CN109922056A - 数据安全处理方法及其终端、服务器 - Google Patents
数据安全处理方法及其终端、服务器 Download PDFInfo
- Publication number
- CN109922056A CN109922056A CN201910142774.0A CN201910142774A CN109922056A CN 109922056 A CN109922056 A CN 109922056A CN 201910142774 A CN201910142774 A CN 201910142774A CN 109922056 A CN109922056 A CN 109922056A
- Authority
- CN
- China
- Prior art keywords
- data
- safe unit
- safe
- security
- secure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Telephonic Communication Services (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (19)
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910142774.0A CN109922056B (zh) | 2019-02-26 | 2019-02-26 | 数据安全处理方法及其终端、服务器 |
TW108132765A TW202040403A (zh) | 2019-02-26 | 2019-09-11 | 資料安全處理方法及其終端、伺服器 |
EP20763256.3A EP3879783B1 (en) | 2019-02-26 | 2020-01-22 | Data security processing method and terminal thereof |
PCT/CN2020/073733 WO2020173272A1 (zh) | 2019-02-26 | 2020-01-22 | 数据安全处理方法及其终端、服务器 |
US17/314,893 US11251976B2 (en) | 2019-02-26 | 2021-05-07 | Data security processing method and terminal thereof, and server |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910142774.0A CN109922056B (zh) | 2019-02-26 | 2019-02-26 | 数据安全处理方法及其终端、服务器 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109922056A true CN109922056A (zh) | 2019-06-21 |
CN109922056B CN109922056B (zh) | 2021-09-10 |
Family
ID=66962364
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910142774.0A Active CN109922056B (zh) | 2019-02-26 | 2019-02-26 | 数据安全处理方法及其终端、服务器 |
Country Status (5)
Country | Link |
---|---|
US (1) | US11251976B2 (zh) |
EP (1) | EP3879783B1 (zh) |
CN (1) | CN109922056B (zh) |
TW (1) | TW202040403A (zh) |
WO (1) | WO2020173272A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020173272A1 (zh) * | 2019-02-26 | 2020-09-03 | 阿里巴巴集团控股有限公司 | 数据安全处理方法及其终端、服务器 |
EP3964989A1 (en) * | 2020-09-02 | 2022-03-09 | Nxp B.V. | Collection of diagnostic information in a device |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102857913A (zh) * | 2011-06-28 | 2013-01-02 | 中国移动通信集团公司 | 在建立安全信道时进行鉴权的方法、装置、智能卡及终端 |
US20150301897A1 (en) * | 2012-11-29 | 2015-10-22 | Sk C&C Co., Ltd. | Method and system for managing secure element |
CN105847000A (zh) * | 2016-05-27 | 2016-08-10 | 深圳市雪球科技有限公司 | 令牌产生方法以及基于该令牌产生方法的通信系统 |
CN106102054A (zh) * | 2016-05-27 | 2016-11-09 | 深圳市雪球科技有限公司 | 一种对安全单元进行安全管理的方法以及通信系统 |
CN107171814A (zh) * | 2017-07-26 | 2017-09-15 | 恒宝股份有限公司 | 一种数字证书更新方法及装置 |
CN107409118A (zh) * | 2014-12-22 | 2017-11-28 | 迈克菲有限责任公司 | 可信执行环境与外围设备之间的信任建立 |
CN107682159A (zh) * | 2017-10-12 | 2018-02-09 | 北京握奇智能科技有限公司 | 一种智能终端的可信应用管理方法和可信应用管理系统 |
CN108200078A (zh) * | 2018-01-18 | 2018-06-22 | 中国建设银行股份有限公司 | 签名认证工具的下载安装方法及终端设备 |
Family Cites Families (42)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7530103B2 (en) | 2003-08-07 | 2009-05-05 | Microsoft Corporation | Projection of trustworthiness from a trusted environment to an untrusted environment |
US9177153B1 (en) | 2005-10-07 | 2015-11-03 | Carnegie Mellon University | Verifying integrity and guaranteeing execution of code on untrusted computer platform |
US9274974B1 (en) | 2005-10-21 | 2016-03-01 | Vmware, Inc. | Isolating data within a computer system using private shadow mappings |
GB0707150D0 (en) | 2007-04-13 | 2007-05-23 | Hewlett Packard Development Co | Dynamic trust management |
US8583908B2 (en) | 2007-12-31 | 2013-11-12 | Intel Corporation | Enhanced network and local boot of Unified Extensible Firmware Interface images |
US8950007B1 (en) | 2008-04-07 | 2015-02-03 | Lumension Security, Inc. | Policy-based whitelisting with system change management based on trust framework |
US7984286B2 (en) | 2008-06-25 | 2011-07-19 | Intel Corporation | Apparatus and method for secure boot environment |
US8151349B1 (en) | 2008-07-21 | 2012-04-03 | Google Inc. | Masking mechanism that facilitates safely executing untrusted native code |
US8136158B1 (en) | 2008-07-21 | 2012-03-13 | Google Inc. | User-level segmentation mechanism that facilitates safely executing untrusted native code |
US20100153721A1 (en) * | 2008-12-12 | 2010-06-17 | Anders Mellqvist | Portable Electronic Devices, Systems, Methods and Computer Program Products for Accessing Remote Secure Elements |
US8213618B2 (en) | 2008-12-30 | 2012-07-03 | Intel Corporation | Protecting content on client platforms |
US8627414B1 (en) | 2009-08-04 | 2014-01-07 | Carnegie Mellon University | Methods and apparatuses for user-verifiable execution of security-sensitive code |
US8832452B2 (en) | 2010-12-22 | 2014-09-09 | Intel Corporation | System and method for implementing a trusted dynamic launch and trusted platform module (TPM) using secure enclaves |
US10496824B2 (en) | 2011-06-24 | 2019-12-03 | Microsoft Licensing Technology, LLC | Trusted language runtime on a mobile platform |
KR20160043134A (ko) | 2011-09-30 | 2016-04-20 | 인텔 코포레이션 | 가상 머신 및 네스티드 가상 머신 매니저의 인증 론치 |
US9389933B2 (en) | 2011-12-12 | 2016-07-12 | Microsoft Technology Licensing, Llc | Facilitating system service request interactions for hardware-protected applications |
US9953310B2 (en) * | 2012-05-10 | 2018-04-24 | Mastercard International Incorporated | Systems and method for providing multiple virtual secure elements in a single physical secure element of a mobile device |
US9742559B2 (en) | 2013-01-22 | 2017-08-22 | Qualcomm Incorporated | Inter-module authentication for securing application execution integrity within a computing device |
US8935746B2 (en) | 2013-04-22 | 2015-01-13 | Oracle International Corporation | System with a trusted execution environment component executed on a secure element |
US9395993B2 (en) | 2013-07-29 | 2016-07-19 | Intel Corporation | Execution-aware memory protection |
US9509502B2 (en) | 2014-03-13 | 2016-11-29 | Intel Corporation | Symmetric keying and chain of trust |
US9779224B2 (en) * | 2014-05-05 | 2017-10-03 | Securekey Technologies Inc. | Methods and systems for client-enhanced challenge-response authentication |
US9264410B2 (en) * | 2014-06-05 | 2016-02-16 | Sony Corporation | Dynamic configuration of trusted executed environment resources |
US9785801B2 (en) | 2014-06-27 | 2017-10-10 | Intel Corporation | Management of authenticated variables |
US9705849B2 (en) | 2014-09-30 | 2017-07-11 | Intel Corporation | Technologies for distributed detection of security anomalies |
US9940456B2 (en) | 2014-12-16 | 2018-04-10 | Intel Corporation | Using trusted execution environments for security of code and data |
US9832207B2 (en) | 2014-12-23 | 2017-11-28 | Mcafee, Inc. | Input verification |
US9996690B2 (en) | 2014-12-27 | 2018-06-12 | Mcafee, Llc | Binary translation of a trusted binary with input tagging |
US10187363B2 (en) * | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
AU2016235539B2 (en) * | 2015-03-20 | 2019-01-24 | Rivetz Corp. | Automated attestation of device integrity using the block chain |
EP3113501A1 (en) * | 2015-06-29 | 2017-01-04 | Nagravision SA | Content protection |
US9904805B2 (en) | 2015-09-23 | 2018-02-27 | Intel Corporation | Cryptographic cache lines for a trusted execution environment |
US10516533B2 (en) | 2016-02-05 | 2019-12-24 | Mohammad Mannan | Password triggered trusted encryption key deletion |
CN105791284B (zh) | 2016-02-29 | 2019-04-05 | 华为技术有限公司 | 一种数据安全传输装置及方法 |
US10402566B2 (en) | 2016-08-01 | 2019-09-03 | The Aerospace Corporation | High assurance configuration security processor (HACSP) for computing devices |
US10303899B2 (en) | 2016-08-11 | 2019-05-28 | Intel Corporation | Secure public cloud with protected guest-verified host control |
CN106506472B (zh) | 2016-11-01 | 2019-08-02 | 黄付营 | 一种安全的移动终端电子认证方法及系统 |
US10530777B2 (en) | 2017-01-24 | 2020-01-07 | Microsoft Technology Licensing, Llc | Data unsealing with a sealing enclave |
CN108055129B (zh) * | 2017-12-22 | 2019-08-27 | 恒宝股份有限公司 | 一种实现手机盾密钥统一管理的方法、设备及系统 |
CN108282467B (zh) * | 2017-12-29 | 2020-12-18 | 北京握奇智能科技有限公司 | 数字证书的应用方法、系统 |
CN109040147B (zh) * | 2018-10-30 | 2023-08-15 | 北京握奇智能科技有限公司 | 一种基于tee+se的加解密的方法和系统 |
CN109922056B (zh) * | 2019-02-26 | 2021-09-10 | 创新先进技术有限公司 | 数据安全处理方法及其终端、服务器 |
-
2019
- 2019-02-26 CN CN201910142774.0A patent/CN109922056B/zh active Active
- 2019-09-11 TW TW108132765A patent/TW202040403A/zh unknown
-
2020
- 2020-01-22 EP EP20763256.3A patent/EP3879783B1/en active Active
- 2020-01-22 WO PCT/CN2020/073733 patent/WO2020173272A1/zh unknown
-
2021
- 2021-05-07 US US17/314,893 patent/US11251976B2/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102857913A (zh) * | 2011-06-28 | 2013-01-02 | 中国移动通信集团公司 | 在建立安全信道时进行鉴权的方法、装置、智能卡及终端 |
US20150301897A1 (en) * | 2012-11-29 | 2015-10-22 | Sk C&C Co., Ltd. | Method and system for managing secure element |
CN107409118A (zh) * | 2014-12-22 | 2017-11-28 | 迈克菲有限责任公司 | 可信执行环境与外围设备之间的信任建立 |
CN105847000A (zh) * | 2016-05-27 | 2016-08-10 | 深圳市雪球科技有限公司 | 令牌产生方法以及基于该令牌产生方法的通信系统 |
CN106102054A (zh) * | 2016-05-27 | 2016-11-09 | 深圳市雪球科技有限公司 | 一种对安全单元进行安全管理的方法以及通信系统 |
CN107171814A (zh) * | 2017-07-26 | 2017-09-15 | 恒宝股份有限公司 | 一种数字证书更新方法及装置 |
CN107682159A (zh) * | 2017-10-12 | 2018-02-09 | 北京握奇智能科技有限公司 | 一种智能终端的可信应用管理方法和可信应用管理系统 |
CN108200078A (zh) * | 2018-01-18 | 2018-06-22 | 中国建设银行股份有限公司 | 签名认证工具的下载安装方法及终端设备 |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020173272A1 (zh) * | 2019-02-26 | 2020-09-03 | 阿里巴巴集团控股有限公司 | 数据安全处理方法及其终端、服务器 |
US11251976B2 (en) | 2019-02-26 | 2022-02-15 | Advanced New Technologies Co., Ltd. | Data security processing method and terminal thereof, and server |
EP3964989A1 (en) * | 2020-09-02 | 2022-03-09 | Nxp B.V. | Collection of diagnostic information in a device |
US11848941B2 (en) | 2020-09-02 | 2023-12-19 | Nxp B.V. | Collection of diagnostic information in a device |
Also Published As
Publication number | Publication date |
---|---|
EP3879783B1 (en) | 2023-05-17 |
US20210266181A1 (en) | 2021-08-26 |
EP3879783A1 (en) | 2021-09-15 |
WO2020173272A1 (zh) | 2020-09-03 |
US11251976B2 (en) | 2022-02-15 |
EP3879783A4 (en) | 2021-12-22 |
CN109922056B (zh) | 2021-09-10 |
TW202040403A (zh) | 2020-11-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106687980B (zh) | 管理程序和虚拟机保护 | |
JP2021523490A (ja) | 信頼できるコンテキスチャルコンテンツ | |
CN110266644B (zh) | 结合代码标注与交易类型的收据存储方法和节点 | |
CN110278193B (zh) | 结合代码标注与交易、事件类型的收据存储方法和节点 | |
CN110263087B (zh) | 基于多维度信息且具有条件限制的收据存储方法和节点 | |
CN109416718A (zh) | 云数据中心中应用容器的可信部署 | |
CN110263086B (zh) | 结合用户类型与事件函数类型的收据存储方法和节点 | |
CN103038745A (zh) | 扩展完整性测量 | |
EP3552131B1 (en) | Password security | |
CN110276684B (zh) | 结合交易类型和事件函数类型的收据存储方法和节点 | |
CN103905461A (zh) | 一种基于可信第三方的云服务行为可信证明方法和系统 | |
Ling et al. | Secure boot, trusted boot and remote attestation for ARM TrustZone-based IoT Nodes | |
CN110263090B (zh) | 多类型维度的收据存储方法和节点 | |
CN110263543B (zh) | 基于代码标注的对象级收据存储方法和节点 | |
CN110264194B (zh) | 基于事件函数类型的收据存储方法和节点 | |
CN109922056A (zh) | 数据安全处理方法及其终端、服务器 | |
Zawoad et al. | SECAP: Towards securing application provenance in the cloud | |
Yang et al. | Secure blockchain platform for industrial IoT with trusted computing hardware | |
JP6054225B2 (ja) | 構成情報管理装置および構成情報管理方法 | |
CN114238886A (zh) | 基于ibe的电网pmu身份认证方法、装置、计算机设备和介质 | |
JP6284301B2 (ja) | 保守作業判定装置および保守作業判定方法 | |
Rekha et al. | A holistic blockchain based IC traceability technique | |
CN114201761B (zh) | 在可信计算系统中增强度量代理安全性 | |
JP2014192639A (ja) | 端末装置および判定方法 | |
Hosamani et al. | How to Trust a Web Service Monitor Deployed in an Untrusted Environment? |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20200924 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200924 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
TA01 | Transfer of patent application right | ||
GR01 | Patent grant | ||
GR01 | Patent grant |