CN113569211A - Cross-domain secure multiparty computing method and device based on trusted execution environment - Google Patents

Cross-domain secure multiparty computing method and device based on trusted execution environment Download PDF

Info

Publication number
CN113569211A
CN113569211A CN202110833138.XA CN202110833138A CN113569211A CN 113569211 A CN113569211 A CN 113569211A CN 202110833138 A CN202110833138 A CN 202110833138A CN 113569211 A CN113569211 A CN 113569211A
Authority
CN
China
Prior art keywords
module
verification
identity
data
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110833138.XA
Other languages
Chinese (zh)
Inventor
顾冉
叶薇薇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Fuchen Shuzhi Technology Co ltd
Original Assignee
Hangzhou Fuchen Shuzhi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Fuchen Shuzhi Technology Co ltd filed Critical Hangzhou Fuchen Shuzhi Technology Co ltd
Priority to CN202110833138.XA priority Critical patent/CN113569211A/en
Publication of CN113569211A publication Critical patent/CN113569211A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a cross-domain secure multiparty computing method and a device based on a trusted execution environment, which comprises the following steps: s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module; s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the request, and transmits verification information to the storage module for backup; s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors; s4, if there is no abnormity, sending the data to the identification module, if the abnormity monitoring unit monitors abnormity, generating a random verification certificate through the random generation module; the identity of the requester can be verified in multiple ways through the set identity unit, so that the safety is improved, the abnormal condition of the requester can be monitored through the set abnormal monitoring unit, the condition of stealing the identity of other people is avoided, and the verification of the identity unit is bypassed.

Description

Cross-domain secure multiparty computing method and device based on trusted execution environment
Technical Field
The invention relates to the technical field of secure multi-party computing, in particular to a cross-domain secure multi-party computing method and device based on a trusted execution environment.
Background
The research of the secure multi-party computing mainly aims at the problem of how to securely compute an agreed function under the condition of no trusted third party, the secure multi-party computing is the cryptology basis for implementing a plurality of applications such as electronic election, threshold signature, electronic auction and the like, and a secure multi-party computing protocol is called as information theory secure or unconditional secure if being secure to an attacker with infinite computing power; if the security is safe for an attacker with polynomial computing capability, the attacker is called as being cryptographically secure or conditionally secure, and existing results prove that under an unconditional security model, a secure scheme exists only when the number of malicious participants is less than 1/3 of the total number of the malicious participants, and under a conditional security model, the secure scheme exists only when the number of the malicious participants is less than half of the total number of the malicious participants, so that data is easily leaked and even stolen during multi-party computing at present, and the data cannot be well protected.
Disclosure of Invention
The present invention is directed to a cross-domain secure multiparty computing method and apparatus based on a trusted execution environment, so as to solve the problems in the background art.
In order to achieve the purpose, the invention provides the following technical scheme: the cross-domain secure multi-party computing method based on the trusted execution environment comprises the following steps:
s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module;
s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the calculation request to obtain verification information, and the verification information is transmitted to the storage module for backup;
s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors;
s4, if no abnormity exists, sending the data to an identification module, if an abnormity monitoring unit monitors abnormity, generating a random verification certificate through a random generation module, and sending the random verification certificate to an initial address through a sending module;
s5, comparing the random certificate by the comparison module, rejecting the request if the comparison fails, and identifying the data by the identification module and sending the data to the multi-party calculation module if the comparison succeeds;
s6, the multi-party calculation module calculates the data, and sends the data to the trusted node module after the calculation is completed, the verification module verifies the trusted node module, and the trusted node module verifies the calculation result;
s7, the detection module detects the identification, if the identification is abnormal, the calculation result is sent to the isolation module for isolation, and an alarm is given out through the alarm module;
and S8, if no abnormity exists, sending the result to the key management module to encrypt the calculation result, authenticating the key management module by the authentication module, and sending the calculation result through the communication module after the encryption is finished.
As a preferable aspect of the present invention, the input unit includes a data module and a request module, and the step of inputting data and sending a request by the input unit in step S1 includes:
the data module inputs data to be calculated;
the request module sends a calculation request to the receiving module.
As a preferred scheme of the present invention, the identity unit includes a signature information module, a public-private key module, and a dynamic verification module, and the identity unit identity verification step in step S2 includes:
the signature information module verifies the signature information of the requester;
the public and private key module verifies the public key and the private key of the requester;
the dynamic authentication module dynamically authenticates the requester.
As a preferable scheme of the present invention, the anomaly monitoring unit includes an address detection module, an equipment detection module, a sensitivity detection module, and a frequency detection module, and the step of monitoring the anomaly monitoring unit in step S3 includes:
the address detection module detects whether the IP address of the requester is a common IP address;
the equipment detection module detects whether the equipment used by the requester is the commonly used equipment;
the sensitive detection module detects the importance degree of the calculation data requested by the requester;
the frequency detection module detects the frequency of the identity verification of the requester in the identity unit.
As a preferred scheme of the present invention, the verification module in step S6 verifies the trusted node module, where the verification is identity verification, and detects whether the trusted node module is an agreed program.
The cross-domain safe multi-party computing device based on the trusted execution environment comprises an input unit, a receiving module, an identity unit, a storage module, an abnormality monitoring unit, a random generation module, a comparison module, an identification module, a multi-party computing module, a trusted node module, a verification module, a detection module, an isolation module, an alarm module, an authentication module, a key management module, an authentication module and a communication module;
the authentication module is used for authenticating the key management module and avoiding the key management module from being tampered;
the verification module is used for verifying the trusted node module, ensuring that the trusted node module is an agreed program, and avoiding the calculation data leakage at the trusted node module.
As a preferable aspect of the present invention, the input unit includes a data module and a request module.
As a preferred scheme of the present invention, the identity unit includes a signature information module, a public-private key module, and a dynamic verification module.
As a preferred scheme of the present invention, the anomaly monitoring unit includes an address detection module, an equipment detection module, a sensitivity detection module, and a frequency detection module.
Compared with the prior art, the invention has the beneficial effects that: the identity of a requester can be verified in multiple ways through the set identity unit, so that the safety is improved, the abnormal condition of the requester can be monitored through the set abnormal monitoring unit, the condition of stealing the identity of other people is avoided, the verification of the identity unit is bypassed, the data is acquired, the data can be identified through the set identification module, the detection module, the isolation module and the alarm module, when the data is read for multiple times, the data is isolated and an alarm is sent out, the data is further protected, the calculation result can be verified through the set credible node module, the reliability of the calculation result is ensured, the credible node module and the key management module can be verified through the set authentication module and the verification module, the credible node module and the key management module are ensured to execute well-agreed programs, the execution process is prevented from being tampered, and therefore data leakage is avoided.
Drawings
FIG. 1 is a flow chart of a method of the present invention;
fig. 2 is a block diagram of the apparatus of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, the present invention provides a technical solution: the cross-domain secure multi-party computing method based on the trusted execution environment comprises the following steps:
s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module;
s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the calculation request to obtain verification information, and the verification information is transmitted to the storage module for backup;
s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors;
s4, if no abnormity exists, sending the data to an identification module, if an abnormity monitoring unit monitors abnormity, generating a random verification certificate through a random generation module, and sending the random verification certificate to an initial address through a sending module;
s5, comparing the random certificate by the comparison module, rejecting the request if the comparison fails, and identifying the data by the identification module and sending the data to the multi-party calculation module if the comparison succeeds;
s6, the multi-party calculation module calculates the data, and sends the data to the trusted node module after the calculation is completed, the verification module verifies the trusted node module, and the trusted node module verifies the calculation result;
s7, the detection module detects the identification, if the identification is abnormal, the calculation result is sent to the isolation module for isolation, and an alarm is given out through the alarm module;
and S8, if no abnormity exists, sending the result to the key management module to encrypt the calculation result, authenticating the key management module by the authentication module, and sending the calculation result through the communication module after the encryption is finished.
Further, the input unit includes a data module and a request module, and the step of inputting data and sending a request by the input unit in step S1 includes:
the data module inputs data to be calculated;
the request module sends a calculation request to the receiving module.
Further, the identity unit includes a signature information module, a public-private key module and a dynamic verification module, and the identity unit identity verification step in step S2 includes:
the signature information module verifies the signature information of the requester;
the public and private key module verifies the public key and the private key of the requester;
the dynamic authentication module dynamically authenticates the requester.
Further, the anomaly monitoring unit includes an address detection module, an equipment detection module, a sensitive detection module and a frequency detection module, and the step of monitoring the anomaly monitoring unit in step S3 includes:
the address detection module detects whether the IP address of the requester is a common IP address;
the equipment detection module detects whether the equipment used by the requester is the commonly used equipment;
the sensitive detection module detects the importance degree of the calculation data requested by the requester;
the frequency detection module detects the frequency of the identity verification of the requester in the identity unit.
Further, the verification module in step S6 verifies the trusted node module, where the verification is identity verification, and detects whether the trusted node module is an agreed program.
The cross-domain safe multi-party computing device based on the trusted execution environment comprises an input unit, a receiving module, an identity unit, a storage module, an abnormality monitoring unit, a random generation module, a comparison module, an identification module, a multi-party computing module, a trusted node module, a verification module, a detection module, an isolation module, an alarm module, an authentication module, a key management module, an authentication module and a communication module;
the authentication module is used for authenticating the key management module and avoiding the key management module from being tampered;
the verification module is used for verifying the trusted node module, ensuring that the trusted node module is an agreed program, and avoiding the calculation data leakage at the trusted node module.
Further, the input unit comprises a data module and a request module.
Furthermore, the identity unit comprises a signature information module, a public and private key module and a dynamic verification module.
Furthermore, the abnormity monitoring unit comprises an address detection module, an equipment detection module, a sensitive detection module and a frequency detection module.
Specifically, a data module inputs data to be calculated, a request module sends a calculation request to a receiving module, the receiving module receives the calculation request, an identity unit carries out identity verification on the calculation request to obtain verification information, a signature information module verifies the signature information of a requester, a public and private key module verifies a public key and a private key of the requester, a dynamic verification module carries out dynamic verification on the requester and transmits the verification information to a storage module for backup, if the identity unit fails to verify, the request is rejected, if the identity unit succeeds in verification, an anomaly monitoring unit carries out monitoring, an address detection module detects whether the IP address of the requester is a common IP address, an equipment detection module detects whether the equipment used by the requester is common equipment or not, and a sensitive detection module detects the importance degree of the calculation data requested by the requester, the number detection module detects the number of times that a requester verifies identity in an identity unit, if the number is not abnormal, data is sent to the identification module, if the abnormality monitoring unit monitors abnormality, a random verification certificate is generated through the random generation module and sent to an initial address through the sending module, the random verification certificate is compared through the comparison module, if the comparison fails, the request is rejected, if the comparison succeeds, the identification module identifies the data and sends the data to the multi-party calculation module, the multi-party calculation module calculates the data, the data is sent to the trusted node module after calculation is completed, the verification module verifies the trusted node module, the trusted node module verifies the calculation result, the detection module detects the identification, if the identification is found to be abnormal, the calculation result is sent to the isolation module for isolation, an alarm is sent through the alarm module, and if the identification is not abnormal, the calculation result is sent to the secret key management module for encryption, the authentication module authenticates the key management module, and sends a calculation result through the communication module after encryption is finished.
In the description of the present invention, it is to be understood that the terms "coaxial", "bottom", "one end", "top", "middle", "other end", "upper", "one side", "top", "inner", "front", "center", "both ends", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience of description and simplicity of description, and do not indicate or imply that the referenced device or element must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention.
Furthermore, the terms "first", "second", "third", "fourth" are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated, whereby the features defined as "first", "second", "third", "fourth" may explicitly or implicitly include at least one such feature.
In the present invention, unless otherwise expressly specified or limited, the terms "mounted," "disposed," "connected," "secured," "screwed" and the like are to be construed broadly, e.g., as meaning fixedly connected, detachably connected, or integrally formed; can be mechanically or electrically connected; the terms may be directly connected or indirectly connected through an intermediate, and may be communication between two elements or interaction relationship between two elements, unless otherwise specifically limited, and the specific meaning of the terms in the present invention will be understood by those skilled in the art according to specific situations.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (9)

1. A cross-domain secure multi-party computing method based on a trusted execution environment is characterized in that: the method comprises the following steps:
s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module;
s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the calculation request to obtain verification information, and the verification information is transmitted to the storage module for backup;
s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors;
s4, if no abnormity exists, sending the data to an identification module, if an abnormity monitoring unit monitors abnormity, generating a random verification certificate through a random generation module, and sending the random verification certificate to an initial address through a sending module;
s5, comparing the random certificate by the comparison module, rejecting the request if the comparison fails, and identifying the data by the identification module and sending the data to the multi-party calculation module if the comparison succeeds;
s6, the multi-party calculation module calculates the data, and sends the data to the trusted node module after the calculation is completed, the verification module verifies the trusted node module, and the trusted node module verifies the calculation result;
s7, the detection module detects the identification, if the identification is abnormal, the calculation result is sent to the isolation module for isolation, and an alarm is given out through the alarm module;
and S8, if no abnormity exists, sending the result to the key management module to encrypt the calculation result, authenticating the key management module by the authentication module, and sending the calculation result through the communication module after the encryption is finished.
2. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: the input unit includes a data module and a request module, and the step of inputting data and sending a request in the step S1 includes:
the data module inputs data to be calculated;
the request module sends a calculation request to the receiving module.
3. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: the identity unit comprises a signature information module, a public and private key module and a dynamic verification module, and the identity unit identity verification step in the step S2 comprises:
the signature information module verifies the signature information of the requester;
the public and private key module verifies the public key and the private key of the requester;
the dynamic authentication module dynamically authenticates the requester.
4. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: the abnormality monitoring unit includes an address detection module, an equipment detection module, a sensitivity detection module, and a frequency detection module, and the abnormality monitoring unit monitoring step in step S3 includes:
the address detection module detects whether the IP address of the requester is a common IP address;
the equipment detection module detects whether the equipment used by the requester is the commonly used equipment;
the sensitive detection module detects the importance degree of the calculation data requested by the requester;
the frequency detection module detects the frequency of the identity verification of the requester in the identity unit.
5. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: in step S6, the verification module verifies the trusted node module, where the verification is identity verification, and detects whether the trusted node module is an agreed program.
6. The device for cross-domain safe multi-party computation based on the trusted execution environment is characterized by comprising an input unit, a receiving module, an identity unit, a storage module, an abnormity monitoring unit, a random generation module, a comparison module, an identification module, a multi-party computation module, a trusted node module, a verification module, a detection module, an isolation module, an alarm module, an authentication module, a key management module, an authentication module and a communication module;
the authentication module is used for authenticating the key management module and avoiding the key management module from being tampered;
the verification module is used for verifying the trusted node module, ensuring that the trusted node module is an agreed program, and avoiding the calculation data leakage at the trusted node module.
7. The trusted execution environment based cross-domain secure multi-party computing apparatus of claim 6, wherein: the input unit comprises a data module and a request module.
8. The trusted execution environment based cross-domain secure multi-party computing apparatus of claim 6, wherein: the identity unit comprises a signature information module, a public and private key module and a dynamic verification module.
9. The trusted execution environment based cross-domain secure multi-party computing apparatus of claim 6, wherein: the abnormity monitoring unit comprises an address detection module, an equipment detection module, a sensitive detection module and a frequency detection module.
CN202110833138.XA 2021-07-22 2021-07-22 Cross-domain secure multiparty computing method and device based on trusted execution environment Pending CN113569211A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110833138.XA CN113569211A (en) 2021-07-22 2021-07-22 Cross-domain secure multiparty computing method and device based on trusted execution environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110833138.XA CN113569211A (en) 2021-07-22 2021-07-22 Cross-domain secure multiparty computing method and device based on trusted execution environment

Publications (1)

Publication Number Publication Date
CN113569211A true CN113569211A (en) 2021-10-29

Family

ID=78166488

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110833138.XA Pending CN113569211A (en) 2021-07-22 2021-07-22 Cross-domain secure multiparty computing method and device based on trusted execution environment

Country Status (1)

Country Link
CN (1) CN113569211A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113990045A (en) * 2021-11-19 2022-01-28 国网上海市电力公司 Internet of things encryption system for SF6 gas leakage alarm device system
CN114679453A (en) * 2022-03-10 2022-06-28 蚂蚁区块链科技(上海)有限公司 Method and device for detecting malicious attack in multi-party cooperative computing

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030041250A1 (en) * 2001-07-27 2003-02-27 Proudler Graeme John Privacy of data on a computer platform
CN103856477A (en) * 2012-12-06 2014-06-11 阿里巴巴集团控股有限公司 Trusted computing system, corresponding attestation method and corresponding devices
CN109274694A (en) * 2018-11-14 2019-01-25 天津市国瑞数码安全系统股份有限公司 A kind of general cross-domain authentication method based on mark
CN110166444A (en) * 2019-05-05 2019-08-23 桂林电子科技大学 Isomery cross-domain authentication method based on trusted agent under a kind of cloud environment
CN111027086A (en) * 2019-12-16 2020-04-17 支付宝(杭州)信息技术有限公司 Private data protection method and system
CN111143890A (en) * 2019-12-26 2020-05-12 百度在线网络技术(北京)有限公司 Calculation processing method, device, equipment and medium based on block chain

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030041250A1 (en) * 2001-07-27 2003-02-27 Proudler Graeme John Privacy of data on a computer platform
CN103856477A (en) * 2012-12-06 2014-06-11 阿里巴巴集团控股有限公司 Trusted computing system, corresponding attestation method and corresponding devices
CN109274694A (en) * 2018-11-14 2019-01-25 天津市国瑞数码安全系统股份有限公司 A kind of general cross-domain authentication method based on mark
CN110166444A (en) * 2019-05-05 2019-08-23 桂林电子科技大学 Isomery cross-domain authentication method based on trusted agent under a kind of cloud environment
CN111027086A (en) * 2019-12-16 2020-04-17 支付宝(杭州)信息技术有限公司 Private data protection method and system
CN111143890A (en) * 2019-12-26 2020-05-12 百度在线网络技术(北京)有限公司 Calculation processing method, device, equipment and medium based on block chain

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
刘浩东: "基于安全多方计算的隐私保护异常检测算法的外包计算", 硕士电子期刊, 15 January 2019 (2019-01-15) *
闫世斗: "云计算中认证与隐私保护技术的研究", 硕士电子期刊, 15 May 2013 (2013-05-15) *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113990045A (en) * 2021-11-19 2022-01-28 国网上海市电力公司 Internet of things encryption system for SF6 gas leakage alarm device system
CN114679453A (en) * 2022-03-10 2022-06-28 蚂蚁区块链科技(上海)有限公司 Method and device for detecting malicious attack in multi-party cooperative computing
CN114679453B (en) * 2022-03-10 2023-10-27 蚂蚁区块链科技(上海)有限公司 Method, device, medium and computing equipment for detecting malicious attack in multiparty collaborative computing

Similar Documents

Publication Publication Date Title
TWI512524B (en) System and method for identifying users
WO2020000786A1 (en) Voting method and apparatus, and computer device and computer readable storage medium
US20230033988A1 (en) Consensus-based online authentication
US10333930B2 (en) System and method for transparent multi-factor authentication and security posture checking
CN105553666B (en) Intelligent power terminal safety authentication system and method
Jaidhar Enhanced mutual authentication scheme for cloud architecture
CN113569211A (en) Cross-domain secure multiparty computing method and device based on trusted execution environment
Han et al. An Improved Biometric Based Authentication Scheme with User Anonymity Using Elliptic Curve Cryptosystem.
CN105791282A (en) Private information protection method, mobile terminal and wearable device
Han et al. A survey on MITM and its countermeasures in the TLS handshake protocol
CN114584331A (en) Power distribution internet of things edge internet of things agent network security protection method and system
CN114003888B (en) Bidirectional authentication method and device for storage system access based on hardware information
JP4874007B2 (en) Authentication system, server computer, program, and recording medium
CN111654378B (en) Data security self-checking method based on electric power security gateway
CN110830507B (en) Resource access method, device, electronic equipment and system
CN110868415B (en) Remote identity verification method and device
CN112261103A (en) Node access method and related equipment
CN107026734A (en) A kind of method and system that Password Management is carried out using certification lasting effectiveness
CN113783846B (en) Trusted data transmission system and method
CN111669746B (en) Protection system for information security of Internet of things
CN116633530A (en) Quantum key transmission method, device and system
Malina et al. Efficient and secure access control system based on programmable smart cards
CN116471081B (en) Indoor security anonymous authentication method based on Internet of things technology
CN115208696B (en) Remote communication method and device for substation telecontrol device
Chen et al. Detection and Prevention of New Attacks for ID-based Authentication Protocols

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination