CN103617388B - A kind of implementation method with the secure operating system of process authentic authentication - Google Patents
A kind of implementation method with the secure operating system of process authentic authentication Download PDFInfo
- Publication number
- CN103617388B CN103617388B CN201310673915.4A CN201310673915A CN103617388B CN 103617388 B CN103617388 B CN 103617388B CN 201310673915 A CN201310673915 A CN 201310673915A CN 103617388 B CN103617388 B CN 103617388B
- Authority
- CN
- China
- Prior art keywords
- pki
- address
- authentication
- operating system
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Abstract
The invention discloses a kind of implementation method with the secure operating system of process authentic authentication, comprise the following steps: 1): carry the process (PP) of PKI by process manager module (PM) startup optimization, and submit to PKI to process manager module; 2) after PM receives PKI, PKI is submitted to authentication module (CA), thus activating and authenticating module (CA) is run; 3), after CA obtains PKI, extract private key from assigned address, and use assignment algorithm to carry out certification, then authentication result is returned to process manager module (PM); 4) if certification is passed through, PM allows PP to continue to run, no person, forbids that the process (PP) of carrying PKI is run.This implementation method with the secure operating system of process authentic authentication provides a kind of process authentic authentication mechanism to judge that whether process is credible, thus stops the operation in systems in which of dangerous or incredible process, ensures security of system.
Description
Technical field
The present invention relates to a kind of implementation method with the secure operating system of process authentic authentication.
Background technology
Along with the development of infotech, security of system problem is by extensive concern, in addition after " prism door event ", security of system problem is focused again, especially proposes requirements at the higher level at some specials (as maintained secrecy, safe) to the security of system.
Whether safe implementation method has multiple system, such as: by intercepting application program key message, antivirus software judges whether this program is virus, thus ensure security of system; The safety etc. of system core information or data is ensured by encryption technology.These methods can provide certain security feature, but also there is larger limitation, because these methods are all based upon application layer, do not belong to operating system nucleus, therefore the security of itself just existing problems, and so protective effect also exists limitation.
Therefore, the implementation method designing the higher operating system of a kind of security is necessary.
Summary of the invention
Technical matters to be solved by this invention is to provide a kind of implementation method with the secure operating system of process authentic authentication, this implementation method with the secure operating system of process authentic authentication provides a kind of process authentic authentication mechanism to judge that whether process is credible, thus stop the operation in systems in which of dangerous or incredible process, ensure security of system.
Easy to implement, calibration accuracy is high.
The technical solution of invention is as follows:
Have an implementation method for the secure operating system of process authentic authentication, this secure operating system take (SuSE) Linux OS as platform, comprises the following steps:
1): carry the process (PP) of PKI by process manager module (PM) startup optimization, and submit to PKI to process manager module, the process of after this carrying PKI enters waiting status;
2) after process manager module (PM) receives PKI, PKI is submitted to authentication module (CA), thus activating and authenticating module (CA) is run;
3), after authentication module (CA) obtains PKI, extract private key from assigned address, and use assignment algorithm to carry out certification, then authentication result is returned to process manager module (PM);
4) if certification is passed through, process manager module (PM) allows the process (PP) of carrying PKI to continue to run, if certification is not passed through, process manager module (PM) forbids that the process (PP) of carrying PKI is run.
PKI is submitted to authentication module (CA) with pipeline or message queue mode by process manager module (PM).
Private key is provided by the private key generator in hardware system.(illustrating: also can obtain private key by software)
Described assignment algorithm is the RSA rivest, shamir, adelman of support 2048 keys.
One is arranged for generating the encryption chip of private key in hardware system; And open up one piece of particular memory region in memory for storing the data relevant to encryption and decryption; Described storer is internal memory or FLASH memory; Authentication module adopts following steps to implement certification:
1) private key is read by the driver of encryption chip from encryption chip;
2) private key is saved in particular memory region;
3) use RSA Algorithm to be decrypted the PKI imported into, complete certification.
Described particular memory region is only used by the program that verification process is corresponding, in decrypting process, private key and the data relevant to private key are all stored in this particular memory region, and do not use other storage areas of system to store, and have deciphered to empty particular memory region afterwards;
The described method of opening up one piece of particular memory region is in memory: distributed by the physical address space of BootLoader start-up routine to storer, the address section be hidden namely be divided into and unrestricted address section; Hidden address section corresponds to particular memory region, is also called restricted address section; In BootLoader start-up routine, by base address register and the address mapping relation of configuration processor, making (SuSE) Linux OS when setting up MMU management, only carry out on the section of unrestricted address, and the address section be hidden not participating in MMU foundation; Make after linux system starts, MMU can only manage unrestricted physical address section; And it is invisible to MMU to be hidden address section, after process above, except the program that authentication module is corresponding, the program that (SuSE) Linux OS and (SuSE) Linux OS run all directly can not access this address section be hidden;
By program corresponding to authentication module to the implementation method that this section of hiding physical address conducts interviews be: this driver is not by the address maps of MMU but adopt physical address to operate the address section that this is hidden.
Authentication procedure (CA) just brings into operation after os starting, and is in waiting status always.
In this mechanism, CA is invisible to PP, is only dispatched by PM; Between PM and CA, the mode such as pipeline, message queue interactive information must be passed through.
In (SuSE) Linux OS kernel, realize the authentic authentication mechanism to process.Realize this mechanism and need the following steps work:
1) Optimization Progress administration module (PM).(SuSE) Linux OS itself has management of process scheduling feature, but process is not carried out to the ability of certification, and therefore need increased verification process before PM establishment process.
2) authentication module (CA) is increased.This module increases newly in operating system, is used for carrying out certification to process.CA is only dispatched by PM, by message queue or pipeline and PM interactive information, invisible to other process.
3) process carries the mode of PKI, is realized by initiator.PM in operating system only collects PKI, and submits to CA and carry out certification, and determines whether create process according to authentication result.
These work are all embodied in concrete aforesaid main step above.
By process authentic authentication, the present invention judges that whether this process is safe, credible, thus determine its operation result.
Beneficial effect:
The implementation method with the secure operating system of process authentic authentication of the present invention, in the entire system, PP must by ability true(-)running after certification, and the (SuSE) Linux OS therefore realizing this mechanism is exactly a kind of operating system with security feature.This secure operating system, owing to can carry out certification to PP, because this enhancing the security of operating system, thus stops the destruction of dangerous, incredible demand for system.
Core of the present invention is to provide a kind of process believable authentication mechanism, and this mechanism belongs to a part for operating system, self is not only safe, also can ensures the safety of system, thus stops fly-by-night process to be run.
Method of the present invention can carry out certification to the process run in operating system, thus judges that whether it is credible.These processes can be initiated by software program, also can be initiated by hardware device, and these processes carry PKI, request authentication, after only having certification to pass through, just can obtain the full schedule of management of process and run, if do not passed through, so will be stopped scheduling, not rerun.Distrust or the operation in systems in which of unsafe process can be stoped like this, thus guarantee security of system.
By the authentic authentication of process, can be stoped those not by the process operation in systems in which of certification, prevent their destruction systems, or illegal to the significant data in system, operate, thus whole system is run in the environment of safety.This system may be used on safety, maintaining secrecy has the field of particular/special requirement, provides security service and application to greatest extent.
Accompanying drawing explanation
Fig. 1 is schematic diagram corresponding to the implementation method of the secure operating system with process authentic authentication.
Embodiment
Below with reference to the drawings and specific embodiments, the present invention is described in further details:
Embodiment 1:
Private key generator adopts the chip providing the support RSA rivest, shamir, adelman of 2048 private keys, and ca authentication module obtains private key from this maker, and uses RSA asymmetric arithmetic certification PKI.
By user or the final user of system, authorize which process to run in this system, only have these processes to be safe and reliable, could obtain and carry PKI; Those systems user or final user's the unknown, the process of not authorizing is all insincere or dangerous process, they can not obtain PKI.Therefore the mandate of PKI is determined by system user or final user and safeguards, thus confirms which process can have PKI.
As Fig. 1, provide the secure operating system related function module of process authentic authentication by following flow performing or realization:
1.PM process manager module, when the process of establishment, requires that process submits PKI to, if this process can not submit PKI to, so direct by process KILL[termination]; If this process have submitted PKI, so process is first hung up by PM, does not carry out system resource allocation or scheduling to it;
The PKI that process is submitted to is put into pipeline or message queue by 2.PM, and activates ca authentication module;
3. when os starting, CA is just loaded operation, and enters waiting status, after being activated, obtains PKI from pipeline or message queue by PM;
4.CA obtains private key again from appointment private key generator, and use RSA rivest, shamir, adelman certification PKI, the access of private key and verification process thereof all complete at specific storage area [hidden address section], do not use the manageable storage area of MMU, ensure the security of private key;
Authentication result is put into pipeline or message queue by 5.CA, and notifies PM;
6.PM, from pipeline or message queue access authentication result, passes through if result is certification, and so PM will be this course allocation system resource, and management and running; Do not pass through if result is certification, so PM distributing system resource will not give this process, and this process of KILL.
In whole implementation procedure, CA and PM must carry out information interaction by pipeline or message queue, to ensure the safety of CA module; CA is invisible to other process, only accepts PM scheduling; Private key generator is accessed by CA, and provides the private key of 2048.
The hardware platform of this operating system is embedded device is panel computer, and processor is Exynos4412, and FLASH memory adopts NANDFLASH storer; Inside save as DDR3 internal memory; Also comprise the SD/TF socket for reading and writing SD/TF device; Select the encryption chip with the arbitrary interface of UART, I2C, SPI, PCI, USB, this encryption chip can provide the private key of 2048.
Encryption chip adopts TF32A09 device.This chip is used to provide private key to authentication procedure, and only accepts the operation of authentication procedure.
In BootLoader start-up routine, by base address register and the address mapping relation of configuration processor, making (SuSE) Linux OS when setting up MMU management, only carry out on the section of unrestricted address, and the address section be hidden not participating in MMU foundation.Like this after linux system starts, MMU can only manage unrestricted physical address section (comprising address maps, page table foundation etc.); And it is invisible to MMU to be hidden address section, MMU does not know in other words.After processing above, the program of (SuSE) Linux OS and upper operation thereof all directly can not access this address section be hidden, and does not even know the existence having this sector address.Driver (as authentication procedure of the present invention) adopts physical address (real address) to operate this sector address region, is similar to the address function mode in UB00T program, does not consider the address maps of MMU.For different memory devices, the method that this driver realizes can be different, and such as, according to the carrier of NANDFLASH memory device as hidden address, therefore this driver must realize the bottom read-write operation of block device for NANDFLASH.
Claims (6)
1. have an implementation method for the secure operating system of process authentic authentication, this secure operating system is platform with (SuSE) Linux OS, it is characterized in that, comprises the following steps:
1): carry the process (PP) of PKI by process manager module (PM) startup optimization, and submit to PKI to process manager module, the process of after this carrying PKI enters waiting status;
2) after process manager module (PM) receives PKI, PKI is submitted to authentication module (CA), thus activating and authenticating module (CA) is run;
3), after authentication module (CA) obtains PKI, extract private key from assigned address, and use assignment algorithm to carry out certification, then authentication result is returned to process manager module (PM);
4) if certification is passed through, process manager module (PM) allows the process (PP) of carrying PKI to continue to run, if certification is not passed through, process manager module (PM) forbids that the process (PP) of carrying PKI is run.
2. according to its implementation method with the secure operating system of process authentic authentication according to claim 1, it is characterized in that, PKI is submitted to authentication module (CA) with pipeline or message queue mode by process manager module (PM).
3., according to its implementation method with the secure operating system of process authentic authentication according to claim 1, it is characterized in that, provide private key by the private key generator in hardware system.
4. the implementation method with the secure operating system of process authentic authentication according to its any one of claim 1-3, is characterized in that, described assignment algorithm is the RSA rivest, shamir, adelman of support 2048 keys.
5. according to its implementation method with the secure operating system of process authentic authentication according to claim 2, it is characterized in that, in hardware system, arranging one for generating the encryption chip of private key; And open up one piece of particular memory region in memory for storing the data relevant to encryption and decryption; Described storer is internal memory or FLASH memory; Authentication module adopts following steps to implement certification:
1) private key is read by the driver of encryption chip from encryption chip;
2) private key is saved in particular memory region;
3) use RSA Algorithm to be decrypted the PKI imported into, complete certification.
6. according to its implementation method with the secure operating system of process authentic authentication according to claim 5, it is characterized in that, described particular memory region is only used by the program that verification process is corresponding, in decrypting process, private key and the data relevant to private key are all stored in this particular memory region, and do not use other storage areas of system to store, decipher and rear particular memory region have been emptied;
The described method of opening up one piece of particular memory region is in memory: distributed by the physical address space of BootLoader start-up routine to storer, the address section be hidden namely be divided into and unrestricted address section; Hidden address section corresponds to particular memory region, is also called restricted address section; In BootLoader start-up routine, by base address register and the address mapping relation of configuration processor, making (SuSE) Linux OS when setting up MMU management, only carry out on the section of unrestricted address, and the address section be hidden not participating in MMU foundation; Make after linux system starts, MMU can only manage unrestricted physical address section; And it is invisible to MMU to be hidden address section, after process above, except the program that authentication module is corresponding, the program that (SuSE) Linux OS and (SuSE) Linux OS run all directly can not access this address section be hidden; Described MMU is memory management unit;
By program corresponding to authentication module to the implementation method that this section of hiding physical address conducts interviews be: this driver is not by the address maps of MMU but adopt physical address to operate the address section that this is hidden.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310673915.4A CN103617388B (en) | 2013-12-11 | 2013-12-11 | A kind of implementation method with the secure operating system of process authentic authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310673915.4A CN103617388B (en) | 2013-12-11 | 2013-12-11 | A kind of implementation method with the secure operating system of process authentic authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103617388A CN103617388A (en) | 2014-03-05 |
| CN103617388B true CN103617388B (en) | 2016-04-06 |
Family
ID=50168091
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310673915.4A Active CN103617388B (en) | 2013-12-11 | 2013-12-11 | A kind of implementation method with the secure operating system of process authentic authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103617388B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3214543A1 (en) * | 2014-10-27 | 2017-09-06 | Yulong Computer Telecommunication Scientific (Shenzhen) Co. Ltd. | Method for setting encrypted storage area, apparatus for setting encrypted storage area, and terminal |
| CN104408365B (en) * | 2014-12-17 | 2017-05-24 | 中国人民解放军国防科学技术大学 | Progress authentication method based on password |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102195987A (en) * | 2011-05-31 | 2011-09-21 | 成都七巧软件有限责任公司 | Distributed credibility authentication method and system thereof based on software product library |
| CN102663313A (en) * | 2012-03-22 | 2012-09-12 | 吴晓栋 | Method for realizing information security of computer system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20020060572A (en) * | 2001-01-11 | 2002-07-18 | 포만 제프리 엘 | Security system for preventing a personal computer from being used by unauthorized people |
-
2013
- 2013-12-11 CN CN201310673915.4A patent/CN103617388B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102195987A (en) * | 2011-05-31 | 2011-09-21 | 成都七巧软件有限责任公司 | Distributed credibility authentication method and system thereof based on software product library |
| CN102663313A (en) * | 2012-03-22 | 2012-09-12 | 吴晓栋 | Method for realizing information security of computer system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103617388A (en) | 2014-03-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3582129B1 (en) | Technologies for secure hardware and software attestation for trusted i/o | |
| Santos et al. | Using ARM TrustZone to build a trusted language runtime for mobile applications | |
| CN102884535B (en) | Protected device manages | |
| JP6137499B2 (en) | Method and apparatus | |
| CN100470565C (en) | Secure license management | |
| CN106605233B (en) | Providing trusted execution environment using processor | |
| US20190036699A1 (en) | Technologies for end-to-end biometric-based authentication and platform locality assertion | |
| TWI451338B (en) | Processor extensions for execution of secure embedded containers | |
| TWI245182B (en) | Method, chipset, system and recording medium for responding to a sleep attack | |
| CN103607279B (en) | Cryptographic key protection method based on polycaryon processor and system | |
| US10536274B2 (en) | Cryptographic protection for trusted operating systems | |
| US10303880B2 (en) | Security device having indirect access to external non-volatile memory | |
| US20110246778A1 (en) | Providing security mechanisms for virtual machine images | |
| CN103679037B (en) | Asymmetric encryption authentication method and the embedded device based on asymmetric encryption certification | |
| US20100082898A1 (en) | Methods to securely bind an encryption key to a storage device | |
| TW201224840A (en) | Method and apparatus for enforcing a mandatory security policy on an operating system (OS) independent anti-virus (AV) scanner | |
| TW202036347A (en) | Method and apparatus for data storage and verification | |
| US9525705B2 (en) | System and method for managing tokens authorizing on-device operations | |
| WO2014059575A1 (en) | Method and apparatus for processing input/output operation | |
| CN101334827A (en) | Magnetic disc encryption method and magnetic disc encryption system for implementing the method | |
| Buhren et al. | Fault attacks on encrypted general purpose compute platforms | |
| Raj et al. | ftpm: A firmware-based tpm 2.0 implementation | |
| CN103617128B (en) | A kind of embedded system and the implementation method of SOS | |
| Jayaram Masti et al. | An architecture for concurrent execution of secure environments in clouds | |
| CN106030602B (en) | Workload is isolated in block based on virtualization |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20190808 Address after: 410205 Room 1001, Building 10, Changsha Zhongdian Software Park, 39 Jianshan Road, Changsha High-tech Development Zone, Changsha City, Hunan Province Co-patentee after: Changsha HCC HIDEN Technology Co., Ltd. Patentee after: Hunan Great Wall Science and Technology Information Co., Ltd. Address before: 410100 East Road, Changsha economic and Technological Development Zone, Changsha, Hunan, China Co-patentee before: Changsha HCC HIDEN Technology Co., Ltd. Patentee before: GreatWall Information Industry Co., Ltd. |
|
| TR01 | Transfer of patent right |