CN111125666A - Trusted control method and system based on trusted computing system - Google Patents
Trusted control method and system based on trusted computing system Download PDFInfo
- Publication number
- CN111125666A CN111125666A CN201911354280.5A CN201911354280A CN111125666A CN 111125666 A CN111125666 A CN 111125666A CN 201911354280 A CN201911354280 A CN 201911354280A CN 111125666 A CN111125666 A CN 111125666A
- Authority
- CN
- China
- Prior art keywords
- control
- trusted
- main body
- verification
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The invention relates to the technical field of network security, and discloses a trusted control method and a trusted control system based on a trusted computing system. The method comprises the following steps: when a control port of the control main body is started and a control command is sent, the control main body reads a control main body identity certificate and a signature of preset control main body basic information from a trusted area for verification, and if the verification is successful, the control main body is determined to be legal; and after the main body is legal, the control main body reads the certificate of the equipment control program and the signature of the preset equipment control program from the trusted area for verification, and if the verification is successful, the control main body starts the equipment control program to control the monitored object. The scheme mainly solves the problem that whether a control program and a control environment which send out a control command are credible when a control main body monitors a dangerous event.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a trusted control method and a trusted control system based on a trusted computing system.
Background
In the current industrial network communication environment, when a control subject accesses a monitored device, access control is not mandatory, only simple user name and password verification is performed, once a hacker or a malicious program intercepts the monitored device, a monitored object opens a door, and after the hacker or the malicious program obtains root authority, any operation can be performed on the monitored device, such as operations with great harmfulness, such as deleting important files and data, tampering data, copying data, implanting a back door and the like, so that the establishment of a set of trusted control environment is extremely important and necessary.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: aiming at the safety problem of the monitored equipment, a trusted control method and a trusted control system based on a trusted computing system are provided.
The technical scheme adopted by the invention is as follows: a trusted control method based on a trusted computing system comprises the following steps:
step S1, when the control port of the control subject is enabled and a control command is issued, the control subject reads the control subject identity certificate and the signature of the preset control subject basic information from the trusted area for verification, and if the verification is successful, it determines that the control subject is legal.
Further, the trusted control method based on the trusted computing system further includes:
and step S2, after the main body is legal, the control main body reads the certificate of the equipment control program and the signature of the preset equipment control program from the trusted area for verification, and if the verification is successful, the control main body starts the equipment control program to control the monitored object.
Further, the trusted control method based on the trusted computing system further comprises the following processes: and recording all the behaviors in the step S1 and the step S2 to form log record data, and reporting the log record data to the management center.
Further, the trusted zone is in a read-only mode.
Further, the trusted area is a control subject security chip or a smart card.
Further, the specific process of step S1 includes: monitoring whether the control port is started and whether a control command is sent out by a control main body; if the control port is started and the control main body sends a control command, reading the identity certificate of the control main body as a parameter 1, reading the signature of the preset basic information of the control main body as a parameter 2, and verifying whether the parameter 2 is valid by the control main body by using the parameter 1; if the closing of the control port is not valid, step S2 is initiated if valid.
Further, the specific process of step S2 includes: the control main body reads a certificate of the equipment control program from the trusted area as a parameter A, reads a preset signature of the equipment control program as a parameter B, and verifies whether the parameter B is valid by using the parameter A; if the monitored object is invalid, the control port is closed, and if the monitored object is effectively controlled, the main body runs the control program of the equipment to control the monitored object.
The invention also discloses a trusted control system based on the trusted computing system, which comprises:
and the control main body verification module is used for reading the control main body identity certificate and the signature of the preset control main body basic information from the trusted area for verification when the control port of the control main body is enabled and the control command is sent out, and determining that the control main body is legal if the verification is successful.
Further, the trusted control system based on the trusted computing system further includes:
and the equipment verification module is used for reading the certificate of the equipment control program and the signature of the preset equipment control program from the trusted area for verification after the main body is legal, and starting the control of the equipment control program on the monitored object by the control main body if the verification is successful.
Further, the trusted control system based on the trusted computing system further includes: and the log module is used for recording all the behaviors in the control main body verification module and the equipment verification module, forming log record data and reporting the log record data to the management center.
Compared with the prior art, the beneficial effects of adopting the technical scheme are as follows: the technical scheme of the invention is that firstly, the credibility problem of the control subject is solved based on the certificate and the signature of the control subject stored in the credible region; after the control main body successfully verifies, the credibility problem of the equipment control program in the control main body is realized based on the certificate and the signature of the equipment stored in the credible area; the harm and the attack of hackers or malicious programs on the monitored equipment are effectively prevented; and finally, the operation behavior is reported by forming a log, so that the operation behavior is effectively recorded, and the problem of auditing the trusted computing of the control subject is solved.
Drawings
Fig. 1 is a schematic diagram of a control subject verification process in the trusted control method based on the trusted computing system according to the present invention.
Fig. 2 is a schematic view of a verification process of a device in a control subject in the trusted control method based on the trusted computing system according to the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings.
Before the control main body is deployed, the identity certificate and the equipment control program certificate are stored in a trusted area of the control main body, and the trusted area is read only, unwritable and limited in access. Wherein, the trusted area can be a control subject security chip or a smart card. And presetting the signature information of the basic information of the control main body and the signature information of the device control program to a trusted area of the control main body.
A trusted control method based on a trusted computing system comprises the following steps:
first, control subject validity verification: when the control port of the control main body is started and a control command is sent out, the control main body forcibly triggers self identity detection: the control main body reads the control main body identity certificate and the signature of the preset control main body basic information from the trusted area for verification, and if the verification is successful, the control main body is determined to legally enter the legal verification process of the equipment in the control main body; and if the authentication fails, terminating the legal authentication process of the equipment entering the control body by the control body.
As in the embodiment of fig. 1, the specific implementation process of the validity verification of the control subject is as follows:
monitoring whether the control port is started and whether a control command is sent out by a control main body; if the control port is started and the control main body sends a control command, reading the control main body identity certificate as a parameter 1, reading the signature of the preset control main body basic information as a parameter 2, simultaneously reading the signature processes of the control main body identity certificate and the preset control main body basic information, and verifying whether the parameter 2 is valid or not by using the parameter 1; if the control port is closed inefficiently, the control main body is stopped to enter the processing flow of the second target technical scheme, and if the control port is closed inefficiently, the legal verification of the equipment in the control main body is started. In the embodiment of the invention, the next step is executed only if the two conditions that the control port is enabled and the control main body has the control command to issue are simultaneously met, otherwise, no action is executed.
A second object, controlling the legitimacy verification of the device in the body: after the validity of the control main body is successfully verified, the control main body reads a certificate of the equipment control program and a signature of a preset equipment control program from the trusted area for verification, and if the verification is successful, the control main body starts the equipment control program to control the monitored object; if the verification fails, the control port is closed, and the equipment control program is terminated.
As in the embodiment of fig. 2, the specific implementation process of the legal authentication of the device in the control subject is as follows: the control main body reads the certificate of the equipment control program from the trusted area as a parameter A, reads the signature of the preset equipment control program as a parameter B, and simultaneously reads the certificate of the equipment control program and the signature of the preset equipment control program, and the control main body verifies whether the parameter B is valid by using the parameter A; if the monitored object is invalid, closing the control port, terminating the equipment control program, and if the monitored object is effectively controlled by the main control body to run the equipment control program.
In addition, after the validity verification of the control main body and the validity verification of the equipment in the control main body are successful, all behaviors in the validity verification process of the control main body and the validity verification process of the equipment in the control main body are recorded, log record data are formed and reported to the management center.
System embodiments of a corresponding method, a trusted control system based on a trusted computing system, comprise:
and the control main body verification module is used for reading the control main body identity certificate and the signature of the preset control main body basic information from the trusted area for verification when the control port of the control main body is enabled and the control command is sent out, and determining that the control main body is legal if the verification is successful. The control main body verification module solves the problem of validity verification of the control main body.
And the equipment verification module is used for reading the certificate of the equipment control program and the signature of the preset equipment control program from the trusted area for verification after the main body is legal, and starting the control of the equipment control program on the monitored object by the control main body if the verification is successful. And the equipment verification module solves the problem of equipment validity verification in the control main body after the control main body verification module successfully verifies the equipment.
And the log module is used for recording all the behaviors in the control main body verification module and the equipment verification module, forming log record data and reporting the log record data to the management center. The log module solves the auditing problem of trusted computing.
The method and the system are mainly applied to the network communication environment of the power monitoring system in the industrial control environment, and mainly solve the problem that when a control main body monitors a dangerous event, a control program for sending a control command and the control environment are credible or not.
The invention is not limited to the foregoing embodiments. The invention extends to any novel feature or any novel combination of features disclosed in this specification and any novel method or process steps or any novel combination of features disclosed. Those skilled in the art to which the invention pertains will appreciate that insubstantial changes or modifications can be made without departing from the spirit of the invention as defined by the appended claims.
Claims (10)
1. A trusted control method based on a trusted computing system is characterized by comprising the following steps:
step S1, when the control port of the control subject is enabled and a control command is issued, the control subject reads the control subject identity certificate and the signature of the preset control subject basic information from the trusted area for verification, and if the verification is successful, it determines that the control subject is legal.
2. A trusted computing hierarchy based trusted control method as claimed in claim 1, wherein said trusted computing hierarchy based trusted control method further comprises:
and step S2, after the main body is legal, the control main body reads the certificate of the equipment control program and the signature of the preset equipment control program from the trusted area for verification, and if the verification is successful, the control main body starts the equipment control program to control the monitored object.
3. A trusted computing hierarchy based trusted control method as claimed in claim 2, further comprising the process of: and recording all the behaviors in the step S1 and the step S2 to form log record data, and reporting the log record data to the management center.
4. A trusted computing architecture based trusted control method as claimed in claim 1, wherein said trusted zone is in read-only mode.
5. A trusted computing architecture based trusted control method as claimed in claim 1, wherein said trusted zone is a control principal security chip or smart card.
6. The trusted control method based on trusted computing hierarchy of claim 1, wherein the specific process of step S1 includes: monitoring whether the control port is started and whether a control command is sent by the control main body, if the control port is started and the control command is sent by the control main body, reading an identity certificate of the control main body as a parameter 1, reading a signature of preset basic information of the control main body as a parameter 2, and verifying whether the parameter 2 is valid by the control main body by using the parameter 1; if the closing of the control port is not valid, step S2 is initiated if valid.
7. The trusted control method based on trusted computing hierarchy of claim 6, wherein the specific process of step S2 includes: the control main body reads a certificate of the equipment control program from the trusted area as a parameter A, reads a preset signature of the equipment control program as a parameter B, and verifies whether the parameter B is valid by using the parameter A; if the monitored object is invalid, the control port is closed, and if the monitored object is effectively controlled, the main body runs the control program of the equipment to control the monitored object.
8. A trusted control system based on a trusted computing hierarchy, comprising:
and the control main body verification module is used for reading the control main body identity certificate and the signature of the preset control main body basic information from the trusted area for verification when the control port of the control main body is enabled and the control command is sent out, and determining that the control main body is legal if the verification is successful.
9. A trusted computing hierarchy based trusted control system as claimed in claim 8,
the trusted control system based on the trusted computing system further comprises:
and the equipment verification module is used for reading the certificate of the equipment control program and the signature of the preset equipment control program from the trusted area for verification after the main body is legal, and starting the control of the equipment control program on the monitored object by the control main body if the verification is successful.
10. A trusted computing hierarchy based trusted control system as claimed in claim 9, further comprising: and the log module is used for recording all the behaviors in the control main body verification module and the equipment verification module, forming log record data and reporting the log record data to the management center.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911354280.5A CN111125666B (en) | 2019-12-25 | 2019-12-25 | Trusted control method and system based on trusted computing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911354280.5A CN111125666B (en) | 2019-12-25 | 2019-12-25 | Trusted control method and system based on trusted computing system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111125666A true CN111125666A (en) | 2020-05-08 |
| CN111125666B CN111125666B (en) | 2021-01-12 |
Family
ID=70502956
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911354280.5A Active CN111125666B (en) | 2019-12-25 | 2019-12-25 | Trusted control method and system based on trusted computing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111125666B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103747036A (en) * | 2013-12-23 | 2014-04-23 | 中国航天科工集团第二研究院七〇六所 | Trusted security enhancement method in desktop virtualization environment |
| CN104270376A (en) * | 2014-10-13 | 2015-01-07 | 浪潮电子信息产业股份有限公司 | Platform integrity verification method |
| CN107301082A (en) * | 2016-04-15 | 2017-10-27 | 中兴通讯股份有限公司 | A kind of method and apparatus for realizing operating system integrity protection |
| CN107403098A (en) * | 2017-06-13 | 2017-11-28 | 北京溢思得瑞智能科技研究院有限公司 | The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage |
| US20180013569A1 (en) * | 2016-05-05 | 2018-01-11 | Neustar, Inc. | Systems and methods for enabling trusted communications between controllers |
| WO2018133583A1 (en) * | 2017-01-18 | 2018-07-26 | 中兴通讯股份有限公司 | Method, device and system for managing security space on equipment |
| CN109117628A (en) * | 2018-08-20 | 2019-01-01 | 郑州云海信息技术有限公司 | A kind of white list control method and system |
| CN109309690A (en) * | 2018-12-28 | 2019-02-05 | 中国人民解放军国防科技大学 | Software white list control method based on message authentication code |
| CN109977679A (en) * | 2019-02-22 | 2019-07-05 | 北京天地和兴科技有限公司 | A kind of industry control safety equipment upgrade package installation method based on TCM chip |
-
2019
- 2019-12-25 CN CN201911354280.5A patent/CN111125666B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103747036A (en) * | 2013-12-23 | 2014-04-23 | 中国航天科工集团第二研究院七〇六所 | Trusted security enhancement method in desktop virtualization environment |
| CN104270376A (en) * | 2014-10-13 | 2015-01-07 | 浪潮电子信息产业股份有限公司 | Platform integrity verification method |
| CN107301082A (en) * | 2016-04-15 | 2017-10-27 | 中兴通讯股份有限公司 | A kind of method and apparatus for realizing operating system integrity protection |
| US20180013569A1 (en) * | 2016-05-05 | 2018-01-11 | Neustar, Inc. | Systems and methods for enabling trusted communications between controllers |
| WO2018133583A1 (en) * | 2017-01-18 | 2018-07-26 | 中兴通讯股份有限公司 | Method, device and system for managing security space on equipment |
| CN107403098A (en) * | 2017-06-13 | 2017-11-28 | 北京溢思得瑞智能科技研究院有限公司 | The active safety means of defence and credible industrial control computer of credible industrial control computer startup stage |
| CN109117628A (en) * | 2018-08-20 | 2019-01-01 | 郑州云海信息技术有限公司 | A kind of white list control method and system |
| CN109309690A (en) * | 2018-12-28 | 2019-02-05 | 中国人民解放军国防科技大学 | Software white list control method based on message authentication code |
| CN109977679A (en) * | 2019-02-22 | 2019-07-05 | 北京天地和兴科技有限公司 | A kind of industry control safety equipment upgrade package installation method based on TCM chip |
Non-Patent Citations (2)
| Title |
|---|
| 冯伟 等: "基于TCM的安全 Windows平台设计与实现", 《通信学报》 * |
| 匿名: "政务内网可信安全解决方案", 《计算机安全》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111125666B (en) | 2021-01-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8863290B2 (en) | Methods and devices for improving the reliability of communication between an aircraft and a remote system | |
| EP2404428B1 (en) | A system and method for providing security in browser-based access to smart cards | |
| CN111835689B (en) | Identity authentication method of digital key, terminal device and medium | |
| EP3262560B1 (en) | System and method for verifying integrity of an electronic device | |
| US20060048228A1 (en) | Communication system and security assurance device | |
| KR101756692B1 (en) | Terminal Device for Dynamic Secure Module and Driving Method Thereof | |
| WO2013058781A1 (en) | Methods, systems and apparatus to facilitate client-based authentication | |
| CN112653714A (en) | Access control method, device, equipment and readable storage medium | |
| CN106878335B (en) | Method and system for login verification | |
| EP3009950B1 (en) | Method and apparatus for continuous and implicit local authentication of wireless mobile users based on dynamic profiling of conduct patterns | |
| CN101859373A (en) | Method for safely accessing mobile credible terminal | |
| CN109240771A (en) | A kind of system start method and device | |
| CN111125666B (en) | Trusted control method and system based on trusted computing system | |
| US8261328B2 (en) | Trusted electronic communication through shared vulnerability | |
| Soria-Machado et al. | Kerberos golden ticket protection | |
| CN107070913B (en) | Webshell attack-based detection and protection method and system | |
| US10412097B1 (en) | Method and system for providing distributed authentication | |
| CN113259939B (en) | Terminal credibility authentication method and system based on electronic signature | |
| US20230179432A1 (en) | Policies for hardware changes or cover opening in computing devices | |
| CN117666376B (en) | Intelligent home authority control system | |
| US20210406404A1 (en) | Methods and apparatus for performing a cryptographic operation with a key stored in a hardware security module | |
| KR102143511B1 (en) | Security reliability management server for smart transaction | |
| CN108886529B (en) | System for remotely controlling a vehicle | |
| US20220191201A1 (en) | Processes and method for safe of use, monitoring and management of device accounts in terminal manner | |
| CN117852021A (en) | Behavior management system, method, computer device and storage medium for trusted space |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 1101, 11 / F, unit 2, building 1, No. 777, north section of Yizhou Avenue, Chengdu hi tech Zone, China (Sichuan) pilot Free Trade Zone, Chengdu 610041 Applicant after: SICHUAN YINGDESAIKE TECHNOLOGY Co.,Ltd. Address before: No.1, 3 / F, building 1, No.366, Hupan Road north section, Tianfu New District, Chengdu, Sichuan 610041 Applicant before: SICHUAN YINGDESAIKE TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |