CN108073351B

CN108073351B - Data storage method of nonvolatile storage space in chip and credible chip

Info

Publication number: CN108073351B
Application number: CN201610998449.0A
Authority: CN
Inventors: 付颖芳
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2016-11-11
Filing date: 2016-11-11
Publication date: 2021-06-15
Anticipated expiration: 2036-11-11
Also published as: CN108073351A; TW201818258A; WO2018086469A1

Abstract

The invention discloses a data storage method of a nonvolatile storage space in a chip and a credible chip. Wherein, the method comprises the following steps: creating a non-volatile storage space in a chip, wherein the attributes of the non-volatile storage space at least comprise: the parameter is used for representing the storage of owner data in the nonvolatile storage space, and the storage address range of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed. The method and the device solve the technical problem that when the original data are read from the nonvolatile space of the credible security chip in the prior art, the accuracy of the read original data is poor.

Description

Data storage method of nonvolatile storage space in chip and credible chip

Technical Field

The invention relates to the field of data storage, in particular to a data storage method of a nonvolatile storage space in a chip and a credible chip.

Background

A user may create a non-volatile space in the trusted security chip, and may assign the attributes shown in table 1 to the non-volatile space:

TABLE 1

Fig. 1 shows an interaction diagram of a user acquiring nonvolatile spatial data according to the prior art, as shown in fig. 1, specifically including the following steps:

(1) the owner C initiates a request for accessing the nonvolatile space to the trusted chip T;

(2) the trusted chip T responds to the request of the owner C and requires the owner to feed back a password, a nonvolatile space number and data length;

(3) the owner C returns a password, a nonvolatile space number to be accessed and a nonvolatile data length to the trusted chip T;

(4) the credible chip T verifies the correctness of the password and the nonvolatile space index number, and whether the data length L of the nonvolatile space meets the following formula:

L≤|Last_adress-First_adress| (1)

in the above formula, First _ addresses represents the initial physical address of the nonvolatile space, and Last _ addresses represents the Last physical address of the nonvolatile space.

If the password and the nonvolatile space number are correct, the length L of the acquired data also meets the formula (1), the trusted chip returns the data to be accessed by the owner C, and the process is ended. Otherwise, the flow is terminated directly.

The existing international TCG standard security chip standardizes the fixed size and access authorization of a nonvolatile space of a trusted security chip, and the state identification data in the standard is defaulted to 0 and is easily confused with owner data 0, so that when a user acquires data, part of the acquired data may be the state identification data 0 instead of the data 0 really stored by the user. For example, owner C applies for a 6-byte nonvolatile space that stores 4 bytes of data, as shown in table 2: the owner space number is 1, the owner name is C, the size of the nonvolatile space corresponding to the owner space number is 6 bytes, that is, the data length can be 6 bytes at the maximum, the corresponding physical addresses are FFFFF0 to FFFFF6, 4 bytes are stored in the physical addresses, the owner writes data as "1101", the TCG standard defaults to 00 of two bytes in which data is not written, that is, the owner data is 110100 (the bold italic numbers indicate status data, the bold non-bold numbers indicate owner data, such as the owner data shown in table 1).

TABLE 2

Nv_index	User_name	Password	Nv_Size	Nv_F&L_adress	Data
						1	C	****	6	FFFFF0～FFFFF6	110100

When the stored data is long and changes frequently, the owner C may not remember how long it has stored and what data it has stored, for example, when the owner C and the owner obtain the data length 5 to the user, and in response to the information that the trusted chip requires to be fed back: the user inputs the correct password, the number of the Nv index is 1, and after the trusted chip receives the information, the correctness of the password and the number of the Nv index is verified, the length of the password and the length of the Nv index are also verified to be 5<6 and is within the allowable range, so that the data length of the password and the Nv index is 11010, the original data of the owner C is changed from 1101 to 11010, and data errors are caused.

Aiming at the technical problem that the accuracy of the read original data is poor when the original data is read from the nonvolatile space of the credible security chip in the prior art, an effective solution is not provided at present.

Disclosure of Invention

The embodiment of the invention provides a data storage method of a nonvolatile storage space in a chip and a credible chip, which at least solve the technical problem that the accuracy of read original data is poor when the original data is read from the nonvolatile space of the credible security chip in the prior art.

According to an aspect of the embodiments of the present invention, there is provided a data storage method of a non-volatile storage space in a chip, including: creating a non-volatile storage space in a chip, wherein the attributes of the non-volatile storage space at least comprise: the parameter is used for representing the storage of owner data in the nonvolatile storage space, and the storage address range of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

According to another aspect of the embodiments of the present invention, there is also provided a method of acquiring data stored in a chip, including: receiving an access request for accessing a non-volatile memory space of a chip; responding to the access request to obtain verification information and the data length required to be requested; under the condition that the verification information passes, judging whether the data length required to be requested is within the storage address range of owner data preset in the nonvolatile storage space; if the data length required to be requested is within the range of the storage address of the owner data, allowing the content of the owner data to be returned; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

According to another aspect of the embodiments of the present invention, there is also provided a trusted chip, including: a memory comprising a non-volatile storage space, wherein attributes of the non-volatile storage space include at least: the parameter is used for representing the storage of owner data in the nonvolatile storage space, and the storage address range of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

According to another aspect of the embodiments of the present invention, there is also provided a system for acquiring data stored in a chip, including: the access device end is used for sending an access request for accessing the nonvolatile storage space of the chip; the trusted chip is communicated with the access equipment end and used for responding to the access request and acquiring verification information returned by the access equipment end and the data length required to be requested, and under the condition that the verification information passes, if the data length required to be requested is within the range of the storage address of the owner data, the content of the owner data is allowed to be returned; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

According to another aspect of the embodiments of the present invention, there is also provided an apparatus for acquiring data stored in a chip, including: the receiving module is used for receiving an access request for accessing the nonvolatile storage space of the chip; the response module is used for responding to the access request to obtain the verification information and the data length required to be requested; the judging module is used for judging whether the data length required to be requested is within the storage address range of owner data preset in the nonvolatile storage space or not under the condition that the verification information passes; the control module is used for allowing the content of the owner data to be returned if the length of the data needing to be requested is within the range of the storage address of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

In the embodiment of the invention, a mode of limiting the storage address range of the owner data is adopted, the owner data is written into the nonvolatile storage space after the nonvolatile storage space is created in the chip, the storage address range of the owner data is determined according to the size of the owner data, and the data required to be acquired by the owner is returned according to the size of the owner data and the storage address range of the owner data, so that the aim of accurately acquiring the owner data is fulfilled, the technical effect of ensuring the correctness of acquiring the original data by the owner is realized, and the technical problem of poor accuracy of the read original data when the original data is read from the nonvolatile space of the credible security chip in the prior art is solved.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:

FIG. 1 is a schematic diagram of a user interaction in acquiring non-volatile spatial data according to the prior art;

FIG. 2 is a block diagram of an alternative hardware configuration of a computer terminal according to an embodiment of the present invention;

FIG. 3 is a flowchart of a method for storing data in a non-volatile memory space of a chip according to an embodiment of the present invention;

FIG. 4 is a flow chart of an alternative method for storing data in non-volatile memory space on a chip according to an embodiment of the present invention;

FIG. 5 is a flowchart of an alternative method of accessing owner data of a non-volatile memory space in accordance with an embodiment of the present invention;

FIG. 6 is a block diagram of an alternative TCG trust chain in accordance with an embodiment of the present invention;

FIG. 7 is a flow diagram of a method of retrieving data stored in a chip according to an embodiment of the invention;

FIG. 8 is a schematic diagram of a trusted chip according to an embodiment of the present invention;

FIG. 9 is a schematic diagram of a system for retrieving data stored in a chip according to an embodiment of the present invention;

FIG. 10 is a block diagram of an apparatus for retrieving data stored in a chip according to an embodiment of the present invention; and

fig. 11 is a block diagram of an alternative computer terminal according to an embodiment of the present invention.

Detailed Description

In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

First, some terms or terms appearing in the description of the embodiments of the present application are applicable to the following explanations:

as a storage technology, Non-volatile memory (Nv) is used to ensure that data stored in a device is not lost when the device is powered down, and is often used to protect data that is very sensitive to a user.

Owner data refers to data stored in the storage device by a user, wherein the owner refers to a main body for operating the data.

Trusted means that an entity always operates in a predictable manner for a particular target.

Trusted computing (Trusted computing) is a Trusted computing platform based on hardware security module support widely used in computing and communication systems, and the use of the Trusted computing platform can improve the security of the whole system. The core mechanism is to construct a trusted computing environment through a trust chain mechanism.

The trusted security chip is a chip with the function of generating encryption and decryption keys, can also perform high-speed data encryption and decryption, and serves as an auxiliary processor for protecting a basic input and output system and an operating system from being modified.

Example 1

According to the embodiment of the invention, the embodiment of the method for storing the data of the nonvolatile storage space in the chip is also provided.

The method provided by the embodiment 1 of the present application can be executed in a mobile terminal, a computer terminal or a similar computing device. Fig. 2 shows a hardware configuration block diagram of a computer terminal (or mobile device) for implementing a data storage method of a non-volatile memory space in a chip. As shown in fig. 2, the computer terminal 10 (or mobile device 10) may include one or more (shown as 102a, 102b, … …, 102 n) processors 102 (the processors 102 may include, but are not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA, etc.), a memory 104 for storing data, and a transmission module 4 for communication functions. Besides, the method can also comprise the following steps: a display, an input/output interface (I/O interface), a Universal Serial Bus (USB) port (which may be included as one of the ports of the I/O interface), a network interface, a power source, and/or a camera. It will be understood by those skilled in the art that the structure shown in fig. 2 is only an illustration and is not intended to limit the structure of the electronic device. For example, the computer terminal 10 may also include more or fewer components than shown in FIG. 2, or have a different configuration than shown in FIG. 2.

It should be noted that the one or more processors 102 and/or other data processing circuitry described above may be referred to generally herein as "data processing circuitry". The data processing circuitry may be embodied in whole or in part in software, hardware, firmware, or any combination thereof. Further, the data processing circuit may be a single stand-alone processing module, or incorporated in whole or in part into any of the other elements in the computer terminal 10 (or mobile device). As referred to in the embodiments of the application, the data processing circuit acts as a processor control (e.g. selection of a variable resistance termination path connected to the interface).

The memory 104 may be used to store software programs and modules of application software, such as program instructions/data storage devices corresponding to the data storage method of the non-volatile storage space in the chip in the embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the software programs and modules stored in the memory 104, that is, implements the vulnerability detection method of the application program. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the computer terminal 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

It should be noted here that in some alternative embodiments, the computer device (or mobile device) shown in fig. 2 described above may include hardware elements (including circuitry), software elements (including computer code stored on a computer-readable medium), or a combination of both hardware and software elements. It should be noted that fig. 2 is only one example of a particular specific example and is intended to illustrate the types of components that may be present in the computer device (or mobile device) described above.

Under the operating environment, the application provides a data storage method of a nonvolatile storage space in a chip as shown in fig. 3. Fig. 3 is a flowchart of a data storage method of a non-volatile memory space in a chip according to embodiment 1 of the present invention, including the following steps:

step S302, a nonvolatile storage space is created in the chip, wherein the attribute of the nonvolatile storage space at least comprises: the parameter is used for representing the storage of owner data in the nonvolatile storage space, and the storage address range of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

In the technical solution defined in the step S302, the storage mode of the nonvolatile storage space may adopt a big-end mode and a small-end mode, where the big-end mode refers to that the high bytes of the data are stored in the low address of the memory, and the low bytes of the data are stored in the high address of the memory; the small-end mode means that the high byte of data is stored in the high address of the memory, and the low byte of data is stored in the internal low address, the storage mode can effectively combine the high and low of the address and the bit weight of the data, the weight of the data in the high address part is high, and the weight of the data in the low address part is low.

It should be noted that, one of the attributes of the nonvolatile storage space is data stored in the nonvolatile storage space by the user, for example, if the data stored by the user is "1101", the data is the owner data stored in the nonvolatile storage space; another attribute of the non-volatile memory space is that the length of the memory address range of the owner data is the maximum data length that allows the user to read the non-volatile memory space, for example, the memory address range of the owner data is: FFFFF 0-FFFFF 6 allows the maximum data length of a user to request data from the chip to be 7. In addition, the nonvolatile storage space is created in the chip, so that the data stored in the chip can not be lost when the equipment is powered off, and the nonvolatile storage space can be used for storing more important data.

Based on the scheme disclosed in step S302 of the foregoing embodiment, it can be known that a nonvolatile storage space is created in the chip, and it can be ensured that data stored in the chip by a user is not lost when the device is powered off, thereby improving the security of data storage.

Optionally, the attribute of the non-volatile storage space further includes at least one of: space number, space owner name, space authorization password, space size and space physical address range.

In an alternative embodiment, table 3 is an attribute table of a non-volatile memory space into which owner data has been written, as shown in table 3.

TABLE 3

In table 3, the space number of the owner is 1, the space owner name is C, the size of the owner space with the owner space number 1 is 6 bytes, that is, the data length can be 6 bytes at the maximum, the corresponding space physical address ranges are fffffff 0 to fffffff 6, 4 bytes are stored in the physical addresses, the storage address ranges are fffffff 1 to FFFFF4, and the written owner data is "1101".

Optionally, fig. 4 is a schematic flowchart illustrating a data storage method of a non-volatile memory space in a chip after the non-volatile memory space is created in the chip, and as shown in fig. 4, the method further includes the following steps:

step S304 writes the owner data into the nonvolatile memory space, and determines the memory address range of the owner data according to the size of the owner data, wherein the memory address range is determined by the initial memory address and the end memory address of the data block of the owner data.

In an alternative embodiment, when the storage mode of the owner data is the small-end mode, assuming that the size of the owner data is L, the initial storage address of the data block of the owner data, that is, the memory address where the low byte of the owner data is located is Min _ address, and the last storage address of the data block of the owner data, that is, the memory address where the high byte of the owner data is located is Max _ address, L, Min _ address and Max _ address satisfy the following equation:

L≤|Max_adress-Min_adress| (2)

therefore, the last address Max _ address of the owner data and the storage address range of the owner data can be determined from the size L of the owner data and the initial storage address Min _ address of the owner data. For example, if the owner data written in the nonvolatile memory space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is 4 bytes, and if the initial storage address of the owner data at this time is fffffff 1, the end address of the owner data is fffffffff 4, and the storage address ranges of the data blocks of the owner data are fffffffff 1 to fff 4.

Optionally, fig. 5 is a flowchart illustrating a method for accessing owner data of a non-volatile memory space after writing the owner data into the non-volatile memory space and determining a storage address range of the owner data according to the size of the owner data, where as shown in fig. 5, the method includes the following steps:

step S502, receiving an access request for accessing the nonvolatile storage space;

step S504, respond to and visit the request, receive the data length that authentication information and need request;

step S506, under the condition that the verification information passes, judging whether the data length required to be requested is within the storage address range of the owner data;

in step S508, if the data length required to be requested is within the range of the storage address of the owner data, the content of the owner data is allowed to be returned.

As an optional embodiment, the access device side initiates a request for accessing the nonvolatile space to the trusted chip, and after receiving the nonvolatile space request sent by the access device side, the trusted chip responds to the request of the access device side and requires the access device side to feed back verification information and length information of the owner data; the access device side sends verification information and length information of owner data to the trusted chip, for example, the length of the accessed owner data is 4 bytes; the trusted chip verifies whether the verification information returned by the access device side meets the requirement, and under the condition that the verification information meets the requirement, whether the data length needing to be requested is within the storage address range of the owner data is judged, for example, the data length needing to be requested is 4 bytes, the storage address range of the owner data is FFFFFFF 1-FFFFF 4, the maximum storage length of the owner data is 4 bytes, and the requested data length meets the formula (2), so that the trusted chip allows the access to the owner data, and returns the owner data with the storage address ranges FFF 1-FFFFF 4.

It should be noted that the verification information may be used to verify whether the access device side has the right to access and determine the location of the access device side for accessing the data, so as to further improve the accuracy of accessing the data.

Optionally, if the data length required to be requested is outside the storage address range of the owner data, the process of acquiring the owner data is suspended, and/or prompt information for representing the failure of the request is output.

As an optional embodiment, in a case that the trusted chip verifies that the verification information returned by the access device side meets the requirement, the trusted chip further determines whether the data length that needs to be requested is within the storage address range of the owner data, and if the data length that needs to be requested is outside the storage address range of the owner data, for example, the data length that needs to be requested is 4 bytes, the storage address range of the owner data is FFFFF1 to FFFFF3, the maximum storage length of the owner data is 3 bytes, and the requested data length does not satisfy formula (2), so that the trusted chip does not allow access to the owner data, directly terminates the flow, and outputs prompt information that the request fails.

Optionally, the verification information at least includes at least one of the following: the space number, password, which needs to be accessed.

As an optional embodiment, verifying the space number to be accessed may confirm whether the space number is stored in the trusted chip, and further verifying the password may confirm whether the user currently accessing has an access right, so as to further improve the accuracy of accessing data.

Optionally, in the case that the verification information fails, a prompt message that the owner data cannot be acquired is returned.

In an optional embodiment, the space number that the user needs to access is 2, but the trusted chip does not have owner data with the space number of 2, in this case, the process of acquiring the owner data is stopped, and a prompt message is sent to the access device to prompt that the owner data with the space number of 2 does not exist. In another optional embodiment, the space number that the user needs to access is 2, and the trusted chip has owner data with the space number of 2, and when it is detected that the password is not correct, the process of acquiring the owner data is also stopped, and a prompt message is sent to the access device to prompt that the password is incorrect and require the access device to operate again.

In a preferred embodiment, owner C applies for a 6-byte nonvolatile space that holds 4 bytes of data, as shown in Table 4: the owner space number Nv _ index is 1, the space owner name User _ name is C, and the space Size Nv _ Size corresponding to the owner space number 1 is 6 bytes, that is, the maximum data length can be 6 bytes; the corresponding physical addresses are fffffff 0 to FFFFF6, 4 bytes are stored in the physical addresses, the Data written by the owner is "1101", the TCG standard defaults that the Data of the owner Data not written is 00, that is, the Data entry Data is 110100 (the italicized numbers indicate status Data, and the non-italicized numbers indicate owner Data, such as the owner Data shown in table 4).

TABLE 4

When the stored data is long and changes frequently, the owner may not remember how long the data length is stored in the storage space, for example, when the owner mainly seeks to obtain the data length 5 to the trusted chip and responds to the information that the trusted chip requires feedback, including: after the owner inputs the correct password and the space number Nv _ index 1, the trusted chip receives the verification information, verifies that the password and the space number are fed back correctly, verifies that the length 5 of the data required to be acquired is larger than the length 4 of the owner data, and prompts that the requested data exceeds a pre-stored range because the requested data length is not in the range allowed to be accessed by the trusted chip, and then terminates the process of acquiring the owner data.

The trusted computing can perform safety protection while computing operation, so that the computing result is always consistent with expectation, and the whole computing process can be measured and controlled without interference.

The core elements of trusted computing are a chain of trust and a root of trust, where trusted computing may frame a trusted computing environment through a chain of trust mechanism. In the case that the root of trust is a trusted chip containing a non-volatile memory space, there is another alternative embodiment, which is specifically as follows:

currently, Trusted computing has two technical routes, namely a domestic Trusted Platform Control Module (TPCM) and a Trusted Platform Module (TPM) of the international TCG standard organization.

The core elements of Trusted computing are a Trusted chain and a Trusted root, a Trusted Platform Module (TPM) in the TCG specification is a hardware Trusted root of a Trusted computing Platform, and the TPM is a security chip providing protected secure storage and cryptographic operation capabilities. The TPM is physically connected to the computing platform and to the CPU via an external bus, for example a PC platform, which is directly fixed to the motherboard and connected via an LPC bus.

The definition of trustworthiness (trusted) is given in the TCG specification: an entity is always operating in a predictable manner for a particular target. The core mechanism of trusted computing is to construct a trusted computing environment through a trust chain mechanism, and whether a current running entity is trusted is the basis of establishing whether the previous running process of a system is trusted. Based on the trust relationship, if the system starts from an initial trust root, the trust can be maintained in a transfer mode at each conversion of the platform computing environment, so that a first-level verification first-level trust chain is established on the computing platform, the computing environment is always trusted, and the computing environment can be trusted by a local user or a remote entity. Fig. 6 shows a schematic structural diagram of a TCG trust chain, as shown in fig. 6, in which a solid arrow represents a trusted measurement connection, a dashed arrow represents a trusted report connection, a bold solid arrow represents a trusted storage connection, and a bold dashed arrow represents a trusted network connection.

The key technology of the trusted computing comprises a trusted measurement, a trusted report, a trusted storage, a trusted network connection and the like.

The trusted platform control module TPCM realizes the basic function of the trusted platform module, the function composition is basically the same as that of the TPM, but because the core measurement root CRTM of the TPM is in the BIOS of the basic input and output system and is not protected by the TPM, the TPCM proposes a new trusted measurement root design, solves the problem of the initial measurement point of the trusted measurement root, changes the starting and measurement sequence, establishes the trust chain measurement flow taking the chip as the trust root on the basis, realizes the control of the chip on the starting, I/O interface control, system configuration and the like of the whole system, and embodies the control effect of the chip on the system credibility.

In the operation control transmission process of the computing platform, the TPCM judges whether the authenticity and the integrity of the next-level execution code are tampered, if not, the system transmits the operation control right to the next-level trusted execution code, and the trusted range of the system is expanded to the next-level function code; similarly, the system control power is continuously transmitted, so that the establishment and transmission process of a trust chain can be realized, and finally the trusted construction of the system range is realized. A complete system trusted transfer process is started from a trusted root, and the system control right is sequentially transferred from the trusted platform control module to the trusted BIOS, then to the trusted operating system loader, then from the trusted operating system loader to the trusted operating system, and then from the trusted operating system to the trusted application.

The trusted security chip has the function of generating encryption and decryption keys, can also perform high-speed data encryption and decryption, and serves as an auxiliary processor for protecting the BIOS and the operating system from being modified.

The TPM security chip has wide application range, and can realize the following application by matching with special software:

(1) and storing and managing the BIOS starting password and the hard disk password. In the past, the transactions are all done by BIOS, and friends who play may know that the password is cleared only by taking off the CMOS battery and discharging the CMOS battery after forgetting the password. These keys are now actually stored in memory locations that are fixed to the chip, and their information is not lost even if power is lost. Compared with the BIOS management password, the security of the TPM security chip is greatly improved.

(2) The TPM security chip can perform a wide range of encryption. The TPM security chip can encrypt system login and application software login except for traditional startup encryption and hard disk encryption. For example, the login information and the password of the MSN, the QQ, the online game and the online bank can be encrypted by the TPM and then transmitted, so that the information and the password are not worried about being stolen by people.

(3) Any partition of the hard disk is encrypted. Any hard disk partition on the notebook can be encrypted, and some sensitive files can be put into the partition to make security. For example, some vendors use a one-key recovery function, which is one of the centralized embodiments of this use (which places the system image in a TPM-encrypted partition). There are also large commercial software companies (e.g., Microsoft) that utilize it as a means of encrypting partitions (e.g., the well-known BitLocker).

It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the invention. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required by the invention.

Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.

Example 2

According to the embodiment of the invention, the embodiment of the method for acquiring the data stored in the chip is also provided.

The present application provides a method of acquiring data stored in a chip as shown in fig. 7. Fig. 7 is a flowchart of a method of acquiring data stored in a chip according to embodiment 2 of the present invention. The method comprises the following steps:

step S702, receiving an access request for accessing the nonvolatile memory space of the chip;

step S704, responding to the access request to obtain verification information and the data length required to be requested;

step S706, under the condition that the verification information passes, judging whether the data length required to be requested is within the storage address range of the owner data preset in the nonvolatile storage space;

step 708, if the data length required to be requested is within the range of the storage address of the owner data, allowing the content of the owner data to be returned; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

In the scheme defined in steps S702 to S708, the access chip may be a trusted chip, and the trusted chip includes a nonvolatile memory space. When the storage mode of the owner data is the small-end mode, assuming that the size of the owner data is L, the initial storage address of the data block of the owner data, that is, the memory address where the low byte of the owner data is located, is Min _ address, and the last storage address of the data block of the owner data, that is, the memory address where the high byte of the owner data is located, is Max _ address, L, Min _ address and Max _ address satisfy the following formula:

L≤|Max_adress-Min_adress|

initiating a request for accessing the nonvolatile space to a trusted chip at an access equipment end, responding the request of the access equipment end after the trusted chip receives the nonvolatile space request sent by the access equipment end, and requiring the access equipment end to feed back verification information and length information of owner data; the access device side sends verification information and length information of owner data to the trusted chip, for example, the length of the accessed owner data is 4 bytes; the trusted chip verifies whether the verification information returned by the access device side meets the requirement, and under the condition that the verification information meets the requirement, whether the data length required to be requested is within the storage address range of the owner data is judged, for example, the data length required to be requested is 4 bytes, the storage address range of the owner data is FFFFF 1-FFFFF 4, the maximum storage length of the owner data is 4 bytes, and the requested data length meets the formula:

L≤|Max_adress-Min_adress|

thus, the trusted chip allows access to owner data and returns owner data having a memory address range of FFFFF1 through FFFFF 4.

It should be noted that the verification information may be used to verify whether the access device side has the right to access and determine the location of the access device side for accessing the data, so as to further improve the accuracy of accessing the data. The storage mode of the nonvolatile storage space can adopt a big-end mode and a small-end mode, wherein the big-end mode refers to that high bytes of data are stored in a low address of the memory, and the low bytes of the data are stored in a high address of the memory; the small-end mode means that the high byte of data is stored in the high address of the memory, and the low byte of data is stored in the internal low address, the storage mode can effectively combine the high and low of the address and the bit weight of the data, the weight of the data in the high address part is high, and the weight of the data in the low address part is low.

Based on the solutions disclosed in steps S702 to S708 in the above embodiments, it can be known that after a nonvolatile storage space is created in a chip, owner data is written into the nonvolatile storage space, a storage address range of the owner data is determined according to the size of the owner data, and data that needs to be obtained by the owner is returned according to the size of the owner data and the storage address range of the owner data, so as to achieve the purpose of accurately obtaining the owner data, thereby achieving the technical effect of ensuring the correctness of obtaining the original data by the owner, and further solving the technical problem that when the original data is read from the nonvolatile space of a trusted security chip in the prior art, the accuracy of the read original data is poor.

Optionally, the attribute of the non-volatile storage space further includes at least one of: space number, space owner name, space authorization code, space size and space physical address range.

In an alternative embodiment, table 5 is an attribute table of the non-volatile storage space into which owner data has been written, as shown in table 5.

TABLE 5

In table 5, the space number of the owner is 1, the space owner name is C, the size of the owner space with the owner space number 1 is 6 bytes, that is, the data length can be 6 bytes at the maximum, the corresponding space physical address ranges are fffffff 0 to fffffff 6, 4 bytes are stored in the physical addresses, the storage address ranges are fffffff 1 to FFFFF4, and the written owner data is "1101".

Optionally, before receiving an access request for accessing the nonvolatile memory space of the chip, the method further includes: and writing the owner data into the nonvolatile storage space, and determining the storage address range of the owner data according to the size of the owner data, wherein the storage address range is determined by the initial storage address and the end storage address of the data block of the owner data.

L≤|Max_adress-Min_adress|

As an optional embodiment, in a case that the trusted chip verifies that the verification information returned by the access device side meets the requirement, the trusted chip further determines whether the data length required to be requested is within the storage address range of the owner data, and if the data length required to be requested is outside the storage address range of the owner data, for example, the data length required to be requested is 4 bytes, the storage address range of the owner data is fffffff 1 to FFFFF3, the maximum storage length of the owner data is 3 bytes, and the requested data length does not satisfy the formula L ≦ Max _ addresses-Min _ addresses |, so that the trusted chip does not allow access to the owner data, directly terminates the flow, and outputs prompt information indicating that the request fails.

Example 3

According to the embodiment of the invention, the embodiment of the trusted chip is also provided.

The present application provides a schematic diagram of a trusted chip as shown in fig. 8. Fig. 8 is a schematic structural diagram of a trusted chip according to embodiment 3 of the present invention, where the trusted chip includes: and a memory 801. Wherein the content of the first and second substances,

a memory 801 comprising a non-volatile storage space, wherein the properties of the non-volatile storage space comprise at least: the parameter is used for representing the storage of owner data in the nonvolatile storage space, and the storage address range of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

In the technical solution defined by the memory 801, the storage mode of the nonvolatile storage space may adopt a big-end mode and a small-end mode, where the big-end mode refers to that high bytes of data are stored in a low address of the memory, and low bytes of data are stored in a high address of the memory; the small-end mode means that the high byte of data is stored in the high address of the memory, and the low byte of data is stored in the internal low address, the storage mode can effectively combine the high and low of the address and the bit weight of the data, the weight of the data in the high address part is high, and the weight of the data in the low address part is low.

Therefore, the nonvolatile storage space is created in the chip, so that the data stored in the chip by a user can be prevented from being lost when the equipment is powered off, and the safety of data storage is further improved.

Example 4

According to an embodiment of the present invention, there is also provided a system embodiment for acquiring data stored in a chip.

The present application provides a system for acquiring data stored in a chip as shown in fig. 9. Fig. 9 is a schematic structural diagram of a system for acquiring data stored in a chip according to embodiment 4 of the present invention, where the system includes: an access device side 901 and a trusted chip 903. Wherein the content of the first and second substances,

an access device terminal 901, configured to send an access request for accessing a nonvolatile memory space of a chip;

the trusted chip 903 is in communication with the access device end and is used for responding to the access request, acquiring verification information returned by the access device end and the data length required to be requested, and allowing the content of the owner data to be returned if the data length required to be requested is within the range of the storage address of the owner data under the condition that the verification information passes; the storage address range of the owner data is used for representing the maximum data length when the data is allowed to be requested to the credible chip.

In an alternative embodiment, the trusted chip includes a non-volatile memory space. When the storage mode of the owner data is the small-end mode, assuming that the size of the owner data is L, the initial storage address of the data block of the owner data, that is, the memory address where the low byte of the owner data is located, is Min _ address, and the last storage address of the data block of the owner data, that is, the memory address where the high byte of the owner data is located, is Max _ address, L, Min _ address and Max _ address satisfy the following formula:

L≤|Max_adress-Min_adress|

According to the method, after the nonvolatile storage space is created in the chip, the owner data is written into the nonvolatile storage space, the storage address range of the owner data is determined according to the size of the owner data, and the data required to be acquired by the owner is returned according to the size of the owner data and the storage address range of the owner data, so that the aim of accurately acquiring the owner data is fulfilled, the technical effect of ensuring the correctness of the original data acquired by the owner is achieved, and the technical problem that the accuracy of the read original data is poor when the original data is read from the nonvolatile space of the credible security chip in the prior art is solved.

Optionally, the trusted chip 903 is further configured to write owner data into the nonvolatile memory space, and determine a storage address range of the owner data according to the size of the owner data, where the storage address range is determined by an initial storage address and a last storage address of a data block of the owner data.

Example 5

According to an embodiment of the present invention, there is also provided an apparatus for acquiring data stored in a chip, as shown in fig. 10, for implementing the above embodiment 2, the apparatus including: a receiving module 1001, a response module 1003, a judging module 1005 and a control module 1007. Wherein the content of the first and second substances,

a receiving module 1001, configured to receive an access request for accessing a nonvolatile memory space of a chip;

a response module 1003, configured to respond to the access request, to obtain the authentication information and the data length required to be requested;

a determining module 1005, configured to determine, when the verification information passes, whether a data length that needs to be requested is within a storage address range of owner data preset in the nonvolatile storage space;

a control module 1007, configured to allow the content of the owner data to be returned if the data length that needs to be requested is within the range of the storage address of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

The access chip may be a trusted chip, and the trusted chip includes a nonvolatile memory space. When the storage mode of the owner data is the small-end mode, assuming that the size of the owner data is L, the initial storage address of the data block of the owner data, that is, the memory address where the low byte of the owner data is located, is Min _ address, and the last storage address of the data block of the owner data, that is, the memory address where the high byte of the owner data is located, is Max _ address, L, Min _ address and Max _ address satisfy the following formula:

L≤|Max_adress-Min_adress|

It should be noted here that the receiving module 1001, the responding module 1003, the determining module 1005 and the control module 1007 correspond to steps S702 to S708 in embodiment 2, and the four modules are the same as the corresponding steps in the implementation example and application scenario, but are not limited to the disclosure in embodiment 2. It should be noted that the above modules may be operated in the computer terminal 10 provided in embodiment 1 as a part of the apparatus.

In an alternative embodiment, table 6 is an attribute table of the non-volatile storage space into which owner data has been written, as shown in table 6.

TABLE 6

In table 6, the space number of the owner is 1, the space owner name is C, the size of the owner space with the owner space number 1 is 6 bytes, that is, the data length can be 6 bytes at the maximum, the corresponding physical address ranges of the spaces are fffffff 0 to fffffff 6, 4 bytes are stored in the physical addresses, the storage address ranges are fffffff 1 to FFFFF4, and the written owner data is "1101".

Optionally, as shown in fig. 10, the apparatus for acquiring data stored in the chip further includes: the writing module 1009 is configured to write the owner data into the nonvolatile storage space, and determine a storage address range of the owner data according to the size of the owner data, where the storage address range is determined by an initial storage address and an end storage address of a data block of the owner data.

L≤|Max_adress-Min_adress|

Example 6

The embodiment of the invention can provide a computer terminal which can be any computer terminal device in a computer terminal group. Optionally, in this embodiment, the computer terminal may also be replaced with a terminal device such as a mobile terminal.

Optionally, in this embodiment, the computer terminal may be located in at least one network device of a plurality of network devices of a computer network.

Alternatively, fig. 11 is a block diagram of a computer terminal according to an embodiment of the present invention. As shown in fig. 11, the computer terminal a may include: one or more (only one shown) processors 1103 and a memory 1101.

The memory may be used to store software programs and modules, such as program instructions/modules corresponding to the security vulnerability detection method and apparatus in the embodiments of the present invention, and the processor executes various functional applications and data processing by operating the software programs and modules stored in the memory, that is, the above-mentioned method for detecting a system vulnerability attack is implemented. The memory may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory may further include memory remotely located from the processor, and these remote memories may be connected to terminal a through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The processor can call the information and application program stored in the memory through the transmission device to execute the following steps: creating a non-volatile storage space in a chip, wherein the attributes of the non-volatile storage space at least comprise: the parameter is used for representing the storage of owner data in the nonvolatile storage space, and the storage address range of the owner data; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

Optionally, the processor may further execute the program code of the following steps: and writing the owner data into the nonvolatile storage space, and determining the storage address range of the owner data according to the size of the owner data, wherein the storage address range is determined by the initial storage address and the end storage address of the data block of the owner data.

Optionally, the processor may further execute the program code of the following steps: receiving an access request for accessing a non-volatile storage space; responding to the access request to obtain verification information and the data length required to be requested; under the condition that the verification information passes, judging whether the data length required to be requested is within the storage address range of the owner data; if the data length required to be requested is within the range of the storage address of the owner data, the content of the owner data is allowed to be returned.

Optionally, the processor may further execute the program code of the following steps: if the data length required to be requested is beyond the range of the storage address of the owner data, the process of acquiring the owner data is stopped, and/or prompt information used for representing the failure of the request is output.

By adopting the scheme of the method for acquiring the data stored in the chip provided by the embodiment of the invention, the owner data is written into the nonvolatile storage space after the nonvolatile storage space is created in the chip, the storage address range of the owner data is determined according to the size of the owner data, and the data required to be acquired by the owner is returned according to the size of the owner data and the storage address range of the owner data, so that the aim of accurately acquiring the owner data is fulfilled, the technical effect of ensuring the correctness of the acquisition of the original data by the owner is realized, and the technical problem of poor accuracy of the read original data when the original data is read from the nonvolatile space of the credible security chip in the prior art is further solved.

It can be understood by those skilled in the art that the structure shown in fig. 11 is only an illustration, and the computer terminal may also be a terminal device such as a smart phone (e.g., an Android phone, an iOS phone, etc.), a tablet computer, a palmtop computer, a Mobile Internet Device (MID), a PAD, and the like. Fig. 11 is a diagram illustrating a structure of the electronic device. For example, the computer terminal 11 may also include more or fewer components (e.g., network interfaces, display devices, etc.) than shown in FIG. 11, or have a different configuration than shown in FIG. 11.

Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by a program instructing hardware associated with the terminal device, where the program may be stored in a computer-readable storage medium, and the storage medium may include: flash disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.

Example 7

The embodiment of the invention also provides a storage medium. Optionally, in this embodiment, the storage medium may be configured to store the program code executed by the method for acquiring data stored in the chip provided in embodiment 2.

Optionally, in this embodiment, the storage medium may be located in any one of computer terminals in a computer terminal group in a computer network, or in any one of mobile terminals in a mobile terminal group.

Optionally, in this embodiment, the storage medium is configured to store program code for performing the following steps: receiving an access request for accessing a non-volatile memory space of a chip; responding to the access request to obtain verification information and the data length required to be requested; under the condition that the verification information passes, judging whether the data length required to be requested is within the storage address range of owner data preset in the nonvolatile storage space; if the data length required to be requested is within the range of the storage address of the owner data, allowing the content of the owner data to be returned; wherein the memory address range of the owner data is used to characterize the maximum data length when data requests to the chip are allowed.

Optionally, in this embodiment, the storage medium is configured to store program code for further performing the following steps: and writing the owner data into the nonvolatile storage space, and determining the storage address range of the owner data according to the size of the owner data, wherein the storage address range is determined by the initial storage address and the end storage address of the data block of the owner data.

Optionally, in this embodiment, the storage medium is configured to store program code for further performing the following steps: if the data length required to be requested is beyond the range of the storage address of the owner data, the process of acquiring the owner data is stopped, and/or prompt information used for representing the failure of the request is output.

The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.

In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, a division of a unit is merely a division of a logic function, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.

Units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that it is obvious to those skilled in the art that various modifications and improvements can be made without departing from the principle of the present invention, and these modifications and improvements should also be considered as the protection scope of the present invention.

Claims

1. A trusted chip, comprising:

a memory comprising a non-volatile storage space, wherein attributes of the non-volatile storage space include at least: a parameter for characterizing the storage of owner data in the non-volatile memory space, and a storage address range of the owner data;

the memory address range of the owner data is used for representing the maximum data length when data are allowed to be requested to a chip;

wherein a storage address range of the owner data is determined according to a size of the owner data written to the nonvolatile storage space, wherein the storage address range is determined by an initial storage address and a last storage address of a data block of the owner data, and the storage address range of the owner data is the same as the length of the owner data.

2. A system for obtaining data stored in a chip, comprising:

the access device end is used for sending an access request for accessing the nonvolatile storage space of the chip;

the trusted chip is communicated with the access equipment end and used for responding to the access request, acquiring verification information returned by the access equipment end and the data length required to be requested, and allowing the content of the owner data to be returned if the data length required to be requested is within the range of the storage address of the owner data under the condition that the verification information passes;

the storage address range of the owner data is used for representing the maximum data length when the data is allowed to be requested from the credible chip;

the trusted chip is further configured to write the owner data into the nonvolatile storage space, and determine a storage address range of the owner data according to the size of the owner data, where the storage address range is determined by an initial storage address and a last storage address of a data block of the owner data, and the storage address range of the owner data is the same as the length of the owner data.

3. A method for storing data in a non-volatile memory space on a chip, comprising:

creating a non-volatile storage space in a chip, wherein attributes of the non-volatile storage space at least comprise: a parameter for characterizing the storage of owner data in the non-volatile memory space, the range of storage addresses of the owner data;

the memory address range of the owner data is used for representing the maximum data length when data are allowed to be requested to the chip;

wherein after creating the non-volatile storage space in the chip, the method further comprises: and writing the owner data into the nonvolatile storage space, and determining a storage address range of the owner data according to the size of the owner data, wherein the storage address range is determined by an initial storage address and a last storage address of a data block of the owner data, and the storage address range of the owner data is the same as the length of the owner data.

4. The method of claim 3, wherein the attributes of the non-volatile storage space further comprise at least one of: space number, space owner name, space authorization password, space size and space physical address range.

5. The method according to claim 3 or 4, wherein after writing the owner data to the non-volatile memory space and determining the memory address range of the owner data according to the size of the owner data, the method further comprises:

receiving an access request for accessing the non-volatile storage space;

responding to the access request to obtain verification information and the data length required to be requested;

under the condition that the verification information is verified to pass, judging whether the data length needing to be requested is within the storage address range of the owner data;

and if the length of the data needing to be requested is within the range of the storage address of the owner data, allowing the content of the owner data to be returned.

6. The method according to claim 5, wherein if the data length required to be requested is out of the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or a prompt message for indicating that the request fails is output.

7. The method of claim 5, wherein the authentication information comprises at least one of: the space number, password, which needs to be accessed.

8. The method according to claim 5, wherein in a case where verification of the verification information fails, a prompt is returned that the owner data cannot be acquired.

9. A method of retrieving data stored in a chip, comprising:

receiving an access request for accessing a non-volatile memory space of a chip;

under the condition that the verification information is verified to pass, judging whether the data length needing to be requested is within a storage address range of owner data preset in the nonvolatile storage space or not;

if the length of the data needing to be requested is within the range of the storage address of the owner data, allowing the content of the owner data to be returned;

wherein, before receiving an access request for accessing a non-volatile memory space of a chip, the method further comprises: and writing the owner data into the nonvolatile storage space, and determining a storage address range of the owner data according to the size of the owner data, wherein the storage address range is determined by an initial storage address and a last storage address of a data block of the owner data, and the storage address range of the owner data is the same as the length of the owner data.

10. The method of claim 9, wherein the attributes of the non-volatile storage space further comprise at least one of: space number, space owner name, space authorization code, space size and space physical address range.

11. The method according to claim 9, wherein if the data length required to be requested is out of the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or a prompt message for indicating that the request fails is output.

12. An apparatus for retrieving data stored in a chip, comprising:

the receiving module is used for receiving an access request for accessing the nonvolatile storage space of the chip;

the response module is used for responding to the access request to obtain verification information and the data length required to be requested;

the judging module is used for judging whether the data length required to be requested is within a storage address range of owner data preset in the nonvolatile storage space or not under the condition that the verification information passes;

the control module is used for allowing the content of the owner data to be returned if the length of the data needing to be requested is within the range of the storage address of the owner data;

wherein the apparatus further comprises: a write module, configured to write the owner data into the nonvolatile storage space, and determine a storage address range of the owner data according to a size of the owner data, where,

determining the storage address range through an initial storage address and an end storage address of the data block of the owner data, wherein the storage address range of the owner data is the same as the length of the owner data.