CN100447763C - Safety chip and information safety processor and processing method - Google Patents

Safety chip and information safety processor and processing method Download PDF

Info

Publication number
CN100447763C
CN100447763C CNB031383807A CN03138380A CN100447763C CN 100447763 C CN100447763 C CN 100447763C CN B031383807 A CNB031383807 A CN B031383807A CN 03138380 A CN03138380 A CN 03138380A CN 100447763 C CN100447763 C CN 100447763C
Authority
CN
China
Prior art keywords
module
information
safety chip
chip
safety
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
CNB031383807A
Other languages
Chinese (zh)
Other versions
CN1553349A (en
Inventor
韦卫
王一平
吴秋新
刘鸿京
李明柱
王晚丁
李亚辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Beijing Ltd
Original Assignee
Lenovo Beijing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo Beijing Ltd filed Critical Lenovo Beijing Ltd
Priority to CNB031383807A priority Critical patent/CN100447763C/en
Publication of CN1553349A publication Critical patent/CN1553349A/en
Application granted granted Critical
Publication of CN100447763C publication Critical patent/CN100447763C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Abstract

The present invention provides a safety chip which comprises a I/O interface module, a main processor module, a storage module and a cipher processor module. Meanwhile, the present invention also provides an information safety processing device and a method using the safety chip. The safety chip is used for checking the integrality of the current bottom layer firmware, the bottom layer firmware is used for checking the integrality of the current operating system, and the operating system is used for checking the integrality of an application module so as to ensure the safety of the information of the application module; thus, the information safety processing device has the functions of attack resistance, virus prevention, etc., and meanwhile, the present invention uses the unique identity cipher certificate information set in the safety chip, and realizes the functions of access control, identity identification, etc. The present invention can ensure the safety of the information of the information safety processing device.

Description

A kind of safety chip reaches information security treatment facility and the method based on this chip
Technical field
The present invention relates to field of information security technology, be meant that especially a kind of safety chip reaches information security treatment facility and the method based on this chip.
Background technology
At present, messaging device is widely used in the daily life.Messaging device mainly is meant PC (PC), notebook computer, and palm PC, equipment such as mobile phone, how the safety of information has become the problem that people extremely pay close attention in the guarantee information treatment facility, and common solution has following two kinds:
1) based on fail-safe software messaging device is protected.
Using this method normally utilizes anti-virus software to prevent virus attack, as antivirus software and firewall software are set and start its real-time monitor (RTM) preventing virus, and use antivirus software and firewall software to the system's safety of operation of killing virus with information in the guarantee information treatment facility to the invasion of messaging device; Or utilize file encryption software to realize protection to file, as use hashing algorithm, Hash (HASH) algorithm, elliptic curve cryptography, RSA Algorithm, discrete logarithm algorithm etc. are treated protected file and are carried out the safety of computings such as computations or integrity verification with information in the guarantee information treatment facility; Or utilize safe browser software and digital certificate etc. to carry out ecommerce.
The defective of this method is: because fail-safe software and operating system itself also may be under attack, thereby cause all information on the terminal to be on the hazard.So fail-safe software can not guarantee the safety of terminal self-information.
2) based on hardware messaging device is protected.The following two kinds of methods of general employing:
A, on messaging device additional circuit board that is configured to by a plurality of modular units, with the safety of information in the guarantee information treatment facility.Should comprise identity information input equipment interface, information safety management unit or security module (ESM), security control performance element, boot-strap circuit unit, peripheral hardware on-off circuit unit and board unit by additional circuit board.This method is mainly used in the start identity and differentiates, crypto-operation function at a high speed is provided simultaneously.
The defective of said method is: whether bottom firmware, operating system and application software in can't the authorization information treatment facility be under attack, thereby information is perfectly safe in can not the guarantee information treatment facility.
B, hard disk and the network interface unit be specifically designed to outer net are set on messaging device, thereby when making this messaging device work in Intranet and outer net, under the control of same mainboard, adopt different hard disks and network interface unit respectively to realize the isolation of intranet and extranet.This messaging device is separated for state that is applied to Intranet and the state that is applied to outer net from hardware, thereby prevents that messaging device is under attack.
The defective of said method is: whether bottom firmware, operating system and application software that equally can't the authorization information treatment facility be under attack, thereby, no matter messaging device is operated in the pattern that outer net still is an Intranet, safety that all can not guarantee information treatment facility self-information.Simultaneously, owing to be equipped with two cover hard disk and network interface units, also increased the cost of messaging device.
Summary of the invention
In view of this, the object of the present invention is to provide a kind of safety chip and based on the information security treatment facility and the method for this chip, make the information security treatment facility in the process that starts, the integrality of verification system is with the safety of information in the treatment facility that ensures information security.
Technical scheme of the present invention is achieved in that in order to achieve the above object
A kind of safety chip, this chip comprise I/O interface module, main processor modules, memory module and cipher processor module, and above-mentioned each module interconnects by internal bus, wherein,
The I/O interface module links to each other with external unit, and the I/O interface module is controlled the instruction that receives external unit by main processor modules, and the operation result of external demand is returned to external unit;
Main processor modules, at least comprise CPU and peripheral circuit, it is controlled the cipher processor module according to the instruction of receiving from the I/O interface module, result after handling is kept in the memory module, or according to instruction after will handling the result and memory module in the secret information preserved compare, and send the execution result that instructs to the I/O interface module; Perhaps, directly from memory module, take out secret information, send the I/O interface module to;
The cipher processor module generates key under main processor modules control, and the information that the I/O interface module receives is carried out encryption and decryption handle, and the result after will handling returns to main processor modules;
Memory module is stored the secret information of the safety chip self of the integrity value that comprises the bottom firmware, the secret information of external unit application module and the secret information that the cipher processor module generates.
Described safety chip has chip operating system COS, be arranged in an information security treatment facility, when this information security treatment facility starts, the integrity value of described safety chip checking computing information safety processing device bottom firmware, when the integrity value of the integrity value of the bottom firmware that calculates and the bottom firmware of storage is consistent, start the integrality that the bottom firmware participates in the operating system of authorization information safety processing device then.
Preferably, described secret information is for the information of the key that generated by the cipher processor module, authentication with comprise the integrity verification information of the integrity value of bottom firmware.
Preferably, described cipher processor module comprises the public key cryptography processor module at least, Hash processor module and randomizer module, wherein,
The randomizer module generates random number by main processor modules control, and this random number is given main processor modules;
The Hash processor module is treated enciphered message and is carried out Hash operation, and sends operation result to public key cryptography processor module or symmetric cryptography processor module or main processor modules under main processor modules control;
The public key cryptography processor module, under main processor modules control, it is right to utilize random number to generate public and private key, and the result is returned to main processor modules; Use the public and private key generated, the result that the Hash processor module is sent carries out computations, generates data signature, or uses PKI the information of the needs deciphering of receiving is decrypted, and the result of gained is returned to main processor modules;
The symmetric cryptography processor module under the control of main processor modules, is used symmetric key with random number as symmetric key the needs information encrypted is encrypted or deciphered, and gives main processor modules with the result.
Preferably, described public key cryptography processor module comprises the ellipse curve public key cipher algorithm processing module at least, RSA public key algorithm processing module, discrete logarithm cryptographic algorithm processing module.
Preferably, the main processor modules of this chip further comprises: bus interface module and bus controller module, wherein, bus interface module links to each other with the bus controller module with primary processor inner high speed bus, this bus controller module is treated to the primary processor peripheral bus with primary processor inner high speed bus, and
I/O interface module, main processor modules and memory module link to each other with the inner high speed bus;
Public key cryptography processor module, symmetric cryptography processor module, randomizer module and Hash processor module link to each other with the primary processor peripheral bus.
Preferably, described memory module is random access memory (RAM), erasable read-only memory (EEPROM) or flash memory (FLASH).
Preferably, described I/O interface module comprises the interface that links to each other with LPC (Low Pin Count Bus) bus or USB (Universal Serial Bus) bus at least, or synchronous serial interface, or asynchronous serial port, or the ISO7816 interface.
A kind of information security treatment facility, at least comprise mainboard, bottom firmware and operating system, this equipment at least also comprises described safety chip, this safety chip links to each other with described mainboard, the information that bottom firmware or this device operating system that embeds in the reception mainboard sent, and send information according to the bottom firmware, the integrity value of computing information safety processing device bottom firmware, when the integrity value of the integrity value of the bottom firmware that calculates and the bottom firmware of storage is consistent, starts the bottom firmware operating system is carried out integrity verification; Or the information that sends according to operating system of this safety chip produces corresponding operation result and returns to operating system, participates in operating system is carried out integrity verification.
Preferably, described safety chip is by LPC (Low Pin Count Bus) bus interface, or USB (Universal Serial Bus) bus interface, or synchronous serial interface, or asynchronous serial port, or the ISO7816 interface links to each other with mainboard.
A kind of verification method of information security treatment facility, this method may further comprise the steps:
A, safety chip is set on mainboard;
When b, log-on message safety processing device, calculate the value of the integrity verification sign indicating number of current system bottom firmware by safety chip, and whether the value of judging the integrity verification sign indicating number of current system bottom firmware equates with the value of the integrity verification sign indicating number of the bottom firmware of having preserved, if, then finish execution in step c behind the normal system initialization, otherwise stop to start this information security treatment facility;
C, start the integrality of bottom firmware validation current operation system,, otherwise stop loading of operating system as correct then normal operation system by safety chip.
Preferably, this method further comprises: setting operation security of system module in operating system, this module is by os starting, before starting the existing application module of this equipment, integrality by operating system security module verification current application module, as correctly then normally moving this application module, otherwise this application module out of service.
Preferably, described step a further comprises: under security context, the value of the integrity verification sign indicating number of bottom firmware is kept in the safety chip; The value of operating system integrity verification sign indicating number is kept in safety chip or the bottom firmware security module; The value of the integrity verification sign indicating number of application module is kept in safety chip or the operating system security module.
Preferably, this method further is included in bottom firmware security module is set in the bottom firmware;
The integrality of the described checking current operation system of step c further may further comprise the steps:
Bottom firmware security module is calculated the value of the integrity verification sign indicating number of current operation system, and whether the value of judging the integrity verification sign indicating number of current operation system equates with the value of the integrity verification sign indicating number of the operating system of having preserved, if, then continue to carry out subsequent step, otherwise stop loading of operating system.
Preferably, described operating system security module is made up of safety chip driver module, security service module and secure interface module.
Preferably, described safety chip driver module safety chip is set to an equipment of operating system, and each application module and the shared a pair of authenticate key of bottom safety chip are set, and this safety chip driver module comprises following actuation step at least:
D, safety chip utilization are shared the authenticate key application modules and are carried out authentication; As authentication success, execution in step e then, otherwise refusal application module institute requested service;
E, set up the passage that the passage of the data communication between application module and the safety chip is communicated by letter with control command;
F, safety chip driver module are the chip instruction that safety chip can be discerned with the instruction transformation of being sent out of upper application module, and the authentication result of steps d, shared authenticate key and chip instruction carried out Hash operation to generate the authorization message of this chip instruction, afterwards, chip instruction and this authorization message are sent to safety chip together;
When g, safety chip are received the chip instruction at every turn, the authentication result of steps d, shared authenticate key and current chip instruction of receiving are carried out Hash operation to generate the authority checking information of current chip instruction, to current authority checking information and the instruction of the chip received with authorization message carry out consistance relatively, if consistent, then carry out the operation of current chip instruction; Otherwise refusal is carried out current chip instruction of receiving.
Preferably, the integrality of described security service module checking application module may further comprise the steps:
J, security service module at first calculate the value of the current integrity verification sign indicating number of this application module to be protected; and judge whether the value of current integrity verification sign indicating number equates with the value of the integrity verification sign indicating number of having preserved; as equating; after then starting this application module to be protected; execution in step k, otherwise forbid enabling this application module.
K, security service module are regularly verified the integrality of application module to be protected.
Preferably, described security service module is preserved any one record that safety chip is operated, and will write down as log record and be kept in the local log database.
Preferably, this method further comprises, on each safety chip, unique identify label key certificate is set.
Preferably, described method to set up is: for every terminal a public key certificate and private key certificate are set by the third party, and behind the enterprising line number word signature of public and private key certificate, be the key certificate of unique identify label of every terminal with the private key certificate information setting.
Preferably, described private key certificate is stored in the safety chip, and public key certificate offers the authentication that is used for the terminal authentication.
Preferably, the method that the information security treatment facility is carried out authentication further may further comprise the steps:
The information that l, application module will need to verify sends safety chip to, safety chip calls its corresponding public key algorithm mechanism according to the private key certificate of unique identify label key certificate, after the information of needs checkings carried out digital signature, result behind the signature is returned to application module, and this application module sends to authentication with above-mentioned digital signature information again;
M, authentication verify at first whether the third-party signature on the public key certificate of this unique identify label key certificate is correct, as correct execution in step n then, otherwise authentication failed;
Whether n, to use the information through digital signature that this public key certificate checking application module sends correct, as the correct secure identity of then determining this messaging device, otherwise authentication failed.
Preferably, described method to set up is: generate a sequence number of forming by random number by the third party for every terminal, through the third party confirm to go forward side by side the line number word signature after sequence number be set to the key certificate of unique identify label of every terminal.
Preferably, the method that the information security treatment facility is carried out authentication further may further comprise the steps:
P, application module send to authentication with unique identify label key certificate of information security treatment facility itself;
Q, authentication verify whether third-party signing messages is correct on unique identify label key certificate, as the correct secure identity of then determining this information security treatment facility, otherwise authentication failed.
Preferably, described checking bottom firmware comprises that at least checking is used to finish the random access memory (NVRAM:non-volatile RAM) and the Master boot sector (MBR:Master BootRecord) of the storer of store configuration information on the micro code program of CPU on the module of motherboard hardware system initialization, the mainboard, the mainboard, configuration information expanding system (ESCD:Extended System Configuration Data), CMOS (Complementary Metal-Oxide-Semiconductor Transistor), outage retention data.
Use the present invention, by the integrality of safety chip verification system bottom firmware in the process that the information security treatment facility starts, the integrality of bottom firmware security module verification operation system, the safety of system information when having guaranteed the startup of information security treatment facility; The integrality of the application module when the operating system security module verification starts and the integrality of regularly verifying operating application module have guaranteed the safety of application module information, thereby make this information security treatment facility have functions such as anti-attack, anti-virus.Simultaneously, owing to also be provided with unique identify label key certificate information in the safety chip, therefore, this messaging device can utilize unique identify label key certificate information, and functions such as control and authentication conduct interviews.
Description of drawings
Application shown in Figure 1 is of the present invention to be the schematic diagram of safety chip inside;
Figure 2 shows that the The general frame that the terminal of using safety chip of the present invention is verified;
Figure 3 shows that the process flow diagram when using terminal of the present invention starts;
Figure 4 shows that the synoptic diagram of using operating system security module of the present invention;
Figure 5 shows that the process flow diagram of using bottom safety chip driver module of the present invention;
Figure 6 shows that the process flow diagram of using assurance application module integrality of the present invention.
Embodiment
For making purpose of the present invention, technical scheme and effect clearer, the present invention is further described in detail again below in conjunction with drawings and Examples.
Thinking of the present invention is: set in advance a safety chip on the mainboard of information security treatment facility, this safety chip has chip operating system (COS), the each startup when using this information security treatment facility, the integrality of safety chip authorization information safety processing device bottom firmware, and then the integrality of verification operation system, the integrality of the application module that checking at last is to be used, thus reach the treatment facility self-information purpose of safety that ensures information security.Simultaneously, because this safety chip provides unique identification information for each information security treatment facility terminal, the information security treatment facility also can utilize safety chip to carry out security services such as authentication, information encryption and digital signature.
Application shown in Figure 1 is of the present invention to be the schematic diagram of safety chip inside.This chip comprises I/O interface module 101, main processor modules 102, memory module 103 and cipher processor module 110, above-mentioned module interconnects by internal bus, wherein, I/O interface module 101 links to each other with external unit, I/O interface module 101 is controlled the instruction that receives external units by main processor modules 102, and the operation result of external demand is returned to external unit; At least comprise CPU and peripheral circuit in the main processor modules 102, operate in COS on the main processor modules 102 and finish control all modules in the sheet, it is controlled cipher processor module 110 according to the instruction of receiving from I/O interface module 101, result after handling is kept in the memory module 103, or according to instruction after will handling the result and memory module 103 in the secret information preserved compare, and send the execution result that instructs to I/O interface module 101; Perhaps, directly from memory module 103, take out secret information, send I/O interface module 101 to; Cipher processor module 110 generates key under the control of main processor modules 102, and the information that I/O interface module 101 receives is carried out encryption and decryption handle, and the result after will handling returns to main processor modules 102; Memory module 103 is used to store the secret information of secret information, external unit application module of COS, safety chip self and the secret information that the cipher processor module generates, and described secret information is meant key that safety chip self generates, be used for the information of authentication and be used for the integrity verification sign indicating number of integrity verification.
Wherein, comprise public key cryptography processor module 106 in the cipher processor module 110, symmetric cryptography processor module 107, Hash processor module 108 and randomizer module 109.
Randomizer module 109 generates random number by main processor modules 102 controls, and this random number is given main processor modules 102.
Hash processor module 108 is treated process information and is carried out Hash operation, and sends operation result to public key cryptography processor module 106 or symmetric cryptography processor module 107 or main processor modules 102 under main processor modules 102 controls.
Public key cryptography processor module 106, under main processor modules 102 controls, it is right to utilize random number to generate public and private key, and the result is returned to main processor modules 102; Use the private key generated, the result that Hash processor module 108 is sent carries out computations, generates data signature, or uses PKI the information of the needs deciphering of receiving is decrypted, and the result of gained is returned to main processor modules 102.
Symmetric cryptography processor module 107 under the control of main processor modules 102, is encrypted random number or decipher to the needs information encrypted as symmetric key, gives main processor modules 102 with the result.
More than all modules can be directly link to each other with bus in the safety chip, perhaps, I/O interface module 101, main processor modules 102 and memory module 103 are linked to each other with the inner high speed bus by the primary processor high-speed bus being treated to the primary processor peripheral bus with bus controller module 105 that bus interface module 104 directly links to each other; Public key cryptography processor module 106, symmetric cryptography processor module 107, randomizer module 109 and Hash processor module 108 are linked to each other with the primary processor peripheral bus.
The memory module 103 of secret information comprises random access memory (RAM), erasable read-only memory (EEPROM) or flash memory (FLASH).At least comprised the interface that links to each other with LPC (Low Pin Count Bus) bus or USB (Universal Serial Bus) bus in the I/O interface module 101, or synchronous serial interface, or asynchronous serial port, or the ISO7816 interface.
Can comprise the ellipse curve public key cipher algorithm processing module in the public key cryptography processor module, RSA public key algorithm processing module, discrete logarithm algorithm processing module etc.
Safety chip has following two kinds of methods to generate the integrity verification sign indicating number:
1) main processor modules 102 control Hash processor modules 108 are treated enciphered message and are carried out Hash operation, and send the digest that obtains to public key cryptography processor module 106; Simultaneously, main processor modules 102 control randomizer modules 109 generate random number, public key cryptography processor module 106 utilizes random number to generate public and private key, and use the private key generated, the result that Hash processor module 108 is sent carries out computations, generate data signature, or use PKI the information of the needs deciphering of receiving is decrypted, and the result of gained is returned to main processor modules 102.
2) main processor modules 102 control Hash processor modules are treated enciphered message for 108 times and are carried out Hash operation, and send the digest that obtains to symmetric cryptography processor module 107; Simultaneously, main processor modules 102 control randomizer modules 109 generate random number, and main processor modules 102 sends random number to symmetric cryptography processor module 107 as symmetric key; Symmetric cryptography processor module 107 is used the symmetric key that is generated the needs information encrypted is encrypted or deciphered, and the result of gained is returned to main processor modules 102 under main processor modules 102 controls.
Be example with the terminal below, specify the application of safety chip.
Safety chip links to each other with ICH (the I/O Controller Hub) module of chipset by lpc bus, perhaps, safety chip links to each other with mainboard in the terminal by usb bus, or safety chip adopts the synchronous serial interface connected mode, or the asynchronous serial port connected mode, or the ISO7816 interface mode links to each other with mainboard in the terminal.
Figure 2 shows that the The general frame that the terminal of using safety chip of the present invention is verified.Safety chip 211 is positioned on the mainboard 210 of computing machine with bottom firmware 212, carry out information interaction between safety chip 211 and bottom firmware security module 213 and the operating system security module 221, application module 230 carries out information interaction by operating system security module 221 and safety chip 211.Wherein, also comprise storer, configuration information expanding system (ESCD:ExtendedSystem Configuration Data), the CMOS (ComplementaryMetal-Oxide-Semiconductor Transistor) of store configuration information on the micro code program, mainboard of CPU on the module that is used to finish the motherboard hardware system initialization, the mainboard, the random access memory (NVRAM:non-volatile RAM) and the Master boot sector (MBR:Master Boot Record) of outage retention data in the bottom firmware.
Figure 3 shows that the process flow diagram when using terminal of the present invention starts.
Step 301, guaranteeing under the environment of computer system security, as: on the production line, or the user is when using for the first time, the integrity verification sign indicating number of the integrity verification sign indicating number of the bottom firmware of Sheng Chenging and operating system in advance, and the value of the integrity verification sign indicating number of bottom firmware is stored in the storer of safety chip, be stored in the value of the integrity verification sign indicating number of operating system in the bottom firmware security module or in the storer of safety chip;
When step 302, each appliance computer, the mainboard on the terminal at first starts safety chip, and the integrity verification code calculation that provided of application safety chip, calculates the integrity value of current system bottom firmware;
Step 303 judges whether the integrity value of current bottom firmware equates with the integrity value of the bottom firmware of having preserved, if then execution in step 305, otherwise execution in step 304;
Step 304 stops to start terminal;
Step 305, after the bottom firmware is finished normal system initialization, execution in step 306;
Step 306 starts bottom firmware security module, and the integrity verification code calculation that provided of application start bottom firmware security module, calculates the integrity value of current operation system;
Step 307 judges whether the integrity value of current operation system equates with the integrity value of the operating system of having preserved, if then execution in step 309, otherwise execution in step 308;
Step 308 stops loading of operating system;
Step 309, after the normal operation system, execution in step 310;
Step 310, the security module in starting the operating system monitors shielded application module.
Each terminal needs by after the authentication of himself after normal startup and moving terminal, could normally move application module, and require safety chip that security services such as information encryption and digital signature are provided for application module.
Safety chip provides the key certificate of a unique identify label for each terminal, and the key certificate of this unique identify label is generated by following two kinds of methods:
Method one: for every terminal a public key certificate and private key certificate are set by believable third party (giving birth to manufacturer or user), and at the enterprising line number word signature of public and private key certificate, private key certificate behind the signature forms the key certificate of unique identify label of every terminal, wherein, private key certificate is stored in the storer of safety chip, and public key certificate offers the authentication that is used for the terminal authentication.
Verification method for method one is as follows: the information that application module at first will need to verify sends safety chip to, safety chip calls its corresponding public key algorithm mechanism according to the private key certificate of unique identify label key certificate, after the public key cryptography processor module is used this public key algorithm mechanism the information of needs checkings is carried out digital signature, result behind the signature is returned to application module, and this application module sends to authentication with above-mentioned digital signature information again; Whether authentication verifies at first whether the third-party signature on the public key certificate of this unique identify label key certificate is correct, correct as correct information of sending with this public key certificate identity verification checking application module again, thus the secure identity of definite this terminal.
Method two: generate a sequence number of forming by random number for every terminal by believable third party (giving birth to manufacturer or user), and the random sequence number difference of assurance various computing machine terminal, this sequence number forms the key certificate of unique identify label of every terminal after believable third party (giving birth to manufacturer or user) confirms to go forward side by side the line number word signature.
Verification method for method two is as follows: application module sends to authentication with unique identify label key certificate information of this terminal itself by the authentication agreement; Whether authentication is correct by third-party signing messages on the unique identify label key certificate of checking, thereby determines the secure identity of this terminal.
Terminal is through after unique authentication, and the application module on this terminal can require the bottom safety chip that security services such as information encryption and digital signature are provided by the operating system security module.
Figure 4 shows that the synoptic diagram of using operating system security module of the present invention.The operating system security module comprises the driver module of safety chip, security service module and secure interface module three parts.
The safety chip driver module is responsible for the instruction of application module is sent to the safety chip of bottom, and at this moment, the safety chip driver module is the equipment of safety chip as operating system, and makes application module and bottom safety chip share a pair of authenticate key.Each application module and safety chip carry out before the information interaction, it also must be by the authentication authorized agreement, after promptly having passed through the authentication of safety chip, security services such as information encryption that could chip safe in utilization provided and digital signature, concrete transport process as shown in Figure 5:
Step 501, safety chip utilization are shared authenticate key and are carried out authentication to requiring its upper application module that security service is provided; As authentication success, then execution in step 502, otherwise execution in step 505, the application service that the refusal application module is asked;
Step 502 is set up the passage that the passage of the data communication between application module and the safety chip is communicated by letter with control command;
Step 503, with the instruction transformation of being sent out of application module is the chip instruction that safety chip can be discerned, and with the authentication result of step 501, shared authenticate key and chip instruction carrying out HASH computing to generate the authorization message of this chip instruction, afterwards, chip instruction and this authorization message are sent to safety chip together;
Step 504, when safety chip is received the chip instruction at every turn, the authorization message of proofing chip instruction at first, be about to the authentication result of step 501, shared authenticate key and current chip instruction carrying out HASH computing of receiving to generate the authority checking information of current chip instruction, to current authority checking information and the instruction of the chip received with authorization message carry out consistance relatively, if consistent, then carry out the operation of current chip instruction; Otherwise refusal is carried out current chip instruction of receiving.
Referring to Fig. 4, the operating system security module among Fig. 4 comprises application module protection module 402e, this module be mainly used in the checking protected module 405 integrality, its concrete steps as shown in Figure 6:
Step 601 under the environment of guaranteeing terminal safety, generates the integrity verification sign indicating number of application module to be protected in advance;
Step 602 is kept at the integrity verification sign indicating number of the application module to be protected that generates in advance in the storer of safety chip or in the security module of operating system;
Step 603, when system was about to use application module to be protected, security service module at first calculated the value of the integrity verification sign indicating number of current application module to be protected;
Step 604 judges whether the value of the current integrity verification sign indicating number that calculates equates with the value of the integrity verification sign indicating number of having preserved, and as equal, then execution in step 605, otherwise execution in step 606;
Step 605 starts this application module to be protected, and regularly verifies the integrality of application module to be protected;
Step 606 forbids enabling this application module.
Referring to Fig. 4, the operating system security module among Fig. 4 also comprises incident audit module 402a, daily record/event manager module 402b and security policy manager module 402d.
Incident audit module 402a and daily record/event manager module 402b are mainly used in log record are done in the operation of any one chip safe in utilization, and daily record should be write in the local log database, thereby finish the log event management; And log database audited, for system user or keeper provide safety message, anomalous event is reported to the police.
Key management module 402c is mainly used in the various keys on the terminal is managed, and provides information encryption and digital signature security service for application module.When operating system or application module use information encryption and digital signature security service, at first will need to encrypt or the information of signing sends safety chip to; After safety chip is finished the work of information encryption and digital signature at chip internal, send the result behind encryption or the signature to call the safety chip service application module.
Security policy manager module 402d is mainly used in the security policy manager of finishing terminal, as generating or change user password, or be provided with the access control policy of system file resource and user file resource etc.
Secure interface module among Fig. 4 provides the interface of application safety service for operating system and application module, as applied software development interface API, dynamic link libraries etc.
The present invention is equally applicable to out of Memory treatment facilities such as palm PC or mobile phone.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (24)

1, a kind of safety chip is characterized in that, this chip comprises I/O interface module, main processor modules, memory module and cipher processor module, and above-mentioned each module interconnects by internal bus, wherein,
The I/O interface module links to each other with external unit, and the I/O interface module is controlled the instruction that receives external unit by main processor modules, and the operation result of external demand is returned to external unit;
Main processor modules, at least comprise CPU and peripheral circuit, it is controlled the cipher processor module according to the instruction of receiving from the I/O interface module, result after handling is kept in the memory module, or according to instruction after will handling the result and memory module in the secret information preserved compare, and send the execution result that instructs to the I/O interface module; Perhaps, directly from memory module, take out secret information, send the I/O interface module to;
The cipher processor module generates key under main processor modules control, and the information that the I/O interface module receives is carried out encryption and decryption handle, and the result after will handling returns to main processor modules;
Memory module is stored the secret information of the safety chip self of the integrity value that comprises the bottom firmware, the secret information of external unit application module and the secret information that the cipher processor module generates;
Described safety chip has chip operating system COS, be arranged in an information security treatment facility, when this information security treatment facility starts, the integrity value of described safety chip computing information safety processing device bottom firmware, when the integrity value of the integrity value of the bottom firmware that calculates and the bottom firmware of storage is consistent, start the integrality of the operating system of bottom firmware validation information security treatment facility.
2, safety chip according to claim 1 is characterized in that described secret information is for the information of the key that generated by the cipher processor module, authentication with comprise the integrity verification information of the integrity value of bottom firmware.
3, safety chip according to claim 1 is characterized in that described cipher processor module comprises the public key cryptography processor module at least, the Hash processor module, and symmetric cryptography processor module and randomizer module, wherein,
The randomizer module generates random number by main processor modules control, and this random number is given main processor modules;
The Hash processor module is treated process information and is carried out Hash operation, and sends operation result to public key cryptography processor module or symmetric cryptography processor module or main processor modules under main processor modules control;
The public key cryptography processor module, under main processor modules control, it is right to utilize random number to generate public and private key, and the result is returned to main processor modules; Use the private key generated, the result that the Hash processor module is sent carries out computations, generates data signature, or uses PKI the information of the needs deciphering of receiving is decrypted, and the result of gained is returned to main processor modules;
The symmetric cryptography processor module under the control of main processor modules, is encrypted random number or decipher to the needs information encrypted as symmetric key, gives main processor modules with the result.
4, safety chip according to claim 3 is characterized in that described public key cryptography processor module comprises the ellipse curve public key cipher algorithm processing module at least, RSA public key algorithm processing module, discrete logarithm cryptographic algorithm processing module.
5, safety chip according to claim 1, the main processor modules that it is characterized in that this chip further comprises: bus interface module and bus controller module, wherein, bus interface module links to each other with the bus controller module with primary processor inner high speed bus, this bus controller module is treated to the primary processor peripheral bus with primary processor inner high speed bus, and
I/O interface module, main processor modules and memory module link to each other with the inner high speed bus;
Public key cryptography processor module, symmetric cryptography processor module, randomizer module and Hash processor module link to each other with the primary processor peripheral bus.
6, safety chip according to claim 1 is characterized in that, described memory module is random access memory ram, electricallyerasable ROM (EEROM) EEPROM or flash memory FLASH.
7, safety chip according to claim 1 is characterized in that, described I/O interface module comprises the interface that links to each other with lpc bus or usb bus at least, or synchronous serial interface, or asynchronous serial port, or the ISO7816 interface.
8, a kind of information security treatment facility, at least comprise mainboard, bottom firmware and operating system, it is characterized in that, this equipment at least also comprises safety chip as claimed in claim 1, this safety chip links to each other with described mainboard, the information that bottom firmware or this device operating system that embeds in the reception mainboard sent, and send information according to the bottom firmware, the integrity value of computing information safety processing device bottom firmware, when the integrity value of the integrity value of the bottom firmware that calculates and the bottom firmware of storage is consistent, starts the bottom firmware operating system is carried out integrity verification; Or the information that sends according to operating system of this safety chip produces corresponding operation result and returns to operating system, participates in operating system is carried out integrity verification.
9, equipment according to claim 8 is characterized in that, described safety chip is by the lpc bus interface, or the usb bus interface, or synchronous serial interface, or asynchronous serial port, or the ISO7816 interface links to each other with mainboard.
10, a kind of verification method of information security treatment facility is characterized in that, this method may further comprise the steps:
A, on the mainboard of information security treatment facility safety chip is set, this safety chip has the chip operating system COS that the control safety chip carries out integrity verification;
When b, log-on message safety processing device, calculate the value of the integrity verification sign indicating number of current system bottom firmware by safety chip, and whether the value of judging the integrity verification sign indicating number of current system bottom firmware equates with the value of the integrity verification sign indicating number of the bottom firmware of having preserved, if, then finish execution in step c behind the normal system initialization, otherwise stop to start this information security treatment facility;
C, start the integrality of bottom firmware validation current operation system,, otherwise stop loading of operating system as correct then normal operation system by safety chip.
11, method according to claim 10, it is characterized in that this method further comprises: setting operation security of system module in operating system, this module is by os starting, before starting the existing application module of this equipment, integrality by operating system security module verification current application module, as correctly then normally moving this application module, otherwise this application module out of service.
12, according to claim 10 or 11 described methods, it is characterized in that described step a further comprises: under security context, the value of the integrity verification sign indicating number of bottom firmware is kept in the safety chip; The value of operating system integrity verification sign indicating number is kept in safety chip or the bottom firmware; The value of the integrity verification sign indicating number of application module is kept in safety chip or the operating system security module.
13, method according to claim 12 is characterized in that, this method further is included in bottom firmware security module is set in the bottom firmware;
The integrality of the described checking current operation system of step c further may further comprise the steps:
Bottom firmware security module is calculated the value of the integrity verification sign indicating number of current operation system, and whether the value of judging the integrity verification sign indicating number of current operation system equates with the value of the integrity verification sign indicating number of the operating system of having preserved, if, then continue to carry out subsequent step, otherwise stop loading of operating system.
14, method according to claim 11 is characterized in that, described operating system security module is made up of safety chip driver module, security service module and secure interface module.
15, method according to claim 14, it is characterized in that, described safety chip driver module safety chip is set to an equipment of operating system, and each application module and the shared a pair of authenticate key of bottom safety chip are set, this safety chip driver module comprises following actuation step at least:
D, safety chip utilization are shared the authenticate key application modules and are carried out authentication; As authentication success, execution in step e then, otherwise refusal application module institute requested service;
E, set up the passage that the passage of the data communication between application module and the safety chip is communicated by letter with control command;
F, safety chip driver module are the chip instruction that safety chip can be discerned with the instruction transformation of being sent out of upper application module, and the authentication result of steps d, shared authenticate key and chip instruction carried out Hash operation to generate the authorization message of this chip instruction, afterwards, chip instruction and this authorization message are sent to safety chip together;
When g, safety chip are received the chip instruction at every turn, the authentication result of steps d, shared authenticate key and current chip instruction of receiving are carried out Hash operation to generate the authority checking information of current chip instruction, to current authority checking information and the instruction of the chip received with authorization message carry out consistance relatively, if consistent, then carry out the operation of current chip instruction; Otherwise refusal is carried out current chip instruction of receiving.
16, method according to claim 14 is characterized in that, the integrality of described security service module checking application module may further comprise the steps:
J, security service module at first calculate the value of the current integrity verification sign indicating number of this application module to be protected; and judge whether the value of current integrity verification sign indicating number equates with the value of the integrity verification sign indicating number of having preserved; as equating; after then starting this application module to be protected; execution in step k, otherwise forbid enabling this application module.
K, security service module are regularly verified the integrality of application module to be protected.
According to claim 14 or 16 described methods, it is characterized in that 17, described security service module is preserved any one record that safety chip is operated, and will write down as log record and be kept in the local log database.
18, method according to claim 10 is characterized in that this method further comprises, on each safety chip, unique identify label key certificate is set.
19, method according to claim 18, it is characterized in that, described method to set up is: for every terminal a public key certificate and private key certificate are set by the third party, and behind the enterprising line number word signature of public and private key certificate, be the key certificate of unique identify label of every terminal with the private key certificate information setting.
20, method according to claim 19 is characterized in that, described private key certificate is stored in the safety chip, and public key certificate offers the authentication that is used for the terminal authentication.
21, method according to claim 20 is characterized in that, the method for the information security treatment facility being carried out authentication further may further comprise the steps:
The information that l, application module will need to verify sends safety chip to, safety chip calls its corresponding public key algorithm mechanism according to the private key certificate of unique identify label key certificate, after the information of needs checkings carried out digital signature, result behind the signature is returned to application module, and this application module sends to authentication with above-mentioned digital signature information again;
M, authentication verify at first whether the third-party signature on the public key certificate of this unique identify label key certificate is correct, as correct execution in step n then, otherwise authentication failed;
Whether n, to use the information through digital signature that this public key certificate checking application module sends correct, as the correct secure identity of then determining this information security treatment facility, otherwise authentication failed.
22, method according to claim 18, it is characterized in that, described method to set up is: generate a sequence number of forming by random number by the third party for every terminal, through the third party confirm to go forward side by side the line number word signature after sequence number be set to the key certificate of unique identify label of every terminal.
23, method according to claim 22 is characterized in that, the method for the information security treatment facility being carried out authentication further may further comprise the steps:
P, application module send to authentication with unique identify label key certificate of information security treatment facility itself;
Q, authentication verify whether third-party signing messages is correct on unique identify label key certificate, as the correct secure identity of then determining this information security treatment facility, otherwise authentication failed.
24, method according to claim 10, it is characterized in that described checking bottom firmware comprises that at least checking is used to finish the random access memory NVRAM and the Master boot sector MBR of the storer of store configuration information on the micro code program of CPU on the module of motherboard hardware system initialization, the mainboard, the mainboard, configuration information expanding system ESCD, CMOS, outage retention data.
CNB031383807A 2003-05-29 2003-05-29 Safety chip and information safety processor and processing method Expired - Lifetime CN100447763C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB031383807A CN100447763C (en) 2003-05-29 2003-05-29 Safety chip and information safety processor and processing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB031383807A CN100447763C (en) 2003-05-29 2003-05-29 Safety chip and information safety processor and processing method

Publications (2)

Publication Number Publication Date
CN1553349A CN1553349A (en) 2004-12-08
CN100447763C true CN100447763C (en) 2008-12-31

Family

ID=34323718

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB031383807A Expired - Lifetime CN100447763C (en) 2003-05-29 2003-05-29 Safety chip and information safety processor and processing method

Country Status (1)

Country Link
CN (1) CN100447763C (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546149A (en) * 2012-01-16 2012-07-04 华南理工大学 Crypto chip system and secret key extraction method

Families Citing this family (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1331017C (en) * 2005-03-23 2007-08-08 联想(北京)有限公司 Safety chip
CN1848722B (en) * 2005-04-14 2010-08-25 联想(北京)有限公司 Method and system for establishing credible virtual special network connection
CN100419776C (en) * 2006-12-04 2008-09-17 中国科学院计算技术研究所 Programmable security processor
CN101196877B (en) * 2007-12-29 2012-01-04 大唐微电子技术有限公司 Multiple memory cell operation isolated smart card and its implementing method
CN101562040B (en) * 2008-04-15 2012-01-04 航天信息股份有限公司 Data processing method of high-security mobile memory
CN101894242B (en) * 2010-06-22 2012-07-18 上海华御信息技术有限公司 System and method for protecting information safety of mobile electronic equipment
US20120303974A1 (en) * 2011-05-25 2012-11-29 Condel International Technologies Inc. Secure Removable Media and Method for Managing the Same
CN102325023B (en) * 2011-07-04 2014-03-26 飞天诚信科技股份有限公司 Data generation method and device capable of prolonging service life of chip
CN102508728B (en) * 2011-11-29 2014-10-29 中国航空工业集团公司第六三一研究所 Error detection and read method of goal document solidified on FLASH carrier
CN104734850A (en) * 2013-12-20 2015-06-24 中节能六合天融环保科技有限公司 Data transmission chip oriented to energy saving and emission reduction monitoring
TWI484337B (en) * 2014-01-06 2015-05-11 威盛電子股份有限公司 Memory chips and data protection methods
CN103870745B (en) * 2014-04-01 2017-08-29 联想(北京)有限公司 The method of electronic equipment and clean boot electronic equipment
CN103996001A (en) * 2014-05-21 2014-08-20 浪潮电子信息产业股份有限公司 Authorization encryption method for main board start authority control
CN106161024B (en) * 2015-04-03 2023-05-12 同方股份有限公司 USB control chip-level USB equipment credibility authentication method and system thereof
CN106156618A (en) * 2015-04-17 2016-11-23 国民技术股份有限公司 A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety
EP3082290A1 (en) * 2015-04-17 2016-10-19 Gemalto Sa Device for managing multiple accesses to a secure module of a system on chip of an apparatus
CN106161028A (en) * 2015-04-17 2016-11-23 国民技术股份有限公司 Safety chip, communication terminal and the method improving communication security
EP3304859A1 (en) * 2015-05-26 2018-04-11 Frigerio, Tommaso Telecommunication system for the secure transmission of data therein and device associated therewith
CN105159847A (en) * 2015-08-12 2015-12-16 北京因特信安软件科技有限公司 Disk change record method based on trusted chip
CN105718813A (en) * 2015-08-25 2016-06-29 深圳市证通电子股份有限公司 Financial intelligent terminal and security mechanism thereof
CN105184190B (en) * 2015-09-16 2018-09-18 中国南方电网有限责任公司电网技术研究中心 A kind of embedded credible calculating development device
CN105676724B (en) * 2015-12-31 2018-11-30 西安诺瓦电子科技有限公司 The authorization management method and control card and license lock of oil price board system
CN106973056B (en) * 2017-03-30 2020-11-17 中国电力科学研究院 Object-oriented security chip and encryption method thereof
CN108153554A (en) * 2017-12-18 2018-06-12 江苏方天电力技术有限公司 A kind of RTOS trusted systems and implementation method based on credible chip
CN108449249B (en) * 2018-02-26 2021-06-11 深圳市元征科技股份有限公司 Bus control system and method
CN110677250B (en) 2018-07-02 2022-09-02 阿里巴巴集团控股有限公司 Key and certificate distribution method, identity information processing method, device and medium
CN110795774B (en) 2018-08-02 2023-04-11 阿里巴巴集团控股有限公司 Measurement method, device and system based on trusted high-speed encryption card
CN110795742B (en) 2018-08-02 2023-05-02 阿里巴巴集团控股有限公司 Metric processing method, device, storage medium and processor for high-speed cryptographic operation
CN110874478B (en) 2018-08-29 2023-05-02 阿里巴巴集团控股有限公司 Key processing method and device, storage medium and processor
CN109313678B (en) * 2018-09-05 2021-11-09 福建联迪商用设备有限公司 API calling method and terminal
CN108958779A (en) * 2018-09-20 2018-12-07 广东美的暖通设备有限公司 Firmware upgrade management method, device and computer readable storage medium
WO2020073206A1 (en) 2018-10-09 2020-04-16 华为技术有限公司 Chip, method for generating private key, and method for trusted verification
CN109543415A (en) * 2018-11-20 2019-03-29 南方电网科学研究院有限责任公司 A kind of secure operating system framework
CN109840409B (en) * 2018-12-29 2021-09-17 北京深思数盾科技股份有限公司 Core board and core board starting method
CN109995956B (en) * 2019-03-13 2022-12-20 珠海奔图电子有限公司 Start control method and device
CN110929300B (en) * 2019-12-11 2022-02-08 中国人民解放军国防科技大学 Trusted computing security chip construction method based on identification password
CN111047849B (en) * 2019-12-30 2021-05-18 江苏大周基业智能科技有限公司 Networking remote control password module and safe remote control system
CN111209560A (en) * 2020-01-06 2020-05-29 杭州涂鸦信息技术有限公司 Firmware protection method and device and electronic equipment
CN111695111A (en) * 2020-06-15 2020-09-22 浙江中控技术股份有限公司 Secure startup method and device of firmware program
CN111783078A (en) * 2020-07-14 2020-10-16 大唐终端技术有限公司 Android platform security chip control system
CN112733208B (en) * 2020-12-31 2021-10-19 宸芯科技有限公司 Secure boot method and device of chip, secure chip and computer equipment
CN112966254B (en) * 2021-02-27 2022-04-05 郑州信大捷安信息技术股份有限公司 Secure communication method and system for host and trusted cryptographic module
CN115130143A (en) * 2021-03-25 2022-09-30 华为技术有限公司 Safe starting method and device
CN112906416A (en) * 2021-03-25 2021-06-04 紫光国芯微电子股份有限公司 Safe communication module and safe communication method
CN113065140B (en) * 2021-06-02 2021-09-24 南方电网数字电网研究院有限公司 Embedded safety protection system and method for chip control protection device
CN113656229B (en) * 2021-08-17 2024-02-20 中金金融认证中心有限公司 Method, device and storage medium for detecting cryptographic module of computer system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1204432A (en) * 1995-10-25 1999-01-06 西门子公司 Security chip
WO2000048063A1 (en) * 1999-02-15 2000-08-17 Hewlett-Packard Company Trusted computing platform
CN1264974A (en) * 1999-12-01 2000-08-30 陈永川 Digital signature method using elliptic curve encryption algorithm
CN1360692A (en) * 1999-07-15 2002-07-24 格姆普拉斯公司 Method for improving random number generator to make it more resistant against attracks by current measuring
WO2002060121A1 (en) * 2000-12-27 2002-08-01 Intel Corporation A platform and method for securely transmitting authorization data
CN1365053A (en) * 2001-01-09 2002-08-21 深圳市中兴集成电路设计有限责任公司 Method for preventing attack on alteration of applied system operating in computer

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1204432A (en) * 1995-10-25 1999-01-06 西门子公司 Security chip
WO2000048063A1 (en) * 1999-02-15 2000-08-17 Hewlett-Packard Company Trusted computing platform
CN1360692A (en) * 1999-07-15 2002-07-24 格姆普拉斯公司 Method for improving random number generator to make it more resistant against attracks by current measuring
CN1264974A (en) * 1999-12-01 2000-08-30 陈永川 Digital signature method using elliptic curve encryption algorithm
WO2002060121A1 (en) * 2000-12-27 2002-08-01 Intel Corporation A platform and method for securely transmitting authorization data
CN1365053A (en) * 2001-01-09 2002-08-21 深圳市中兴集成电路设计有限责任公司 Method for preventing attack on alteration of applied system operating in computer

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
DAVID PLAQUINAND GRAEME PROUDLER PRENTICE HALL. BORIS BALACHEFF LIQUNCHEN,SIANIPEARSON.TRUSTED COMPOTING PLATFORMS TCPA TECHNOLOGY IN CONTEXT ISBN0-13-0099220-7. 2002
DAVID PLAQUINAND GRAEME PROUDLER PRENTICE HALL. BORIS BALACHEFF LIQUNCHEN,SIANIPEARSON.TRUSTED COMPOTING PLATFORMS TCPA TECHNOLOGY IN CONTEXT ISBN0-13-0099220-7. 2002 *
Trusted Computing Platforms: TCPA Technology in Context,. Boris Balacheff, Liqun Chen, Siani Pearson, DavidPlaquinandGraeme Proudler,72-77,Prentice Hall. 2002
Trusted Computing Platforms: TCPA Technology in Context,. Boris Balacheff, Liqun Chen, Siani Pearson, DavidPlaquinandGraeme Proudler,72-77,Prentice Hall. 2002 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546149A (en) * 2012-01-16 2012-07-04 华南理工大学 Crypto chip system and secret key extraction method
CN102546149B (en) * 2012-01-16 2014-12-03 华南理工大学 Crypto chip system and secret key extraction method

Also Published As

Publication number Publication date
CN1553349A (en) 2004-12-08

Similar Documents

Publication Publication Date Title
CN100447763C (en) Safety chip and information safety processor and processing method
US10650139B2 (en) Securing temporal digital communications via authentication and validation for wireless user and access devices with securitized containers
KR101356282B1 (en) Methods and systems for secure remote wake, boot, and login to a computer from a mobile device
TWI489315B (en) System and method for temporary secure boot of an electronic device
EP1612666B1 (en) System and method for protected operating systems boot using state validation
US8352740B2 (en) Secure execution environment on external device
US20180219688A1 (en) Information Transmission Method and Mobile Device
CN109412812B (en) Data security processing system, method, device and storage medium
CN107979467B (en) Verification method and device
CN110401538B (en) Data encryption method, system and terminal
JP4226556B2 (en) Program execution control device, OS, client terminal, server, program execution control system, program execution control method, program execution control program
US7581097B2 (en) Apparatus, system, and method for secure communications from a human interface device
CN100334519C (en) Method for establishing credible input-output channels
US7721100B2 (en) Granting an access to a computer-based object
CN105933117A (en) Data encryption and decryption device and method based on TPM (Trusted Platform Module) key security storage
Alshar'e et al. A user protection model for the trusted computing environment
US11438161B2 (en) Implicit attestation for network access
CN116881936A (en) Trusted computing method and related equipment
US20240113898A1 (en) Secure Module and Method for App-to-App Mutual Trust Through App-Based Identity
CN110740036A (en) Anti-attack data confidentiality method based on cloud computing
WO2019133326A1 (en) Securing temporal digital communications
CN114785566B (en) Data processing method, device and equipment
CN116436681B (en) TrustZone-based security isolation system, trustZone-based security isolation method, trustZone-based security isolation terminal and storage medium
CN112449143B (en) Implementation method and implementation system of secure video
CN106992976B (en) Network security management method and server

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CX01 Expiry of patent term
CX01 Expiry of patent term

Granted publication date: 20081231