CN103605929B - A kind of trusted hardware equipment and using method thereof of supporting multi-user - Google Patents
A kind of trusted hardware equipment and using method thereof of supporting multi-user Download PDFInfo
- Publication number
- CN103605929B CN103605929B CN201310575256.0A CN201310575256A CN103605929B CN 103605929 B CN103605929 B CN 103605929B CN 201310575256 A CN201310575256 A CN 201310575256A CN 103605929 B CN103605929 B CN 103605929B
- Authority
- CN
- China
- Prior art keywords
- user
- hardware equipment
- trusted hardware
- controller
- implementation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
A kind of multi-user's of support trusted hardware equipment and using method thereof relate to information security field of storage. Multi-user's trusted hardware equipment is the root of trust of multi-user's credible calculating platform, is the nucleus module of multi-user's credible calculating platform. The present invention points out that existing trusted hardware equipment cannot meet multi-user and use same physics credible calculating platform simultaneously, proposes the solution the multiple user profile of trusted hardware equipment storage inside. Delete user method and trusted hardware equipment switching user method according to the newly-built user method of trusted hardware equipment, trusted hardware equipment, guarantee the data isolation between user on described trusted hardware equipment, external interface completely compatible existing " trusted computing password support platform function and interface specification " simultaneously, without upper strata basic software and hardware platform are transformed.
Description
Technical field:
The present invention relates to information security field, relate in particular to a kind of multi-user's of support trusted hardware equipment and user thereofMethod.
Background technology:
The main thought of credible calculating is on hardware platform, to introduce safety chip (credible platform module) to improve terminal systemSecurity, that is to say it is on each terminal platform, to implant a root of trust, allow computer from BIOS to operating systemInner nuclear layer, more all build trusting relationship to application layer; Based on this, expand on network, set up corresponding trust chain,Thereby enter one and calculate the immunity epoch.
Along with the development of cloud computing, originally different users uses different separately physics credible calculating platforms, becomes sameOn a physics credible calculating platform, make multiple users share a physics credible calculating platform by virtualized mode, carryWhen high resource utilization, also bring many new type of safe problems, as: original trusted hardware equipment is not supportedMulti-user, the trusted computing chip of a physics can only be preserved a user's data.
Summary of the invention:
The specific implementation method of a kind of multi-user's of support trusted hardware equipment is provided in the present invention, coordinates existing credibleComputing platform, can realize multi-user shared same credible computing hardware equipment on the unified platform. Described reliable hardware is establishedThe standby software interface that provides state to switch, can be seamless integrate with existing virtualization product. Described reliable hardwareEquipment can be that the form of IP kernel can be also the form of IC chip package.
Support multi-user's a trusted hardware equipment, comprise communication bus, input-output unit, implementation controller, read-only storageDevice, cryptographic algorithm engine, randomizer, nonvolatile storage, volatile memory, state switch controller and stateNonvolatile storage;
Implementation controller is connected with read-only storage, communication bus, input-output unit respectively;
Implementation controller connects cryptographic algorithm engine, randomizer, nonvolatile storage, easy by communication busLose memory and state switch control unit;
State switch controller respectively connection status switches nonvolatile storage and communication bus;
Cryptographic algorithm engine has comprised: SMS4 algorithm, SM2 algorithm, SM3 algorithm and hmac algorithm;
In read-only storage, store the described needed program code of trusted hardware equipment, having comprised: described canLetter hardware device setup code, the described newly-built personal code work of trusted hardware equipment and described trusted hardware equipment switch to be usedFamily code, the control routine of cryptographic algorithm engine, non-volatile memory, volatile storage and random generator;
Described trusted hardware equipment compatibility " credible calculating is credible password support platform function and interface specification " (GM/TTrusted computing password support platform interface specification 0011-2012).
The using method of described trusted hardware equipment, is characterized in that comprising:
1. the newly-built user method of trusted hardware equipment, trusted hardware equipment are deleted user method and trusted hardware equipment switching useFamily method;
2. concrete steps are as follows:
2.1. the newly-built user method of trusted hardware equipment:
2.1.1. trusted hardware equipment is received after the instruction from the newly-built user of place credible calculating platform, described newly-built userThe instruction unique identifying number that comprised newly-built user, it is newly-built that implementation controller reads trusted hardware equipment from read-only storagePersonal code work;
2.1.2. the implementation controller in trusted hardware equipment is received after unique identifier of credible calculating platform, by above-mentioned newly-builtUser's request is transmitted to user's switch controller, and input-output unit is placed in blocked state by implementation controller simultaneously;
2.1.3. user's switch controller is received after newly-built user's request that implementation controller sends, and first checks that reliable hardware establishesFor whether reaching maximum number of user, if do not had, in user data nonvolatile storage, distribute the storage that belongs to newly-built userRegion, then deposits address, side-play amount and the newly-built user's at the place, region of distribution unique identifying number mark in user listNon-volatile memory, user's switch controller returns to the result being allocated successfully to implementation controller; If reach maximum number of user,User's switch controller returns and distributes failed result to implementation controller;
2.1.4. input-output unit is placed in unblock state by implementation controller, the knot of afterwards user's switch controller being sentFruit sends to the credible calculating platform at trusted hardware equipment place;
2.2. trusted hardware equipment delet method:
2.2.1. trusted hardware equipment is received after the instruction from the deletion user of place credible calculating platform, described newly-built userInstruction comprised the unique identifying number of deleting user, implementation controller reads trusted hardware equipment and deletes from read-only storagePersonal code work;
2.2.2. the implementation controller in trusted hardware equipment is received after unique identifier of credible calculating platform, by above-mentioned deletionUser's request is transmitted to user's switch controller, and input-output unit is placed in blocked state by implementation controller simultaneously;
2.2.3. user's switch controller is received after the deletion user request that implementation controller sends, and deposits user data is non-volatileIn reservoir, distribute and belong to the storage area of deleting user;
2.2.4. user's switch controller is received after the deletion user request that implementation controller sends, and first detects this user and isNo being present on trusted hardware equipment, if existed, delete user non-easily at user list nonvolatile storage and user dataLose the data on memory, user's switch controller returns and deletes successful result to implementation controller, if user does not exist,User's switch controller returns and deletes failed result to implementation controller;
2.2.5. input-output unit is placed in unblock state by implementation controller, the knot of afterwards user's switch controller being sentFruit sends to the credible calculating platform at trusted hardware equipment place;
2.3. trusted hardware equipment switches user method:
2.3.1. trusted hardware equipment is received the request from the switching user of place credible calculating platform, has comprised time in requestUnique identifier of a user, implementation controller reads trusted hardware equipment and switches personal code work from read-only storage;
2.3.2. the implementation controller in trusted hardware equipment is received after above-mentioned switching user request, and above-mentioned status request is forwardedGive user's switch controller, input-output unit is placed in blocked state by implementation controller simultaneously;
2.3.3. user's switch controller is received after the switching user request that implementation controller sends, and first detects this user and isNo being present on trusted hardware equipment, if user does not exist, user's switch controller returns to switch to implementation controller and losesThe result losing, directly performs step 2.3.6; If user exists, deposit the data in volatile storage in user data non-volatileIn memory, storage area corresponding to current state, deposits the data in non-volatile memory in user data nonvolatile storage inThe storage area that current state is corresponding;
2.3.4. user's switch controller from switching state non-volatile memory by corresponding unique identifier of next userData in nonvolatile storage area deposit non-volatile memory in, by volatile memory block corresponding unique identifier of next userData in territory deposit volatile storage in;
2.3.5. user's switch controller initialized cryptographic algorithm engine and randomizer;
2.3.6. input-output unit is placed in unblock state by implementation controller, the knot of afterwards user's switch controller being sentFruit sends to the credible calculating platform at trusted hardware equipment place.
Effect of the present invention:
1) user, in the time that use is of the present invention, adopts asynchronous access mechanism, and user submits to and visits to trusted hardware equipmentAsk after request, can continue to process the business of oneself, then reliable hardware is switched to this user's state post processingThis user's request of access, then returns to result to user.
2) the present invention can realize on same physics trusted hardware equipment, realize multi-user shared one credibleHardware device, isolation completely between user simultaneously.
3) the present invention is switched after User Status completing, can realize completely cryptographic calculations, key storage, canThe function that the credible computing equipments such as the PCR storage in letter start-up course should have.
4) the present invention does not need to change existing credible calculating platform completely, completely compatible with existing software interface,Realize the credible support to credible calculating platform.
Brief description of the drawings:
A kind of inner annexation of trusted hardware equipment of supporting multi-user of Fig. 1
The annexation of Fig. 2 a kind of reliable hardware and the credible platform of supporting multi-user
Detailed description of the invention:
Below in conjunction with accompanying drawing and case study on implementation, the present invention will be described in detail.
1. the trusted hardware equipment initial method described in:
Carry out engine: select microblaze processor
Cryptographic algorithm engine is supported: SMS4 engine, SM2 engine, SM3 engine and HMAC engine;
Internal bus: use PLB bus;
Cryptographic algorithm engine has comprised: SMS4 algorithm, SM2 algorithm, SM3 algorithm and hmac algorithm;
Input and output I/O: one end adopts lpc bus interface, one end adopts PLB EBI;
Important information on described trusted hardware equipment comprises: the certificate of session key, trusted hardware equipment, credibleThe firmware of hardware device, user state information;
Volatile memory cell adopts: the RAM of 512K;
Nonvolatile memory cell adopts: the Flash chip of 512K;
State nonvolatile memory cell adopts: the flash chip of 16M;
Described trusted hardware equipment is realized on the xilinxFPGA development board of customization;
Described trusted hardware equipment is supported at most 16 users;
The use of 2.2 trusted hardware equipments
In the mutual instruction format of existing trusted hardware equipment { command id, bag size, command index, functional domain }, addAdd the newly-built state of command index (numbering 0x118), deletion state (numbering 0x119) and switching state (numbering 0x11a).The command id of trusted hardware equipment is 0x00C1.
Unique identifier adopts the general unique identifier of UUID(), length 128bit i.e. 32 hexadecimal numbers.
2.1. the described newly-built user method of trusted hardware equipment:
2.1.1. described trusted hardware equipment receive after the instruction from the newly-built user of place credible calculating platform (such as0x00c10x900x01180x000011112222333344445555, i.e. newly-built user, packet length 0x90, unique identificationNumber be 0x000011112222333344445555), the unique identifying number that described newly-built user's instruction has comprised newly-built user,Implementation controller reads the described newly-built personal code work of trusted hardware equipment from read-only storage;
2.1.2. the implementation controller in described trusted hardware equipment is received after unique identifier of credible calculating platform, by upperState newly-built user's request and be transmitted to user's switch controller, input-output unit is placed in blocked state by implementation controller simultaneously;
2.1.3. user's switch controller is received after newly-built user's request that implementation controller sends, and first checks described credibleWhether hardware device reaches maximum number of user, if not, in user data nonvolatile storage, distributes and belongs to newly-built userStorage area, then deposit address, side-play amount and the newly-built user's at the place, region of distribution unique identifying number mark in useFamily list non-volatile memory, user's switch controller returns to the result being allocated successfully to implementation controller; If reaching maximum usesAmount, user's switch controller returns and distributes failed result to implementation controller;
2.1.4. input-output unit is placed in unblock state by implementation controller, the knot of afterwards user's switch controller being sentFruit sends to the credible calculating platform at described trusted hardware equipment place;
2.2. described trusted hardware equipment delet method:
2.2.1. the trusted hardware equipment described in is received after the instruction from the deletion user of place credible calculating platform, described newThe instruction of building user has comprised the unique identifying number of deleting user, and implementation controller reads described credible from read-only storageHardware device is deleted personal code work;
2.2.2. the implementation controller in described trusted hardware equipment is received after unique identifier of credible calculating platform, by upperState deletion user request and be transmitted to user's switch controller, input-output unit is placed in blocked state by implementation controller simultaneously;
2.2.3. user's switch controller receives after the deletion user request that implementation controller sends, and deposits user data is non-volatileIn reservoir, distribute and belong to the storage area of deleting user;
2.2.4. user's switch controller is received after the deletion user request that implementation controller sends, and first detects this user and isNo being present on described trusted hardware equipment, if existed, delete user at user list nonvolatile storage and number of usersAccording to the data on nonvolatile storage, user's switch controller returns and deletes successful result to implementation controller, if userDo not exist, user's switch controller returns and deletes failed result to implementation controller;
2.2.5. input-output unit is placed in unblock state by implementation controller, the knot of afterwards user's switch controller being sentFruit sends to the credible calculating platform at described trusted hardware equipment place;
2.3. described trusted hardware equipment switches user method:
2.3.1. described trusted hardware equipment is received from the switching user's of place credible calculating platform request, in request, wrapsContained unique identifier of next user, implementation controller reads described trusted hardware equipment and switches from read-only storagePersonal code work;
2.3.2. the implementation controller in described trusted hardware equipment is received after above-mentioned switching user request, above-mentioned state is askedAsk and be transmitted to user's switch controller, input-output unit is placed in blocked state by implementation controller simultaneously;
2.3.3. user's switch controller is received after the switching user request that implementation controller sends, and first detects this user and isNo being present on described trusted hardware equipment, if user does not exist, user's switch controller returns to implementation controllerThe result of handoff failure, directly performs step 2.3.6; If user exists, deposit the data in volatile storage in user dataStorage area corresponding to current state in nonvolatile storage, deposits the data in non-volatile memory in that user data is non-volatile to be depositedStorage area corresponding to current state in reservoir;
2.3.4. user's switch controller from switching state non-volatile memory by corresponding unique identifier of next userData in nonvolatile storage area deposit non-volatile memory in, by volatile memory block corresponding unique identifier of next userData in territory deposit volatile storage in;
2.3.5. user's switch controller initialized cryptographic algorithm engine and randomizer;
Input-output unit is placed in unblock state by implementation controller, and the result of afterwards user's switch controller being sent sends to instituteThe credible calculating platform at the trusted hardware equipment place of stating.
Claims (1)
1. support a using method for multi-user's trusted hardware equipment, described a kind of support multi-user canLetter hardware device comprises communication bus, input-output unit, implementation controller, read-only storage, cryptographic algorithmEngine, randomizer, nonvolatile storage, volatile memory, user's switch controller, user dataNonvolatile storage and user list nonvolatile storage;
Implementation controller is connected with read-only storage, communication bus, input-output unit respectively;
Implementation controller connects cryptographic algorithm engine, randomizer, non-volatile depositing by communication busReservoir, volatile memory and user's switch controller;
User's switch controller connect respectively user data nonvolatile storage, user list nonvolatile storage andCommunication bus;
In read-only storage, store the described needed program code of trusted hardware equipment, having comprised: describedTrusted hardware equipment setup code, the described newly-built personal code work of trusted hardware equipment and described reliable hardwareEquipment switches personal code work, the control of cryptographic algorithm engine, non-volatile memory, volatile storage and random generatorCode,
It is characterized in that comprising: the newly-built user method of trusted hardware equipment, trusted hardware equipment are deleted user methodSwitch user method with trusted hardware equipment;
Concrete steps are as follows:
1.1. the newly-built user method of trusted hardware equipment:
1.1.1. trusted hardware equipment is received after the instruction from the newly-built user of place credible calculating platform, instituteState the unique identifying number that newly-built user's instruction has comprised newly-built user, implementation controller is read from read-only storageGet the newly-built personal code work of trusted hardware equipment;
1.1.2. the implementation controller in trusted hardware equipment is received after unique identifier of credible calculating platform,Above-mentioned newly-built user's request is transmitted to user's switch controller, and implementation controller is put input-output unit simultaneouslyIn blocked state;
1.1.3. user's switch controller is received after newly-built user's request that implementation controller sends, and first checksWhether trusted hardware equipment reaches maximum number of user, if not, distributed in user data nonvolatile storageBelong to newly-built user's storage area, then by address, side-play amount and the newly-built user at the place, region of distributingUnique identifying number mark deposits user list non-volatile memory in, and user's switch controller returns point to implementation controllerJoin successful result; If reach maximum number of user, user's switch controller returns to distribution to implementation controllerFailed result;
1.1.4. input-output unit is placed in unblock state by implementation controller, afterwards by user's switching controlsThe result that device is sent sends to the credible calculating platform at trusted hardware equipment place;
1.2. trusted hardware equipment delet method:
1.2.1. trusted hardware equipment is received after the instruction from the deletion user of place credible calculating platform, instituteThe instruction of stating newly-built user has comprised the unique identifying number of deleting user, and implementation controller is read from read-only storageGet trusted hardware equipment and delete personal code work;
1.2.2. the implementation controller in trusted hardware equipment is received after unique identifier of credible calculating platform,Above-mentioned deletion user request is transmitted to user's switch controller, and implementation controller is put input-output unit simultaneouslyIn blocked state;
1.2.3. user's switch controller is received after the deletion user request that implementation controller sends, at number of usersAccording to distributing and belong to the storage area of deleting user in nonvolatile storage;
1.2.4. user's switch controller is received after the deletion user request that implementation controller sends, and first detectsWhether this user is present on trusted hardware equipment, if existed, deletes user and deposits user list is non-volatileData on reservoir and user data nonvolatile storage, user's switch controller returns to deletion to implementation controllerSuccessfully result, if user does not exist, user's switch controller returns and deletes unsuccessfully to implementation controllerResult;
1.2.5. input-output unit is placed in unblock state by implementation controller, afterwards by user's switching controlsThe result that device is sent sends to the credible calculating platform at trusted hardware equipment place;
1.3. trusted hardware equipment switches user method:
1.3.1. trusted hardware equipment is received the request from the switching user of place credible calculating platform, requestIn comprised next user unique identifier, implementation controller reads reliable hardware and establishes from read-only storageThe standby personal code work that switches;
1.3.2. the implementation controller in trusted hardware equipment is received after above-mentioned switching user request, by above-mentioned shapeState request is transmitted to user's switch controller, and input-output unit is placed in blocked state by implementation controller simultaneously;
1.3.3. user's switch controller is received after the switching user request that implementation controller sends, and first detectsWhether this user is present on trusted hardware equipment, if user does not exist, user's switch controller is to holdingLine control unit returns to the result of handoff failure, directly performs step 2.3.6; If user exists, deposit volatileData in storage deposit storage area corresponding to current state in user data nonvolatile storage in, deposit non-volatileData in storage deposit storage area corresponding to current state in user data nonvolatile storage in;
1.3.4. user's switch controller from switching state non-volatile memory by unique identification of next userData in number corresponding nonvolatile storage area deposit non-volatile memory in, by unique identifier of next userData in corresponding volatile storage area deposit volatile storage in;
1.3.5. user's switch controller initialized cryptographic algorithm engine and randomizer;
1.3.6. input-output unit is placed in unblock state by implementation controller, afterwards by user's switching controlsThe result that device is sent sends to the credible calculating platform at trusted hardware equipment place.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310575256.0A CN103605929B (en) | 2013-11-17 | 2013-11-17 | A kind of trusted hardware equipment and using method thereof of supporting multi-user |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310575256.0A CN103605929B (en) | 2013-11-17 | 2013-11-17 | A kind of trusted hardware equipment and using method thereof of supporting multi-user |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103605929A CN103605929A (en) | 2014-02-26 |
| CN103605929B true CN103605929B (en) | 2016-05-25 |
Family
ID=50124150
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310575256.0A Active CN103605929B (en) | 2013-11-17 | 2013-11-17 | A kind of trusted hardware equipment and using method thereof of supporting multi-user |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103605929B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10162767B2 (en) * | 2015-06-27 | 2018-12-25 | Mcafee, Llc | Virtualized trusted storage |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE19539700C1 (en) * | 1995-10-25 | 1996-11-28 | Siemens Ag | Security chip for data protection |
| CN1204432A (en) * | 1995-10-25 | 1999-01-06 | 西门子公司 | Security chip |
| CN101025769A (en) * | 2006-02-22 | 2007-08-29 | 联想(北京)有限公司 | Multi-user safety chip resource allocation method and muiti-user safety system |
| CN102063591A (en) * | 2011-01-07 | 2011-05-18 | 北京工业大学 | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform |
-
2013
- 2013-11-17 CN CN201310575256.0A patent/CN103605929B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE19539700C1 (en) * | 1995-10-25 | 1996-11-28 | Siemens Ag | Security chip for data protection |
| CN1204432A (en) * | 1995-10-25 | 1999-01-06 | 西门子公司 | Security chip |
| CN101025769A (en) * | 2006-02-22 | 2007-08-29 | 联想(北京)有限公司 | Multi-user safety chip resource allocation method and muiti-user safety system |
| CN102063591A (en) * | 2011-01-07 | 2011-05-18 | 北京工业大学 | Methods for updating PCR (Platform Configuration Register) reference values based on trusted platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103605929A (en) | 2014-02-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11301303B2 (en) | Resource pool processing to determine to create new virtual resource pools and storage devices based on currebt pools and devices not meeting SLA requirements | |
| WO2018113443A1 (en) | Method and device for accessing linux container cluster using browser under multi-user environment | |
| CN102884761B (en) | For the method and apparatus of the virtual switch in cloud network | |
| CN111917893B (en) | Virtual private cloud and data center under cloud communication and configuration method and related device | |
| US9300731B2 (en) | Connection following during network reconfiguration | |
| US10880232B1 (en) | Availability groups of cloud provider edge locations | |
| CN108243106A (en) | Control method, forwarding unit, control device and the communication system of network slice | |
| CN105095317B (en) | Distributed data base service management system | |
| JP2019528005A (en) | Method, apparatus, and system for a virtual machine to access a physical server in a cloud computing system | |
| CN104199722A (en) | Virtual computer storage service system and using method thereof | |
| US10924429B1 (en) | Using edge-optimized compute instances to execute user workloads at provider substrate extensions | |
| CN108270728A (en) | Mixing cloud management system and method based on container | |
| CN103605929B (en) | A kind of trusted hardware equipment and using method thereof of supporting multi-user | |
| EP3806389A1 (en) | Virtual subnet constructing method and device, and storage medium | |
| CN110532761A (en) | A kind of method and device updating virtual machine password | |
| US10887095B2 (en) | Allocating security parameter index values using time-based one-time passwords | |
| US10678577B2 (en) | Method for implementing virtual secure element | |
| CN104158795B (en) | The Accreditation System and its register method of devices at full hardware terminal in cloud desktop system | |
| US20190356648A1 (en) | Resource extension method and device for a zone of a cloud service platform, apparatus and computer-readable storage medium | |
| WO2024103800A1 (en) | Method and apparatus for live migration of virtual machine, and device and non-volatile readable storage medium | |
| CN113285983A (en) | Virtual experiment system supporting multiple virtualized security devices to share single encryption card | |
| CN103118115B (en) | Facing cloud calculates virtual machine management method and the device of user | |
| CN109002719A (en) | A kind of trusted hardware equipment that supporting multi-user and application method | |
| US10838784B2 (en) | Real-time file system event mapping to cloud events | |
| CN110115012B (en) | Secret information distribution method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |