CN106127059B - The realization of credible password module and method of servicing on a kind of ARM platform - Google Patents

The realization of credible password module and method of servicing on a kind of ARM platform Download PDF

Info

Publication number
CN106127059B
CN106127059B CN201610497918.0A CN201610497918A CN106127059B CN 106127059 B CN106127059 B CN 106127059B CN 201610497918 A CN201610497918 A CN 201610497918A CN 106127059 B CN106127059 B CN 106127059B
Authority
CN
China
Prior art keywords
tcme
cpu core
request
credible
service request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610497918.0A
Other languages
Chinese (zh)
Other versions
CN106127059A (en
Inventor
徐士伟
赵爽
余学俊
陈敏
陈敬东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Shipbuilding Industry Corp Seventh 0 Nine Institute
Original Assignee
China Shipbuilding Industry Corp Seventh 0 Nine Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Shipbuilding Industry Corp Seventh 0 Nine Institute filed Critical China Shipbuilding Industry Corp Seventh 0 Nine Institute
Priority to CN201610497918.0A priority Critical patent/CN106127059B/en
Publication of CN106127059A publication Critical patent/CN106127059A/en
Application granted granted Critical
Publication of CN106127059B publication Critical patent/CN106127059B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of realization of credible password module on ARM platform and method of servicing: first, it is received positioned at the credible efficient agency of common world and the trusted service request from application program is pre-processed, communication agent forwarding request is transferred to, the working condition of host CPU core is saved and switch;Then credible password module simulator TCME receives and parses through the request of forwarding, it is initialized according to the practical CPU core number of platform from CPU core, all TCME run on master-slave cpu core that request assignment to are handled with round robin, TCME provides the trusted service of standard according to single service request;It is supported finally, security password library provides cryptographic algorithm to TCME, and the root key encryption by being stored in Secure Boot ROM is protected;The invention has the advantages that handling trusted service request simultaneously by multicore, system trusted service efficiency is improved;By protecting security password library using the root key encryption of secure storage, the safety of cryptographic algorithm and key ensure that.

Description

The realization of credible password module and method of servicing on a kind of ARM platform
Technical field
The present invention relates to mobile message security fields, credible password module and efficiently is related generally on a kind of ARM platform The method of service.
Background technique
Currently, the mobile intelligent terminal with powerful processing capacity, more memory spaces and independent operating system is Development trend as mobile terminal.As the development of PC, the universal of mobile intelligent terminal is brought greatly While convenient, great security risk has also been brought.Due to the complexity with lesser size and local environment Property and uncertainty, the more complicated and caused loss of the safety problem ratio PC system faced are bigger.Therefore, make It is that user's one safe and reliable computing platform of building becomes extremely important with reliable computing technology.
Now, the mobile platform processor of mainstream has ARM, Intel and MIPS.Wherein, arm processor is by using simplifying Instruction set (RISC) and low-power consumption technique, are very suitable to the embedded device of limited storage space and power limited, therefore at ARM Reason device is widely used to the various products such as Industry Control, consumer electronics product, communication system, network system, wireless system Market.ARM company releases TrustZone technology to guarantee the system and data safety of ARM platform, ARM TrustZone technology It is substantially a kind of virtualization technology, it is safe and non-by the way that processor state to be divided into dependent on the function that arm processor provides Two kinds of operating modes of safety, and cooperate the security attribute on other buses and peripheral hardware to realize throughout entire hardware system Safety.
Each physics arm processor core provides two class virtual cores, and one kind is non-safe kernel (Non-Secure), another kind of to be Safe kernel (Secure).Non-security core operates under common world, and safe kernel operates under safe space.Both of which and two classes Virtual core is all integrated in a physical core, needs to be that the same physical core is empty in both of which and two classes according to different Simply switch in nucleoid.The software of common world can be used SMC (Secure Monitor Call) instruction or pass through hardware The a subset of abnormal mechanism enters Monitor mode, so that arm processor to be switched to the mode and fortune of safe space The shielded security software of row.Monitor mode main task is contextual information when saving CPU operation, so as to from safety CPU and OS can be worked normally when space returns to common world.
On the other hand, 2003, the Trusted Computing Group participated in by companies such as Intel, Compaq, HP, IBM and Microsofts (Trusted Computing Group, TCG) is set up, and is proposed by increasing credible platform module in computing platform (Trusted Platform Module, TPM) and mobile trusted module (Mobile Trusted Module, MTM) are for protecting Shield tradition and mobile computing environment.
Trust computing group, Beijing Jiaotong University propose based on EFI (Extensible Firmware Interface) and The Portable TPM scheme of USB interface, reduces the degree of coupling of traditional LPC interface TPM and computing platform, so that TPM has Hot plug and the characteristic for inserting i.e. service.
A kind of mobile device-based trusted module implementation method that the Institute of Software, Chinese Academy of Science proposes.Pass through software The function of trusted module is simulated, primary clustering includes trusted service process, trusted module library and cryptographic libraries.Main trusted function exists It is realized in the safer world of TrustZone technical support, needs to cut when positioned at the application call trusted service of common world The working condition of arm processor and mobile computing platform is changed, single trusted service expense is larger.
As mobile device is towards multi-core processor fast development, mobile computing mode is towards multi-core parallel concurrent calculating Direction transformation.Different from server or desktop edition system, mobile computing platform has the current process resource allocation of user Sizable inclination.So the often current resource that can occupy CPU completely using process of user, if user is when advancing Journey can only utilize one of CPU core of multicore computing platform, then the efficiency of program will not know where to begin.
In conclusion existing mobile computing platform constructs trusted module by way of increasing hardware or software simulation, The problem of not fully considering the computing resource and hardware platform scalability being limited under mobile computing environment, is not able to satisfy movement Demand of the equipment to easy extension and efficient trusted service.
Summary of the invention
For overcome the deficiencies in the prior art, the present invention is based on the TrustZone technology that arm processor provides, one is provided The method that kind realizes credible password module and High-effective Service in safer world in such a way that software is simulated, on the one hand using more The method of core parallel computation improves the efficiency that the trusted module of software simulation services on the mobile apparatus, on the other hand passes through utilization It is stored in the security password library of the root key encryption protection trusted module in Secure Boot ROM, guarantees cryptographic algorithm and close The safety of key.
Used technical solution is the present invention to solve above-mentioned technical problem:
Firstly, by it is credible it is efficient agency (Trusted Efficient Agent, TEA) receive from application program can Telecommunications services request, to module status read operation, Hash, signature and the sign test, symmetrical and asymmetric for being appropriate for Parallel Service Encryption and decryption Password Operations are packaged and the session number and special command number of distributing uniform, to other unsuitable carry out Parallel Services Operation (including: module status write operation, key generates and management operation) then direct distribution session number and command number.TEA It calls communication agent (Communication Monitor, CM), forwards these trusted service request packets, save and switch main place Manage CPU core and platform working condition.
Then, trusted service request is transmitted to the credible password module simulator run on main process task CPU core by CM (Trusted Cryptography Module Emulator, TCME), TCME unseals trusted service request packet, and root According to the actual CPU core number initialization of ARM platform from CPU core, in a manner of Cycle arranging, the request of all trusted services is transferred to lead The TCME run from CPU core is handled, and returns to behaviour's result by command parameter and return value.
Finally, TCME receive by CM forwarding or itself distribution trusted service request after, by be located at safe generation The safe OS on boundary reads the root key RK being located in Secure Boot ROM, and security password library SCL is decrypted, by SCL The cryptographic algorithm for meeting national commercial cipher algorithm standard rules is provided to TCME and key is generated and supported.Support based on SCL, TCME The operation of module management, identity and verifying, the data protection and measurement report of offer standard.
Method provided by the invention has major advantage below compared with existing other technologies: compared to hard-wired Trusted module does not depend on particular hardware platform by the trusted module of software simulated implementation, has stronger scalability;Pass through The method calculated using multi-core parallel concurrent is reduced at ARM using the request of arm processor master-slave cpu core parallel processing trusted service The number for managing device and the switching of entire platform status, improves the efficiency of whole trusted service;Secure is stored in by utilizing The security password library of root key encryption protection trusted module in Boot ROM, ensure that the safety of cryptographic algorithm and key.
Detailed description of the invention
Fig. 1: the implementation method of credible password module, composition and relational graph in mobile device
Fig. 2: the credible data preprocessing method efficiently acted on behalf of
Fig. 3: the method that master-slave cpu core starts and runs parallel
Fig. 4: the protection of security password library and TCME provide the method for trusted service in master-slave cpu
Specific embodiment
The present invention is based on the TrustZone technologies of arm processor, provide a kind of interior by software simulation at " safer world " The mode method of realizing credible password module and High-effective Service, received as shown in Figure 1: by the credible TEA that efficiently acts on behalf of from answering It is requested with the trusted service of program, carries out pretreatment to these requests and formed to be capable of the trusted service of multi-core parallel concurrent or monokaryon processing Request packet, TEA call communication agent CM and trusted service request packet are passed to CM;CM save and switch main process task CPU core and Trusted service request is transmitted to credible password module simulator TCME by entire working platform state, and TCME is according to request type Module management, identity and verifying, the multi-core parallel concurrent of data protection and measurement report or monokaryon is carried out to handle;Finally, by pacifying Full cryptographic libraries SCL is provided to TCME using the cryptographic algorithm for meeting national commercial cipher algorithm standard rules, and by being stored in The code of root key RK encipherment protection SCL in Secure Boot ROM and the key of generation.
In conjunction with Fig. 1, Fig. 2, Fig. 3 and Fig. 4, the tool of the High-effective Service of credible password module in mobile device proposed by the present invention Body implementation method are as follows:
The realization of credible password module and method of servicing, detailed process are as follows on a kind of ARM platform:
(1) the credible TEA that efficiently acts on behalf of receives the trusted service request from application program, pre-processes to these requests Formed can multi-core parallel concurrent or monokaryon processing trusted service request packet, TEA call communication agent CM simultaneously trusted service is requested Packet passes to CM.
In this step, specific implementation can be divided into following details:
(1.1) the credible TEA that efficiently acts on behalf of receives the trusted service request from application program, and trusted service request includes: Order tri- parts ID, command parameter Operation and return value Ret;
(1.2) the credible TEA that efficiently acts on behalf of classifies to trusted service request, according to order ID for being suitble to parallel place The service request (including: module status read operation, hashing operation, signature and sign test operation, the operation of symmetrical encryption and decryption) of reason, into The unified encapsulation of row, for the session number Session_0 and special command ID_0 of the request distributing uniform of encapsulation, and by sharing Memory transmits the parameter in addition to Session_0 and ID_0;
It (1.3) (include: module status write operation, key generates and management for the service request for being suitble to single processing Operation), then classification by function is trusted service request distribution session number;
(1.4) it is credible efficiently act on behalf of TEA will by pretreated trusted service request will be to communication agent CM.
(2) CM saves and switches host CPU core and entire working platform state, and trusted service request is transmitted to host CPU core. Host CPU core is handled trusted service request packet by running credible password module simulator TCME.
If TCME received is the trusted service request encapsulated data packet for being suitble to parallel processing, practical according to ARM platform CPU core number initialize from CPU core, in a manner of Cycle arranging, by all trusted services request transfer to run on master-slave cpu core TCME handled, and behaviour's result is returned to by command parameter and return value.
In this step, specific implementation can be divided into following details:
(2.1) communication agent CM saves and switches host CPU core and entire working platform state, will pass through pretreated credible Service request is transmitted to host CPU core, if received is the trusted service request encapsulated data packet for being suitble to parallel processing, by leading CPU core requests encapsulated data packet to carry out deblocking processing trusted service by operation credible password module simulator TCME;
(2.2) credible password module simulator TCME is Session_0 to session number, and command number is that the packed of ID_0 can Telecommunications services request is unsealed, and restores the order Id, command parameter Operation and return value Ret of each item request, and be every Request adds unified session number Session_0;To other non-encapsulated common trusted services requests without deblocking, directly by Host CPU core runs TCME and carries out trusted service according to request, and detailed process is referring to step (3);
(2.3) step (2.4) are carried out if selected ARM platform is monokaryon or double-core platform;Otherwise practical according to ARM platform CPU core number num, the slave CPU core for being num/2-1 by the host CPU core initialization quantity in safer world, by these from CPU Core is set as safer world mode, and runs TCM simulator TCME, carries out step (2.5);
(2.4) it if selected ARM platform is monokaryon or double-core platform, is run by the host CPU core in safer world credible Crypto module simulator TCME, and the processing of all trusted service requests is completed, pass through command parameter Operation and return value Ret returns to operating result;
(2.5) if selected ARM platform is not monokaryon or double-core platform, the host CPU core in safer world is to rotate point The request of all trusted services is transferred to the TCME of host CPU core operation or transfers to run from CPU core by CM forwarding by the mode matched TCME handled, and operating result is returned to by command parameter Operation and return value Ret.
(3) if TCME receives the single trusted service request by CM forwarding or itself distribution, by being located at safer world Safe OS read the root key RK being located in Secure Boot ROM, and security password library SCL is decrypted, from SCL to TCME provides the cryptographic algorithm for meeting national commercial cipher algorithm standard rules and key is generated and supported.Support based on SCL, TCME are mentioned For the module management of standard, identity and verifying, the operation of data protection and measurement report.
In this step, specific implementation can be divided into following details:
(3.1) TCME is located at safer world when receiving the single trusted service request of CM forwarding or itself distribution Safe OS read the root key RK being located in Secure Boot ROM, and security password library SCL is decrypted, obtains branch It holds the cryptographic algorithm of SCL and generates the plaintext of key;
(3.2) credible password module simulator TCME is requested according to single trusted service, provides module management, the body of standard The operation that part mark is reported with verifying, data protection and measurement
(3.3) it when there is password related needs, is used from security password library SCL to TCME offer and meets national commercial cipher The cryptographic algorithm of algorithm standard rules, i.e. SM2, SM3 and SM4 algorithm, the key for providing SM2 and SM4 algorithm generates and storage service, with And the key generated by TCME standard operation.
The part not illustrated in specification is the prior art or common knowledge.The present embodiment is merely to illustrate the invention, Rather than limit the scope of the invention, the modifications such as equivalent replacement that those skilled in the art make the present invention are considered It falls into invention claims institute protection scope.

Claims (5)

1. the realization of credible password module and method of servicing on a kind of ARM platform, it is characterised in that: detailed process such as:
Step 1, it is received and by the credible TEA that efficiently acts on behalf of for being located at " common world " to the trusted service request from application program It is pre-processed, transfers to communication agent CM forwarding request, save host CPU core working condition;
Step 1 detailed process is as follows:
Step 101, the credible TEA that efficiently acts on behalf of receives the trusted service request from application program, and trusted service request includes: life Enable tri- parts ID, command parameter Operation and return value Ret;
Step 102, the credible TEA that efficiently acts on behalf of classifies to trusted service request, according to order ID for being suitble to parallel processing Service request, unified encapsulation is carried out, for the session number Session_0 and special command number of the request distributing uniform of encapsulation ID_0, and the parameter in addition to Session_0 and ID_0 is transmitted by shared drive;
Step 103, for the service request for being suitble to single to handle, then classification by function is trusted service request distribution session Number;Step 104, it is credible efficiently act on behalf of TEA will by pretreated trusted service request will be to communication agent CM;
Step 2, the credible password module simulator TCME run on host CPU core receives and parses through the request of forwarding, according to platform Practical CPU core number initialization is handled all TCME run on master-slave cpu core that request assignment to round robin from CPU core;
Step 3, the TCME run on CPU core receive by CM forwarding or itself distribution single trusted service request it Afterwards, the root key RK being located in Secure Boot ROM is read by the safe OS for being located at " safer world ", and to security password library SCL is decrypted, and the cryptographic algorithm for meeting national commercial cipher standard is provided from SCL to TCME and key is generated and supported;It is based on The support of SCL, TCME provide the trusted service of module management, identity and the verifying of standard, data protection and measurement report.
2. the realization of credible password module and method of servicing, feature exist on a kind of ARM platform according to claim 1 In: step 2 detailed process is as follows:
Step 201, communication agent CM saves and switches host CPU core and entire working platform state, will pass through pretreated credible Service request is transmitted to host CPU core, if received is the trusted service request encapsulated data packet for being suitble to parallel processing, by leading CPU core carries out deblocking processing to trusted service request by operation credible password module simulator TCME;
Step 202, credible password module simulator TCME is Session_0 to session number, and command number is that the packed of ID_0 can Telecommunications services request is unsealed, and restores the order Id, command parameter Operation and return value Ret of each item request, and be every Request adds unified session number Session_0;To other non-encapsulated common trusted services requests without deblocking, directly by Host CPU core runs TCME and carries out trusted service according to request;
Step 203, step 204 is carried out if selected ARM platform is monokaryon or double-core platform;Otherwise actual according to ARM platform CPU core number num, the slave CPU core for being num/2-1 by the host CPU core initialization quantity in " safer world ", by these from CPU Core is set as " safer world " mode, and runs credible password module simulator TCME, carries out step 205;
Step 204, it if selected ARM platform is monokaryon or double-core platform, is run by the host CPU core in " safer world " credible Crypto module simulator TCME, and the processing of all trusted service requests is completed, pass through command parameter Operation and return value Ret returns to operating result;Step 205, if selected ARM platform is not monokaryon or double-core platform, it is in the master of " safer world " CPU core transfers to the TCME of host CPU core operation or forwards by CM to hand in a manner of Cycle arranging, by the request of all trusted services It is handled by the TCME run from CPU core, and operating result is returned to by command parameter Operation and return value Ret.
3. the realization of credible password module and method of servicing, feature exist on a kind of ARM platform according to claim 2 In: the detailed process of the step 3 is as follows:
Step 301, TCME is located at " safer world " when receiving the single trusted service request of CM forwarding or itself distribution Safe OS read the root key RK being located in Secure Boot ROM, and security password library SCL is decrypted, obtains branch It holds the cryptographic algorithm of security password library SCL and generates the plaintext of key;
Step 302, credible password module simulator TCME is requested according to single trusted service, provides module management, the body of standard The operation that part mark is reported with verifying, data protection and measurement;
Step 303, it when there is password related needs, is used from security password library SCL to TCME offer and meets national commercial cipher The cryptographic algorithm of algorithm standard rules, i.e. SM2, SM3 and SM4 algorithm, the key for providing SM2 and SM4 algorithm generates and storage service, with And the key generated by TCME standard operation.
4. the realization of credible password module and method of servicing, feature exist on a kind of ARM platform according to claim 1 In: the service request of suitable parallel processing described in step 102 include module status read operation, hashing operation, signature and Sign test operation, the operation of symmetrical encryption and decryption.
5. the realization of credible password module and method of servicing, feature exist on a kind of ARM platform according to claim 1 In: the service request of suitable single processing described in step 103 includes module status write operation, key generates and management behaviour Make.
CN201610497918.0A 2016-06-30 2016-06-30 The realization of credible password module and method of servicing on a kind of ARM platform Active CN106127059B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610497918.0A CN106127059B (en) 2016-06-30 2016-06-30 The realization of credible password module and method of servicing on a kind of ARM platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610497918.0A CN106127059B (en) 2016-06-30 2016-06-30 The realization of credible password module and method of servicing on a kind of ARM platform

Publications (2)

Publication Number Publication Date
CN106127059A CN106127059A (en) 2016-11-16
CN106127059B true CN106127059B (en) 2019-03-29

Family

ID=57285449

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610497918.0A Active CN106127059B (en) 2016-06-30 2016-06-30 The realization of credible password module and method of servicing on a kind of ARM platform

Country Status (1)

Country Link
CN (1) CN106127059B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107577953B (en) * 2017-10-19 2020-02-21 郑州云海信息技术有限公司 System and method for simulating trusted cryptographic module based on CUSE
CN110868416A (en) * 2019-11-15 2020-03-06 北京握奇智能科技有限公司 Method and equipment for realizing cryptographic function service based on trusted execution environment
CN111177773B (en) * 2019-12-10 2022-09-13 中国电子科技网络信息安全有限公司 Full disk encryption and decryption method and system based on network card ROM
EP4155951A4 (en) * 2020-05-19 2023-07-12 Mitsubishi Electric Corporation Apparatus, network apparatus, and command execution method
CN114047948B (en) * 2021-11-08 2022-09-16 可信计算科技(无锡)有限公司 Reconfigurable trusted cryptographic module simulator, implementation method and simulation reconstruction method
CN115618328B (en) * 2022-12-16 2023-06-13 飞腾信息技术有限公司 Security architecture system, security management method, computing device, and readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102844762A (en) * 2010-01-22 2012-12-26 意法爱立信有限公司 Secure environment management during switches between different modes of multicore systems
CN103150514A (en) * 2013-03-07 2013-06-12 中国科学院软件研究所 Mobile equipment-based credible module and credible service method thereof
CN104657115A (en) * 2015-03-12 2015-05-27 浪潮集团有限公司 Multi-core concurrent load implementation method for cluster file system client

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008017001A2 (en) * 2006-08-02 2008-02-07 Moka5, Inc. Sharing live appliances

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102844762A (en) * 2010-01-22 2012-12-26 意法爱立信有限公司 Secure environment management during switches between different modes of multicore systems
CN103150514A (en) * 2013-03-07 2013-06-12 中国科学院软件研究所 Mobile equipment-based credible module and credible service method thereof
CN104657115A (en) * 2015-03-12 2015-05-27 浪潮集团有限公司 Multi-core concurrent load implementation method for cluster file system client

Also Published As

Publication number Publication date
CN106127059A (en) 2016-11-16

Similar Documents

Publication Publication Date Title
CN106127059B (en) The realization of credible password module and method of servicing on a kind of ARM platform
US11943340B2 (en) Process-to-process secure data movement in network functions virtualization infrastructures
CN102609298B (en) Based on network interface card virtualization system and the method thereof of hardware queue expansion
EP3314520A1 (en) Technologies for virtualized access to security services provided by a converged manageability and security engine
US11836262B2 (en) Protection of communications between trusted execution environment and hardware accelerator utilizing enhanced end-to-end encryption and inter-context security
CN106326751B (en) One kind can channel system and its implementation
CN114266035B (en) High-performance password card and configuration method
CN109614204A (en) Memory insulation blocking method, isolation check hardware, SOC chip and storage medium
CN112035900B (en) High-performance password card and communication method thereof
Feng et al. TEEM: A user-oriented trusted mobile device for multi-platform security applications
CN116418522A (en) Cloud server crypto-engine system based on virtualization technology
CN106874065A (en) A kind of system for supporting hardware virtualization
CN104834874A (en) Establishing physical locality between secure execution environments
Wang et al. SEGIVE: A practical framework of secure GPU execution in virtualization environment
WO2023041025A1 (en) Cloud-technology-based computing node and cloud-technology-based instance management method
CN114844693B (en) Lightweight communication data encryption method, device, equipment and storage medium
CN100517290C (en) Method for realizing universal series bus key compound equipment
CN208819194U (en) A kind of encryption apparatus and match electricity consumption cryptographic system
CN209570939U (en) A kind of quantum cryptography USBkey
CN215378951U (en) Portable VPN device and remote access system
US20240143363A1 (en) Virtual machine tunneling mechanism
Gao et al. The research and design of embed RSA encryption algorithm network encryption card driver
US20220116403A1 (en) Telemetry restriction mechanism
WO2023041037A1 (en) Cloud-technology-based computing node and cloud-technology-based instance management method
CN114238206A (en) Internet of things system on chip and working method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant