In addition, although the user applications involved in this embodiment all refer to the same user application, in other possible designs, different functions such as initiating cryptographic operations, establishing a secure channel, and creating a secure execution space may be assigned in any manner. A plurality of different user applications are implemented, for example, the user end initiates a cryptographic operation through the first user application, the user terminal establishes a secure channel through the second user application, and the user end creates a secure execution space through the third user application, etc. No restrictions.
参见图7,图7是本申请的实施例所涉及的一种密钥保护装置的结构框图,该密钥保护装置,应用于服务器中运行的用户应用,包括第一获取模块410和传递模块420,其中:Referring to FIG. 7, FIG. 7 is a structural block diagram of a key protection apparatus according to an embodiment of the present application. The key protection apparatus is applied to a user application running in a server, including a first acquisition module 410 and a delivery module 420. ,among them:
第一获取模块410,于在发起使用用户密钥的运算时,获取与所要使用的用户密钥对应的密钥标识,以添加至与所述使用用户密钥的运算对应的运算参数集中;The first obtaining module 410, when initiating an operation using the user key, acquires a key identifier corresponding to the user key to be used, to be added to the operation parameter set corresponding to the operation using the user key;
传递模块420用于通过预设接口将所述运算参数集传递给安全执行空间内的执行节点,以使所述执行节点在所述安全执行空间内:从密钥库中获取与所述密钥标识对应的用户密钥,使用获取到的用户密钥执行与所述运算参数集对应的运算,并返回执行结果;The delivery module 420 is configured to pass the operation parameter set to an execution node in the secure execution space through a preset interface, so that the execution node is in the secure execution space: acquiring the key from the keystore Identifying a corresponding user key, performing an operation corresponding to the operation parameter set by using the obtained user key, and returning an execution result;
其中,所述密钥库存储在所述安全执行空间内;所述安全执行空间预先建立在所述服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问。Wherein the key store is stored in the secure execution space; the secure execution space is pre-established in the server, the secure execution space being configured to be capable of blocking external access of privileged level code.
可以看出的是,本实施例的装置将用户密钥和进行密码运算的过程全部封装在安全执行空间内部,而外部的用户应用采用密钥标识代替用户密钥来发起密码运算,使得用户密钥和进行密码运算的过程对于操作系统和虚拟机监视器等特权级软件而言不可见,从而降低云服务器中的特权级软件对用户密钥造成的安全威胁。It can be seen that the apparatus of the embodiment encapsulates the user key and the process of performing the cryptographic operation in the secure execution space, and the external user application uses the key identifier instead of the user key to initiate the cryptographic operation, so that the user is dense. The process of keying and cryptographic operations is invisible to privileged software such as operating systems and virtual machine monitors, thereby reducing the security threats posed by privileged software in cloud servers to user keys.
在一种可能的设计中,所述传递模块420包括调用单元,该调用单元用于调用配置在所述执行节点中的接入函数,以在经过所述预设接口的访问权限验证之后,将所述运算参数集作为函数参数传递给所述执行节点。In a possible design, the delivery module 420 includes a calling unit, which is used to invoke an access function configured in the execution node, after verifying access rights through the preset interface, The set of operational parameters is passed as a function parameter to the execution node.
在一种可能的设计中,所述运算参数集包括用于定义运算规则的运算子集和用于携带运算数据的参数子集;所述传递模块420包括:In one possible design, the set of operational parameters includes a subset of operations for defining operational rules and a subset of parameters for carrying operational data; the delivery module 420 includes:
第一传递单元,用于通过所述预设接口将包含所述暂存标记的运算参数集传递给所述执行节点,以使所述执行节点在所述安全执行空间内:根据所述运算子集和所述参数子集进行运算以获取运算结果,将所述运算结果存储在所述安全执行空间内,为存储后的所述
运算结果分配对应的数据标识,并返回所述数据标识;a first transfer unit, configured to pass, by the preset interface, an operation parameter set including the temporary storage tag to the execution node, so that the execution node is in the secure execution space: according to the operation And performing a calculation on the subset of parameters to obtain an operation result, and storing the operation result in the secure execution space, as described in the storage
The operation result assigns a corresponding data identifier, and returns the data identifier;
接收单元,用于接收来自所述执行节点的数据标识;以及,a receiving unit, configured to receive a data identifier from the execution node; and,
第二传递单元,用于通过所述预设接口将参数子集中包含所述数据标识的运算参数集传递给所述执行节点,以使所述执行节点在所述安全执行空间内:在所述安全执行空间内获取与所述数据标识对应的运算结果,以使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。a second transfer unit, configured to pass, by the preset interface, a set of operation parameters including the data identifier in the parameter subset to the execution node, so that the execution node is in the secure execution space: The operation result corresponding to the data identifier is obtained in the secure execution space, and the operation result is obtained according to the operation subset and the parameter subset using the obtained operation result to obtain the operation result.
在一种可能的设计中,密钥保护装置还包括未予图示的建立模块,该建立模块用于在配置有所述执行节点的安全执行空间建立之后,在所述传递模块通过预设接口将所述运算参数集传递给执行节点之前,与用户端交互以建立所述用户端与所述执行节点之间的安全信道,以使所述用户端:通过所述安全信道将密钥信息发送给所述执行节点,以通过所述执行节点根据所述密钥信息中包含的用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。In a possible design, the key protection device further includes an unillustrated establishing module, the establishing module is configured to pass the preset interface in the transmitting module after the secure execution space configured with the executing node is established. Before transmitting the operation parameter set to the execution node, interacting with the user end to establish a secure channel between the user end and the execution node, so that the user end: sending key information through the secure channel And executing, by the execution node, the configuration of the keystore in the secure execution space according to a mapping relationship between a user key and a key identifier included in the key information.
在一种可能的设计中,密钥保护装置还包括未予图示的第二获取模块和发送模块,其中的第二获取模块用于在所述用户端通过所述安全信道将密钥信息发送给所述执行节点之前,通过所述执行节点获取安全执行空间的预置范围内的数据的散列值,所述安全执行空间的预置范围内的数据包括所述安全执行空间内全部的可执行代码;上述发送模块用于将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。In a possible design, the key protection device further includes a second acquiring module and a sending module, which are not illustrated, wherein the second acquiring module is configured to send the key information by using the secure channel at the user end. Before the execution node, obtaining, by the execution node, a hash value of data within a preset range of the secure execution space, where data within the preset range of the secure execution space includes all of the security execution space Executing code; the sending module is configured to send the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, where The integrity check prevents the user key from being sent to the server before it passes.
在一种可能的设计中,密钥保护装置还包括未予图示的创建模块,和注入模块,其中的创建模块用于所述建立模块与用户端交互以建立所述用户端与所述执行节点之间的安全信道之前,在服务器中创建安全执行空间;上述注入模块用于向所述安全执行空间中注入与所述执行节点对应的数据,以在所述安全执行空间内完成所述执行节点的配置。In a possible design, the key protection device further includes a creation module not illustrated, and an injection module, wherein the creation module is configured to interact with the user terminal to establish the user terminal and the execution Before the secure channel between the nodes, a secure execution space is created in the server; the injection module is configured to inject data corresponding to the execution node into the secure execution space to complete the execution in the secure execution space The configuration of the node.
关于本实施例中的装置,其中各个模块执行操作的具体方式已经在有关方法的实施例中进行了详细描述,此处将不做详细阐述说明。With regard to the apparatus in this embodiment, the specific manner in which the respective modules perform the operations has been described in detail in the embodiments of the related methods, and will not be explained in detail herein.
参见图8,图8是本申请又一实施例所涉及的一种密钥保护装置的结构框图,该密钥保护装置应用于用户端,包括第一发送模块510,该第一发送模块510用于向服务器发送至少一个用户密钥的密钥标识,以使所述服务器中运行的第一用户应用能够在发起使用用户密钥的运算时,能够获取到与所要使用的用户密钥对应的密钥标识;其中:Referring to FIG. 8, FIG. 8 is a structural block diagram of a key protection apparatus according to another embodiment of the present application. The key protection apparatus is applied to a user end, and includes a first sending module 510, where the first sending module 510 is used. Sending a key identifier of the at least one user key to the server, so that the first user application running in the server can obtain the secret corresponding to the user key to be used when initiating the operation using the user key Key identifier; where:
所述第一用户应用被配置为将获取到的密钥标识添加至与所述使用用户密钥的运算对应的运算参数集中,通过预设接口将所述运算参数集传递给安全执行空间内的执行节点;The first user application is configured to add the acquired key identifier to an operation parameter set corresponding to the operation using the user key, and transmit the operation parameter set to the secure execution space through a preset interface. Execution node
所述执行节点被配置为在所述安全执行空间内:从密钥库中获取与所述密钥标识对应的用户密钥,使用获取到的用户密钥执行与所述运算参数集对应的运算,并将执行结果返回给所述第一用户应用;The execution node is configured to: in the secure execution space, acquire a user key corresponding to the key identifier from a keystore, and perform an operation corresponding to the operation parameter set by using the obtained user key And returning an execution result to the first user application;
所述密钥库存储在所述安全执行空间内;所述安全执行空间预先建立在所述服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问。The key store is stored in the secure execution space; the secure execution space is pre-established in the server, the secure execution space being configured to be able to block external access of privileged level code.
可以看出的是,本实施例的装置将用户密钥和进行密码运算的过程全部封装在安全执行空间内部,而外部的用户应用采用密钥标识代替用户密钥来发起密码运算,使得用户密钥和进行密码运算的过程对于操作系统和虚拟机监视器等特权级软件而言不可见,从而降低云服务器中的特权级软件对用户密钥造成的安全威胁。
It can be seen that the apparatus of the embodiment encapsulates the user key and the process of performing the cryptographic operation in the secure execution space, and the external user application uses the key identifier instead of the user key to initiate the cryptographic operation, so that the user is dense. The process of keying and cryptographic operations is invisible to privileged software such as operating systems and virtual machine monitors, thereby reducing the security threats posed by privileged software in cloud servers to user keys.
在一种可能的设计中,所述密钥保护装置还包括未予图示的建立模块和第二发送模块,其中的建立模块用于在配置有所述执行节点的安全执行空间建立之后,通过所述服务器中运行的第二用户应用与用户端交互以建立所述用户端与所述执行节点之间的安全信道;上述第二发送模块用于通过所述安全信道将密钥信息发送至所述执行节点,以通过所述执行节点根据所述密钥信息中包含的用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。In a possible design, the key protection device further includes an establishing module and a second sending module, which are not illustrated, where the establishing module is configured to pass after the secure execution space configured with the executing node is established. a second user application running in the server interacts with the client to establish a secure channel between the client and the execution node; the second sending module is configured to send the key information to the security channel through the secure channel Executing a node to complete configuration of the keystore in the secure execution space by the execution node according to a mapping relationship between a user key and a key identifier included in the key information.
在一种可能的设计中,所述建立模块进一步用于通过与所述执行节点之间的密钥协商得到共有密钥,以建立使用所述共有密钥进行加密通信的安全信道。In a possible design, the establishing module is further configured to obtain a common key by key negotiation with the execution node to establish a secure channel for performing encrypted communication using the shared key.
在一种可能的设计中,所述密钥保护装置还包括未予图示的校验模块和阻止模块,其中的校验模块用于在所述第二发送模块通过所述安全信道将密钥信息发送至所述执行节点之前,通过所述执行节点对安全执行空间的预置范围内的数据进行完整性校验,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;上述阻止模块用于在完整性校验通过之前,阻止用户密钥向服务器的发送。In a possible design, the key protection device further includes a verification module and a blocking module, which are not illustrated, wherein the verification module is configured to use the security channel to pass the key on the second transmission module. Before the information is sent to the execution node, the integrity check is performed on the data in the preset range of the secure execution space by the execution node, and the data in the preset range includes all executables in the secure execution space. Code; the blocking module described above is used to block the transmission of the user key to the server before the integrity check is passed.
在一种可能的设计中,所述密钥保护装置还包括未予图示的第三发送模块,所述第三发送模块用于在所述建立模块通过所述服务器中运行的第二用户应用与用户端交互以建立所述用户端与所述执行节点之间的安全信道之后:In a possible design, the key protection device further includes a third sending module, not illustrated, for the second user application running in the server by the establishing module. After interacting with the client to establish a secure channel between the client and the execution node:
通过所述安全信道向所述执行节点发送第一操作指令,以使所述执行节点在所述安全执行空间内:接收所述第一操作指令,屏蔽除来自所述安全信道以外的用户指令;和/或,Transmitting, by the secure channel, a first operation instruction to the execution node, so that the execution node is within the secure execution space: receiving the first operation instruction, and masking a user instruction other than the secure channel; and / or,
通过所述安全信道向所述执行节点发送第二操作指令,以使所述执行节点在所述安全执行空间内:接收所述第二操作指令,对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;和/或,Sending, by the secure channel, a second operation instruction to the execution node, so that the execution node is in the secure execution space: receiving the second operation instruction, checking a security execution space, to obtain a verification Reporting is sent to the client over the secure channel; and/or,
通过所述安全信道接收来自所述执行节点的核查报告,以根据接收到的核查报告确定所述安全执行空间的安全风险等级;和/或,Receiving, by the secure channel, a verification report from the execution node to determine a security risk level of the secure execution space based on the received verification report; and/or,
在所述安全执行空间的安全风险等级高于或等于预设等级时通过所述安全信道向所述执行节点发送第三操作指令,以使所述执行节点在所述安全执行空间内:接收所述第三操作指令,删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;和/或,Sending, by the safety channel, a third operation instruction to the execution node when the security risk level of the security execution space is higher than or equal to a preset level, so that the execution node is in the security execution space: receiving the location Deleting a third operation instruction to delete a predetermined portion of secret data or all secret data in the secure execution space; and/or,
通过所述安全信道向所述执行节点发送第四操作指令,以使所述执行节点在所述安全执行空间内:接收所述第四操作指令,将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道返回用于读取密钥库和对密钥库进行解密的数据;和/或,Transmitting, by the secure channel, a fourth operation instruction to the execution node, so that the execution node is in the secure execution space: receiving the fourth operation instruction, encrypting a keystore in the secure execution space Storing into a memory of the server and returning data for reading the keystore and decrypting the keystore through the secure channel; and/or,
通过所述安全信道向所述执行节点发送第五操作指令,所述第五操作指令包括地址标识和解密密钥,以使所述执行节点在所述安全执行空间内:接收所述第五操作指令,根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。Transmitting, by the secure channel, a fifth operation instruction to the execution node, where the fifth operation instruction includes an address identifier and a decryption key, so that the execution node is in the secure execution space: receiving the fifth operation An instruction to obtain an encrypted keystore in a memory of the server according to the address identifier, and decrypt the encrypted keystore by using the decryption key to configure the decrypted keystore in the Within the secure execution space.
在一种可能的设计中,所述密钥保护装置还包括未予图示的创建模块和注入模块,其中的创建模块用于在所述建立模块通过所述服务器中运行的第二用户应用与用户端交互以建立所述用户端与所述执行节点之间的安全信道之前,通过所述服务器中运行的第三用户应用创建安全执行空间;上述注入模块,用于通过所述服务器中运行的第三用户应用向所述安全执行空间内注入与所述执行节点对应的数据,以在所述安全执行空间内完成所述执
行节点的配置。In a possible design, the key protection device further includes a creation module and an injection module, which are not illustrated, wherein the creation module is used for the second user application running in the server through the establishment module. Before the user interacts to establish a secure channel between the client and the execution node, a secure execution space is created by a third user application running in the server; the injection module is configured to run through the server Transmitting, by the third user application, data corresponding to the execution node into the secure execution space to complete the execution in the secure execution space
The configuration of the row node.
关于本实施例中的装置,其中各个模块执行操作的具体方式已经在有关方法的实施例中进行了详细描述,此处将不做详细阐述说明。With regard to the apparatus in this embodiment, the specific manner in which the respective modules perform the operations has been described in detail in the embodiments of the related methods, and will not be explained in detail herein.
参见图9,图9是本申请又一实施例所涉及的一种密钥保护装置的结构框图,该密钥保护装置应用于配置在安全执行空间内的执行节点,所述安全执行空间建立在服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问,所述密钥保护装置包括第一接收模块610、第一获取模块620、执行模块630和返回模块640,其中:Referring to FIG. 9, FIG. 9 is a structural block diagram of a key protection apparatus according to another embodiment of the present application. The key protection apparatus is applied to an execution node configured in a secure execution space, where the secure execution space is established. In the server, the secure execution space is configured to be able to block external access of the privilege level code, and the key protection device includes a first receiving module 610, a first obtaining module 620, an executing module 630, and a returning module 640, wherein:
第一接收模块610用于接收所述用户应用通过预设接口传递的运算参数集,所述运算参数集与所要使用的用户密钥对应的密钥标识;The first receiving module 610 is configured to receive an operation parameter set that is sent by the user application through a preset interface, where the operation parameter set is a key identifier corresponding to the user key to be used;
第一获取模块620用于从密钥库中获取与所述密钥标识对应的用户密钥;其中,所述密钥库存储在所述安全执行空间内;The first obtaining module 620 is configured to obtain a user key corresponding to the key identifier from a keystore, where the key pool is stored in the secure execution space;
执行模块630用于使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果;The executing module 630 is configured to perform an operation corresponding to the operation parameter set in the secure execution space using the acquired user key to obtain an execution result;
返回模块640用于向所述用户应用返回执行结果。The return module 640 is configured to return an execution result to the user application.
可以看出的是,本实施例的装置将用户密钥和进行密码运算的过程全部封装在安全执行空间内部,而外部的用户应用采用密钥标识代替用户密钥来发起密码运算,使得用户密钥和进行密码运算的过程对于操作系统和虚拟机监视器等特权级软件而言不可见,从而降低云服务器中的特权级软件对用户密钥造成的安全威胁。It can be seen that the apparatus of the embodiment encapsulates the user key and the process of performing the cryptographic operation in the secure execution space, and the external user application uses the key identifier instead of the user key to initiate the cryptographic operation, so that the user is dense. The process of keying and cryptographic operations is invisible to privileged software such as operating systems and virtual machine monitors, thereby reducing the security threats posed by privileged software in cloud servers to user keys.
在一种可能的设计中,所述装置还包括附图中未示出的下述结构:In one possible design, the device further comprises the following structure not shown in the figures:
建立模块,用于在所述第一获取模块620从密钥库中获取与所述密钥标识对应的用户密钥之前,与用户端交互以建立所述用户端与所述执行节点之间的安全信道;An establishing module, configured to interact with the user end to establish a relationship between the user end and the execution node, before the first obtaining module 620 acquires a user key corresponding to the key identifier from a keystore Secure channel
第二接收模块,用于通过所述安全信道接收所述用户端发送的密钥信息;其中,所述密钥信息中包括用户密钥与密钥标识之间的映射关系;a second receiving module, configured to receive the key information sent by the user end by using the secure channel, where the key information includes a mapping relationship between the user key and the key identifier;
配置模块,用于根据所述用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。And a configuration module, configured to complete configuration of the keystore in the secure execution space according to a mapping relationship between the user key and a key identifier.
在一种可能的设计中,所述装置还包括附图中未示出的下述结构:In one possible design, the device further comprises the following structure not shown in the figures:
第二获取模块,用于在所述第二接收模块通过所述安全信道接收所述用户端发送的密钥信息之前,获取安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;a second acquiring module, configured to acquire a hash value of data in a preset range of the secure execution space before the second receiving module receives the key information sent by the user end by using the secure channel, where the The data in the range includes all executable code in the secure execution space;
发送模块,用于将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。a sending module, configured to send the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, and performs integrity verification The transmission of the user key to the server is blocked before the pass.
在一种可能的设计中,所述装置还包括附图中未示出的第三接收模块,所述第三接收模块用于在所述建立模块与用户端交互以建立所述用户端与所述执行节点之间的安全信道之后:通过所述安全信道接收来自所述用户端的用户指令;以及,In a possible design, the device further includes a third receiving module not shown in the figure, the third receiving module is configured to interact with the user end at the establishing module to establish the user terminal and the After performing a secure channel between the nodes: receiving user instructions from the user terminal through the secure channel; and,
在所述用户指令为第一操作指令时,屏蔽除来自所述安全信道以外的用户指令;Blocking user instructions from the secure channel when the user command is the first operational command;
和/或,and / or,
在所述用户指令为第二操作指令时,对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;
When the user instruction is the second operation instruction, check the security execution space to send the obtained verification report to the user terminal through the secure channel;
和/或,and / or,
在所述用户指令为第三操作指令时,删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;Deleting a predetermined portion of secret data or all secret data in the secure execution space when the user instruction is a third operation instruction;
和/或,and / or,
在所述用户指令为第四操作指令时,将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道向所述用户端返回用于读取密钥库和对密钥库进行解密的数据;And when the user instruction is the fourth operation instruction, encrypting the keystore in the secure execution space into the memory of the server, and returning to the client for reading the secret through the secure channel. a keystore and data that decrypts the keystore;
和/或,and / or,
在所述用户指令为包括地址标识和解密密钥的第五操作指令时,根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。And when the user instruction is a fifth operation instruction including an address identifier and a decryption key, acquiring an encrypted keystore in a memory of the server according to the address identifier, and encrypting the encrypted key pair The keystore is decrypted to configure the decrypted keystore in the secure execution space.
在一种可能的设计中,在一种可能的设计中,所述运算参数集包括用于定义运算规则的第一子集和用于携带运算数据的的参数子集,所述执行模块630包括:In one possible design, in one possible design, the set of operational parameters includes a first subset for defining operational rules and a subset of parameters for carrying operational data, the execution module 630 comprising :
执行单元,用于根据所述运算子集和所述参数子集进行运算以获取运算结果;An execution unit, configured to perform an operation according to the operation subset and the parameter subset to obtain an operation result;
存储单元,用于在检测到所述运算参数集中还包括暂存标记时,将所述运算结果存储在所述安全执行空间内,并为存储后的所述运算结果分配对应的数据标识;a storage unit, configured to store the operation result in the secure execution space when the operation parameter set is further included in the operation parameter set, and allocate a corresponding data identifier to the stored operation result;
相应的,所述返回模块进一步用于向所述用户应用返回所述数据标识。Correspondingly, the returning module is further configured to return the data identifier to the user application.
在一种可能的设计中,所述执行单元进一步用于:In one possible design, the execution unit is further configured to:
当所述参数子集中包含有至少一个数据标识时,所述执行节点在所述安全执行空间内获取与所述至少一个数据标识对应的运算结果,并使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。When the parameter subset includes at least one data identifier, the execution node acquires an operation result corresponding to the at least one data identifier in the secure execution space, and uses the obtained operation result according to the operator The set and the subset of parameters are operated to obtain an operation result.
在一种可能的设计中,所述运算参数集还包括指令标识和输入数据;所述执行模块630具体包括:In a possible design, the operation parameter set further includes an instruction identifier and input data; the execution module 630 specifically includes:
确定单元,用于确定与所述指令标识对应的运算指令函数;其中,所述运算指令函数与所述指令标识相互对应地配置在所述安全执行空间内的运算指令库中;a determining unit, configured to determine an operation instruction function corresponding to the instruction identifier; wherein the operation instruction function and the instruction identifier are respectively arranged in an operation instruction library in the safety execution space;
输入单元,用于将所述输入数据和获取到的用户密钥输入到所述运算指令函数中以获取执行结果。And an input unit, configured to input the input data and the obtained user key into the operation instruction function to obtain an execution result.
在一种可能的设计中,所述执行节点中配置有接入函数;所述第一接收模块610进一步用于:In a possible design, the execution node is configured with an access function; the first receiving module 610 is further configured to:
在所述用户应用对所述接入函数的调用经过所述预设接口的访问权限验证之后,所述执行节点通过所述接入函数接收作为函数参数的所述运算参数集。After the user application invokes the access function to verify the access authority of the preset interface, the execution node receives the operation parameter set as a function parameter through the access function.
关于本实施例中的装置,其中各个模块执行操作的具体方式已经在有关方法的实施例中进行了详细描述,此处将不做详细阐述说明。With regard to the apparatus in this embodiment, the specific manner in which the respective modules perform the operations has been described in detail in the embodiments of the related methods, and will not be explained in detail herein.
图10是本申请的实施例所涉及一种计算机设备的结构示意图,该计算机设备可用于构成本申请中用于承载用户应用和安全执行空间的服务器,也可以用于构成本申请中用于承载用户端的用户设备。参见图10,计算机设备700包括至少一个处理器701,总线702,存储器703以及至少一个通信接口704。FIG. 10 is a schematic structural diagram of a computer device according to an embodiment of the present application. The computer device may be used to form a server for carrying a user application and a secure execution space in the present application, and may also be used to form a bearer in the present application. User equipment of the client. Referring to FIG. 10, computer device 700 includes at least one processor 701, bus 702, memory 703, and at least one communication interface 704.
处理器701可以包括通用中央处理器(CPU),微处理器,特定应用集成电路(Application-Specific Integrated Circuit,ASIC),数字信号处理器(DSP)、数字信号处理设
备(DSPD)、可编程逻辑器件(PLD)、现场可编程门阵列(FPGA)、控制器、微控制器,或者多个用于控制程序执行的集成电路。The processor 701 may include a general purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), a digital signal processor (DSP), and a digital signal processing device.
A device (DSPD), a programmable logic device (PLD), a field programmable gate array (FPGA), a controller, a microcontroller, or multiple integrated circuits for controlling program execution.
总线702主要用于在计算机设备700的其他组件之间传送信息。所述通信接口704主要用于与其他存储设备或者网络设备通信,在通信结构704为网络接口时,其所接入的网络可以例如是以太网,无线接入网(RAN),无线局域网(Wireless Local Area Networks,WLAN)等等。 Bus 702 is primarily used to transfer information between other components of computer device 700. The communication interface 704 is mainly used to communicate with other storage devices or network devices. When the communication structure 704 is a network interface, the network to which the communication structure 704 is connected may be, for example, an Ethernet, a radio access network (RAN), or a wireless local area network (Wireless local area network). Local Area Networks, WLAN) and more.
存储器703可以包括只读存储器(Read-Only Memory,ROM)或可存储静态信息和指令的其他类型的静态存储设备,随机存取存储器(Random Access Memory,RAM)或者可存储信息和指令的其他类型的动态存储设备,也可以包括电可擦可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、只读光盘(Compact Disc Read-Only Memory,CD-ROM)或其他光盘存储、光碟存储(包括压缩光碟、激光碟、光碟、数字通用光碟、蓝光光碟等)、磁盘存储介质或者其他磁存储设备、或者能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器可以是独立设置的,也可以和处理器集成在一起。The memory 703 may include a Read-Only Memory (ROM) or other type of static storage device that can store static information and instructions, a Random Access Memory (RAM) or other type that can store information and instructions. Dynamic storage devices, which may also include Electrically Erasable Programmable Read-Only Memory (EEPROM), Compact Disc Read-Only Memory (CD-ROM) or other optical disk storage, and optical disk storage. (including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or can be used to carry or store desired program code in the form of instructions or data structures and can be Any other media accessed, but not limited to this. The memory can be set up independently or integrated with the processor.
其中,所述存储器703用于存储可执行代码,并由处理器701来控制执行。所述处理器701用于执行所述存储器703中存储的可执行代码。The memory 703 is used to store executable code and is controlled by the processor 701 for execution. The processor 701 is configured to execute executable code stored in the memory 703.
在具体实现中,作为一种实施例,处理器701可以包括一个或多个CPU,例如图10中的CPU0和CPU1。In a specific implementation, as an embodiment, the processor 701 may include one or more CPUs, such as CPU0 and CPU1 in FIG.
在具体实现中,作为一种实施例,计算机设备700可以包括多个处理器,例如图10中的处理器701和处理器708。这些处理器中的每一个可以是一个单核(single-CPU)处理器,也可以是一个多核(multi-CPU)处理器。这里的处理器可以指一个或多个设备、电路、和/或用于处理数据(例如计算机程序指令)的处理核。In a particular implementation, as an embodiment, computer device 700 can include multiple processors, such as processor 701 and processor 708 in FIG. Each of these processors can be a single-CPU processor or a multi-core processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data, such as computer program instructions.
在具体实现中,作为一种实施例,计算机设备700还可以包括输出设备705和输入设备706。输出设备705和处理器701通信,可以以多种方式来显示信息。例如,输出设备705可以是液晶显示器(Liquid Crystal Display,LCD),发光二级管(Light Emitting Diode,LED)显示设备,阴极射线管(Cathode Ray Tube,CRT)显示设备,或投影仪(Projector)等。输入设备706之间处理器701可藉由总线702通信,可以以多种方式接受用户的输入。例如,输入设备706可以是鼠标、键盘、触摸屏设备或传感设备等。In a particular implementation, as an embodiment, computer device 700 may also include an output device 705 and an input device 706. Output device 705 is in communication with processor 701 and can display information in a variety of ways. For example, the output device 705 can be a liquid crystal display (LCD), a light emitting diode (LED) display device, a cathode ray tube (CRT) display device, or a projector (Projector). Wait. The processor 701 between the input devices 706 can communicate via the bus 702 and can accept user input in a variety of ways. For example, input device 706 can be a mouse, keyboard, touch screen device, or sensing device, and the like.
上述的计算机设备700可以是一个通用计算机设备或者一个专用计算机设备。在具体实现中,计算机设备700可以是台式机、便携式电脑、网络服务器、掌上电脑(Personal Digital Assistant,PDA)、移动手机、平板电脑、无线终端设备、通信设备、嵌入式设备或类似结构的设备。本申请的实施例不限定计算机设备700的类型。The computer device 700 described above can be a general purpose computer device or a special purpose computer device. In a specific implementation, the computer device 700 can be a desktop computer, a portable computer, a network server, a personal digital assistant (PDA), a mobile phone, a tablet, a wireless terminal device, a communication device, an embedded device, or the like. . Embodiments of the present application do not limit the type of computer device 700.
需要说明的是,图10所示的计算机设备仅仅是给出了各部分的可能的硬件实现方式,根据系统各部分功能的不同或者变化,可以对计算机设备的硬件组件进行增删,以使得与系统各部分的功能进行匹配。It should be noted that the computer device shown in FIG. 10 only gives a possible hardware implementation manner of each part. According to different functions or changes of various parts of the system, hardware components of the computer device can be added or deleted to make the system The functions of each part are matched.
在图7、图8、图9对应的实施例中,密钥保护装置是以功能单元/功能模块的形式来呈现。这里的“单元/模块”可以指特定应用集成电路(Application Specific Integrated Circuit,ASIC)电路,执行一个或多个软件或固件程序的处理器和存储器,集成逻辑电路,和/或其他可以提供上述功能的器件。在一个简单的实施例中,实现密钥保护装置的设备可以具有图
10所示的形式。示例性的,第一获取模块410和传递模块420,第一发送模块510,第一接收模块610、第一获取模块620、执行模块630和返回模块640的功能可以通过由处理器来执行存储器中存储的程序代码来实现。In the embodiment corresponding to Figures 7, 8, and 9, the key protection device is presented in the form of a functional unit/function module. A "unit/module" herein may refer to an Application Specific Integrated Circuit (ASIC) circuit, a processor and memory that executes one or more software or firmware programs, integrated logic circuits, and/or others that provide the above functions. Device. In a simple embodiment, the device implementing the key protection device may have a map
The form shown in 10. Exemplarily, the functions of the first obtaining module 410 and the transmitting module 420, the first sending module 510, the first receiving module 610, the first obtaining module 620, the executing module 630, and the returning module 640 may be performed by a processor in a memory. Stored program code to implement.
本申请的实施例还提供了一种计算机存储介质,用于储存为上述图7、图8或图9所示的密钥保护装置所用的计算机软件指令,其包含用于执行上述方法实施例所设计的程序。通过执行存储的程序,可以实现本申请提供的密钥保护方法。The embodiment of the present application further provides a computer storage medium for storing computer software instructions for the key protection device shown in FIG. 7, FIG. 8 or FIG. 9 above, which is used to execute the foregoing method embodiment. Designed program. The key protection method provided by the present application can be implemented by executing a stored program.
尽管在此结合各实施例对本申请进行了描述,然而,在实施所要求保护的本申请过程中,本领域技术人员通过查看所述附图、公开内容、以及所附权利要求书,可理解并实现所述公开实施例的其他变化。在权利要求中,“包括”一词不排除其他组成部分或步骤,“一”或“一个”不排除多个的情况。单个处理器或其他单元可以实现权利要求中列举的若干项功能。相互不同的从属权利要求中记载了某些措施,但这并不表示这些措施不能组合起来产生良好的效果。Although the present application has been described herein in connection with the various embodiments, those skilled in the art can Other variations of the disclosed embodiments are achieved. In the claims, the <RTI ID=0.0>"comprises" </ RTI> </ RTI> does not exclude other components or steps. A single processor or other unit may fulfill several of the functions recited in the claims. Certain measures are recited in mutually different dependent claims, but this does not mean that the measures are not combined to produce a good effect.
本领域技术人员应明白,本申请的实施例可提供为方法、装置(设备)、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。计算机程序存储/分布在合适的介质中,与其它硬件一起提供或作为硬件的一部分,也可以采用其他分布形式,如通过因特网或其它有线或无线电信系统。Those skilled in the art will appreciate that embodiments of the present application can be provided as a method, apparatus (device), or computer program product. Thus, the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code. The computer program is stored/distributed in a suitable medium, provided with other hardware or as part of hardware, or in other distributed forms, such as through the Internet or other wired or wireless telecommunication systems.
本申请是参照本申请的实施例的方法、装置(设备)和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of the methods, apparatus, and computer program products of the embodiments of the present application. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
以上所述仅为本申请的可选实施例,并不用以限制本申请,凡在本申请的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。
The above description is only an optional embodiment of the present application, and is not intended to limit the present application. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present application are included in the protection of the present application. Within the scope.
Claims (14)
- 一种密钥保护方法,其特征在于,应用于配置在安全执行空间内的执行节点;其中,所述安全执行空间建立在服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问;所述方法包括:A key protection method, characterized by being applied to an execution node configured in a secure execution space; wherein the secure execution space is established in a server, the secure execution space being configured to be capable of blocking an external privilege level code Access; the method includes:所述执行节点接收所述用户应用通过预设接口传递的运算参数集,所述运算参数集包括与所要使用的用户密钥对应的密钥标识;The execution node receives an operation parameter set that is transmitted by the user application through a preset interface, where the operation parameter set includes a key identifier corresponding to a user key to be used;所述执行节点从密钥库中获取与所述密钥标识对应的用户密钥;其中,所述密钥库存储在所述安全执行空间内;Obtaining, by the execution node, a user key corresponding to the key identifier from a keystore; wherein the keystore is stored in the secure execution space;所述执行节点使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果;Executing, by the execution node, an operation corresponding to the operation parameter set in the secure execution space using an acquired user key to obtain an execution result;所述执行节点向所述用户应用返回所述执行结果。The execution node returns the execution result to the user application.
- 根据权利要求1所述的方法,其特征在于,在所述执行节点从密钥库中获取与所述密钥标识对应的用户密钥之前,还包括:The method according to claim 1, wherein before the executing node obtains the user key corresponding to the key identifier from the keystore, the method further includes:所述执行节点与用户端交互以建立所述用户端与所述执行节点之间的安全信道;The execution node interacts with the client to establish a secure channel between the client and the execution node;所述执行节点通过所述安全信道接收所述用户端发送的密钥信息;其中,所述密钥信息中包括用户密钥与密钥标识之间的映射关系;Receiving, by the security node, the key information sent by the user end, where the key information includes a mapping relationship between the user key and the key identifier;所述执行节点根据所述用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。And executing, by the execution node, the configuration of the keystore in the secure execution space according to a mapping relationship between the user key and a key identifier.
- 根据权利要求2所述的方法,其特征在于,在所述执行节点通过所述安全信道接收所述用户端发送的密钥信息之前,还包括:The method according to claim 2, further comprising: before the receiving node receives the key information sent by the UE by using the secure channel, the method further includes:所述执行节点获取所述安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;The execution node acquires a hash value of data within a preset range of the secure execution space, and the data in the preset range includes all executable code in the secure execution space;所述执行节点将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。The executing node sends the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, and performs integrity check. By blocking the transmission of the user key to the server before.
- 根据权利要求2或3所述的方法,其特征在于,在所述执行节点与用户端交互以建立所述用户端与所述执行节点之间的安全信道之后,还包括:The method according to claim 2 or 3, further comprising: after the performing node interacts with the client to establish a secure channel between the client and the executing node, further comprising:所述执行节点通过所述安全信道接收来自所述用户端的用户指令;以及,The execution node receives a user instruction from the user terminal through the secure channel; and,在所述用户指令为第一操作指令时,所述执行节点屏蔽除来自所述安全信道以外的用户指令;The execution node blocks user instructions other than the secure channel when the user instruction is the first operation instruction;和/或,and / or,在所述用户指令为第二操作指令时,所述执行节点对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;When the user instruction is the second operation instruction, the executing node checks the security execution space to send the obtained verification report to the user terminal through the secure channel;和/或,and / or,在所述用户指令为第三操作指令时,所述执行节点删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;When the user instruction is a third operation instruction, the execution node deletes a predetermined part of the secret data or all the secret data in the secure execution space;和/或,and / or,在所述用户指令为第四操作指令时,所述执行节点将所述安全执行空间内的密钥库加密 存储至所述服务器的存储器中,并通过所述安全信道向所述用户端返回用于读取密钥库和对密钥库进行解密的数据;The execution node encrypts the keystore in the secure execution space when the user instruction is the fourth operation instruction Storing into a memory of the server, and returning, by the secure channel, data for reading the keystore and decrypting the keystore to the client;和/或,and / or,在所述用户指令为包括地址标识和解密密钥的第五操作指令时,所述执行节点根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。When the user instruction is a fifth operation instruction including an address identifier and a decryption key, the execution node acquires an encrypted keystore in a memory of the server according to the address identifier, and uses the decryption key The encrypted keystore is decrypted to configure the decrypted keystore in the secure execution space.
- 根据权利要求1至4中任一项所述的方法,其特征在于,所述运算参数集包括用于定义运算规则的运算子集和用于携带运算数据的参数子集,所述执行节点使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果,包括:The method according to any one of claims 1 to 4, wherein the operation parameter set includes an operation subset for defining an operation rule and a parameter subset for carrying operation data, and the execution node uses The obtained user key performs an operation corresponding to the operation parameter set in the secure execution space to obtain an execution result, including:所述执行节点根据所述运算子集和所述参数子集进行运算以获取运算结果;Performing, by the execution node, an operation according to the operation subset and the parameter subset to obtain an operation result;当检测到所述运算参数集中还包括暂存标记时,所述执行节点将所述运算结果存储在所述安全执行空间内,并为存储后的所述运算结果分配对应的数据标识;When it is detected that the operation parameter set further includes a temporary storage mark, the execution node stores the operation result in the security execution space, and allocates a corresponding data identifier to the stored operation result;相应的,所述执行节点向所述用户应用返回所述执行结果,包括:Correspondingly, the executing node returns the execution result to the user application, including:所述执行节点向所述用户应用返回所述数据标识。The execution node returns the data identification to the user application.
- 根据权利要求5的方法,其特征在于,所述执行节点执行与所述第一子集对应的运算指令以获取运算结果,包括:The method of claim 5, wherein the executing node executes an operation instruction corresponding to the first subset to obtain an operation result, including:当所述参数子集中包含有至少一个数据标识时,所述执行节点在所述安全执行空间内获取与所述至少一个数据标识对应的运算结果,并使用获取到的运算结果根据所述运算子集和所述参数子集进行运算以获取运算结果。When the parameter subset includes at least one data identifier, the execution node acquires an operation result corresponding to the at least one data identifier in the secure execution space, and uses the obtained operation result according to the operator The set and the subset of parameters are operated to obtain an operation result.
- 根据权利要求1至4中任一项所述的方法,其特征在于,所述运算参数集还包括指令标识和输入数据;The method according to any one of claims 1 to 4, wherein the set of operation parameters further comprises instruction identification and input data;所述执行节点使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果,包括:The performing node performs an operation corresponding to the operation parameter set in the secure execution space to obtain an execution result by using the obtained user key, including:所述执行节点确定与所述指令标识对应的运算指令函数;其中,所述运算指令函数与所述指令标识相互对应地配置在所述安全执行空间内的运算指令库中;The execution node determines an operation instruction function corresponding to the instruction identifier; wherein the operation instruction function and the instruction identifier are mutually arranged in an operation instruction library in the secure execution space;所述执行节点将所述输入数据和获取到的用户密钥输入到所述运算指令函数中以获取执行结果。The execution node inputs the input data and the acquired user key into the operation instruction function to obtain an execution result.
- 一种密钥保护装置,其特征在于,应用于配置在安全执行空间内的执行节点;其中,所述安全执行空间建立在服务器中,所述安全执行空间被配置为能够阻止特权级代码的外部访问;所述装置包括:A key protection apparatus for an execution node configured in a secure execution space; wherein the secure execution space is established in a server, the secure execution space being configured to be capable of blocking an external privilege level code Access; the device includes:第一接收模块,用于接收所述用户应用通过预设接口传递的运算参数集,所述运算参数集与所要使用的用户密钥对应的密钥标识;a first receiving module, configured to receive an operation parameter set that is sent by the user application through a preset interface, where the operation parameter set is associated with a key identifier corresponding to the user key to be used;第一获取模块,用于从密钥库中获取与所述密钥标识对应的用户密钥;其中,所述密钥库存储在所述安全执行空间内;a first acquiring module, configured to acquire a user key corresponding to the key identifier from a keystore; wherein the keystore is stored in the secure execution space;执行模块,用于使用获取到的用户密钥在所述安全执行空间内执行与所述运算参数集对应的运算以获取执行结果;An execution module, configured to perform an operation corresponding to the operation parameter set in the secure execution space by using the obtained user key to obtain an execution result;返回模块,用于向所述用户应用返回所述执行结果。And returning a module, configured to return the execution result to the user application.
- 根据权利要求8所述的装置,其特征在于,还包括:The device according to claim 8, further comprising:建立模块,用于在所述第一获取模块从密钥库中获取与所述密钥标识对应的用户密钥之 前,与用户端交互以建立所述用户端与所述执行节点之间的安全信道;Establishing a module, configured to acquire, by the first acquiring module, a user key corresponding to the key identifier from a keystore Pre-interacting with the client to establish a secure channel between the client and the execution node;第二接收模块,用于通过所述安全信道接收所述用户端发送的密钥信息;其中,所述密钥信息中包括用户密钥与密钥标识之间的映射关系;a second receiving module, configured to receive the key information sent by the user end by using the secure channel, where the key information includes a mapping relationship between the user key and the key identifier;配置模块,用于根据所述用户密钥与密钥标识之间的映射关系在所述安全执行空间内完成所述密钥库的配置。And a configuration module, configured to complete configuration of the keystore in the secure execution space according to a mapping relationship between the user key and a key identifier.
- 根据权利要求9所述的装置,其特征在于,还包括:The device according to claim 9, further comprising:第二获取模块,用于在所述第二接收模块通过所述安全信道接收所述用户端发送的密钥信息之前,获取所述安全执行空间的预置范围内的数据的散列值,所述预置范围内的数据包括所述安全执行空间内全部的可执行代码;a second acquiring module, configured to acquire a hash value of data in a preset range of the secure execution space before the second receiving module receives the key information sent by the user end by using the secure channel, where The data within the preset range includes all executable code in the secure execution space;发送模块,用于将所述散列值发送给所述用户端,以使所述用户端:根据所述散列值对所述预置范围内的数据进行完整性校验,在完整性校验通过之前阻止用户密钥向所述服务器的发送。a sending module, configured to send the hash value to the user end, so that the user end: performs integrity check on the data in the preset range according to the hash value, and performs integrity verification The transmission of the user key to the server is blocked before the pass.
- 根据权利要求9或10所述的装置,其特征在于,还包括第三接收模块,所述第三接收模块用于在所述建立模块与用户端交互以建立所述用户端与所述执行节点之间的安全信道之后:通过所述安全信道接收来自所述用户端的用户指令;以及,The device according to claim 9 or 10, further comprising a third receiving module, wherein the third receiving module is configured to interact with the user end at the establishing module to establish the user end and the executing node After a secure channel between: receiving a user command from the client via the secure channel; and,在所述用户指令为第一操作指令时,屏蔽除来自所述安全信道以外的用户指令;Blocking user instructions from the secure channel when the user command is the first operational command;和/或,and / or,在所述用户指令为第二操作指令时,对安全执行空间进行核查,以将得到的核查报告通过所述安全信道发送给所述用户端;When the user instruction is the second operation instruction, check the security execution space to send the obtained verification report to the user terminal through the secure channel;和/或,and / or,在所述用户指令为第三操作指令时,删除所述安全执行空间内的预定部分的秘密数据或者全部的秘密数据;Deleting a predetermined portion of secret data or all secret data in the secure execution space when the user instruction is a third operation instruction;和/或,and / or,在所述用户指令为第四操作指令时,将所述安全执行空间内的密钥库加密存储至所述服务器的存储器中,并通过所述安全信道向所述用户端返回用于读取密钥库和对密钥库进行解密的数据;And when the user instruction is the fourth operation instruction, encrypting the keystore in the secure execution space into the memory of the server, and returning to the client for reading the secret through the secure channel. a keystore and data that decrypts the keystore;和/或,and / or,在所述用户指令为包括地址标识和解密密钥的第五操作指令时,根据所述地址标识在所述服务器的存储器中获取加密后的密钥库,使用所述解密密钥对加密后的密钥库进行解密,以将解密后的密钥库配置于所述安全执行空间内。And when the user instruction is a fifth operation instruction including an address identifier and a decryption key, acquiring an encrypted keystore in a memory of the server according to the address identifier, and encrypting the encrypted key pair The keystore is decrypted to configure the decrypted keystore in the secure execution space.
- 根据权利要求8至11中任一项所述的装置,其特征在于,所述运算参数集包括用于定义运算规则的第一子集和用于携带运算数据的的参数子集,所述执行模块包括:The apparatus according to any one of claims 8 to 11, wherein the operation parameter set includes a first subset for defining an operation rule and a parameter subset for carrying operation data, the execution Modules include:执行单元,用于根据所述运算子集和所述参数子集进行运算以获取运算结果;An execution unit, configured to perform an operation according to the operation subset and the parameter subset to obtain an operation result;存储单元,用于在检测到所述运算参数集中还包括暂存标记时,将所述运算结果存储在所述安全执行空间内,并为存储后的所述运算结果分配对应的数据标识;a storage unit, configured to store the operation result in the secure execution space when the operation parameter set is further included in the operation parameter set, and allocate a corresponding data identifier to the stored operation result;相应的,所述返回模块进一步用于向所述用户应用返回所述数据标识。Correspondingly, the returning module is further configured to return the data identifier to the user application.
- 根据权利要求12的装置,其特征在于,所述执行单元进一步用于:The apparatus according to claim 12, wherein said execution unit is further configured to:当所述参数子集中包含有至少一个数据标识时,所述执行节点在所述安全执行空间内获取与所述至少一个数据标识对应的运算结果,并使用获取到的运算结果根据所述运算子集和 所述参数子集进行运算以获取运算结果。When the parameter subset includes at least one data identifier, the execution node acquires an operation result corresponding to the at least one data identifier in the secure execution space, and uses the obtained operation result according to the operator Set and The subset of parameters is operated to obtain an operation result.
- 根据权利要求8至11中任一项所述的装置,其特征在于,所述运算参数集还包括指令标识和输入数据;所述执行模块包括:The apparatus according to any one of claims 8 to 11, wherein the operation parameter set further comprises an instruction identifier and input data; the execution module comprises:确定单元,用于确定与所述指令标识对应的运算指令函数;其中,所述运算指令函数与所述指令标识相互对应地配置在所述安全执行空间内的运算指令库中;a determining unit, configured to determine an operation instruction function corresponding to the instruction identifier; wherein the operation instruction function and the instruction identifier are respectively arranged in an operation instruction library in the safety execution space;输入单元,用于将所述输入数据和获取到的用户密钥输入到所述运算指令函数中以获取执行结果。 And an input unit, configured to input the input data and the obtained user key into the operation instruction function to obtain an execution result.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710079083.1 | 2017-02-14 | ||
| CN201710079083.1A CN108429719B (en) | 2017-02-14 | 2017-02-14 | Key protection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2018149110A1 true WO2018149110A1 (en) | 2018-08-23 |
Family
ID=63155090
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/CN2017/099285 WO2018149110A1 (en) | 2017-02-14 | 2017-08-28 | Key protection method and apparatus |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108429719B (en) |
| WO (1) | WO2018149110A1 (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110830243A (en) * | 2019-10-18 | 2020-02-21 | 中国第一汽车股份有限公司 | Symmetric key distribution method, device, vehicle and storage medium |
| CN113326518A (en) * | 2021-06-09 | 2021-08-31 | 深圳前海微众银行股份有限公司 | Data processing method and device |
| US11398901B2 (en) | 2020-03-26 | 2022-07-26 | Walmart Apollo, Llc | Restricted partial key storage |
| CN114821751A (en) * | 2022-06-27 | 2022-07-29 | 北京瑞莱智慧科技有限公司 | Image recognition method, device, system and storage medium |
| WO2023249548A1 (en) * | 2022-06-23 | 2023-12-28 | Canary Bit Ab | Methods and apparatus for data processing in a trusted execution environment |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109525396B (en) * | 2018-09-30 | 2021-02-23 | 华为技术有限公司 | Method and device for processing identity key and server |
| WO2020073206A1 (en) * | 2018-10-09 | 2020-04-16 | 华为技术有限公司 | Chip, method for generating private key, and method for trusted verification |
| CN109450899B (en) * | 2018-11-09 | 2021-11-02 | 南京医渡云医学技术有限公司 | Key management method and device, electronic equipment and storage medium |
| CN112738219B (en) * | 2020-12-28 | 2022-06-10 | 中国第一汽车股份有限公司 | Program running method, program running device, vehicle and storage medium |
| CN112699132B (en) * | 2021-03-22 | 2022-04-22 | 阿里云计算有限公司 | Method and device for decrypting security module |
| CN113225336A (en) * | 2021-05-06 | 2021-08-06 | 安谋科技(中国)有限公司 | Information encryption transmission method, encryption and decryption device, readable medium and electronic equipment |
| CN114499975B (en) * | 2021-12-28 | 2023-05-26 | 北京深盾科技股份有限公司 | Verification method for login server, server and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102687133A (en) * | 2009-11-16 | 2012-09-19 | 微软公司 | Containerless data for trustworthy computing and data services |
| CN103107995A (en) * | 2013-02-06 | 2013-05-15 | 中电长城网际系统应用有限公司 | Cloud computing environmental data secure storage system and method |
| US20150052358A1 (en) * | 2013-08-16 | 2015-02-19 | Netflix, Inc. | Key generation and broadcasting |
| CN104601571A (en) * | 2015-01-14 | 2015-05-06 | 浪潮电子信息产业股份有限公司 | Data encryption system and method for interaction between tenants and cloud server memory |
| US9270459B2 (en) * | 2011-09-20 | 2016-02-23 | Cloudbyte, Inc. | Techniques for achieving tenant data confidentiality from cloud service provider administrators |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101727545A (en) * | 2008-10-10 | 2010-06-09 | 中国科学院研究生院 | Method for implementing mandatory access control mechanism of security operating system |
| US10615967B2 (en) * | 2014-03-20 | 2020-04-07 | Microsoft Technology Licensing, Llc | Rapid data protection for storage devices |
| US9520994B2 (en) * | 2014-03-20 | 2016-12-13 | Oracle International Corporation | System and method for deriving secrets from a master key bound to an application on a device |
| CN103944729A (en) * | 2014-04-25 | 2014-07-23 | 天地融科技股份有限公司 | Data security interactive method |
| CN104392188B (en) * | 2014-11-06 | 2017-10-27 | 三星电子(中国)研发中心 | A kind of secure data store method and system |
| CN105260663B (en) * | 2015-09-15 | 2017-12-01 | 中国科学院信息工程研究所 | A kind of safe storage service system and method based on TrustZone technologies |
-
2017
- 2017-02-14 CN CN201710079083.1A patent/CN108429719B/en active Active
- 2017-08-28 WO PCT/CN2017/099285 patent/WO2018149110A1/en active Application Filing
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102687133A (en) * | 2009-11-16 | 2012-09-19 | 微软公司 | Containerless data for trustworthy computing and data services |
| US9270459B2 (en) * | 2011-09-20 | 2016-02-23 | Cloudbyte, Inc. | Techniques for achieving tenant data confidentiality from cloud service provider administrators |
| CN103107995A (en) * | 2013-02-06 | 2013-05-15 | 中电长城网际系统应用有限公司 | Cloud computing environmental data secure storage system and method |
| US20150052358A1 (en) * | 2013-08-16 | 2015-02-19 | Netflix, Inc. | Key generation and broadcasting |
| CN104601571A (en) * | 2015-01-14 | 2015-05-06 | 浪潮电子信息产业股份有限公司 | Data encryption system and method for interaction between tenants and cloud server memory |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110830243A (en) * | 2019-10-18 | 2020-02-21 | 中国第一汽车股份有限公司 | Symmetric key distribution method, device, vehicle and storage medium |
| CN110830243B (en) * | 2019-10-18 | 2023-06-09 | 中国第一汽车股份有限公司 | Symmetric key distribution method, device, vehicle and storage medium |
| US11398901B2 (en) | 2020-03-26 | 2022-07-26 | Walmart Apollo, Llc | Restricted partial key storage |
| CN113326518A (en) * | 2021-06-09 | 2021-08-31 | 深圳前海微众银行股份有限公司 | Data processing method and device |
| CN113326518B (en) * | 2021-06-09 | 2024-02-02 | 深圳前海微众银行股份有限公司 | Data processing method and device |
| WO2023249548A1 (en) * | 2022-06-23 | 2023-12-28 | Canary Bit Ab | Methods and apparatus for data processing in a trusted execution environment |
| CN114821751A (en) * | 2022-06-27 | 2022-07-29 | 北京瑞莱智慧科技有限公司 | Image recognition method, device, system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108429719B (en) | 2020-12-01 |
| CN108429719A (en) | 2018-08-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2018149110A1 (en) | Key protection method and apparatus | |
| CN109361668B (en) | Trusted data transmission method | |
| KR102504519B1 (en) | Paravirtual security threat protection of computer driven systems with networked devices | |
| US9698988B2 (en) | Management control method, apparatus, and system for virtual machine | |
| US9514300B2 (en) | Systems and methods for enhanced security in wireless communication | |
| KR100737628B1 (en) | Attestation using both fixed token and portable token | |
| JP5497171B2 (en) | System and method for providing a secure virtual machine | |
| TWI701929B (en) | Cryptographic calculation, method for creating working key, cryptographic service platform and equipment | |
| KR101067399B1 (en) | Saving and retrieving data based on symmetric key encryption | |
| US9544137B1 (en) | Encrypted boot volume access in resource-on-demand environments | |
| CN109756492B (en) | Cloud platform trusted execution method, device, equipment and medium based on SGX | |
| CN109558739B (en) | Program running method and device, terminal and readable medium | |
| CN104335549A (en) | Secure data processing | |
| EP3790257B1 (en) | Security system for using shared computational facilities | |
| CN114036573A (en) | Computing device supporting private computing | |
| Shakevsky et al. | Trust Dies in Darkness: Shedding Light on Samsung's {TrustZone} Keymaster Design | |
| US11368291B2 (en) | Mutually authenticated adaptive management interfaces for interaction with sensitive infrastructure | |
| US20060005015A1 (en) | System and method for secure inter-platform and intra-platform communications | |
| EP3720042B1 (en) | Method and device for determining trust state of tpm, and storage medium | |
| US10516655B1 (en) | Encrypted boot volume access in resource-on-demand environments | |
| Wagner et al. | Distributed usage control enforcement through trusted platform modules and sgx enclaves | |
| Kurnikov et al. | Keys in the clouds: auditable multi-device access to cryptographic credentials | |
| Park et al. | CAFE: A virtualization-based approach to protecting sensitive cloud application logic confidentiality | |
| Hao et al. | Trusted block as a service: Towards sensitive applications on the cloud | |
| Wang et al. | Independent credible: Secure communication architecture of Android devices based on TrustZone |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17896951 Country of ref document: EP Kind code of ref document: A1 |
|
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| 122 | Ep: pct application non-entry in european phase |
Ref document number: 17896951 Country of ref document: EP Kind code of ref document: A1 |