CN103049293A - Starting method of embedded trusted system - Google Patents
Starting method of embedded trusted system Download PDFInfo
- Publication number
- CN103049293A CN103049293A CN2012105350820A CN201210535082A CN103049293A CN 103049293 A CN103049293 A CN 103049293A CN 2012105350820 A CN2012105350820 A CN 2012105350820A CN 201210535082 A CN201210535082 A CN 201210535082A CN 103049293 A CN103049293 A CN 103049293A
- Authority
- CN
- China
- Prior art keywords
- credible
- embedded
- tolerance
- embedded credible
- data block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a starting method of an embedded trusted system. The method includes: applying an authorization process program (stored at a protection area in a credible chip) before a microprogrammed control unit (MCU) is started, loading in a random-access memory (RAM) of the MCU to detect memory map, obtaining a boundary address and a content characteristic value of an internal memory, and locking a memory area, therefore trusted starting can be provided, a trusted inlet exists, and the memory cannot be distorted and counterfeited in a starting period. Bootloader of a system is measured, whether the bootloader is trusted is checked, and an operation system and a software stack are measured through the bootloader finally so as to achieve trust of a whole embedded system starting process. The starting method of the embedded trusted system provides a trusted starting process which does not depend on a standard starting process Bootloader and then is transplanted in an existing embedded system. Aiming at complexity of embedded environment, too much coupling with environment of the embedded system is avoided, design is flexible, as much as environments can be adapted through as little as modification, and the starting method facilitates popularization and application.
Description
Technical field
The present invention relates to embedded credible platform field, be specifically related to the starting method of a kind of embedded credible system.
Background technology
At present, information security technology mainly relies on strong cryptographic algorithm to combine to guarantee confidentiality, the integrality of information and the non-repudiation of the uniqueness of entity identities and operation and process with key.But various cryptographic algorithms all are not to be perfectly safe; and a lot of users and do not know how these cryptoguard mechanism arrange; the more important thing is; although these technology can stop the attack of hacker and virus to a certain extent, but can't take precautions against the internal staff to the leakage of key message, steal, distort and destroy.In order to improve the security protection ability of computing machine, the credible TCG of computation organization (Trusted Computing Group) has proposed the concept of " credible calculating " (trusted computing), its main thought is the security that strengthens existing PC terminal architecture, and be extended to industrial specification, utilize reliable computing technology to make up general terminal hardware platform.The clear and definite definition of " credible calculating " neither one, its main thought are to introduce credible chip architecture at the device hardware platform, improve Security of the system by its security feature that provides.The embedded credible computing platform is based on the embedded credible chip, and take cryptographic technique as support, secure operating system is core.
The embedded credible chip is the credible root of embedded credible computing platform, provides protection for computing equipment from hardware bottom layer.It is a small-sized SoC SOC (system on a chip) that contains crypto-operation parts and memory unit, links to each other with platform motherboard, is used for the variable that identity verification and process computer or equipment use at trusted computation environment.Wherein mainly comprise microprocessor, EEPROM, Flash, real random number generator etc., mainly finish the sensitive informations such as storage encryption key of RSA public key encryption/signature algorithm, SHA-1 Secure Hash Algorithm and safety.All safety certifications of system and safety are called all and are finished by the embedded credible chip, and set up the complete trust chain relation of a network-application software-operating system-hardware.Under the effect of trusting transmission, realize the globality inspection of security mechanism, thereby guaranteed the credibility of each link, and then guaranteed the credibility of whole system.
The embedded credible chip utilizes program to keep in controller PCR(program control register) come the survey record of saved system.The embedded credible chip comprises the integrity test engine, is used for the integrality related data of acquisition software and hardware, and the result is kept in the configuration register of embedded credible chip hardware.The temporary controller PCR of program must be able to resist the attack from software and hardware.
RTM (Root ofTrust for Measurement) is a computing engines, can carry out reliably integrity measurement of inside.Platform brings into operation from setting up RTM, embedded credible chip initiation process comprises the self check of an embedded credible chip, whether the function that can judge the embedded credible chip by self check is suitable, and RTM has a responsibility for selecting and controlling only embedded credible chip initiation process.Core is credible, and tolerance root CRTM (Core Root ofTrust for Measurement) is the first paragraph code of carrying out after system starts, and the credible boot sequence of its initialization is carried out initial credible measurement, then guides the embedded credible chip to start working.CRTM resides among the Flash, must guarantee can not be modified, and also can not be bypassed, otherwise security of system is difficult to guarantee.
Application number is that 200710053330.7 patent of invention discloses a kind of embedded system that is based upon on the trusted mechanism and starts the method for guiding to, the method is with embedded system and embedded credible chips incorporate together, and embedded system peripheral memory devices is independent, by the read and write of embedded credible chip controls to it; In the embedded system start-up course, must carry out integrity measurement by the embedded credible chip to executable code in the external memory storage first, only after checking was passed through, the embedded credible chip was just given embedded system with the right of external memory storage read and write, allows its startup.The guiding of embedded platform on the trusted mechanism that provides, emphasis be by embedded credible chip controls start-up course and in the initialization external unit, and the external unit of appointment is carried out integrality, degree of reiability.
Application number is that 200810046775.7 patent of invention discloses the embedded platform bootstrap technique on a kind of trusted mechanism, by by the read and write of embedded credible chip controls to embedded system peripheral memory devices, also provide a kind of embedded system that is based upon on the trusted mechanism to start bootstrap technique.
Traditional information security technology mainly relies on strong cryptographic algorithm to combine to guarantee confidentiality, the integrality of information and the non-repudiation of the uniqueness of entity identities and operation and process with key.But various cryptographic algorithms all are not to be perfectly safe; and a lot of users and do not know how these cryptoguard mechanism arrange; the more important thing is; although these technology can stop the attack of hacker and virus to a certain extent, but can't take precautions against the internal staff to the leakage of key message, steal, distort and destroy.
Existing embedded credible system starts in the design, the trust chain model that adopts all is that the embedded credible microarray biochip is directly measured or integrity measurement Bootloader, operating system nucleus, application etc., do not carry out the process of setting up of trusted root, such modelling meeting causes credible chip design complexity to improve, and with platform, operating system, the coupling of the application degree of depth, versatility is poor, is difficult to widespread use.
Summary of the invention
In order to overcome above-mentioned the deficiencies in the prior art, the present invention proposes the starting method of a kind of embedded credible system, provide a kind of and do not relied on the standardization start-up routine, based on the startup flow process of trusted root tolerance, conveniently be transplanted to existing embedded system.Simultaneously, for the complicacy of embedded environment, it is excessively multiple coupled with the environment of embedded system that this model is avoided, and flexible design can adapt to by a small amount of as far as possible modification environment as much as possible, is beneficial to apply.
In order to realize the foregoing invention purpose, the present invention takes following technical scheme:
The starting method of a kind of embedded credible system is provided, said method comprising the steps of:
Step 1: set up the credible tolerance root of core;
Step 2: start-up code tolerance;
Step 3: tolerance starts the operating system;
Step 4: start credible protocol storehouse tolerance;
Step 5: embedded credible chip enable;
Step 6: chip enable data that the Metric Embedding formula is credible;
Step 7: embedded credible system function module tolerance.
Described step 1 may further comprise the steps:
Step 1-1: check memory-mapped by starting control procedure BCP, obtain boundary address and the content characteristic values of internal memory, and put to the memory field of the temporary controller PCR of extender;
Step 1-2: the Root memory field of locking microprogram control unit MCU, finish the foundation of the credible tolerance root of core.
Described step 2 may further comprise the steps:
Step 2-1: the Bootloader to embedded system examines and revises, and signs in trust center after audit and the modification, and the Bootloader metrics process is to guarantee to use the Bootloader of trust center signature;
The application of step 2-2:Bootloader tolerance memory-mapped and software downloader, Bootloader comprises the restriction of described embedded credible system's startup and memory-mapped, guarantees that the operating system that is written into is believable;
Step 2-3: collect address and data that Bootloader uses, address and the data of collecting are put into respectively in data block DATA1 and the pair-wise key district, and the eigenwert in data block DATA1 and pair-wise key district is put to the memory field of the temporary controller PCR of extender.
Described step 3 may further comprise the steps:
Step 3-1: the kernel to operating system carries out integral body tolerance, and the eigenwert that is written into operating system and collects operating system nucleus is put into data block DATA2 with eigenwert, and data block DATA2 is put to the memory field of the temporary controller of extender;
Step 3-2: operating system and embedded credible chip carry out the fixed time interval communication, so that sign as trust center in the credible protocol storehouse of using in the operating system.
In the described step 4, collect address and data that the credible protocol stack uses, and the information of collecting is put among the data block DATA3, and data block DATA3 is put to the memory field of the temporary controller of extender.
Described step 5 may further comprise the steps:
Step 5-1: copy embedded credible chip detection district is inducted into stomion to its inside;
Step 5-2: the PORT COM that initialization need to be used, forbid that incredible all bottoms call, guarantee that the running memory space is credible;
Step 5-3: jump to start-up code and be linked to credible startup tolerance storehouse, carry out the minimal set initialization to tolerance program, data block DATA2, data block DATA3.
Described step 6 may further comprise the steps:
Step 6-1: data in the embedded credible chip enable zone are measured;
Step 6-2: tolerance is returned embedded credible chip detection district elimination by the key that will comprise in will sign and is restarted mechanism, fails to obtain corresponding key behind the embedded credible chip power and can trigger within a certain period of time controlling mechanism to embedded credible systemic-function primary module;
Step 6-3: measure the controlling mechanism that unsuccessfully triggers embedded credible systemic-function primary module, system quits work;
Step 6-4: whether tolerance address set data block DATA1, data block DATA2 and data block DATA3 be destroyed, if destroyed, then re-executes the minimal set initialization, recovers data and address set, re-executes step 6-1.
Described embedded credible system function module comprises embedded credible systemic-function primary module and practical application functional module.
Described step 7 may further comprise the steps:
Step 7-1: entrance function is selected the practical application functional module, and the embedded credible system function module is downloaded trusted root by PORT COM and measured;
Step 7-2: tolerance is finished the embedded credible system and is started by starting redirect code revives/corresponding embedded credible system function module of activation;
Step 7-3: measure the controlling mechanism that unsuccessfully triggers embedded credible systemic-function primary module, system quits work;
Step 7-4: whether metric data/certificate is destroyed, if destroyed, then re-executes step 7-1.
During embedded credible system under attack or some predefine event, trigger the controlling mechanism to embedded credible systemic-function primary module.
Compared with prior art, beneficial effect of the present invention is:
(1) the present invention proposes can to reduce based on the starting method that trusted root is set up process the complexity of credible chip design technique, and with platform, operating system, application loose couplings, dirigibility is high, is convenient to widespread use;
(2) the present invention proposes under the embedded system environment based on the start-up course of reliable computing technology with based on the measurement model of trusted root, more succinct with respect to the start-up course of tolerance step by step, highly versatile;
(3) the present invention is directed to the characteristics of embedded system, running environment and program itself are all carried out safety inspection, improved the credibility of system.
Description of drawings
Fig. 1 is the starting method process flow diagram of embedded credible system;
Fig. 2 is the starting method detail flowchart of embedded credible system in the embodiment of the invention;
Fig. 3 is the starting method applicating flow chart of embedded credible system in the embodiment of the invention.
Embodiment
Below in conjunction with accompanying drawing the present invention is described in further detail.
Such as Fig. 1 and Fig. 2, the starting method of a kind of embedded credible system is provided, said method comprising the steps of:
Step 1: set up the credible tolerance root of core;
Step 2: start-up code tolerance;
Step 3: tolerance starts the operating system;
Step 4: start credible protocol storehouse tolerance;
Step 5: embedded credible chip enable;
Step 6: chip enable data that the Metric Embedding formula is credible;
Step 7: embedded credible system function module tolerance.
Described step 1 may further comprise the steps:
Step 1-1: check memory-mapped by starting control procedure BCP, obtain boundary address and the content characteristic values of internal memory, and put to the memory field of the temporary controller PCR of extender;
Step 1-2: the Root memory field of locking microprogram control unit MCU, finish the foundation of the credible tolerance root of core.
Described step 2 may further comprise the steps:
Step 2-1: the Bootloader to embedded system examines and revises, and signs in trust center after audit and the modification, and the Bootloader metrics process is to guarantee to use the Bootloader of trust center signature;
The application of step 2-2:Bootloader tolerance memory-mapped and software downloader, Bootloader comprises the restriction of described embedded credible system's startup and memory-mapped, guarantees that the operating system that is written into is believable;
Step 2-3: collect address and data that Bootloader uses, address and the data of collecting are put into respectively in data block DATA1 and the pair-wise key district, and the eigenwert in data block DATA1 and pair-wise key district is put to the memory field of the temporary controller PCR of extender.
Described step 3 may further comprise the steps:
Step 3-1: the kernel to operating system carries out integral body tolerance, and the eigenwert that is written into operating system and collects operating system nucleus is put into data block DATA2 with eigenwert, and data block DATA2 is put to the memory field of the temporary controller of extender;
Step 3-2: operating system and embedded credible chip carry out the fixed time interval communication, so that sign as trust center in the credible protocol storehouse of using in the operating system.
In the described step 4, collect address and data that the credible protocol stack uses, and the information of collecting is put among the data block DATA3, and data block DATA3 is put to the memory field of the temporary controller of extender.
Described step 5 may further comprise the steps:
Step 5-1: copy embedded credible chip detection district is inducted into stomion to its inside;
Step 5-2: the PORT COM that initialization need to be used, forbid that incredible all bottoms call, guarantee that the running memory space is credible;
Step 5-3: jump to start-up code and be linked to credible startup tolerance storehouse, carry out the minimal set initialization to tolerance program, data block DATA2, data block DATA3.
Described step 6 may further comprise the steps:
Step 6-1: data in the embedded credible chip enable zone are measured;
Step 6-2: tolerance is returned embedded credible chip detection district elimination by the key that will comprise in will sign and is restarted mechanism, fails to obtain corresponding key behind the embedded credible chip power and can trigger within a certain period of time controlling mechanism to embedded credible systemic-function primary module;
Step 6-3: measure the controlling mechanism that unsuccessfully triggers embedded credible systemic-function primary module, system quits work;
Step 6-4: whether tolerance address set data block DATA1, data block DATA2 and data block DATA3 be destroyed, if destroyed, then re-executes the minimal set initialization, recovers data and address set, re-executes step 6-1.
Described embedded credible system function module comprises embedded credible systemic-function primary module and practical application functional module.
Described step 7 may further comprise the steps:
Step 7-1: entrance function is selected the practical application functional module, and the embedded credible system function module is downloaded trusted root by PORT COM and measured;
Step 7-2: tolerance is finished the embedded credible system and is started by starting redirect code revives/corresponding embedded credible system function module of activation;
Step 7-3: measure the controlling mechanism that unsuccessfully triggers embedded credible systemic-function primary module, system quits work;
Step 7-4: whether metric data/certificate is destroyed, if destroyed, then re-executes step 7-1.
During embedded credible system under attack or some predefine event, trigger the controlling mechanism to embedded credible systemic-function primary module.
Should be noted that at last: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although with reference to above-described embodiment the present invention is had been described in detail, those of ordinary skill in the field are to be understood that: still can make amendment or be equal to replacement the specific embodiment of the present invention, and do not break away from any modification of spirit and scope of the invention or be equal to replacement, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (10)
1. the starting method of an embedded credible system is characterized in that: said method comprising the steps of:
Step 1: set up the credible tolerance root of core;
Step 2: start-up code tolerance;
Step 3: tolerance starts the operating system;
Step 4: start credible protocol storehouse tolerance;
Step 5: embedded credible chip enable;
Step 6: chip enable data that the Metric Embedding formula is credible;
Step 7: embedded credible system function module tolerance.
2. the starting method of embedded credible according to claim 1 system, it is characterized in that: described step 1 may further comprise the steps:
Step 1-1: check memory-mapped by starting control procedure BCP, obtain boundary address and the content characteristic values of internal memory, and put to the memory field of the temporary controller PCR of extender;
Step 1-2: the Root memory field of locking microprogram control unit MCU, finish the foundation of the credible tolerance root of core.
3. the starting method of embedded credible according to claim 1 system, it is characterized in that: described step 2 may further comprise the steps:
Step 2-1: the Bootloader to embedded system examines and revises, and signs in trust center after audit and the modification, and the Bootloader metrics process is to guarantee to use the Bootloader of trust center signature;
The application of step 2-2:Bootloader tolerance memory-mapped and software downloader, Bootloader comprises the restriction of described embedded credible system's startup and memory-mapped, guarantees that the operating system that is written into is believable;
Step 2-3: collect address and data that Bootloader uses, address and the data of collecting are put into respectively in data block DATA1 and the pair-wise key district, and the eigenwert in data block DATA1 and pair-wise key district is put to the memory field of the temporary controller PCR of extender.
4. the starting method of embedded credible according to claim 1 system, it is characterized in that: described step 3 may further comprise the steps:
Step 3-1: the kernel to operating system carries out integral body tolerance, and the eigenwert that is written into operating system and collects operating system nucleus is put into data block DATA2 with eigenwert, and data block DATA2 is put to the memory field of the temporary controller of extender;
Step 3-2: operating system and embedded credible chip carry out the fixed time interval communication, so that sign as trust center in the credible protocol storehouse of using in the operating system.
5. the starting method of embedded credible according to claim 1 system, it is characterized in that: in the described step 4, collect address and data that the credible protocol stack uses, and the information of collecting is put among the data block DATA3, and data block DATA3 is put to the memory field of the temporary controller of extender.
6. the starting method of embedded credible according to claim 1 system, it is characterized in that: described step 5 may further comprise the steps:
Step 5-1: copy embedded credible chip detection district is inducted into stomion to its inside;
Step 5-2: the PORT COM that initialization need to be used, forbid that incredible all bottoms call, guarantee that the running memory space is credible;
Step 5-3: jump to start-up code and be linked to credible startup tolerance storehouse, carry out the minimal set initialization to tolerance checking routine, data block DATA2, data block DATA3.
7. the starting method of embedded credible according to claim 1 system, it is characterized in that: described step 6 may further comprise the steps:
Step 6-1: data in the embedded credible chip enable zone are measured;
Step 6-2: tolerance is returned embedded credible chip detection district elimination by the key that will comprise in will sign and is restarted mechanism, fails to obtain corresponding key behind the embedded credible chip power and can trigger within a certain period of time controlling mechanism to embedded credible systemic-function primary module;
Step 6-3: measure the controlling mechanism that unsuccessfully triggers embedded credible systemic-function primary module, system quits work;
Step 6-4: whether tolerance address set data block DATA1, data block DATA2 and data block DATA3 be destroyed, if destroyed, then re-executes the minimal set initialization, recovers data and address set, re-executes step 6-1.
8. the starting method of embedded credible according to claim 1 system, it is characterized in that: described embedded credible system function module comprises embedded credible systemic-function primary module and practical application functional module.
9. the starting method of embedded credible according to claim 1 system, it is characterized in that: described step 7 may further comprise the steps:
Step 7-1: entrance function is selected the practical application functional module, and the embedded credible system function module is downloaded the trusted root certificate by PORT COM and measured;
Step 7-2: tolerance is finished the embedded credible system and is started by starting redirect code revives/corresponding embedded credible system function module of activation;
Step 7-3: measure the control that unsuccessfully triggers embedded credible systemic-function primary module and restart mechanism, the embedded credible system quits work and restarts;
Step 7-4: whether metric data/certificate is destroyed, if destroyed, then re-executes step 7-1.
10. the starting method of embedded credible according to claim 1 system is characterized in that: during embedded credible system under attack or some predefine event, trigger the controlling mechanism to embedded credible systemic-function primary module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210535082.0A CN103049293B (en) | 2012-12-12 | 2012-12-12 | A kind of startup method of embedded credible system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210535082.0A CN103049293B (en) | 2012-12-12 | 2012-12-12 | A kind of startup method of embedded credible system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103049293A true CN103049293A (en) | 2013-04-17 |
| CN103049293B CN103049293B (en) | 2016-09-21 |
Family
ID=48061945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210535082.0A Active CN103049293B (en) | 2012-12-12 | 2012-12-12 | A kind of startup method of embedded credible system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103049293B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530548A (en) * | 2013-10-22 | 2014-01-22 | 山东神思电子技术股份有限公司 | Embedded terminal dependable starting method based on mobile dependable computing module |
| CN105608385A (en) * | 2015-12-29 | 2016-05-25 | 南京理工大学 | Trusted starting method of embedded equipment based on embedded trusted computing module |
| CN106250760A (en) * | 2016-07-26 | 2016-12-21 | 浪潮电子信息产业股份有限公司 | A kind of U Boot based on TPM2.0 chip credible startup method |
| CN112445537A (en) * | 2020-12-11 | 2021-03-05 | 中国科学院信息工程研究所 | Trusted starting method and device of operating system, mobile terminal and storage medium |
| CN112769800A (en) * | 2020-12-31 | 2021-05-07 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Switch integrity verification method and device and computer storage medium |
| CN114579983A (en) * | 2022-04-26 | 2022-06-03 | 阿里云计算有限公司 | Method and device for acquiring trusted information and trusted server |
| CN114625431A (en) * | 2022-03-03 | 2022-06-14 | 上海先楫半导体科技有限公司 | Chip awakening method and system in low power consumption mode and chip |
| CN116340956A (en) * | 2023-05-25 | 2023-06-27 | 国网上海能源互联网研究院有限公司 | Trusted protection optimization method and device for electric embedded terminal equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102222181A (en) * | 2010-04-15 | 2011-10-19 | 北京同方微电子有限公司 | Method for realizing trusted computing platform in embedded device |
| WO2012148422A1 (en) * | 2011-04-29 | 2012-11-01 | Hewlett-Packard Development Company, L.P. | Embedded controller to verify crtm |
-
2012
- 2012-12-12 CN CN201210535082.0A patent/CN103049293B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102222181A (en) * | 2010-04-15 | 2011-10-19 | 北京同方微电子有限公司 | Method for realizing trusted computing platform in embedded device |
| WO2012148422A1 (en) * | 2011-04-29 | 2012-11-01 | Hewlett-Packard Development Company, L.P. | Embedded controller to verify crtm |
Non-Patent Citations (2)
| Title |
|---|
| 林小茶 等: "嵌入式可信计算机研究", 《计算机工程与设计》, vol. 30, no. 16, 31 August 2009 (2009-08-31), pages 3730 - 3734 * |
| 王博: "基于TPM的嵌入式可信终端的研究与设计", 《中国优秀硕士学位论文全文数据库 信息科技辑》, no. 12, 31 December 2011 (2011-12-31) * |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530548A (en) * | 2013-10-22 | 2014-01-22 | 山东神思电子技术股份有限公司 | Embedded terminal dependable starting method based on mobile dependable computing module |
| CN103530548B (en) * | 2013-10-22 | 2016-08-17 | 神思电子技术股份有限公司 | Startup method that built-in terminal based on mobile trustable computation module is credible |
| CN105608385A (en) * | 2015-12-29 | 2016-05-25 | 南京理工大学 | Trusted starting method of embedded equipment based on embedded trusted computing module |
| CN106250760A (en) * | 2016-07-26 | 2016-12-21 | 浪潮电子信息产业股份有限公司 | A kind of U Boot based on TPM2.0 chip credible startup method |
| CN112445537A (en) * | 2020-12-11 | 2021-03-05 | 中国科学院信息工程研究所 | Trusted starting method and device of operating system, mobile terminal and storage medium |
| CN112769800B (en) * | 2020-12-31 | 2022-10-04 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Switch integrity verification method and device and computer storage medium |
| CN112769800A (en) * | 2020-12-31 | 2021-05-07 | 武汉船舶通信研究所(中国船舶重工集团公司第七二二研究所) | Switch integrity verification method and device and computer storage medium |
| CN114625431A (en) * | 2022-03-03 | 2022-06-14 | 上海先楫半导体科技有限公司 | Chip awakening method and system in low power consumption mode and chip |
| CN114625431B (en) * | 2022-03-03 | 2023-08-29 | 上海先楫半导体科技有限公司 | Chip awakening method and system in low-power consumption mode and chip |
| CN114579983A (en) * | 2022-04-26 | 2022-06-03 | 阿里云计算有限公司 | Method and device for acquiring trusted information and trusted server |
| CN114579983B (en) * | 2022-04-26 | 2022-09-09 | 阿里云计算有限公司 | Method and device for acquiring trusted information and trusted server |
| CN116340956A (en) * | 2023-05-25 | 2023-06-27 | 国网上海能源互联网研究院有限公司 | Trusted protection optimization method and device for electric embedded terminal equipment |
| CN116340956B (en) * | 2023-05-25 | 2023-08-08 | 国网上海能源互联网研究院有限公司 | Trusted protection optimization method and device for electric embedded terminal equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103049293B (en) | 2016-09-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108399339B (en) | Trusted starting method based on security chip | |
| CN103049293B (en) | A kind of startup method of embedded credible system | |
| CN105205401B (en) | Trusted computer system and its trusted bootstrap method based on security password chip | |
| US8850212B2 (en) | Extending an integrity measurement | |
| US7594124B2 (en) | Cross validation of data using multiple subsystems | |
| US20170230179A1 (en) | Password triggered trusted encrytpion key deletion | |
| CN107679393B (en) | Android integrity verification method and device based on trusted execution environment | |
| JP6053786B2 (en) | Firmware-based Trusted Platform Module (TPM) for ARM® Trust Zone implementation | |
| CN102436566B (en) | Dynamic trusted measurement method and safe embedded system | |
| CN102136043B (en) | Computer system and measuring method thereof | |
| US20190253417A1 (en) | Hardware device and authenticating method thereof | |
| US20130212406A1 (en) | Technique for providing secure firmware | |
| CN109522721A (en) | A kind of starting method of the Industry Control credible embedded platform based on TPM | |
| CN104951701B (en) | A kind of method of the terminal device booting operating system based on USB controller | |
| CN105608386A (en) | Trusted computing terminal integrity measuring and proving method and device | |
| CN101901319A (en) | Trusted computing platform and method for verifying trusted chain transfer | |
| CN105718806A (en) | Method for achieving trusted active measurement based on domestic BMC and TPM2.0 | |
| CN105718807A (en) | Android system based on software TCM and trusted software stack and trusted authentication system and method thereof | |
| CN109992973B (en) | Starting measurement method and device by using OPROM mechanism | |
| CN110674494B (en) | Process protection method, system and data processing method | |
| WO2015035843A1 (en) | Measurement method, electronic device and measurement system | |
| Luo et al. | On security of trustzone-m-based iot systems | |
| CN111125707A (en) | BMC (baseboard management controller) safe starting method, system and equipment based on trusted password module | |
| CN103258164A (en) | Starting method of embedded trusted system | |
| Dave et al. | Care: Lightweight attack resilient secure boot architecture with onboard recovery for risc-v based soc |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB03 | Change of inventor or designer information |
Inventor after: Wang Zhihao Inventor after: Liu Kai Inventor after: Zhang Bo Inventor after: Zhao Baohua Inventor before: Wang Zhihao Inventor before: Zhao Baohua Inventor before: Zhang Bo Inventor before: Liu Kai |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: INVENTOR; FROM: WANG ZHIHAO ZHAO BAOHUA ZHANG BO LIU KAI TO: WANG ZHIHAO LIU KAI ZHANG BO ZHAO BAOHUA |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171013 Address after: 100192 Beijing city Haidian District Qinghe small Camp Road No. 15 Co-patentee after: State Grid Corporation of China Patentee after: China Electric Power Research Institute Co-patentee after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Co-patentee after: State Grid Zhejiang Electric Power Company Address before: 100192 Beijing city Haidian District Qinghe small Camp Road No. 15 Co-patentee before: State Grid Corporation of China Patentee before: China Electric Power Research Institute |