CN105184196A - Electronic system information security protection system and method - Google Patents
Electronic system information security protection system and method Download PDFInfo
- Publication number
- CN105184196A CN105184196A CN201510555655.XA CN201510555655A CN105184196A CN 105184196 A CN105184196 A CN 105184196A CN 201510555655 A CN201510555655 A CN 201510555655A CN 105184196 A CN105184196 A CN 105184196A
- Authority
- CN
- China
- Prior art keywords
- extension set
- safety management
- management extension
- device keys
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
Abstract
The present invention relates to the field of information security, and discloses an electronic system information security protection system and method. The system comprises a secret key injection device, a security management extension set and at least one protected device, wherein the secrete key injection device is a pluggable device in relative to the security management extension set and comprises a nonvolatile memory for storing cipher keys in a clear text form; the security management extension set comprises a nonvolatile memory for solidifying device keys of the protected devices in a ciphertext form, a device interface chip establishing communication connection with the protected devices, and a volatile memory; the protected device comprises a nonvolatile memory for storing functional procedures in a ciphertext form; the cipher keys are used for decrypting the device keys from the ciphertext form into the clear text form, and the device keys in the clear text form are used for decrypting the functional procedures from the ciphertext form into the clear text form. Double encryption methods are used for preventing and controlling core contents of devices, and information security of the devices are guaranteed to the largest extent.
Description
Technical field
The present invention relates to electronic system field of information security technology, be specifically related to a kind of electronic system information safety protection system and method.
Background technology
Along with the development of electronic science and technology and software engineering, particularly daily equipment changes software intensive into by electric mechanical intensity, and the scale of its software is more and more huger, and increasing function all changes software simulating into from original hardware implementing.Modern Large-Scale Equipment such as aircraft etc. often carries up to ten million embedded softwares, in addition likely containing concerning security matters, sensitive information, such as radar, communication, navigation, electronic countermeasure, enemy and we's identification, guided missile tracking etc. relate to software code and the encrypted message of military electronic systems key equipment.
Various functions due to electronic system is all realized by the processor performing specific software code, and sensitive information is also stored in processor inside or its external memory unit mostly.Along with electronic system software size is increasing, the classified information that in processor, application package contains is also more and more, more and more important.In order to ensure the safety of described software code and sensitive information, a kind of technical measures are needed to protect it, event of giving away secrets to prevent from divulging a secret personnel, in the situation such as equipment is intercepted and captured, equipment breaking-up.If software code directly stores in memory with plaintext version in addition, can by oppositely compiling the workflow that engineering obtains software, accordingly can the principle of work of decryption device and running parameter, at present, the multiple application program of EMBEDDED AVIONICS is with plaintext version centralized stores, and single hardware platform is divulged a secret and the principle of work and running parameter that cause all functions in this system divulged a secret undoubtedly.
Summary of the invention
For the above-mentioned defect existed in prior art, technical matters to be solved by this invention how to protect the information security of electronic system.
For solving the problems of the technologies described above, on the one hand, the invention provides a kind of electronic system information safety protection system, comprising: programmable key injection device, safety management extension set and at least one protected equipment; Wherein, described programmable key injection device is can plug equipment relative to described safety management extension set, and it comprises the nonvolatile memory depositing cryptographic key with plaintext version; Described safety management extension set comprises: with the nonvolatile memory of the device keys of the described protected equipment of ciphertext form solidification, the equipment interface chip established a communications link with described protected equipment and volatile memory; Described protected equipment comprises the nonvolatile memory depositing function program with ciphertext form; Described cryptographic key is used for described device keys to be decrypted into plaintext version from ciphertext form, and the described device keys of plaintext version is used for described function program to be decrypted into plaintext version from ciphertext form.
Preferably, described safety management extension set also comprises: dsp processor, FPGA processor, equipment interface chip, control interface chip, power monitoring chip and backup battery; Wherein, described dsp processor couples mutually with the nonvolatile memory of described safety management extension set, volatile memory, FPGA processor, control interface chip and power monitoring chip respectively, completes the deciphering of described device keys and/or sells close; Described FPGA processor also couples mutually with equipment interface chip, by described equipment interface chip and corresponding interface and described protected equipment mutual; Described backup battery couples mutually with described power monitoring chip, starts erasing move when described protection system power down in good time.
Preferably, the nonvolatile memory of described protected equipment is also built-in with boot and the supervisory routine of plaintext version.
Preferably, the nonvolatile memory in described programmable key injection device, described safety management extension set and described protected equipment is NandFLASH, NorFLASH, SD card, CF card, hard disk or general semiconductor storage medium; Volatile memory in described safety management extension set is RAM, SDRAM, DDR or DSP internal RAM memory.
Preferably, the equipment interface that described safety management extension set is external and/or control interface are asynchronous serial port, synchronous serial interface, CAN or RapidIO bus.
On the other hand, the present invention also provides a kind of electronic system information safety protecting method simultaneously, comprises step:
Safety management extension set runs, completion system initial work;
Judge that whether cryptographic key is effective, if cryptographic key is invalid, then in programmable key injection device, read cryptographic key, re-use the device keys of cryptographic key to the ciphertext form in the nonvolatile memory of safety management extension set and be decrypted; If cryptographic key is effective, be then directly used for decryption device key;
After obtaining the plaintext of device keys, be stored in the volatile memory of safety management extension set;
Wait for that protected equipment is to safety management extension set application device keys, if equipment application is passed through, then issues the device keys of corresponding plaintext version to protected equipment.
Preferably, described guard method also comprises step:
When safety management extension set runs, if receive the close instruction of pin, then produce interruption, control the device keys of ciphertext form in the nonvolatile memory of safety management extension set erasing extension set, and wipe the device keys of plaintext version in the volatile memory of extension set;
Send the close instruction of pin to protected equipment simultaneously, require the function program of the function program of ciphertext form, the device keys of plaintext version and plaintext version in the protected equipment of erasing.
Preferably, described guard method also comprises step:
When safety management extension set runs, if monitor system power failure, then judge whether to start backup battery according to backup battery electricity;
If do not start backup battery, then directly start to perform erasing move; If startup backup battery, then start to carry out timing service time to backup battery, prescribe a time limit when exceeding and arranging, then start to perform erasing move;
Wherein, described erasing move is: the device keys of plaintext version in the device keys of ciphertext form and volatile memory in the nonvolatile memory of erasing safety management extension set; Wipe the function program of the function program of ciphertext form in protected equipment, the device keys of plaintext version and plaintext version simultaneously.
Preferably, described guard method also comprises step:
Complete after cryptographic key reads at safety management extension set and extract programmable key injection device, be stored in other position that general personnel cannot obtain.
Preferably, the algorithm that described deciphering uses comprises XOR, 3DES, Geff generator, MD5 or AES.
Method and system of the present invention can be implemented cryptoguard to functional software, prevent functional software from divulging a secret under not affecting protected functions of the equipments, not changing its hardware case, and realizes simple, and system of being convenient to is improved and upgrading.Typically; can effectively reduce Large-size Arms and Equipments crashing, defect, risk of giving away secrets in the situation such as to be captured; enemy is not obtaining decruption key; obtaining function program ciphertext will without any value, and the function program plaintext of the cryptographic key in system sdram storer expressly and in protected equipment RAM storer also cannot recover because of power down.
Accompanying drawing explanation
Fig. 1 is present system preferred embodiment process flow diagram;
Fig. 2 is present system cryptographic key protection management flow chart;
Fig. 3 is the close control workflow diagram of present system pin.
Embodiment
As employed some vocabulary to censure specific components in the middle of instructions and claim.Those skilled in the art should understand, and hardware manufacturer may call same parts with different noun.This specification and claims are not used as with the difference of title the mode distinguishing parts, but are used as the criterion of differentiation with parts difference functionally.In addition, " couple " word and comprise directly any and indirectly electric property coupling means at this.Therefore, if describe a first device in literary composition to be coupled to one second device, then represent described first device and directly can be electrically coupled to described second device, or be indirectly electrically coupled to described second device by other devices or the means that couple.Instructions subsequent descriptions is for implementing better embodiment of the present invention, and right described description is to illustrate for the purpose of rule of the present invention, and is not used to limit scope of the present invention.Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described.Obviously, described embodiment is for implementing better embodiment of the present invention, and described description is to illustrate for the purpose of rule of the present invention, and is not used to limit scope of the present invention.Protection scope of the present invention should be as the criterion with the claim person of defining, and based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain under the prerequisite not making creative work, all belongs to the scope of protection of the invention.
As everyone knows, if software code directly stores in memory with plaintext version, the workflow of software can be obtained by reverse compiling engineering, accordingly can the principle of work of decryption device and running parameter.At present, the multiple application program of EMBEDDED AVIONICS is with plaintext version centralized stores, and single hardware platform is divulged a secret and the principle of work and running parameter that cause all functions in this system divulged a secret undoubtedly; Further, the software compiler major part of the chips such as FPGA, DSP, PowerPC, FLASH of EMBEDDED AVIONICS software application and correspondence is all provided by several renowned companies, and this brings very big hidden danger also to the safety of embedded software and information.
The present invention utilizes cryptological technique and cura specialis system to provide safeguard protection to the software code in electronic system, sensitive information.In each preferred embodiment of the present invention, the cryptographic algorithm of use safety and supervisory routine realize protected functions of the equipments program encryption store with deciphering load; Adopt the encryption of means to protected device keys of double-encryption, deciphering; Security management program is adopted to realize protected device keys distribution and management; Adopt key to separate storage means with ciphertext and improve security.Suitable application by the way, provides comprehensive safeguard measure to the information security of electronic system.
As shown in Figure 1, in a preferred embodiment of the invention, provide firstly a kind of electronic system information safety protection system, this protection system comprises: programmable key injection device 10, safety management extension set 20 and at least one protected equipment; Wherein, programmable key injection device is can plug equipment relative to safety management extension set, and it comprises the nonvolatile memory depositing cryptographic key with plaintext version; Safety management extension set comprises: the equipment interface chip solidify the nonvolatile memory of the device keys of protected equipment with ciphertext form, establishing a communications link with protected equipment and volatile memory; Protected equipment comprises the nonvolatile memory depositing function program with ciphertext form; Described cryptographic key is used for described device keys being decrypted into plaintext version from ciphertext form and being temporarily stored in the volatile memory of described safety management extension set, and the described device keys of plaintext version is used for described function program to be decrypted into plaintext version from ciphertext form.
By this protection system; in double-encryption mode, prevention and control are carried out to the core content of protected equipment; store because cryptographic key (expressly) separates with device keys (ciphertext); isolated protection physically can be realized; only could normal decipher operation by application and when can obtain programmable key injection device at protected equipment, ensure that the information security of equipment to greatest extent.
In the preferred embodiment shown in Fig. 1, further, the assembly that safety management extension set comprises has: dsp processor 21 (preferred model is TMS320C6416), volatibility SDRAM storer 23 (preferred model is MT48LC32M16A2), non-volatile FLASH memory 22 (preferred model is S29GL512N), FPGA processor 24 (preferred model is XC5VSX50T), equipment interface chip 25 (preferred model is SN65LBC175), control interface chip 26 (preferred model is MAX490E), power monitoring chip 27 (preferred model is ADM698) and backup battery 28 (preferred model is 18650).Wherein, dsp processor 21 is connected with FLASH memory 22, SDRAM storer 23, FPGA, control interface chip, power monitoring chip respectively, and equipment interface chip is connected with FPGA, and backup battery is connected with power monitoring chip.N number of device keys (ciphertext) is solidified with in FLASH memory 22.The nonvolatile memory of programmable key injection device is EEPROM (preferred model is 24LC512).In addition, the non-volatile FLASH memory of protected equipment is also built-in with boot (expressly) 31 and supervisory routine (expressly) 32.
Wherein said dsp processor be can DSP, the ARM of operating software, PowerPC, single-chip microcomputer or universal PC processor etc.; FPGA processor is the logical device that can carry out programming; Power monitoring chip is can monitoring voltage state provide the power management chip etc. of power down protection.
Nonvolatile memory in programmable key injection device, safety management extension set and protected equipment is NandFLASH, NorFLASH, SD card, CF card, hard disk or general semiconductor storage medium.Volatile memory 23 is RAM, SDRAM, DDR or DSP internal RAM memory etc.The equipment interface 25 of system external and/or control interface 26 are asynchronous serial port, synchronous serial interface, CAN or RapidIO bus etc.
Again see Fig. 2, it describes the flow process that above-mentioned protection system carries out cryptographic key protection management in detail: when safety management extension set runs, first completion system initial work (step 110), then judge whether effectively (step 120) cryptographic key, if cryptographic key is invalid, then in programmable key injection device, read cryptographic key (expressly) (step 130), the device keys (ciphertext) re-used in the FLASH memory 22 of cryptographic key and extension set carries out XOR to be completed and deciphers (step 140); If cryptographic key is effective, be then directly used for decryption device key.After obtaining the plaintext of device keys, be stored in the SDRAM storer 23 of extension set.After completing above step, wait for that protected equipment is to safety management extension set application device keys, if equipment application is passed through (step 150), then issues corresponding device keys (expressly) (step 160) to it.The enciphering and deciphering algorithm wherein used comprises the cryptographic algorithm such as XOR, 3DES, Geff generator, MD5, AES.
In the present embodiment, complete after cryptographic key reads at safety management extension set and extract programmable key injection device, be stored in other position that general personnel cannot obtain, realized separately storage and the physical isolation of cryptographic key (expressly), device keys (ciphertext).
With further reference to Fig. 3, it describes the workflow that this protection system carries out the close control of pin in detail: when safety management extension set runs, if control interface 26 receives the close instruction of pin, then produce interruption (step 300), control device keys (ciphertext) (step 310) in the FLASH22 of safety management extension set erasing extension set, wipe device keys (expressly) (step 320) in the SDRAM23 of extension set again, the close instruction (step 330) of pin is sent to the supervisory routine 32 of protected equipment, require function program (ciphertext) in the protected equipment of erasing, device keys (expressly), function program (expressly), when safety management extension set runs, if power monitoring chip 27 monitors system power failure (step 200), then judge whether to start backup battery (step 210) according to backup battery 28 electricity, if do not start backup battery, then enter step 310 to start to perform erasing move, if start backup battery, then start to start timing (step 220) service time to backup battery, prescribe a time limit when exceeding and arranging, then enter step 310 and start to perform erasing move.
Sell the last resort of safety that close control flow is the software code ensured in protected equipment, sensitive information.The close steering order of pin imported into from control interface can be the close action of driving pin of operator, also can be sensor when being triggered by the close action of untie-sell.In the present invention, the plaintext of device keys and the plaintext of protected functions of the equipments program are all be stored in RAM, and when system power failure, in RAM, clear data is all lost, and only has the ciphertext of preserving on a flash in system.If equipment is obtained by unauthorized user, due to cannot decruption key be obtained, not by oppositely compiling workflow, principle of work and the running parameter of learning protected equipment.Meanwhile, in order to avoid equipment is wiped when carrying out the normal powering down safeguarded by mistake, in system, being also provided with power down time timing, manually can stopping timing by inserting programmable key injection device, ensureing system integrity.In the present embodiment, timing deadlines is 30 minutes, because device keys length is 1M byte, therefore has 2
8388608kind of combination, far beyond the arithmetic capability of current any computing machine, can not within the time limit successful decryption complete decompiling.
Method and system of the present invention can be implemented cryptoguard to functional software, prevent functional software from divulging a secret under not affecting protected functions of the equipments, not changing its hardware case, and realizes simple, and system of being convenient to is improved and upgrading.Typically; various equipment can be effectively reduced in the situation such as unexpected or initiatively divulge a secret by the risk of giving away secrets after non-authorization user from obtaining; unauthorized user is not when obtaining decruption key; the function program ciphertext obtained will without any value, and the function program plaintext of the cryptographic key in system sdram storer expressly and in protected equipment RAM storer also cannot recover because of power down.
Obviously, those skilled in the art can carry out various change and modification to the electronic system information safety protection system and method that is suitable for of the present invention and not depart from thought of the present invention and scope.Like this, if these amendments of the present invention and modification belong within the scope of the claims in the present invention and equivalent technologies thereof, then the present invention is also intended to comprise these change and modification.
Claims (10)
1. an electronic system information safety protection system, is characterized in that, described protection system comprises: programmable key injection device, safety management extension set and at least one protected equipment; Wherein,
Described programmable key injection device is can plug equipment relative to described safety management extension set, and it comprises the nonvolatile memory depositing cryptographic key with plaintext version;
Described safety management extension set comprises: with the nonvolatile memory of the device keys of the described protected equipment of ciphertext form solidification, the equipment interface chip established a communications link with described protected equipment and volatile memory;
Described protected equipment comprises the nonvolatile memory depositing function program with ciphertext form;
Described cryptographic key is used for described device keys to be decrypted into plaintext version from ciphertext form, and the described device keys of plaintext version is used for described function program to be decrypted into plaintext version from ciphertext form.
2. protection system according to claim 1, is characterized in that, described safety management extension set also comprises:
Dsp processor, FPGA processor, equipment interface chip, control interface chip, power monitoring chip and backup battery; Wherein,
Described dsp processor couples mutually with the nonvolatile memory of described safety management extension set, volatile memory, FPGA processor, control interface chip and power monitoring chip respectively, completes the deciphering of described device keys and/or sells close;
Described FPGA processor also couples mutually with equipment interface chip, by described equipment interface chip and corresponding interface and described protected equipment mutual;
Described backup battery couples mutually with described power monitoring chip, starts erasing move when described protection system power down in good time.
3. protection system according to claim 1, is characterized in that, the nonvolatile memory of described protected equipment is also built-in with boot and the supervisory routine of plaintext version.
4. protection system according to claim 1, it is characterized in that, the nonvolatile memory in described programmable key injection device, described safety management extension set and described protected equipment is NandFLASH, NorFLASH, SD card, CF card, hard disk or general semiconductor storage medium;
Volatile memory in described safety management extension set is RAM, SDRAM, DDR or DSP internal RAM memory.
5. protection system according to claim 2, is characterized in that, the equipment interface that described safety management extension set is external and/or control interface are asynchronous serial port, synchronous serial interface, CAN or RapidIO bus.
6. based on an electronic system information safety protecting method for the protection system in claim 1-5 described in any one, it is characterized in that, described guard method comprises step:
Safety management extension set runs, completion system initial work;
Judge that whether cryptographic key is effective, if cryptographic key is invalid, then in programmable key injection device, read cryptographic key, re-use the device keys of cryptographic key to the ciphertext form in the nonvolatile memory of safety management extension set and be decrypted; If cryptographic key is effective, be then directly used for decryption device key;
After obtaining the plaintext of device keys, be stored in the volatile memory of safety management extension set;
Wait for that protected equipment is to safety management extension set application device keys, if equipment application is passed through, then issues the device keys of corresponding plaintext version to protected equipment.
7. guard method according to claim 6, is characterized in that, described guard method also comprises step:
When safety management extension set runs, if receive the close instruction of pin, then produce interruption, control the device keys of ciphertext form in the nonvolatile memory of safety management extension set erasing extension set, and wipe the device keys of plaintext version in the volatile memory of extension set;
Send the close instruction of pin to protected equipment simultaneously, require the function program of the function program of ciphertext form, the device keys of plaintext version and plaintext version in the protected equipment of erasing.
8. guard method according to claim 6, is characterized in that, described guard method also comprises step:
When safety management extension set runs, if monitor system power failure, then judge whether to start backup battery according to backup battery electricity;
If do not start backup battery, then directly start to perform erasing move; If startup backup battery, then start to carry out timing service time to backup battery, prescribe a time limit when exceeding and arranging, then start to perform erasing move;
Wherein, described erasing move is: the device keys of plaintext version in the device keys of ciphertext form and volatile memory in the nonvolatile memory of erasing safety management extension set; Wipe the function program of the function program of ciphertext form in protected equipment, the device keys of plaintext version and plaintext version simultaneously.
9. guard method according to claim 6, is characterized in that, described guard method also comprises step:
Complete after cryptographic key reads at safety management extension set and extract programmable key injection device, be stored in other position that general personnel cannot obtain.
10. guard method according to claim 6, is characterized in that, the algorithm that described deciphering uses comprises XOR, 3DES, Geff generator, MD5 or AES.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510555655.XA CN105184196B (en) | 2015-09-02 | 2015-09-02 | Electronic system information safety protection system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510555655.XA CN105184196B (en) | 2015-09-02 | 2015-09-02 | Electronic system information safety protection system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105184196A true CN105184196A (en) | 2015-12-23 |
| CN105184196B CN105184196B (en) | 2018-09-11 |
Family
ID=54906269
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510555655.XA Active CN105184196B (en) | 2015-09-02 | 2015-09-02 | Electronic system information safety protection system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105184196B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105930115A (en) * | 2016-04-25 | 2016-09-07 | 杭州旗捷科技有限公司 | Key data reduction consumable chip and stored data protection method |
| CN109492418A (en) * | 2018-11-22 | 2019-03-19 | 中国电子科技集团公司第五十八研究所 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
| CN110162317A (en) * | 2019-04-02 | 2019-08-23 | 苏州摩比信通智能系统有限公司 | A kind of single chip computer architecture and method improving single-chip microcontroller firmware upgrade safety |
| CN110166240A (en) * | 2019-06-25 | 2019-08-23 | 南方电网科学研究院有限责任公司 | A kind of Network Isolation password board |
| CN112231716A (en) * | 2019-07-15 | 2021-01-15 | 珠海艾派克微电子有限公司 | Data anti-theft device and anti-theft method |
| CN112256313A (en) * | 2020-10-14 | 2021-01-22 | 四川九洲空管科技有限责任公司 | Method and system for managing FPGA (field programmable Gate array) program remote upgrading system of secondary radar equipment |
| CN112541186A (en) * | 2020-12-21 | 2021-03-23 | 中国电子科技集团公司第三十研究所 | Password out-of-control resisting system and method based on motion state perception |
| CN116070292A (en) * | 2023-03-07 | 2023-05-05 | 苏州宏存芯捷科技有限公司 | SM4 encryption heterogeneous acceleration system based on FPGA |
| CN112256313B (en) * | 2020-10-14 | 2024-04-30 | 四川九洲空管科技有限责任公司 | Secondary radar equipment FPGA program remote upgrading system management method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101038568A (en) * | 2007-04-16 | 2007-09-19 | 丁万年 | Method and device for encrypting date of external computer hard disk. |
| WO2010126636A2 (en) * | 2009-01-20 | 2010-11-04 | Microsoft Corporation | Hardware encrypting storage device with physically separable key storage device |
| CN101094073B (en) * | 2006-06-22 | 2011-05-25 | 捷讯研究有限公司 | Two-factor content protection |
| CN102324006A (en) * | 2011-09-06 | 2012-01-18 | 四川九洲电器集团有限责任公司 | Processor program safety protection device and method |
| US8438401B2 (en) * | 2009-09-22 | 2013-05-07 | Raytheon BBN Technologies, Corp. | Device and method for securely storing data |
| CN104239820A (en) * | 2013-06-13 | 2014-12-24 | 普天信息技术研究院有限公司 | Secure storage device |
-
2015
- 2015-09-02 CN CN201510555655.XA patent/CN105184196B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101094073B (en) * | 2006-06-22 | 2011-05-25 | 捷讯研究有限公司 | Two-factor content protection |
| CN101038568A (en) * | 2007-04-16 | 2007-09-19 | 丁万年 | Method and device for encrypting date of external computer hard disk. |
| WO2010126636A2 (en) * | 2009-01-20 | 2010-11-04 | Microsoft Corporation | Hardware encrypting storage device with physically separable key storage device |
| US8438401B2 (en) * | 2009-09-22 | 2013-05-07 | Raytheon BBN Technologies, Corp. | Device and method for securely storing data |
| CN102324006A (en) * | 2011-09-06 | 2012-01-18 | 四川九洲电器集团有限责任公司 | Processor program safety protection device and method |
| CN104239820A (en) * | 2013-06-13 | 2014-12-24 | 普天信息技术研究院有限公司 | Secure storage device |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105930115B (en) * | 2016-04-25 | 2018-11-16 | 杭州旗捷科技有限公司 | A kind of critical data reduction consumable chip and storing data guard method |
| CN105930115A (en) * | 2016-04-25 | 2016-09-07 | 杭州旗捷科技有限公司 | Key data reduction consumable chip and stored data protection method |
| CN109492418A (en) * | 2018-11-22 | 2019-03-19 | 中国电子科技集团公司第五十八研究所 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
| CN110162317B (en) * | 2019-04-02 | 2022-11-18 | 苏州摩比信通智能系统有限公司 | Singlechip structure and method for improving upgrading safety of singlechip firmware |
| CN110162317A (en) * | 2019-04-02 | 2019-08-23 | 苏州摩比信通智能系统有限公司 | A kind of single chip computer architecture and method improving single-chip microcontroller firmware upgrade safety |
| CN110166240A (en) * | 2019-06-25 | 2019-08-23 | 南方电网科学研究院有限责任公司 | A kind of Network Isolation password board |
| CN110166240B (en) * | 2019-06-25 | 2024-05-03 | 南方电网科学研究院有限责任公司 | Network isolation password board card |
| CN112231716A (en) * | 2019-07-15 | 2021-01-15 | 珠海艾派克微电子有限公司 | Data anti-theft device and anti-theft method |
| CN112256313A (en) * | 2020-10-14 | 2021-01-22 | 四川九洲空管科技有限责任公司 | Method and system for managing FPGA (field programmable Gate array) program remote upgrading system of secondary radar equipment |
| CN112256313B (en) * | 2020-10-14 | 2024-04-30 | 四川九洲空管科技有限责任公司 | Secondary radar equipment FPGA program remote upgrading system management method and system |
| CN112541186A (en) * | 2020-12-21 | 2021-03-23 | 中国电子科技集团公司第三十研究所 | Password out-of-control resisting system and method based on motion state perception |
| CN116070292A (en) * | 2023-03-07 | 2023-05-05 | 苏州宏存芯捷科技有限公司 | SM4 encryption heterogeneous acceleration system based on FPGA |
| CN116070292B (en) * | 2023-03-07 | 2023-06-16 | 苏州宏存芯捷科技有限公司 | SM4 encryption heterogeneous acceleration system based on FPGA |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105184196B (en) | 2018-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105184196A (en) | Electronic system information security protection system and method | |
| CN102324006B (en) | Processor program safety protection device and method | |
| CN103761456B (en) | A kind of anti-method cracking of monolithic microcomputer kernel code | |
| CN103299310B (en) | Security module is protected to exempt from the apparatus and method distorting trial in equipment at the scene | |
| CN104573490A (en) | Method for protecting installed software on Android platform | |
| CN106503494A (en) | A kind of firmware protection location and guard method with flash memory microcontroller on piece | |
| US20130159725A1 (en) | Fpga apparatus and method for protecting bitstream | |
| CN106250760A (en) | A kind of U Boot based on TPM2.0 chip credible startup method | |
| CN114785503B (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
| CN105184181A (en) | File encryption method, file decryption method and file encryption device | |
| CN103198247A (en) | Computer safety protection method and computer safety protection system | |
| CN105631366A (en) | Encryption chip and encryption method therefor | |
| CN103745166A (en) | Method and device for inspecting file attribute value | |
| CN105827388A (en) | Method for cryptographically processing data | |
| CN104715208A (en) | Platform integrity checking method based on TPM chip | |
| RU2458389C2 (en) | Single-chip computer and tachograph | |
| CN102782695A (en) | Hardware device | |
| CN201917912U (en) | Monitoring and management system of USB (Universal Serial Bus) storage device | |
| CN103902922A (en) | Method and system for preventing file from being stolen | |
| CN105279106A (en) | Self-destructing electronic hard disk | |
| CN105046115A (en) | Method and apparatus for detecting tampering with software operation time | |
| CN101950345B (en) | Hardware decryption-based high-reliability terminal equipment and working method thereof | |
| CN104978302B (en) | A kind of intelligent and safe USB interface control method based on TCM chips | |
| CN103377327A (en) | PHP program protection method and system | |
| US9122504B2 (en) | Apparatus and method for encryption in virtualized environment using auxiliary medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |