CN102340500B - Security management system and method of dependable computing platform - Google Patents
Security management system and method of dependable computing platform Download PDFInfo
- Publication number
- CN102340500B CN102340500B CN201110196175.0A CN201110196175A CN102340500B CN 102340500 B CN102340500 B CN 102340500B CN 201110196175 A CN201110196175 A CN 201110196175A CN 102340500 B CN102340500 B CN 102340500B
- Authority
- CN
- China
- Prior art keywords
- security
- strategy
- credible
- hash value
- management center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a security management system and method of a dependable computing platform. The security management system comprises a dependable code module, a security management center module, a security management agent module and a security strategy management protocol module; the security strategy management protocol module between the security management center module and the dependable code module is realized on basis of the dependable code module so that the security of the transmission of a security management strategy is ensured; the security protection of a security strategy at a security management center is realized on basis of the dependable code module; and a security strategy at the dependable computing platform is stored in the dependable code module, and the security of the security strategy is protected by the dependable code module so that the security of the storage of the security management strategy is ensured. The security management method based on the dependable computing platform comprises a step of generating a security strategy management protocol and steps of producing, extracting and deleting a new security strategy by the security management center and has the advantages of fulfilling the protection of encryption and integrity verification of security strategy data and preventing data leakage and unauthorized tampering of the security strategy data from an attacker.
Description
Technical field
The present invention relates to information security field, relate in particular to a kind ofly for credible calculating platform provides the method for security strategy centralized management, and the method guarantees the storage of security strategy and the fail safe of distribution procedure.
Technical background
(the Trusted Computing Group of credible computation organization, TCG) in the PC implementation specification proposing, stipulated that the integrality Hash Value of every section of executable code in system vectoring phase transitive trust process leaves in platform configuration register (PCR), metrics logs leaves in ACPI.PCR and metrics logs are for the integrality state to third party's reporting system.TCG does not relate to the organize content to credible calculating platform inherently safe strategy.
Conventionally the pattern that the security policy manager pattern of information system is mainly divided into autonomous management, centralized management or is independently combined with centralized management.
The configuration of security strategy is carried out in autonomous management by safety management instrument by user self, a little less than fail safe.Centralized management is carried out centralized configuration by security management center to System Security Policy by administrative staff, and fail safe is better.
Because security strategy is left concentratedly at security management center, the security protection of security management center self is extremely important.Conventionally the means of defence of taking is before security management center, to install fire compartment wall additional or take Host Security to strengthen, but because security management center and fire compartment wall etc. are all the application systems operating on PC at present, because PC software and hardware structure is simplified, cause malicious attacker can directly from system level, walk around the protection of security protection system, attack and destroy security management center, directly distorting security strategy.
Summary of the invention
The object of the present invention is to provide a kind of credible calculating platform safety management system based on credible password module and the concentrated method for managing security based on credible calculating platform, guaranteed the fail safe of security strategy storage, distribution procedure.
For achieving the above object, technical scheme of the present invention is specifically achieved in that
A kind of credible calculating platform management system, comprises the first credible password module, the second credible password module, security management center, safety management agency (comprising security policy manager agreement).The first credible password module provides service for security management center, for realizing signature and signature verification, symmetrical encryption and decryption and hash computing.Described security management center module, for realizing generation, storage and the deletion of security strategy; By security policy manager agreement, realize the distribution of security strategy.Described safety management proxy module, for by security management center send management agreement forwarding data flow to the second credible password module.Described the second credible password module is positioned at credible calculating platform, for realizing the parsing of security policy manager agreement; Realize the storage of security strategy.Described security policy manager protocol module, for realizing the transmission of security policy information between security management center and credible password module.
Security policy manager agreement between security management center and the second credible password module realizes based on the first and second credible password modules, has guaranteed the fail safe of Security Strategies transmission.The security strategy of security management center side realizes storage security protection based on the first credible password module; the security strategy of credible calculating platform side leaves in the second credible password module; be subject to the security protection of the second credible password module self, guaranteed the fail safe of Security Strategies storage.
Security policy manager agreement flow process is as follows.
1) security management center generates and formulates credible calculating platform security strategy.Security management center calls the first credible password module hash computing service, the hash operation values of computationally secure policy data.
2) security management center calls the first credible password module signature computing service, and hash operation values is signed.
3) security management center sends to safety management agency by (policy data, policy data Hash Value, policy data Hash Value signature).
4) TSM Security Agent receives (policy data, policy data Hash Value, policy data Hash Value signature), and is transmitted to the second credible password module.
5) first the computation engine that the second credible password module calls self carries out signature verification to security strategy Hash Value signature.Enter if the verification passes 6), if authentication failed abandons this message.
6) the second credible password module calls the Hash Value of the computation engine computationally secure policy data of self, compare with the policy data Hash Value sending over, if equated, policy data is stored in credible password module, if unequal, abandon this message.
The flow process that security management center produces new security strategy is as follows.
1) the hash computing of calling the first credible password module is served, the Hash Value of computationally secure strategy.
2) call the first credible password module encryption and decryption computing service, encryption safe strategy and corresponding Hash Value.
3) leave security strategy and Hash Value after encrypting in security management center.
Security management center extracts specifies the flow process of security strategy as follows.
1) call the first credible password module encryption and decryption computing service, deciphering security strategy and corresponding Hash Value.
2) the hash computing of calling the first credible password module is served, the Hash Value of computationally secure strategy.
3), by the security strategy Hash Value newly calculating and the Hash Value comparison of storage, if equated, security strategy is effective.If unequal, abandon this security strategy.
Security management center is deleted and is specified the flow process of security strategy as follows.
1) directly delete this security strategy.
The present invention compared with prior art, has following obvious advantage and beneficial effect:
Security policy manager agreement of the present invention realizes based on security management center side the first credible password module and credible calculating platform side the second credible password module.By security management center being passed to the security policy manager data of credible calculating platform, carry out hash, signature, signature verification and Hash Value comparison calculation, prevent that assailant from palming off security management center and sending security strategy to credible calculating platform, prevent that assailant from distorting the policy data of transmission, guaranteed the authenticity and integrity that security strategy is transmitted between security management center and credible calculating platform.
Security strategy of the present invention has realized policy data has been encrypted and integrity verification protection in the first credible password module at security management center side group; guarantee confidentiality and the integrality of security strategy in the storage of security management center side, prevented leakage and assailant's illegally distorting policy data of policy data.Security strategy is in credible calculating platform side is directly stored in the second credible password module, and credible password module software and hardware safety prevention measure has independently guaranteed security strategy not by unauthorized leakage and distorted.
Accompanying drawing explanation
Fig. 1: security policy manager system configuration schematic diagram;
Fig. 2: the first credible password module and the second credible password module hardware composition diagram;
Fig. 3: security policy manager message format schematic diagram;
Fig. 4: security management center is processed security policy manager message schematic diagram;
Fig. 5: security management center Saving Safe Strategy flow chart;
Fig. 6: credible calculating platform is processed security policy manager message schematic diagram;
Fig. 7: credible calculating platform Saving Safe Strategy flow chart.
Embodiment
Below in conjunction with Figure of description, specific embodiments of the invention are illustrated:
Referring to shown in Fig. 1, is security policy manager system configuration schematic diagram of the present invention.As can be seen from the figure, security policy manager system configuration is comprised of security management center, the first credible password module, the second credible password module, safety management agency.
The first credible password module is served for security management center provides signature and signature verification, symmetrical encryption and decryption and hash computing.
Security management center calls the first credible password module service realizes generation, storage and the deletion of security strategy; The first credible password module service of calling realizes the assembling of security policy manager protocol data, and sends to safety management agency.
The second credible password module is served for credible calculating platform provides signature and signature verification, symmetrical encryption and decryption and hash computing; Receive the security policy manager data that safety management agency forwards, realize the parsing of security policy manager agreement and security strategy is carried out to this locality storage.
The management strategy protocol data-flow that safety management agency sends security management center is transmitted to the second credible password module.
Security policy manager agreement realizes the transmission of security policy information between security management center and credible calculating platform.The concrete combination of agreement and parsing are completed by security management center and the second credible password module.
Security policy manager agreement
It is as follows that security management center is processed security policy manager agreement flow process.See accompanying drawing 4.
1) security management center generates and formulates credible calculating platform security strategy.Security management center calls the first credible password module hash computing service, the hash operation values of computationally secure policy data.
2) security management center calls the first credible password module signature computing service, and hash operation values is signed.
3) security management center generates safety management message by safety management message format (seeing accompanying drawing 3) and sends to credible calculating platform.
It is as follows that credible calculating platform side is processed security policy manager agreement flow process.See accompanying drawing 6.
1) safety management agency receives safety management message, and is transmitted to the second credible password module.
2) first the computation engine that the second credible password module calls self carries out signature verification to security strategy Hash Value signature.Enter if the verification passes 3), if authentication failed abandons this message.
3) the second credible password module calls the Hash Value of the computation engine computationally secure policy data of self, compare with the policy data Hash Value sending over, if equated, policy data is stored in the second credible password module, if unequal, abandon this message.
Security strategy storage protection
Security strategy is as follows in the storage protection method of security management center side and credible calculating platform side.
The storage protection method of security management center side is as follows.
Key to security strategy protection is placed in the second credible password module in the storage of system erection stage.After safety officer's authentication is passed through, can use this key.
The flow process that security strategy is deposited is as follows.Accompanying drawing 5 is shown in by schematic diagram.
1) the hash computing of calling the first credible password module is served, the Hash Value of computationally secure strategy.
2) call the first credible password module encryption and decryption computing service, encryption safe strategy and corresponding Hash Value.
3) security strategy and Hash Value after encrypting are left on the hard disk of security management center.
The flow process of extracting security strategy is as follows.
1) call the first credible password module encryption and decryption computing service, deciphering security strategy and corresponding Hash Value.
2) the hash computing of calling the first credible password module is served, the Hash Value of computationally secure strategy.
3), by the security strategy Hash Value newly calculating and the Hash Value comparison of storage, if equated, security strategy is effective.If unequal, abandon this security strategy.
The storage protection method of credible calculating platform side is as follows.
The second credible password module is resolved safety management agreement and is received after the security strategy of security management center transmission, and security strategy is protected accordingly.The key that protection is used is stored in credible password module at system erection stage.After credible calculating platform authenticating user identification passes through, can use this key.
The flow process that security strategy is deposited is as follows.See accompanying drawing 7.
1) use hash computing service, the Hash Value of computationally secure strategy.
2) use encryption and decryption computing service, encryption safe strategy and corresponding Hash Value.
3) security strategy and Hash Value after encrypting are left on the non-volatile memory medium of the second credible password module.
The flow process of extracting security strategy is as follows.
1) receive the security strategy call instruction that credible calculating platform host computer side sends.
2) use encryption and decryption computing service, deciphering security strategy and corresponding Hash Value.
3) use hash computing service, the Hash Value of computationally secure strategy.
4), by the security strategy Hash Value newly calculating and the Hash Value comparison of storage, if equated, security strategy is returned.If unequal, abandon this security strategy.
Claims (2)
1. a credible calculating platform safety management system, comprises the first credible password module, the second credible password module, security management center module, safety management proxy module and security policy manager protocol module; The first credible password module provides service for security management center, for realizing signature and signature verification, symmetrical encryption and decryption and hash computing; Described security management center module, for realizing generation, storage and the deletion of security strategy; By security policy manager agreement, realize the distribution of security strategy; Described safety management proxy module, for by security management center send management agreement forwarding data flow to the second credible password module; Described the second credible password module is positioned at credible calculating platform, for realizing the parsing of security policy manager agreement; Realize the storage of security strategy; Described security policy manager protocol module, for realizing the transmission of security policy information between security management center and the second credible password module; It is characterized in that:
Security policy manager agreement between security management center and the second credible password module realizes based on the first and second credible password modules; The security strategy of security management center side realizes storage security protection based on the first credible password module, and the security strategy of credible calculating platform side leaves in the second credible password module, is subject to the security protection of the second credible password module self.
2. a method for managing security for credible calculating platform, is characterized in that: comprise that generation security policy manager agreement flow process and security management center produce, extract, delete the flow process of new security strategy;
Wherein, security policy manager agreement flow process comprises the following steps:
1.1, security management center generates and formulates credible calculating platform security strategy; Security management center calls the first credible password module hash computing service, the hash operation values of computationally secure policy data;
1.2, security management center calls the first credible password module signature computing service, and hash operation values is signed;
1.3 security management centers send to credible calculating platform by policy data, policy data Hash Value, policy data Hash Value signing messages;
1.4, credible calculating platform TSM Security Agent receives policy data, policy data Hash Value, policy data Hash Value signing messages, and is transmitted to the second credible password module;
1.5, first the computation engine that the second credible password module calls self carries out signature verification to security strategy Hash Value signature; Enter if the verification passes step 1.6, if authentication failed abandons policy data, policy data Hash Value, policy data Hash Value signature;
1.6, the second credible password module calls the Hash Value of the computation engine computationally secure policy data of self, compare with the policy data Hash Value sending over, if equated, policy data is stored in credible password module, if unequal, abandon policy data, policy data Hash Value, policy data Hash Value signature;
The flow process that described security management center produces new security strategy is as follows:
2.1, call the hash computing service of the first credible password module, the Hash Value of computationally secure strategy;
2.2, call the first credible password module encryption and decryption computing service, encryption safe strategy and corresponding Hash Value;
2.3, leave security strategy and Hash Value after encrypting in security management center;
Described security management center extracts specifies the flow process of new security strategy as follows:
3.1, call the first credible password module encryption and decryption computing service, deciphering security strategy and corresponding Hash Value;
3.2, call the hash computing service of the first credible password module, the Hash Value of computationally secure strategy;
3.3,, by the security strategy Hash Value newly calculating and the Hash Value comparison of storage, if equated, security strategy is effective; If unequal, abandon this security strategy;
Described security management center is deleted and is specified the flow process of new security strategy as follows:
4.1, directly delete this security strategy.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110196175.0A CN102340500B (en) | 2011-07-13 | 2011-07-13 | Security management system and method of dependable computing platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110196175.0A CN102340500B (en) | 2011-07-13 | 2011-07-13 | Security management system and method of dependable computing platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102340500A CN102340500A (en) | 2012-02-01 |
| CN102340500B true CN102340500B (en) | 2014-04-16 |
Family
ID=45515998
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110196175.0A Expired - Fee Related CN102340500B (en) | 2011-07-13 | 2011-07-13 | Security management system and method of dependable computing platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102340500B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102646077B (en) * | 2012-03-28 | 2016-06-15 | 山东超越数控电子有限公司 | A kind of method of the full disk encryption based on credible password module |
| CN103490883B (en) * | 2013-09-17 | 2016-10-05 | 华南理工大学 | A kind of multi-variable public key ciphering/decryption system and encrypting/decrypting method |
| CN104794410B (en) * | 2015-03-23 | 2018-01-09 | 中国科学院软件研究所 | A kind of database security protection method based on reliable computing technology |
| CN109948344A (en) * | 2019-03-14 | 2019-06-28 | 沈昌祥 | A kind of system interaction method based on dual Architecture credible calculating platform |
| CN111339533B (en) * | 2020-02-14 | 2023-04-28 | 北京工业大学 | Application layer-oriented trusted cryptographic module interface design method |
| CN113065136B (en) * | 2021-03-16 | 2024-03-22 | 广东电网有限责任公司汕尾供电局 | Host protection trusted computing system |
| CN113810371B (en) * | 2021-08-04 | 2023-04-18 | 苏州椰云科技有限公司 | Safety management method for software and hardware decoupling platform |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1988437A (en) * | 2006-11-22 | 2007-06-27 | 北京工业大学 | System and method for managing credible calculating platform key authorization data |
| US20100268936A1 (en) * | 2007-06-25 | 2010-10-21 | Hideki Matsushima | Information security device and information security system |
-
2011
- 2011-07-13 CN CN201110196175.0A patent/CN102340500B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1988437A (en) * | 2006-11-22 | 2007-06-27 | 北京工业大学 | System and method for managing credible calculating platform key authorization data |
| US20100268936A1 (en) * | 2007-06-25 | 2010-10-21 | Hideki Matsushima | Information security device and information security system |
Non-Patent Citations (4)
| Title |
|---|
| 《Am Efficient Attestation for Trustworthiness of computing Platform》;LI Xiao-Yong,SHEN Chang-Xiang;《Intelligent Information Hiding and Multimedia Signal Processing,2006.IIH-MSP "06.International Conference on》;20061231;全文 * |
| 《一种新的可信平台模块》;张焕国,覃中平,刘毅,韩永桥;《武汉大学学报·信息科学版》;20081005;第33卷(第10期);全文 * |
| LIXiao-Yong SHEN Chang-Xiang.《Am Efficient Attestation for Trustworthiness of computing Platform》.《Intelligent Information Hiding and Multimedia Signal Processing |
| 张焕国,覃中平,刘毅,韩永桥.《一种新的可信平台模块》.《武汉大学学报·信息科学版》.2008,第33卷(第10期),全文. |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102340500A (en) | 2012-02-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102340500B (en) | Security management system and method of dependable computing platform | |
| Yu et al. | A view about cloud data security from data life cycle | |
| CN109561047B (en) | Encrypted data storage system and method based on key remote storage | |
| Rewagad et al. | Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing | |
| CN103595530B (en) | Software secret key updating method and device | |
| CN109361668A (en) | A kind of data trusted transmission method | |
| Brengel et al. | Identifying key leakage of bitcoin users | |
| CN102035838B (en) | Trust service connecting method and trust service system based on platform identity | |
| CN106790045B (en) | distributed virtual machine agent device based on cloud environment and data integrity guarantee method | |
| CN106452764A (en) | Method for automatically updating identification private key and password system | |
| CN112651037A (en) | Off-chain data access method and system of block chain system | |
| US20220407701A1 (en) | Processing of requests to control information stored at multiple servers | |
| WO2024088082A1 (en) | Method and device for auditing data integrity, and storage medium | |
| CN105471901A (en) | Industrial information security authentication system | |
| Xu et al. | Trustworthy and transparent third-party authority | |
| CN110837634B (en) | Electronic signature method based on hardware encryption machine | |
| CN113079140A (en) | Cooperative spectrum sensing position privacy protection method based on block chain | |
| CN111901338A (en) | Data security protection method for application block chain | |
| CN109145650B (en) | Efficient and safe outsourcing big data auditing method in cloud environment | |
| Liu et al. | Data integrity audit scheme based on quad Merkle tree and blockchain | |
| CN116388986B (en) | Certificate authentication system and method based on post quantum signature | |
| CN105933117A (en) | Data encryption and decryption device and method based on TPM (Trusted Platform Module) key security storage | |
| KR20190027207A (en) | System and method for verifying integrity of personal information | |
| Hussien et al. | Scheme for ensuring data security on cloud data storage in a semi-trusted third party auditor | |
| CN109120621B (en) | Data processor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140416 Termination date: 20150713 |
|
| EXPY | Termination of patent right or utility model |