CN110875930A - Method, equipment and medium for monitoring trusted state - Google Patents
Method, equipment and medium for monitoring trusted state Download PDFInfo
- Publication number
- CN110875930A CN110875930A CN201911146130.5A CN201911146130A CN110875930A CN 110875930 A CN110875930 A CN 110875930A CN 201911146130 A CN201911146130 A CN 201911146130A CN 110875930 A CN110875930 A CN 110875930A
- Authority
- CN
- China
- Prior art keywords
- client
- trusted
- server
- communication component
- credible
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Abstract
The invention discloses a method for monitoring a credible state, which comprises the following steps: the client starts the upper layer trusted service and sends a network authentication request to the server through the client communication component; the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and the client collects the current credible state every other preset time and reports the current credible state to the server through the client communication assembly. The invention also discloses a computer device and a readable storage medium. The method, the device and the medium for monitoring the trusted state realize functions of terminal trusted state information collection, terminal trusted function control, trusted service interface provision and the like through the setting of the external interface by the server and the communication between the server and the client.
Description
Technical Field
The present invention relates to the field of trusted computing technologies, and in particular, to a method, a device, and a readable medium for monitoring a trusted status.
Background
The trusted computing technology of the domestic platform is developed more mature, and comprises upper-layer trusted applications such as a trusted network, trusted redundancy, trusted security management and the like; while the C/S (client/server) and B/S (browser/server) architectures are traditional designs for centralized applications.
At present, in the aspect of the trusted state collection of a domestic platform terminal, a relatively mature scheme and a relatively mature method do not exist, the traditional domestic platform terminal information collection scheme comprises a CPU (central processing unit), an internal memory and the like of a terminal collected by using an SNMP (simple network management protocol), the scheme cannot collect the trusted state information of the current terminal, and an interface cannot be opened to the outside in a web form; in the aspect of trusted control of a home-made platform terminal, known software systems including trusted network connection, remote terminal control and the like lack consideration of the whole trusted computing environment of the terminal and have no universality.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method, a device, and a medium for monitoring a trusted status, which can achieve functions of collecting information of a trusted status of a terminal, controlling a trusted function of the terminal, and providing a trusted service interface.
Based on the above object, an aspect of the embodiments of the present invention provides a method for monitoring a trusted status, including the following steps: the client starts the upper layer trusted service and sends a network authentication request to the server through the client communication component; the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and the client collects the current credible state every other preset time and reports the current credible state to the server through the client communication assembly.
In some embodiments, the server provides an interface open to the outside in the form of a web, and the method further includes: the server side initializes the database and the server side communication component; the server communicates with the client communication component through the server communication component.
In some embodiments, the collecting, by the client, the current trusted status at predetermined time intervals and reporting to the server via the client communication component comprises: the client collects the current credible state, analyzes the credible state and generates a credible log; sending the credible log to a server communication component through a client communication component; and the server communication component receives the credible log so as to be called by the outside through the server interface.
In some embodiments, the trusted service includes a trusted network service and trusted security management, and the trusted network service decides whether to access the local area network according to the server based on a trusted network access factor; the trusted security management is based on a client trusted software stack, the trusted software stack provides operating system resources of the client, and the operating system resources comprise processes, files, an encryption cabinet and external equipment.
In some implementations, the service-side interface categories include trusted status acquisition, trusted function setting, and trusted computing services.
In another aspect of the embodiments of the present invention, there is also provided a computer device, including: at least one processor; and a memory storing computer instructions executable on the processor, the instructions being executable by the processor to perform the steps of: the client starts the upper layer trusted service and sends a network authentication request to the server through the client communication component; the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and the client collects the current credible state every other preset time and reports the current credible state to the server through the client communication assembly.
In some embodiments, the server provides an interface open to the outside in the form of a web, and the steps further include: the server side initializes the database and the server side communication component; the server communicates with the client communication component through the server communication component.
In some embodiments, the collecting, by the client, the current trusted status at predetermined time intervals and reporting to the server via the client communication component comprises: the client collects the current credible state, analyzes the credible state and generates a credible log; sending the credible log to a server communication component through a client communication component; and the server communication component receives the credible log so as to be called by the outside through the server interface.
In some embodiments, the trusted service includes a trusted network service and trusted security management, and the trusted network service decides whether to access the local area network according to the server based on a trusted network access factor; the trusted security management is based on a client trusted software stack, the trusted software stack provides operating system resources of the client, and the operating system resources comprise processes, files, an encryption cabinet and external equipment.
In some implementations, the service-side interface categories include trusted status acquisition, trusted function setting, and trusted computing services.
According to the present invention, there is also provided a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the method described above.
The invention has the following beneficial technical effects: through the setting of the server-side external interface and the communication between the server-side and the client-side, the functions of terminal credible state information collection, terminal credible function control, credible service interface provision and the like are realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
Fig. 1 is a schematic diagram of an embodiment of a method for monitoring a trusted status provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it should be noted that "first" and "second" are merely for convenience of description and should not be construed as limitations of the embodiments of the present invention, and they are not described in any more detail in the following embodiments.
In view of the foregoing, a first aspect of the embodiments of the present invention provides an embodiment of a method for monitoring a trusted status. Fig. 1 is a schematic diagram illustrating an embodiment of a method for monitoring a trusted status provided by the present invention. As shown in fig. 1, the embodiment of the present invention includes the following steps:
s1, the client starts the upper layer credible service and sends a network authentication request to the server through the client communication component;
s2, the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and
and S3, the client collects the current credible state at preset time intervals and reports the current credible state to the server through the client communication component.
In some embodiments of the present invention, the trusted status monitoring system adopts a C/S (client/server) and a B/S (browser/server) architecture, which is divided into a server and a client, and is suitable for CPU architectures such as soar, dragon core, and shenwei, and domestic operating systems such as kylin, galaxy kylin, and fangde, that is, the trusted status monitoring system has a universality for a domestic platform. The problem that the existing technology lacks consideration on the whole trusted computing environment of the terminal due to non-universality in the aspects of trusted management and control of the domestic platform terminal, such as trusted network connection, remote terminal management and control and other software systems is solved. In some embodiments of the present invention, the specific deployment requires that the server locally install mysql (relational database management system) and rabbitmq service, and the client can be deployed at any node in the local area network.
The trusted network is divided into a server and a client, the server is an authentication server, the client is an authentication endpoint and is connected to the same local area network, the local area network is configured with an 802.1x protocol, the client can normally receive and transmit data in the trusted local area network only through authentication of the authentication server, and otherwise, the data cannot be forwarded through the switch.
The trusted security management also comprises a client and a server, the client is responsible for realizing trusted security functions of processes, files, an encryption cabinet, equipment management and the like of the local machine, and the server can manage the client through a calling interface.
According to some embodiments of the present invention, the server provides an interface open to the outside in the form of a web, and the method further includes: the server side initializes the database and the server side communication component; the server communicates with the client communication component through the server communication component. The trusted function setting part of the interface comprises strategy configuration of functions such as processes, files, an encryption cabinet, equipment management and the like.
According to some embodiments of the present invention, the client collecting the current trusted status at predetermined time intervals and reporting to the server via the client communication component comprises: the client collects the current credible state, analyzes the credible state and generates a credible log; sending the credible log to a server communication component through a client communication component; and the server communication component receives the credible log so as to be called by the outside through the server interface.
According to some embodiments of the present invention, the trusted service includes a trusted network service and trusted security management, the trusted network service decides whether to access the local area network according to the server based on a trusted network access factor; the trusted security management is based on a client trusted software stack, the trusted software stack provides operating system resources of the client, and the operating system resources comprise processes, files, an encryption cabinet and external equipment.
According to some embodiments of the invention, the service-side interface categories include trusted status acquisition, trusted function setting, and trusted computing services. The server interface is a restful interface, the trusted function setting part of the restful interface comprises policy configuration of functions such as a process, a file, an encryption cabinet and equipment management, the black and white list function of the process can configure the black and white list through the restful interface, the process in the black list cannot be executed, the priority of the black list is higher than that of the white list, and the process not in the white list cannot be executed; the file protection function can realize the protection of the content and the authority of a specific file through a restful interface, avoid the file from being maliciously damaged and ensure the integrity of the file; the encryption cabinet function can be used for opening or closing the encryption cabinet through a restful interface, and the encryption cabinet is used for storing information with a secret level and preventing information leakage; the device management function can realize the configuration of whether the USB device, the serial port device and other devices are allowed to be used or not through a restful interface, and can prohibit a certain type of device from being identified by a kernel.
It should be particularly noted that, the steps in the embodiments of the method for authenticating identity based on a secure chip may be mutually intersected, replaced, added, and deleted, so that these methods for monitoring the trusted status, which are transformed by reasonable permutation and combination, should also belong to the scope of the present invention, and should not limit the scope of the present invention to the embodiments.
In view of the above object, a second aspect of the embodiments of the present invention provides a computer device, including: at least one processor; and a memory storing computer instructions executable on the processor, the instructions being executable by the processor to perform the steps of: s1, the client starts the upper layer credible service and sends a network authentication request to the server through the client communication component; s2, the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and S3, the client collects the current credible state every preset time and reports the current credible state to the server through the client communication component.
According to some embodiments of the present invention, the server provides an interface open to the outside in the form of a web, and the steps further include: the server side initializes the database and the server side communication component; the server communicates with the client communication component through the server communication component.
According to some embodiments of the present invention, the client collecting the current trusted status at predetermined time intervals and reporting to the server via the client communication component comprises: the client collects the current credible state, analyzes the credible state and generates a credible log; sending the credible log to a server communication component through a client communication component; and the server communication component receives the credible log so as to be called by the outside through the server interface.
According to some embodiments of the present invention, the trusted service includes a trusted network service and trusted security management, the trusted network service decides whether to access the local area network according to the server based on a trusted network access factor; the trusted security management is based on a client trusted software stack, the trusted software stack provides operating system resources of the client, and the operating system resources comprise processes, files, an encryption cabinet and external equipment.
According to some embodiments of the invention, the service-side interface categories include trusted status acquisition, trusted function setting, and trusted computing services.
The invention also provides a computer readable storage medium storing a computer program which, when executed by a processor, performs the method as above.
Finally, it should be noted that, as one of ordinary skill in the art can appreciate that all or part of the processes of the methods of the above embodiments can be implemented by a computer program to instruct related hardware, and the program of the method for file protection based on soft link can be stored in a computer readable storage medium, and when executed, the program can include the processes of the embodiments of the methods as described above. The storage medium of the program may be a magnetic disk, an optical disk, a Read Only Memory (ROM), a Random Access Memory (RAM), or the like. The embodiments of the computer program may achieve the same or similar effects as any of the above-described method embodiments.
Furthermore, the methods disclosed according to embodiments of the present invention may also be implemented as a computer program executed by a processor, which may be stored in a computer-readable storage medium. Which when executed by a processor performs the above-described functions defined in the methods disclosed in embodiments of the invention.
Further, the above method steps and system elements may also be implemented using a controller and a computer readable storage medium for storing a computer program for causing the controller to implement the functions of the above steps or elements.
Further, it should be appreciated that the computer-readable storage media (e.g., memory) herein can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of example, and not limitation, nonvolatile memory can include Read Only Memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which can act as external cache memory. By way of example and not limitation, RAM is available in a variety of forms such as synchronous RAM (DRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct Rambus RAM (DRRAM). The storage devices of the disclosed aspects are intended to comprise, without being limited to, these and other suitable types of memory.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as software or hardware depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the disclosed embodiments of the present invention.
The various illustrative logical blocks, modules, and circuits described in connection with the disclosure herein may be implemented or performed with the following components designed to perform the functions herein: a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination of these components. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP, and/or any other such configuration.
The steps of a method or algorithm described in connection with the disclosure herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. In the alternative, the processor and the storage medium may reside as discrete components in a user terminal.
In one or more exemplary designs, the functions may be implemented in hardware, software, firmware, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer. By way of example, and not limitation, such computer-readable media can comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a general-purpose or special-purpose computer, or a general-purpose or special-purpose processor. Also, any connection is properly termed a computer-readable medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk, blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above should also be included within the scope of computer-readable media.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
The numbers of the embodiments disclosed in the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments. It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, of embodiments of the invention is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of the embodiments of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.
Claims (10)
1. A method of trusted status monitoring, comprising:
the client starts the upper layer trusted service and sends a network authentication request to the server through the client communication component;
the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and
and the client collects the current credible state every preset time and reports the current credible state to the server through the client communication assembly.
2. The method of claim 1, wherein the server provides an interface open to the outside world in the form of a web, the method further comprising:
the server side initializes a database and a server side communication assembly;
and the server communicates with the client communication component through the server communication component.
3. The method of claim 2, wherein the client collecting current trusted status at predetermined time intervals and reporting to the server via the client communication component comprises:
the client collects the current credible state, analyzes the credible state and generates a credible log;
sending, by the client communication component, the trusted log to the server communication component;
and the server communication component receives the credible log so as to be called by the outside through the server interface.
4. The method of claim 1, wherein the trusted service comprises a trusted network service and trusted security management, wherein the trusted network service decides whether to access a local area network according to the server based on a trusted network access factor; the trusted security management is based on the client trusted software stack, the trusted software stack provides operating system resources of the client, and the operating system resources include processes, files, an encryption cabinet and external equipment.
5. The method of claim 2, wherein the service-side interface categories include trusted status acquisition, trusted function settings, and trusted computing services.
6. A computer device, comprising:
at least one processor; and
a memory storing computer instructions executable on the processor, the instructions when executed by the processor implementing the steps of:
the client starts the upper layer trusted service and sends a network authentication request to the server through the client communication component;
the server receives and passes the network authentication request to confirm the online state of the client and replies to the client; and
and the client collects the current credible state every preset time and reports the current credible state to the server through the client communication assembly.
7. The computer device of claim 6, wherein the server provides an interface open to the outside world in the form of a web, further comprising:
the server side initializes a database and a server side communication assembly;
and the server communicates with the client communication component through the server communication component.
8. The computer device of claim 7, wherein the client collecting current trusted status at predetermined time intervals and reporting to the server via the client communication component comprises:
the client collects the current credible state, analyzes the credible state and generates a credible log;
sending, by the client communication component, the trusted log to the server communication component;
and the server communication component receives the credible log so as to be called by the outside through the server interface.
9. The computer device of claim 6, wherein the trusted service comprises a trusted network service and trusted security management, wherein the trusted network service decides whether to access a local area network according to the server based on a trusted network access factor; the trusted security management is based on the client trusted software stack, the trusted software stack provides operating system resources of the client, and the operating system resources include processes, files, an encryption cabinet and external equipment.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911146130.5A CN110875930A (en) | 2019-11-21 | 2019-11-21 | Method, equipment and medium for monitoring trusted state |
| PCT/CN2020/098539 WO2021098213A1 (en) | 2019-11-21 | 2020-06-28 | Trusted state monitoring method, device, and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911146130.5A CN110875930A (en) | 2019-11-21 | 2019-11-21 | Method, equipment and medium for monitoring trusted state |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110875930A true CN110875930A (en) | 2020-03-10 |
Family
ID=69718121
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911146130.5A Pending CN110875930A (en) | 2019-11-21 | 2019-11-21 | Method, equipment and medium for monitoring trusted state |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110875930A (en) |
| WO (1) | WO2021098213A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112104653A (en) * | 2020-09-15 | 2020-12-18 | 全球能源互联网研究院有限公司 | Charging system trusted computing management method and device and storage medium |
| WO2021098213A1 (en) * | 2019-11-21 | 2021-05-27 | 山东超越数控电子股份有限公司 | Trusted state monitoring method, device, and medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101951607A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Reliability-based wireless local area network trusted accessing method and system |
| US20110179477A1 (en) * | 2005-12-09 | 2011-07-21 | Harris Corporation | System including property-based weighted trust score application tokens for access control and related methods |
| CN104618395A (en) * | 2015-03-04 | 2015-05-13 | 浪潮集团有限公司 | System and method for dynamic cross-domain access control based on trusted network connection |
| CN105760271A (en) * | 2016-01-28 | 2016-07-13 | 浪潮电子信息产业股份有限公司 | Method for computational node credible state monitoring under cluster mode |
| CN105790935A (en) * | 2016-03-15 | 2016-07-20 | 山东超越数控电子有限公司 | Independent-software-and-hardware-technology-based trusted authentication server |
| CN106027518A (en) * | 2016-05-19 | 2016-10-12 | 中国人民解放军装备学院 | Trusted network connection method based on quasi real-time state feedback |
| CN109325331A (en) * | 2018-09-13 | 2019-02-12 | 北京航空航天大学 | Transaction system is acquired based on the big data of block chain and credible calculating platform |
| CN109995783A (en) * | 2019-04-02 | 2019-07-09 | 山东超越数控电子股份有限公司 | A kind of cut-in method of trustable network, equipment and storage medium |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101621377A (en) * | 2009-03-26 | 2010-01-06 | 常熟理工学院 | Trusted access method under virtual computing environment |
| CN101533434B (en) * | 2009-04-10 | 2012-05-30 | 武汉大学 | Leakage-proof credible virtual machine remote certification method facing sensitive data |
| US10339317B2 (en) * | 2015-12-18 | 2019-07-02 | Intel Corporation | Computing devices |
| CN107493271A (en) * | 2017-07-28 | 2017-12-19 | 大唐高鸿信安(浙江)信息科技有限公司 | Credible and secure network system |
| CN110875930A (en) * | 2019-11-21 | 2020-03-10 | 山东超越数控电子股份有限公司 | Method, equipment and medium for monitoring trusted state |
-
2019
- 2019-11-21 CN CN201911146130.5A patent/CN110875930A/en active Pending
-
2020
- 2020-06-28 WO PCT/CN2020/098539 patent/WO2021098213A1/en active Application Filing
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110179477A1 (en) * | 2005-12-09 | 2011-07-21 | Harris Corporation | System including property-based weighted trust score application tokens for access control and related methods |
| CN101951607A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Reliability-based wireless local area network trusted accessing method and system |
| CN104618395A (en) * | 2015-03-04 | 2015-05-13 | 浪潮集团有限公司 | System and method for dynamic cross-domain access control based on trusted network connection |
| CN105760271A (en) * | 2016-01-28 | 2016-07-13 | 浪潮电子信息产业股份有限公司 | Method for computational node credible state monitoring under cluster mode |
| CN105790935A (en) * | 2016-03-15 | 2016-07-20 | 山东超越数控电子有限公司 | Independent-software-and-hardware-technology-based trusted authentication server |
| CN106027518A (en) * | 2016-05-19 | 2016-10-12 | 中国人民解放军装备学院 | Trusted network connection method based on quasi real-time state feedback |
| CN109325331A (en) * | 2018-09-13 | 2019-02-12 | 北京航空航天大学 | Transaction system is acquired based on the big data of block chain and credible calculating platform |
| CN109995783A (en) * | 2019-04-02 | 2019-07-09 | 山东超越数控电子股份有限公司 | A kind of cut-in method of trustable network, equipment and storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021098213A1 (en) * | 2019-11-21 | 2021-05-27 | 山东超越数控电子股份有限公司 | Trusted state monitoring method, device, and medium |
| CN112104653A (en) * | 2020-09-15 | 2020-12-18 | 全球能源互联网研究院有限公司 | Charging system trusted computing management method and device and storage medium |
| CN112104653B (en) * | 2020-09-15 | 2023-03-14 | 全球能源互联网研究院有限公司 | Trusted computing management method and device for charging system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021098213A1 (en) | 2021-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Schiller et al. | Landscape of IoT security | |
| CN108173850A (en) | A kind of identity authorization system and identity identifying method based on block chain intelligence contract | |
| US11645144B2 (en) | Methods and systems securing an application based on auto-learning and auto-mapping of application services and APIs | |
| KR20020001190A (en) | Apparatus for extended firewall protecting internal resources in network system | |
| CN109067937A (en) | Terminal admittance control method, device, equipment, system and storage medium | |
| CA2973249C (en) | System and method for providing fraud control | |
| CN110875930A (en) | Method, equipment and medium for monitoring trusted state | |
| Xue et al. | Research on key technologies of software-defined network based on blockchain | |
| CN112202812A (en) | Water conservancy Internet of things terminal access authentication method and system based on block chain | |
| EP3602387B1 (en) | Identifiers for integrity protection of digitally coded copies | |
| CN110049031A (en) | A kind of interface security authentication method and server, authentication center's server | |
| US11516071B2 (en) | Method and system for root cause analysis across multiple network systems | |
| CN113839882B (en) | Message flow splitting method and device | |
| CN111176904B (en) | Method, system, equipment and medium for data backup under private cloud architecture | |
| CN111314312A (en) | Policy management method, system, device and medium | |
| US20030227878A1 (en) | Apparatus and method for automatically and dynamically reconfiguring network provisioning | |
| CN111414340A (en) | File sharing method and device, computer equipment and storage medium | |
| CN111858538B (en) | Method, device, equipment and medium for configuring BeeGFS quota by cluster | |
| CN111090625A (en) | Method, device and medium for compressing management log | |
| CN116260650A (en) | Interface interaction data safety protection method based on AI high-speed regular matching | |
| WO2023056713A1 (en) | Cloud platform binding method and system for internet of things card, and device and medium | |
| CN111240933B (en) | Method, system, device and medium for monitoring performance data of multiple data centers | |
| CN114066182A (en) | Relay protection constant value management intelligent contract method, system, equipment and storage medium | |
| CN113824738A (en) | Method and system for node communication management in block chain | |
| CN113194159A (en) | DNS authoritative data management method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200310 |
|
| RJ01 | Rejection of invention patent application after publication |