CN108985044A - A kind of data processing equipment and the method for verifying its integrality - Google Patents
A kind of data processing equipment and the method for verifying its integrality Download PDFInfo
- Publication number
- CN108985044A CN108985044A CN201810891831.0A CN201810891831A CN108985044A CN 108985044 A CN108985044 A CN 108985044A CN 201810891831 A CN201810891831 A CN 201810891831A CN 108985044 A CN108985044 A CN 108985044A
- Authority
- CN
- China
- Prior art keywords
- hardware component
- response
- remaining
- data processing
- shift register
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of data processing equipment and the methods for verifying its integrality, including multiple data processing hardware components, the data processing hardware component includes the first hardware component and one or more remaining hardware components, in which: the first hardware component is configured as sending to one or more remaining hardware components and address inquires to;Each remaining hardware component, which is configured as receiving, challenges and handles challenge accordingly to generate response;It is configured as verifying the integrality of equipment based on the one or more responses generated by one or more remaining hardware components with the equipment.
Description
Technical field
The present invention relates to technical field of data processing, in particular to a kind of data processing equipment and verify it completely
The method of property.
Background technique
It is steady currently, most of attacks for being intended to kidnap digital device all concentrate on software, but with security software
Property be continuously improved, attack will concentrate on hardware more and more.By removing, one or more of addition or switching equipment
Integrated circuit or other hardware components simulate these hardware components using external equipment, are known based on the attack that hardware is distorted
's.Therefore, it will be become more and more important in hardware-level verifying appliance integrality.Especially in the integrality of equipment for protection
In the case that revenue stream is most important, such as in conditional access system, such as in TV set-top box or digital copyright management
In, and in all universal computing platforms (such as personal).Computer and portable device, such as laptop, mobile phone, intelligence
Energy mobile phone, tablet computer etc..
It is increasingly used in sensitive application, including privacy and safety problem, such as e-bank or electron medical treatment.With several
Internuncial increase of all everyday devices (Internet of Things), the demand to hardware integrity inspection will become ubiquitous.
Ensure that several solutions of the software integrity in data processing system are known and including various methods,
Such as the hash by storing each component software and comparing when system the starts hash that creates from each component software is created
Build the signature of component software.These solutions are promoted by dedicated security hardware sometimes, such as are opened by trust computing group (TGC)
The credible platform module (TPM) of hair.In trustable network connection (TNC) framework of TCG, TPM is for integrity measurement and remotely
It proves.In bootup process, TPM can measure all critical softwares and fastener components of (hash) PC before load, including
BIOS, bootstrap loader and operating system nucleus.It measures and is stored in by carrying out these before software is run
On TPM, measurement is isolated and can prevent subsequent modification from attempting.When PC is connected to network, the measurement result of storage will
It is sent to TNC server, is checked according to the acceptable configured list of server, in case of mismatching, is then isolated
For infected endpoint.
Summary of the invention
The invention proposes a kind of data processing equipment, including multiple data processing hardware components, the data processing are hard
Part component includes the first hardware component and one or more remaining hardware components, in which:
First hardware component is configured as sending to one or more remaining hardware components and address inquires to;
Each remaining hardware component, which is configured as receiving, challenges and handles challenge accordingly to generate response;With
The equipment is configured as verifying equipment based on the one or more responses generated by one or more remaining hardware components
Integrality.
The data processing equipment, the memory including store tasks key message in an encrypted form, wherein equipment or
The one aspect of equipment requires the mission critical information of decrypted form to work, and wherein, the equipment be configured as based on by
One or more of responses that one or more of residue hardware components generate, use one or more device authentication keys
To decrypt the key task information of the encryption.
The data processing equipment, the mission critical information include one or more softwares;Firmware needed for equipment
Or the function of the one aspect of equipment;One BIOS;Operating system nucleus;Hardware component driver;Bootstrap loader;With
Content decryption key.
The data processing equipment, the data processing equipment include conditional access device, and the task key
Information includes decruption key, and the decruption key is used for the conditional access device to use the data processing equipment to control
Access to content consumptive material.
The data processing equipment, initial residual hardware component are configured as receiving its inquiry from the first hardware component;
Each subsequent remaining received challenge of hardware component institute is by the response of corresponding previous residual hardware component generation;It is last remaining
Hardware component be configured as being responded and be sent to the first hardware component;And the equipment is configured with from remaining hardware
The integrality of equipment is verified in the last one received response in component.
The data processing equipment, each of described residue hardware component are configured as non-transmission function application
In its inquiry to generate its response.
The data processing equipment, remaining hardware component are connected with chain type in the chain of the output of the first hardware component
The input of initial residual hardware component;
The input of each subsequent remaining hardware component in chain, is connected to the output of the corresponding remaining hardware component in front in chain;With
The input of first hardware component is connected to the output of the last one of remaining hardware component in chain, and
The input that wherein the first hardware component is configured as the initial residual hardware component into chain, which is sent, addresses inquires to;With
Receive the one or more responses generated by the remaining hardware component of the input of the first hardware component.
The data processing equipment, each remaining hardware component include:
Instruction shift register, for receiving the instruction of one group of instruction, which includes at least processing and addresses inquires to instruction to handle
It addresses inquires to and generates response;With the data shift register for receiving challenge, corresponds to process challenge and instructs,
Wherein each remaining hardware component is configured as:
In the first mode, a ground is displaced to instruction shift register from its input, and from instruction shift register
One time a ground is displaced to its output;
In second of mode, from shifting one with being input to data shift register one time one, from data shift register
Primary displacement one is exported to it;With
In the third mode, when process addresses inquires to instruction entry instruction shift register, the matter in data shift register is read
It askes, processing is addressed inquires to generate response and data shift register is written in response, wherein the first hardware component is to be configured to control
The mode of remaining hardware component:
Each instruction is moved into instruction shift register;Challenge is transferred to data shift register;
Make remaining hardware component processing challenge to generate response;With
Response is removed into data shift register, so that one or more responses are received from remaining hardware component, and
Wherein, the first hardware component is configured as controlling together on the shared scheme control line of all remaining hardware components all
The mode of remaining hardware component.
A kind of method of verify data processing equipment integrality, this method comprises:
One or more challenges are sent to multiple hardware components;
Receive the response from multiple hardware components;
Carry out the integrality of verify data processing equipment using the response,
The method, wherein receive response include from one of multiple hardware components receive respond, from multiple hardware components it
One response depends on another the respective response component in multiple hardware, and plurality of hardware component provides in order
Corresponding to respond, the subsequent hardware component in sequence receives the response of the previous hardware component in sequence as inquiry and responds
Generate response in received inquirys of institute, and wherein response response in the received challenge of institute, generate as receive challenge it is non-
Transfer function.
Specific embodiment
In order to enable the objectives, technical solutions, and advantages of the present invention are more clearly understood, below in conjunction with embodiment, to this
Invention is further elaborated;It should be appreciated that described herein, the specific embodiments are only for explaining the present invention, not
For limiting the present invention.To those skilled in the art, after access is described in detail below, other systems of the present embodiment
System, method and/or feature will become obvious.All such additional systems, method, feature and advantage are intended to be included in
It in this specification, is included within the scope of the invention, and by the protection of the appended claims.In description described in detail below
The other feature of the disclosed embodiments, and these characteristic roots will be apparent according to described in detail below.
Embodiment one:
A kind of data processing equipment, including multiple data processing hardware components, the data processing hardware component include first hard
Part component and one or more remaining hardware components, in which:
First hardware component is configured as sending to one or more remaining hardware components and address inquires to;
Each remaining hardware component, which is configured as receiving, challenges and handles challenge accordingly to generate response;With
The equipment is configured as verifying equipment based on the one or more responses generated by one or more remaining hardware components
Integrality.
The data processing equipment, the memory including store tasks key message in an encrypted form,
Wherein the one aspect of equipment or equipment requires the mission critical information of decrypted form to work, and
Wherein, the equipment is configured as one or more of based on being generated by one or more of remaining hardware components
Response, the key task information of the encryption is decrypted using one or more device authentication keys.
The data processing equipment, wherein the mission critical information includes one or more softwares;Needed for equipment
The function of the one aspect of firmware or equipment;One BIOS;Operating system nucleus;Hardware component driver;Guidance load journey
Sequence;And content decryption key.
The data processing equipment, wherein the data processing equipment includes conditional access device, and the task
Key message includes decruption key, and the decruption key is used for the conditional access device to use the data processing equipment
Control the access to content consumptive material..
The data processing equipment, wherein
Initial residual hardware component is configured as receiving its inquiry from the first hardware component;
Each subsequent remaining received challenge of hardware component institute is by the response of corresponding previous residual hardware component generation;
Last remaining hardware component, which is configured as being responded, is sent to the first hardware component;And the equipment is configured as making
With the integrality for verifying equipment from the received response of the last one in remaining hardware component.
The data processing equipment, wherein each of described residue hardware component is configured as non-transmitting letter
Number is applied to its inquiry to generate its response.
The data processing equipment,
Wherein, remaining hardware component is connected with chain type
It is connected to the input of the initial residual hardware component in the chain of the output of the first hardware component;
The input of each subsequent remaining hardware component in chain, is connected to the output of the corresponding remaining hardware component in front in chain;With
The input of first hardware component is connected to the output of the last one of remaining hardware component in chain, and
Wherein the first hardware component is configured as
The input of initial residual hardware component into chain, which is sent, addresses inquires to;With
Receive the one or more responses generated by the remaining hardware component of the input of the first hardware component.
The data processing equipment, wherein each remaining hardware component includes:
Instruction shift register, for receiving the instruction of one group of instruction, which includes at least processing and addresses inquires to instruction to handle
It addresses inquires to and generates response;With
For receiving the data shift register of challenge, instructed corresponding to process challenge,
Wherein each remaining hardware component is configured as:
In the first mode, a ground is displaced to instruction shift register from its input, and from instruction shift register
One time a ground is displaced to its output;
In second of mode, from shifting one with being input to data shift register one time one, from data shift register
Primary displacement one is exported to it;With
In the third mode, when process addresses inquires to instruction entry instruction shift register, the matter in data shift register is read
It askes, processing is addressed inquires to generate response and data shift register is written in response, wherein the first hardware component is to be configured to control
The mode of remaining hardware component:
Each instruction is moved into instruction shift register;Challenge is transferred to data shift register;
Make remaining hardware component processing challenge to generate response;With
Response is removed into data shift register, so that one or more responses are received from remaining hardware component, and
Wherein, the first hardware component is configured as controlling together on the shared scheme control line of all remaining hardware components all
The mode of remaining hardware component.
The data processing equipment, wherein first hardware component is configured such that
Bit is moved into the challenge of the data shift register of initial residual hardware component by turn;
Its data shift register is written for handling to address inquires to and responded in the hardware component of initial residual;
The response of the data shift register of each previous hardware component is displaced to each subsequent surplus in chain by turn in chain
In the data shift register of remaining hardware component;
The response of each subsequent hardware component processing corresponding previously hardware component in its data shift register, as general
Its challenge for responding write-in data shift register;With
The response of the corresponding data shift register of last remaining hardware component will be displaced to the first hardware group by turn in write-in chain
The input of part.
The data processing equipment, wherein after first hardware component is configured such that each of described chain
Corresponding in the chain of continuous residue hardware component does not execute the processing before preceding hardware component has been written into addresses inquires to and instructs.
Its response to data register.
The data processing equipment, wherein first hardware component is configured such that each of described chain is surplus
Only execution when by between the data shift register addressed inquires to and be displaced to the initial residual hardware component of remaining hardware component
Process addresses inquires to instruction.The response that the data shift register of last remaining hardware component in chain is written simultaneously is displaced to first firmly by chain
The input of part component.
The data processing equipment, wherein for realizing between initial and remaining hardware component and remaining hardware component
Between communication physical layer communication interface specification, each remaining hardware component.Including TMS, TCK, TDI and TDO pin with
And meet the state machine of specification.
Embodiment two:
A method of the integrality with the data processing equipment of multiple hardware components is verified, this method comprises:
One or more challenges are sent to multiple hardware components;
Receive the response from multiple hardware components;
Carry out the integrality of verify data processing equipment using the response.
The method comes from multiple hardware groups wherein receiving response includes receiving to respond from one of multiple hardware components
The response of one of part depends on another the respective response in multiple hardware.Component, plurality of hardware component is by suitable
Sequence provides corresponding response, and the response that the subsequent hardware component in sequence receives the previous hardware component in sequence, which is used as, addresses inquires to simultaneously
And response is generated in response to a received inquiry, and wherein response response is generated to be used as to receive and be chosen in the received challenge of institute
The non-transfer function of war.
The method, wherein each of described residue hardware component is configured as non-transmission function being applied to
It is addressed inquires to generate its response.
The method,
Wherein, remaining hardware component is connected with chain type
It is connected to the input of the initial residual hardware component in the chain of the output of the first hardware component;
The input of each subsequent remaining hardware component in chain, is connected to the output of the corresponding remaining hardware component in front in chain;With
The input of first hardware component is connected to the output of the last one of remaining hardware component in chain, and
Wherein the first hardware component is configured as
The input of initial residual hardware component into chain, which is sent, addresses inquires to;With
Receive the one or more responses generated by the remaining hardware component of the input of the first hardware component.
The method, wherein each remaining hardware component includes:
Instruction shift register, for receiving the instruction of one group of instruction, which includes at least processing and addresses inquires to instruction to handle
It addresses inquires to and generates response;With
For receiving the data shift register of challenge, instructed corresponding to process challenge,
Wherein each remaining hardware component is configured as:
In the first mode, a ground is displaced to instruction shift register from its input, and from instruction shift register
One time a ground is displaced to its output;
In second of mode, from shifting one with being input to data shift register one time one, from data shift register
Primary displacement one is exported to it;With
In the third mode, when process addresses inquires to instruction entry instruction shift register, the matter in data shift register is read
It askes, processing is addressed inquires to generate response and data shift register is written in response, wherein the first hardware component is to be configured to control
The mode of remaining hardware component:
Each instruction is moved into instruction shift register;Challenge is transferred to data shift register;
Make remaining hardware component processing challenge to generate response;With
Response is removed into data shift register, so that one or more responses are received from remaining hardware component, and
Wherein, the first hardware component is configured as controlling together on the shared scheme control line of all remaining hardware components all
The mode of remaining hardware component.
The method, wherein first hardware component is configured such that
Bit is moved into the challenge of the data shift register of initial residual hardware component by turn;
Its data shift register is written for handling to address inquires to and responded in the hardware component of initial residual;
The response of the data shift register of each previous hardware component is displaced to each subsequent surplus in chain by turn in chain
In the data shift register of remaining hardware component;
The response of each subsequent hardware component processing corresponding previously hardware component in its data shift register, as general
Its challenge for responding write-in data shift register;With
The response of the corresponding data shift register of last remaining hardware component will be displaced to the first hardware group by turn in write-in chain
The input of part.
The method, wherein first hardware component is configured such that each of described chain is subsequent remaining hard
Corresponding in the chain of part component does not execute the processing before preceding hardware component has been written into and addresses inquires to instruction.It is to data
The response of register.
The method, wherein first hardware component is configured such that the remaining hardware group of each of described chain
Part only address inquires to when by between the data shift register addressed inquires to and be displaced to the initial residual hardware component by implementation procedure
Instruction.The response that the data shift register of last remaining hardware component in chain is written simultaneously is displaced to the first hardware component by chain
Input.
The method, wherein for realizing logical between initial and remaining hardware component and between remaining hardware component
The physical layer communication interface specification of letter, each remaining hardware component.Including TMS, TCK and meets rule at TDI and TDO pin
The state machine of model.
Although describing the present invention by reference to various embodiments above, but it is to be understood that of the invention not departing from
In the case where range, many changes and modifications can be carried out.That is methods discussed above, system or equipment etc. show
Example.Various configurations can be omitted suitably, replace or add various processes or component.For example, in alternative configuration, can with
Described order in a different order executes method, and/or can add, and omits and/or combine the various stages.Moreover, about
The feature of certain configuration descriptions can be combined with various other configurations.Can combine in a similar way configuration different aspect and
Element.In addition, many elements are only range of the example without limiting the disclosure or claims with the development of technology.
Give detail in the description to provide to the thorough understanding for including the exemplary configuration realized.However,
Configuration can be practiced without these specific details for example, having been illustrated with well-known circuit, process, calculation
Method, structure and technology are without unnecessary details, to avoid fuzzy configuration.The description only provides example arrangement, and unlimited
The scope of the claims processed, applicability or configuration.It is used on the contrary, front will provide the description of configuration for those skilled in the art
Realize the enabled description of described technology.It, can be to the function of element without departing from the spirit or the scope of the present disclosure
It can and arrange and carry out various changes.
In addition, many operations can be in parallel or concurrently although each operation can describe the operations as sequential process
It executes.Furthermore it is possible to rearrange the sequence of operation.One process may have other steps.Furthermore, it is possible to pass through hardware, soft
Part, firmware, middleware, code, hardware description language or any combination thereof carry out the example of implementation method.When software, firmware, in
Between when realizing in part or code, program code or code segment for executing necessary task can store in such as storage medium
In non-transitory computer-readable medium, and described task is executed by processor.
To sum up, be intended to foregoing detailed description be considered as it is illustrative and not restrictive, and it is to be understood that described
Claim (including all equivalents) is intended to limit the spirit and scope of the present invention.The above embodiment is interpreted as only using
In illustrating the present invention rather than limit the scope of the invention.After the content for having read record of the invention, technology
Personnel can make various changes or modifications the present invention, these equivalence changes and modification equally fall into the claims in the present invention and limited
Fixed range.
Claims (9)
1. a kind of data processing equipment, which is characterized in that including multiple data processing hardware components, the data processing hardware group
Part includes the first hardware component and one or more remaining hardware components, in which:
First hardware component is configured as sending to one or more remaining hardware components and address inquires to;
Each remaining hardware component, which is configured as receiving, challenges and handles challenge accordingly to generate response;With
The equipment is configured as verifying equipment based on the one or more responses generated by one or more remaining hardware components
Integrality.
2. data processing equipment according to claim 1, which is characterized in that believe including store tasks key in an encrypted form
The memory of breath,
Wherein the one aspect of equipment or equipment requires the mission critical information of decrypted form to work, and
Wherein, the equipment is configured as one or more of based on being generated by one or more of remaining hardware components
Response, the key task information of the encryption is decrypted using one or more device authentication keys.
3. data processing equipment according to claim 2, which is characterized in that the mission critical information includes one or more
A software;The function of the one aspect of firmware needed for equipment or equipment;One BIOS;Operating system nucleus;Hardware component is driven
Dynamic program;Bootstrap loader;And content decryption key.
4. data processing equipment according to claim 2 or 3, which is characterized in that the data processing equipment includes condition
Access equipment, and the mission critical information includes decruption key, and the decruption key is used for the conditional access device
To use the data processing equipment to control the access to content consumptive material.
5. data processing equipment according to any preceding claims, which is characterized in that initial residual hardware component is matched
It is set to from the first hardware component and receives its inquiry;The received challenge of each subsequent remaining hardware component institute is by previously remaining accordingly
The response that remaining hardware component generates;Last remaining hardware component, which is configured as being responded, is sent to the first hardware component;And
And the equipment is configured with the last one received response from remaining hardware component to verify the integrality of equipment.
6. data processing equipment according to claim 5, which is characterized in that each of described residue hardware component quilt
It is configured to for non-transmission function being applied to its inquiry to generate its response.
7. data processing equipment according to any preceding claims, which is characterized in that remaining hardware component is with chain type
Connect the input of the initial residual hardware component in the chain of the output of the first hardware component;
The input of each subsequent remaining hardware component in chain, is connected to the output of the corresponding remaining hardware component in front in chain;With
The input of first hardware component is connected to the output of the last one of remaining hardware component in chain, and
The input that wherein the first hardware component is configured as the initial residual hardware component into chain, which is sent, addresses inquires to;With
Receive the one or more responses generated by the remaining hardware component of the input of the first hardware component.
8. data processing equipment according to claim 7, which is characterized in that each remaining hardware component includes:
Instruction shift register, for receiving the instruction of one group of instruction, which includes at least processing and addresses inquires to instruction to handle
It addresses inquires to and generates response;With the data shift register for receiving challenge, corresponds to process challenge and instructs,
Wherein each remaining hardware component is configured as:
In the first mode, a ground is displaced to instruction shift register from its input, and from instruction shift register
One time a ground is displaced to its output;
In second of mode, from shifting one with being input to data shift register one time one, from data shift register
Primary displacement one is exported to it;With
In the third mode, when process addresses inquires to instruction entry instruction shift register, the matter in data shift register is read
It askes, processing is addressed inquires to generate response and data shift register is written in response, wherein the first hardware component is to be configured to control
The mode of remaining hardware component:
Each instruction is moved into instruction shift register;Challenge is transferred to data shift register;
Make remaining hardware component processing challenge to generate response;With
Response is removed into data shift register, so that one or more responses are received from remaining hardware component, and
Wherein, the first hardware component is configured as controlling together on the shared scheme control line of all remaining hardware components all
The mode of remaining hardware component.
9. a kind of method of verify data processing equipment integrality, which is characterized in that this method comprises:
One or more challenges are sent to multiple hardware components;
Receive the response from multiple hardware components;
Carry out the integrality of verify data processing equipment using the response,
The method, wherein receive response include from one of multiple hardware components receive respond, from multiple hardware components it
One response depends on another the respective response component in multiple hardware, and plurality of hardware component provides in order
Corresponding to respond, the subsequent hardware component in sequence receives the response of the previous hardware component in sequence as inquiry and responds
Generate response in received inquirys of institute, and wherein response response in the received challenge of institute, generate as receive challenge it is non-
Transfer function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810891831.0A CN108985044A (en) | 2018-08-07 | 2018-08-07 | A kind of data processing equipment and the method for verifying its integrality |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810891831.0A CN108985044A (en) | 2018-08-07 | 2018-08-07 | A kind of data processing equipment and the method for verifying its integrality |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108985044A true CN108985044A (en) | 2018-12-11 |
Family
ID=64556066
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810891831.0A Withdrawn CN108985044A (en) | 2018-08-07 | 2018-08-07 | A kind of data processing equipment and the method for verifying its integrality |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108985044A (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017102766A1 (en) * | 2015-12-16 | 2017-06-22 | Nagravision Sa | Hardware integrity check |
-
2018
- 2018-08-07 CN CN201810891831.0A patent/CN108985044A/en not_active Withdrawn
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017102766A1 (en) * | 2015-12-16 | 2017-06-22 | Nagravision Sa | Hardware integrity check |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104321782B (en) | The safety execution of web applications | |
| EP2462507B1 (en) | Methods and apparatuses for user-verifiable trusted path in the presence of malware | |
| CN108021805A (en) | Detect method, apparatus, equipment and the storage medium of Android application program running environment | |
| US8949586B2 (en) | System and method for authenticating computer system boot instructions during booting by using a public key associated with a processor and a monitoring device | |
| US20120260345A1 (en) | Trust verification of a computing platform using a peripheral device | |
| CN101199159A (en) | Secure boot | |
| US8479017B2 (en) | System and method for N-ary locality in a security co-processor | |
| Shepherd et al. | Physical fault injection and side-channel attacks on mobile devices: A comprehensive analysis | |
| Ling et al. | Secure boot, trusted boot and remote attestation for ARM TrustZone-based IoT Nodes | |
| Busch et al. | Unearthing the {TrustedCore}: A Critical Review on {Huawei’s} Trusted Execution Environment | |
| Potteiger et al. | Integrated moving target defense and control reconfiguration for securing cyber-physical systems | |
| CN107908977A (en) | Intelligent mobile terminal trust chain safety transmitting method and system based on TrustZone | |
| CN109325322B (en) | Software intellectual property protection system and method for embedded platform | |
| CN104639313B (en) | A kind of detection method of cryptographic algorithm | |
| Alendal et al. | Chip chop—smashing the mobile phone secure chip for fun and digital forensics | |
| CN112650988A (en) | Method and system for encrypting data using kernel | |
| Thevenon et al. | iMRC: Integrated Monitoring & Recovery Component, a Solution to Guarantee the Security of Embedded Systems. | |
| Wenjian et al. | Igpu leak: An information leakage vulnerability on intel integrated gpu | |
| CN108985044A (en) | A kind of data processing equipment and the method for verifying its integrality | |
| Zheng et al. | Secure mobile payment employing trusted computing on trustzone enabled platforms | |
| Weber et al. | Sovereignty in information technology | |
| Cirne et al. | Hardware security for Internet of Things identity assurance | |
| CN116861418B (en) | Penetration test method, device, equipment and storage medium for 32-bit Windows sandbox | |
| US11704415B2 (en) | Method, apparatus and computer program product for protecting confidential integrated circuit design | |
| CN111143815A (en) | Data processing equipment and method for verifying integrity thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20181211 |
|
| WW01 | Invention patent application withdrawn after publication |