CN108268303A - A kind of operation requests method, apparatus and system - Google Patents
A kind of operation requests method, apparatus and system Download PDFInfo
- Publication number
- CN108268303A CN108268303A CN201710001667.7A CN201710001667A CN108268303A CN 108268303 A CN108268303 A CN 108268303A CN 201710001667 A CN201710001667 A CN 201710001667A CN 108268303 A CN108268303 A CN 108268303A
- Authority
- CN
- China
- Prior art keywords
- operation requests
- tee
- operational order
- requests information
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 5
- 235000013399 edible fruits Nutrition 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 8
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 239000011800 void material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
Abstract
The embodiment of the present application provides a kind of operation requests method, apparatus and system, the operation requests information sent by receiving the first virtual opetrating system;The operation requests information is sent to TEE;The operational order that the TEE is returned is received, the operational order TEE is handled to obtain to the operation requests information;The mode of the operation of the operational order instruction is performed, realizes operation requests.And, because TEE is reliable running environment, it is safer relative to application program, it is not easy to be cracked, so in terms of existing technologies, the embodiment of the present application provides a kind of operation requests method, apparatus and system in a manner that TEE handles the operation requests information that the first virtual opetrating system is sent, and effectively improves the safety of operation requests.
Description
Technical field
The present invention relates to operation requests technical field, more particularly to a kind of operation requests method, apparatus and system.
Background technology
Operating system virtualization technology is referred to realizing operating system virtualization on kernel, be allowed each empty on kernel
The operating system (virtual opetrating system) drawn up identifies oneself to exclusively enjoy hardware resource.
At present, the operation requests information that virtual opetrating system is sent out, is handled by management program, corresponding to obtain
Operational order, and then the operation of the operational order instruction is performed, realize operation requests.However, because management program is using journey
Sequence is easily cracked, and therefore, usually there are the unsafe problems of operation requests.
In view of this, a kind of operation requests method, apparatus and system are provided, are urgently to promote the safety of operation requests
Problem to be solved.
Invention content
In view of this, the embodiment of the present invention provides a kind of operation requests method, apparatus and system, to promote operation requests
Safety.
To achieve these goals, technical solution provided in an embodiment of the present invention is as follows:
A kind of operation requests method, including:
Receive the operation requests information of the first virtual opetrating system transmission;
The operation requests information is sent to TEE;
The operational order that the TEE is returned is received, the operational order carries out the operation requests information for the TEE
What processing obtained;
Perform the operation of the operational order instruction.
Preferably, operational order instruction has the second virtual opetrating system, second virtual opetrating system with it is described
First virtual opetrating system is different, first virtual opetrating system and the second virtual opetrating system virtually in same kernel it
On,
The operation for performing the operational order instruction, including:
The operational order is sent to second virtual opetrating system, so that second virtual opetrating system performs institute
State the operation of operational order instruction.
Preferably, it further includes:
The operation requests information is encrypted obtained object run using hmac algorithm to TEE transmissions please
Seek information.
Preferably, the TEE is handled to obtain the process of operational order to the operation requests information, including:
The TEE carries out identity to the operation requests information using the hmac algorithm and object run solicited message and tests
Card obtains authentication as a result, the authentication result represents authentication success or authentication failure;
When the authentication result represents authentication success, the operation requests information is handled and is grasped
It instructs.
Preferably, the TEE using the hmac algorithm and object run solicited message to the operation requests information into
Row authentication, obtain authentication as a result, including:
The TEE is encrypted the operation requests information using the hmac algorithm;
Judge whether the encrypted operation requests information matches with the object run solicited message;
If the encrypted operation requests information is matched with the object run solicited message, authentication knot is determined
Fruit, the authentication result represent authentication success;
If the encrypted operation requests information is mismatched with the object run solicited message, authentication is determined
As a result, the authentication result represents authentication failure.
Preferably, it further includes:
Receive the authentication result that the TEE is returned;
When the authentication result represent authentication failure when, to first virtual opetrating system return with it is described
The corresponding miscue information of authentication result.
A kind of operation requests device, including:
Operation requests information receiving unit, for receiving the operation requests information that the first virtual opetrating system is sent;
Operation requests information transmitting unit, for sending the operation requests information to TEE;
Operational order receiving unit, for receiving the operational order that the TEE is returned, the operational order is the TEE
The operation requests information is handled;
Operational order execution unit, for performing the operation of the operational order instruction.
Preferably, operational order instruction has the second virtual opetrating system, second virtual opetrating system with it is described
First virtual opetrating system is different, first virtual opetrating system and the second virtual opetrating system virtually in same kernel it
On,
The operational order execution unit, is specifically used for:
The operational order is sent to second virtual opetrating system, so that second virtual opetrating system performs institute
State the operation of operational order instruction.
Preferably, the operation requests information transmitting unit, is additionally operable to:
The operation requests information is encrypted obtained object run using hmac algorithm to TEE transmissions please
Seek information.
A kind of operation requests system, including:TEE and the operation requests device.
The embodiment of the present application provides a kind of operation requests method, apparatus and system, by receiving the first virtual opetrating system
The operation requests information of transmission;The operation requests information is sent to TEE;Receive the operational order that the TEE is returned, the behaviour
Make that the TEE is instructed to be handled to obtain to the operation requests information;Perform the operation of the operational order instruction
Mode realizes operation requests.Also, it is safer relative to application program because TEE is reliable running environment, it is not easy
It is cracked, so in terms of existing technologies, the embodiment of the present application provides a kind of operation requests method, apparatus and system passes through
The mode that TEE handles the operation requests information that the first virtual opetrating system is sent effectively improves the peace of operation requests
Quan Xing.
Description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments described in invention, for those of ordinary skill in the art, without creative efforts,
It can also be obtained according to these attached drawings other attached drawings.
Fig. 1 is a kind of operation requests method flow diagram provided by the embodiments of the present application;
Fig. 2 is another operation requests method flow diagram provided by the embodiments of the present application;
Fig. 3 is for a kind of TEE provided by the embodiments of the present application using the hmac algorithm and object run solicited message to institute
It states operation requests information and carries out authentication, obtain the method flow diagram of authentication result;
Fig. 4 is a kind of structure diagram of operation requests device provided by the embodiments of the present application;
Fig. 5 is a kind of structure diagram of operation requests system provided by the embodiments of the present application.
Specific embodiment
In order to which those skilled in the art is made to more fully understand the technical solution in the present invention, below in conjunction with of the invention real
The attached drawing in example is applied, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described implementation
Example is only part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common
Technical staff's all other embodiments obtained without making creative work, should all belong to protection of the present invention
Range.
Embodiment:
Fig. 1 is a kind of operation requests method flow diagram provided by the embodiments of the present application.
As shown in Figure 1, this method includes:
S101, the operation requests information that the first virtual opetrating system is sent is received;
In the embodiment of the present application, it is preferred that operating system virtualization can be achieved on kernel, you can fictionalized on kernel
Virtual opetrating system.
Preferably, the number of the virtual opetrating system fictionalized on kernel is two.
Above is only the preferred embodiment of the embodiment of the present application, and inventor can arbitrarily be arranged on kernel according to the demand of oneself
On the number of virtual opetrating system that fictionalizes, do not limit herein.
In the embodiment of the present application, it is preferred that kernel, the virtual opetrating system fictionalized on the kernel and TEE
Positioned at same electronic equipment.Equally, a kind of operation requests method provided by the embodiments of the present application is applied in the electronic equipment
An application program, the application program can communicate with TEE.
Optionally, each virtual opetrating system fictionalized on kernel is by way of sending operation requests information
The purpose of the operation requests of realization.A kind of operation requests method provided by the embodiments of the present application, can receive virtually on kernel
The first virtual opetrating system send operation requests information.
S102, the operation requests information is sent to TEE;
S103, the operational order that the TEE is returned is received, the operational order believes the operation requests for the TEE
What breath was handled;
Optionally, after TEE receives operation requests information, it can be handled the operation requests information to obtain operation and be referred to
It enables, and returns to the operational order, so that a kind of operation requests method provided by the embodiments of the present application receives the operation of TEE returns
Instruction.
S104, the operation for performing the operational order instruction.
Optionally, operational order instruction has operation, and different operational orders indicates different operations.
A kind of operation requests method provided by the embodiments of the present application after the operational order for receiving TEE returns, can perform
The operation of the operational order instruction.
In the embodiment of the present application, it is preferred that the operational order instruction has the second virtual opetrating system, and described second is empty
It is different from first virtual opetrating system to intend operating system, first virtual opetrating system and the second virtual opetrating system are empty
Intend on same kernel.
Optionally, the operational order at least indicates the operational order being sent to second virtual opetrating system
When, the operation for performing the operational order instruction, including:The operation is sent to second virtual opetrating system to refer to
It enables, so that second virtual opetrating system performs the operation of the operational order instruction.
The embodiment of the present application provides a kind of operation requests method, and the operation sent by receiving the first virtual opetrating system please
Seek information;The operation requests information is sent to TEE;The operational order that the TEE is returned is received, the operational order is described
TEE handles the operation requests information;The mode of the operation of the operational order instruction is performed, realizes behaviour
It asks.Also, it is safer relative to application program because TEE is reliable running environment, it is not easy to be cracked, so phase
For the prior art, the embodiment of the present application provides a kind of operation requests method and the first virtual opetrating system is sent out by TEE
The mode that the operation requests information sent is handled, effectively improves the safety of operation requests.
In order to be more comprehensively illustrated to a kind of operation requests method provided by the embodiments of the present application, now to the application
Another operation requests method that embodiment provides describes in detail, refers to Fig. 2.
As shown in Fig. 2, this method includes:
S201, the operation requests information that the first virtual opetrating system is sent is received;
S202, it sends the operation requests information to TEE and is sent to the TEE using hmac algorithm to the behaviour
Obtained object run solicited message is encrypted as solicited message;
Optionally, HMAC (Hash-based Message Authentication Code, the relevant Hash operation of key
Message authentication code).Being discussed in detail for related HMAC refers to the prior art, and this will not be repeated here.
In the embodiment of the present application, it is preferred that while send the operation requests information and object run request to TEE
Information.
S203, the operational order that the TEE is returned is received, the operational order utilizes the hmac algorithm for the TEE
Authentication is carried out to the operation requests information with object run solicited message, obtains authentication result;When the identity
When verification result represents authentication success, the operation requests information is handled;
In the embodiment of the present application, it is preferred that the TEE is using the hmac algorithm and object run solicited message to institute
It states operation requests information and carries out authentication, obtained authentication result represents authentication success or authentication failure.
Further, in a kind of operation requests method provided by the embodiments of the present application, the TEE utilizes the hmac algorithm
Authentication is carried out to the operation requests information with object run solicited message, obtains authentication result;When the identity
When verification result represents authentication failure, no longer the operation requests information is handled to obtain operational order.
S204, the operation for performing the operational order instruction.
In the embodiment of the present application, it is preferred that after receiving the operational order that the TEE is returned, perform the operation and refer to
Enable the operation of instruction.
Further, it in a kind of operation requests method provided by the embodiments of the present application, further includes:The TEE is received to return
The authentication result returned;When the authentication result represents authentication failure, to first virtual opetrating system
Return to miscue information corresponding with the authentication result.
It should be noted that:The TEE is using the hmac algorithm and object run solicited message to the operation requests
Information carries out authentication, obtains authentication result;It is described when the authentication result represents authentication success
TEE is handled to obtain operational order to the operation requests information;When the authentication result represents that authentication is lost
When losing, the TEE is not handled to obtain operational order to the operation requests information.No matter and TEE authentication results
It represents authentication success or authentication failure, can return to authentication information;Only TEE works as authentication result table
When showing authentication success, authentication result and operational order are returned;When authentication result represents authentication failure,
Authentication is returned only to as a result, not returning to operational order.
Optionally, in a kind of operation requests method provided by the embodiments of the present application, if received authentication knot
When fruit verification represents authentication success, the operation of received operational order instruction is performed.
Another operation requests method provided by the embodiments of the present application is further described by above-mentioned so that the application
Embodiment provide a kind of operation requests method be more clear, completely, convenient for those skilled in the art understand that.
In order to be more comprehensively illustrated to a kind of operation requests method provided by the embodiments of the present application, now to the application
A kind of TEE that embodiment provides carries out body using the hmac algorithm and object run solicited message to the operation requests information
Part verification, the method for obtaining authentication result describe in detail, refer to Fig. 3.
As shown in figure 3, this method includes:
S301, the TEE are encrypted the operation requests information using the hmac algorithm;
Optionally, the hmac algorithm is preset in the TEE, after the TEE receives the operation requests information,
Received operation requests information can be encrypted using its preset described hmac algorithm, obtain the encrypted behaviour
Make solicited message.
S302, judge whether the encrypted operation requests information matches with the object run solicited message;If
The encrypted operation requests information is matched with the object run solicited message, performs step S303;It is if encrypted
The operation requests information is mismatched with the object run solicited message, performs step S304;
Optionally, the TEE judge the encrypted operation requests information whether with the object run solicited message
Matching, including:The TEE judges whether the encrypted operation requests information is identical with the object run solicited message;
If the encrypted operation requests information is identical with the object run solicited message, determine that the encrypted operation please
Information is asked to be matched with the object run solicited message;If the encrypted operation requests information please with the object run
Information is asked to differ, determines that the encrypted operation requests information is mismatched with the object run solicited message.
It is only preferred embodiment provided by the embodiments of the present application above, inventor can sentence according to the demand of oneself arbitrarily setting
Break the encrypted operation requests information whether with the matched mode of object run solicited message, do not limit herein.
S303, authentication is determined as a result, the authentication result represents authentication success;
Optionally, the TEE operation requests information after encryption and the object run solicited message are matched
In the case of, authentication is determined as a result, the authentication result represents authentication success.
S304, authentication is determined as a result, the authentication result represents authentication failure.
Optionally, the operation requests information of the TEE after encryption is mismatched with the object run solicited message
In the case of, authentication is determined as a result, the authentication result represents authentication failure.
The hmac algorithm and object run solicited message are utilized to a kind of TEE provided by the embodiments of the present application by above-mentioned
Authentication is carried out to the operation requests information, the method for obtaining authentication result is further described so that the application
Embodiment provide a kind of operation requests method be more clear, completely, convenient for those skilled in the art understand that.
Method is described in detail in the invention described above disclosed embodiment, diversified forms can be used for the method for the present invention
Device realize that therefore the invention also discloses a kind of devices, and specific embodiment is given below and is described in detail.
Fig. 4 is a kind of structure diagram of operation requests device provided by the embodiments of the present application.
As shown in figure 4, the device includes:
Operation requests information receiving unit 41, for receiving the operation requests information that the first virtual opetrating system is sent;
Operation requests information transmitting unit 42, for sending the operation requests information to TEE;
Operational order receiving unit 43, for receiving the operational order that the TEE is returned, the operational order is described
TEE handles the operation requests information;
Operational order execution unit 44, for performing the operation of the operational order instruction.
Optionally, operational order instruction has the second virtual opetrating system, second virtual opetrating system with it is described
First virtual opetrating system is different, first virtual opetrating system and the second virtual opetrating system virtually in same kernel it
On, the operational order execution unit is specifically used for:The operational order is sent to second virtual opetrating system, so as to
Second virtual opetrating system performs the operation of the operational order instruction.
Optionally, the operation requests information transmitting unit, is additionally operable to:It is sent to the TEE using hmac algorithm to institute
It states operation requests information and obtained object run solicited message is encrypted.
In the embodiment of the present application, it is preferred that the operation requests information transmitting unit sends the operation to TEE simultaneously
Solicited message and object run solicited message.
Further, the embodiment of the present application also provides a kind of structure diagram of operation requests system, refers to Fig. 5.
As shown in figure 5, operation requests system includes:TEE51 and operation requests device 52.
Optionally, the operation requests device 52 is the operation requests device that above-described embodiment provides.
The embodiment of the present application provides a kind of operation requests apparatus and system, by receiving the transmission of the first virtual opetrating system
Operation requests information;The operation requests information is sent to TEE;Receive the operational order that the TEE is returned, the operational order
The TEE is handled to obtain to the operation requests information;The mode of the operation of the operational order instruction is performed, it is real
Operation requests are showed.Also, it is safer relative to application program because TEE is reliable running environment, it is not easy to be cracked,
So in terms of existing technologies, the embodiment of the present application provides a kind of operation requests apparatus and system by TEE to the first void
Intend the mode that the operation requests information that operating system is sent is handled, effectively improve the safety of operation requests.
Each embodiment is described by the way of progressive in the present invention, the highlights of each of the examples are with other realities
Apply the difference of example, just to refer each other for identical similar portion between each embodiment.For device disclosed in embodiment and
For system, since it is corresponded to the methods disclosed in the examples, so description is fairly simple, related part is referring to method portion
It defends oneself bright.
It the above is only the preferred embodiment of the present invention, make skilled artisans appreciate that or realizing of the invention.It is right
A variety of modifications of these embodiments will be apparent to one skilled in the art, general original as defined herein
Reason can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, the present invention will not
Be intended to be limited to the embodiments shown herein, and be to fit to it is consistent with the principles and novel features disclosed herein most
Wide range.
Claims (10)
- A kind of 1. operation requests method, which is characterized in that including:Receive the operation requests information of the first virtual opetrating system transmission;The operation requests information is sent to TEE;The operational order that the TEE is returned is received, the operational order is handled the operation requests information for the TEE It obtains;Perform the operation of the operational order instruction.
- 2. according to the method described in claim 1, it is characterized in that, the operational order instruction have the second virtual opetrating system, Second virtual opetrating system is different from first virtual opetrating system, and first virtual opetrating system and second is virtually Operating system virtually on same kernel,The operation for performing the operational order instruction, including:The operational order is sent to second virtual opetrating system, so that second virtual opetrating system performs the behaviour Make the operation of instruction instruction.
- 3. according to the method described in claim 1-2 any one, which is characterized in that further include:It is sent to the TEE and the operation requests information is encrypted using hmac algorithm obtained object run request letter Breath.
- 4. according to the method described in claim 3, it is characterized in that, the TEE to the operation requests information handle To the process of operational order, including:The TEE carries out authentication using the hmac algorithm and object run solicited message to the operation requests information, Authentication is obtained as a result, the authentication result represents authentication success or authentication failure;When the authentication result represents authentication success, handled to obtain operation to the operation requests information and referred to It enables.
- 5. according to the method described in claim 4, it is characterized in that, the TEE please using the hmac algorithm and object run Ask information to the operation requests information carry out authentication, obtain authentication as a result, including:The TEE is encrypted the operation requests information using the hmac algorithm;Judge whether the encrypted operation requests information matches with the object run solicited message;If the encrypted operation requests information is matched with the object run solicited message, determine authentication as a result, The authentication result represents authentication success;If the encrypted operation requests information is mismatched with the object run solicited message, authentication knot is determined Fruit, the authentication result represent authentication failure.
- 6. it according to the method described in claim 4, it is characterized in that, further includes:Receive the authentication result that the TEE is returned;When the authentication result represents authentication failure, returned and the identity to first virtual opetrating system The corresponding miscue information of verification result.
- 7. a kind of operation requests device, which is characterized in that including:Operation requests information receiving unit, for receiving the operation requests information that the first virtual opetrating system is sent;Operation requests information transmitting unit, for sending the operation requests information to TEE;Operational order receiving unit, for receiving the operational order that the TEE is returned, the operational order is the TEE to institute State what operation requests information was handled;Operational order execution unit, for performing the operation of the operational order instruction.
- 8. device according to claim 7, which is characterized in that the operational order instruction has the second virtual opetrating system, Second virtual opetrating system is different from first virtual opetrating system, and first virtual opetrating system and second is virtually Operating system virtually on same kernel,The operational order execution unit, is specifically used for:The operational order is sent to second virtual opetrating system, so that second virtual opetrating system performs the behaviour Make the operation of instruction instruction.
- 9. according to the device described in claim 7-8 any one, which is characterized in that the operation requests information transmitting unit, It is additionally operable to:It is sent to the TEE and the operation requests information is encrypted using hmac algorithm obtained object run request letter Breath.
- 10. a kind of operation requests system, which is characterized in that including:TEE and as described in the claims 7-9 any one Operation requests device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710001667.7A CN108268303A (en) | 2017-01-03 | 2017-01-03 | A kind of operation requests method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710001667.7A CN108268303A (en) | 2017-01-03 | 2017-01-03 | A kind of operation requests method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108268303A true CN108268303A (en) | 2018-07-10 |
Family
ID=62770661
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710001667.7A Pending CN108268303A (en) | 2017-01-03 | 2017-01-03 | A kind of operation requests method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108268303A (en) |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103843303A (en) * | 2012-11-22 | 2014-06-04 | 华为技术有限公司 | Management control method, device and system for virtual machine |
CN104011728A (en) * | 2012-07-24 | 2014-08-27 | 英特尔公司 | Providing access to encrypted data |
CN104392188A (en) * | 2014-11-06 | 2015-03-04 | 三星电子(中国)研发中心 | Security data storage method and system |
EP2873192A1 (en) * | 2012-07-13 | 2015-05-20 | Securekey Technologies Inc. | Methods and systems for using derived credentials to authenticate a device across multiple platforms |
CN105027494A (en) * | 2013-03-14 | 2015-11-04 | 英特尔公司 | Trusted data processing in the public cloud |
CN105279404A (en) * | 2015-10-23 | 2016-01-27 | 上海帝联信息科技股份有限公司 | Operation control method and device of operating system |
CN105493097A (en) * | 2013-09-27 | 2016-04-13 | 英特尔公司 | Protection scheme for remotely-stored data |
CN105490997A (en) * | 2014-10-10 | 2016-04-13 | 阿里巴巴集团控股有限公司 | Safety verification method and device, terminal and server |
CN105512576A (en) * | 2015-12-14 | 2016-04-20 | 联想(北京)有限公司 | Method for secure storage of data and electronic equipment |
CN103401844B (en) * | 2013-07-12 | 2016-09-14 | 天地融科技股份有限公司 | The processing method of operation requests and system |
CN105989273A (en) * | 2015-02-13 | 2016-10-05 | 联想(上海)信息技术有限公司 | Method and device for logging-in application program, and electronic equipment |
CN106096412A (en) * | 2016-06-21 | 2016-11-09 | 华为技术有限公司 | Integrity measurement method and device |
-
2017
- 2017-01-03 CN CN201710001667.7A patent/CN108268303A/en active Pending
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2873192A1 (en) * | 2012-07-13 | 2015-05-20 | Securekey Technologies Inc. | Methods and systems for using derived credentials to authenticate a device across multiple platforms |
CN104011728A (en) * | 2012-07-24 | 2014-08-27 | 英特尔公司 | Providing access to encrypted data |
CN103843303A (en) * | 2012-11-22 | 2014-06-04 | 华为技术有限公司 | Management control method, device and system for virtual machine |
CN105027494A (en) * | 2013-03-14 | 2015-11-04 | 英特尔公司 | Trusted data processing in the public cloud |
CN103401844B (en) * | 2013-07-12 | 2016-09-14 | 天地融科技股份有限公司 | The processing method of operation requests and system |
CN105493097A (en) * | 2013-09-27 | 2016-04-13 | 英特尔公司 | Protection scheme for remotely-stored data |
CN105490997A (en) * | 2014-10-10 | 2016-04-13 | 阿里巴巴集团控股有限公司 | Safety verification method and device, terminal and server |
CN104392188A (en) * | 2014-11-06 | 2015-03-04 | 三星电子(中国)研发中心 | Security data storage method and system |
CN105989273A (en) * | 2015-02-13 | 2016-10-05 | 联想(上海)信息技术有限公司 | Method and device for logging-in application program, and electronic equipment |
CN105279404A (en) * | 2015-10-23 | 2016-01-27 | 上海帝联信息科技股份有限公司 | Operation control method and device of operating system |
CN105512576A (en) * | 2015-12-14 | 2016-04-20 | 联想(北京)有限公司 | Method for secure storage of data and electronic equipment |
CN106096412A (en) * | 2016-06-21 | 2016-11-09 | 华为技术有限公司 | Integrity measurement method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107979514B (en) | Method and device for binding devices | |
CN109005028A (en) | Cryptographic key negotiation method, Cloud Server, equipment, storage medium and system | |
CN104199654B (en) | The call method and device of open platform | |
CN1752887B (en) | Computer security system and method | |
CN108196867A (en) | Device for upgrading firmware, equipment and its firmware upgrade method of equipment | |
CN109120649A (en) | Cryptographic key negotiation method, Cloud Server, equipment, storage medium and system | |
EP3232634A1 (en) | Identity authentication method and device | |
CN107180175B (en) | Distribution method, distribution device, and distribution system | |
CN109040149A (en) | Cryptographic key negotiation method, Cloud Server, equipment, storage medium and system | |
CN109039628A (en) | Cryptographic key negotiation method, Cloud Server, equipment, storage medium and system | |
CN106341228B (en) | A kind of virtual machine migration method, system and virtual machine move into end and end of moving out | |
CN104951712B (en) | A kind of data security protection method under Xen virtualized environment | |
CN108347331A (en) | The method and apparatus that T_Box equipment is securely communicated with ECU equipment in car networking system | |
US10057254B2 (en) | Mobile terminal for providing one time password and operating method thereof | |
CN107707579A (en) | Data encryption and transmission method | |
CN105262773B (en) | A kind of verification method and device of Internet of things system | |
CN105354505B (en) | A kind of image adaptation method and electronic equipment | |
CN106790156A (en) | A kind of smart machine binding method and device | |
CN106790285B (en) | A kind of Session state reuse method and device | |
CN109787769A (en) | Offline authentication method, user terminal and the device end of internet of things equipment | |
CN106549925A (en) | Prevent method, the apparatus and system of cross-site request forgery | |
CN111988147A (en) | Combined signature and signature verification method, system and storage medium | |
CN104980449B (en) | The safety certifying method and system of network request | |
KR20190008333A (en) | A processing method for preventing a replication attack, and a server and a client | |
CN107707577A (en) | Multi-layer data encryption method based on encryption transmission system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180710 |
|
RJ01 | Rejection of invention patent application after publication |