CN113569211A - Cross-domain secure multiparty computing method and device based on trusted execution environment - Google Patents
Cross-domain secure multiparty computing method and device based on trusted execution environment Download PDFInfo
- Publication number
- CN113569211A CN113569211A CN202110833138.XA CN202110833138A CN113569211A CN 113569211 A CN113569211 A CN 113569211A CN 202110833138 A CN202110833138 A CN 202110833138A CN 113569211 A CN113569211 A CN 113569211A
- Authority
- CN
- China
- Prior art keywords
- module
- verification
- identity
- data
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004364 calculation method Methods 0.000 title claims abstract description 66
- 238000012795 verification Methods 0.000 claims abstract description 60
- 238000012544 monitoring process Methods 0.000 claims abstract description 28
- 230000002159 abnormal effect Effects 0.000 claims abstract description 10
- 238000001514 detection method Methods 0.000 claims description 41
- 238000002955 isolation Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 8
- 238000011896 sensitive detection Methods 0.000 claims description 7
- 230000005856 abnormality Effects 0.000 claims description 6
- 238000000034 method Methods 0.000 claims description 3
- 230000035945 sensitivity Effects 0.000 claims description 3
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a cross-domain secure multiparty computing method and a device based on a trusted execution environment, which comprises the following steps: s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module; s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the request, and transmits verification information to the storage module for backup; s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors; s4, if there is no abnormity, sending the data to the identification module, if the abnormity monitoring unit monitors abnormity, generating a random verification certificate through the random generation module; the identity of the requester can be verified in multiple ways through the set identity unit, so that the safety is improved, the abnormal condition of the requester can be monitored through the set abnormal monitoring unit, the condition of stealing the identity of other people is avoided, and the verification of the identity unit is bypassed.
Description
Technical Field
The invention relates to the technical field of secure multi-party computing, in particular to a cross-domain secure multi-party computing method and device based on a trusted execution environment.
Background
The research of the secure multi-party computing mainly aims at the problem of how to securely compute an agreed function under the condition of no trusted third party, the secure multi-party computing is the cryptology basis for implementing a plurality of applications such as electronic election, threshold signature, electronic auction and the like, and a secure multi-party computing protocol is called as information theory secure or unconditional secure if being secure to an attacker with infinite computing power; if the security is safe for an attacker with polynomial computing capability, the attacker is called as being cryptographically secure or conditionally secure, and existing results prove that under an unconditional security model, a secure scheme exists only when the number of malicious participants is less than 1/3 of the total number of the malicious participants, and under a conditional security model, the secure scheme exists only when the number of the malicious participants is less than half of the total number of the malicious participants, so that data is easily leaked and even stolen during multi-party computing at present, and the data cannot be well protected.
Disclosure of Invention
The present invention is directed to a cross-domain secure multiparty computing method and apparatus based on a trusted execution environment, so as to solve the problems in the background art.
In order to achieve the purpose, the invention provides the following technical scheme: the cross-domain secure multi-party computing method based on the trusted execution environment comprises the following steps:
s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module;
s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the calculation request to obtain verification information, and the verification information is transmitted to the storage module for backup;
s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors;
s4, if no abnormity exists, sending the data to an identification module, if an abnormity monitoring unit monitors abnormity, generating a random verification certificate through a random generation module, and sending the random verification certificate to an initial address through a sending module;
s5, comparing the random certificate by the comparison module, rejecting the request if the comparison fails, and identifying the data by the identification module and sending the data to the multi-party calculation module if the comparison succeeds;
s6, the multi-party calculation module calculates the data, and sends the data to the trusted node module after the calculation is completed, the verification module verifies the trusted node module, and the trusted node module verifies the calculation result;
s7, the detection module detects the identification, if the identification is abnormal, the calculation result is sent to the isolation module for isolation, and an alarm is given out through the alarm module;
and S8, if no abnormity exists, sending the result to the key management module to encrypt the calculation result, authenticating the key management module by the authentication module, and sending the calculation result through the communication module after the encryption is finished.
As a preferable aspect of the present invention, the input unit includes a data module and a request module, and the step of inputting data and sending a request by the input unit in step S1 includes:
the data module inputs data to be calculated;
the request module sends a calculation request to the receiving module.
As a preferred scheme of the present invention, the identity unit includes a signature information module, a public-private key module, and a dynamic verification module, and the identity unit identity verification step in step S2 includes:
the signature information module verifies the signature information of the requester;
the public and private key module verifies the public key and the private key of the requester;
the dynamic authentication module dynamically authenticates the requester.
As a preferable scheme of the present invention, the anomaly monitoring unit includes an address detection module, an equipment detection module, a sensitivity detection module, and a frequency detection module, and the step of monitoring the anomaly monitoring unit in step S3 includes:
the address detection module detects whether the IP address of the requester is a common IP address;
the equipment detection module detects whether the equipment used by the requester is the commonly used equipment;
the sensitive detection module detects the importance degree of the calculation data requested by the requester;
the frequency detection module detects the frequency of the identity verification of the requester in the identity unit.
As a preferred scheme of the present invention, the verification module in step S6 verifies the trusted node module, where the verification is identity verification, and detects whether the trusted node module is an agreed program.
The cross-domain safe multi-party computing device based on the trusted execution environment comprises an input unit, a receiving module, an identity unit, a storage module, an abnormality monitoring unit, a random generation module, a comparison module, an identification module, a multi-party computing module, a trusted node module, a verification module, a detection module, an isolation module, an alarm module, an authentication module, a key management module, an authentication module and a communication module;
the authentication module is used for authenticating the key management module and avoiding the key management module from being tampered;
the verification module is used for verifying the trusted node module, ensuring that the trusted node module is an agreed program, and avoiding the calculation data leakage at the trusted node module.
As a preferable aspect of the present invention, the input unit includes a data module and a request module.
As a preferred scheme of the present invention, the identity unit includes a signature information module, a public-private key module, and a dynamic verification module.
As a preferred scheme of the present invention, the anomaly monitoring unit includes an address detection module, an equipment detection module, a sensitivity detection module, and a frequency detection module.
Compared with the prior art, the invention has the beneficial effects that: the identity of a requester can be verified in multiple ways through the set identity unit, so that the safety is improved, the abnormal condition of the requester can be monitored through the set abnormal monitoring unit, the condition of stealing the identity of other people is avoided, the verification of the identity unit is bypassed, the data is acquired, the data can be identified through the set identification module, the detection module, the isolation module and the alarm module, when the data is read for multiple times, the data is isolated and an alarm is sent out, the data is further protected, the calculation result can be verified through the set credible node module, the reliability of the calculation result is ensured, the credible node module and the key management module can be verified through the set authentication module and the verification module, the credible node module and the key management module are ensured to execute well-agreed programs, the execution process is prevented from being tampered, and therefore data leakage is avoided.
Drawings
FIG. 1 is a flow chart of a method of the present invention;
fig. 2 is a block diagram of the apparatus of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, the present invention provides a technical solution: the cross-domain secure multi-party computing method based on the trusted execution environment comprises the following steps:
s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module;
s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the calculation request to obtain verification information, and the verification information is transmitted to the storage module for backup;
s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors;
s4, if no abnormity exists, sending the data to an identification module, if an abnormity monitoring unit monitors abnormity, generating a random verification certificate through a random generation module, and sending the random verification certificate to an initial address through a sending module;
s5, comparing the random certificate by the comparison module, rejecting the request if the comparison fails, and identifying the data by the identification module and sending the data to the multi-party calculation module if the comparison succeeds;
s6, the multi-party calculation module calculates the data, and sends the data to the trusted node module after the calculation is completed, the verification module verifies the trusted node module, and the trusted node module verifies the calculation result;
s7, the detection module detects the identification, if the identification is abnormal, the calculation result is sent to the isolation module for isolation, and an alarm is given out through the alarm module;
and S8, if no abnormity exists, sending the result to the key management module to encrypt the calculation result, authenticating the key management module by the authentication module, and sending the calculation result through the communication module after the encryption is finished.
Further, the input unit includes a data module and a request module, and the step of inputting data and sending a request by the input unit in step S1 includes:
the data module inputs data to be calculated;
the request module sends a calculation request to the receiving module.
Further, the identity unit includes a signature information module, a public-private key module and a dynamic verification module, and the identity unit identity verification step in step S2 includes:
the signature information module verifies the signature information of the requester;
the public and private key module verifies the public key and the private key of the requester;
the dynamic authentication module dynamically authenticates the requester.
Further, the anomaly monitoring unit includes an address detection module, an equipment detection module, a sensitive detection module and a frequency detection module, and the step of monitoring the anomaly monitoring unit in step S3 includes:
the address detection module detects whether the IP address of the requester is a common IP address;
the equipment detection module detects whether the equipment used by the requester is the commonly used equipment;
the sensitive detection module detects the importance degree of the calculation data requested by the requester;
the frequency detection module detects the frequency of the identity verification of the requester in the identity unit.
Further, the verification module in step S6 verifies the trusted node module, where the verification is identity verification, and detects whether the trusted node module is an agreed program.
The cross-domain safe multi-party computing device based on the trusted execution environment comprises an input unit, a receiving module, an identity unit, a storage module, an abnormality monitoring unit, a random generation module, a comparison module, an identification module, a multi-party computing module, a trusted node module, a verification module, a detection module, an isolation module, an alarm module, an authentication module, a key management module, an authentication module and a communication module;
the authentication module is used for authenticating the key management module and avoiding the key management module from being tampered;
the verification module is used for verifying the trusted node module, ensuring that the trusted node module is an agreed program, and avoiding the calculation data leakage at the trusted node module.
Further, the input unit comprises a data module and a request module.
Furthermore, the identity unit comprises a signature information module, a public and private key module and a dynamic verification module.
Furthermore, the abnormity monitoring unit comprises an address detection module, an equipment detection module, a sensitive detection module and a frequency detection module.
Specifically, a data module inputs data to be calculated, a request module sends a calculation request to a receiving module, the receiving module receives the calculation request, an identity unit carries out identity verification on the calculation request to obtain verification information, a signature information module verifies the signature information of a requester, a public and private key module verifies a public key and a private key of the requester, a dynamic verification module carries out dynamic verification on the requester and transmits the verification information to a storage module for backup, if the identity unit fails to verify, the request is rejected, if the identity unit succeeds in verification, an anomaly monitoring unit carries out monitoring, an address detection module detects whether the IP address of the requester is a common IP address, an equipment detection module detects whether the equipment used by the requester is common equipment or not, and a sensitive detection module detects the importance degree of the calculation data requested by the requester, the number detection module detects the number of times that a requester verifies identity in an identity unit, if the number is not abnormal, data is sent to the identification module, if the abnormality monitoring unit monitors abnormality, a random verification certificate is generated through the random generation module and sent to an initial address through the sending module, the random verification certificate is compared through the comparison module, if the comparison fails, the request is rejected, if the comparison succeeds, the identification module identifies the data and sends the data to the multi-party calculation module, the multi-party calculation module calculates the data, the data is sent to the trusted node module after calculation is completed, the verification module verifies the trusted node module, the trusted node module verifies the calculation result, the detection module detects the identification, if the identification is found to be abnormal, the calculation result is sent to the isolation module for isolation, an alarm is sent through the alarm module, and if the identification is not abnormal, the calculation result is sent to the secret key management module for encryption, the authentication module authenticates the key management module, and sends a calculation result through the communication module after encryption is finished.
In the description of the present invention, it is to be understood that the terms "coaxial", "bottom", "one end", "top", "middle", "other end", "upper", "one side", "top", "inner", "front", "center", "both ends", and the like, indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience of description and simplicity of description, and do not indicate or imply that the referenced device or element must have a particular orientation, be constructed and operated in a particular orientation, and thus, are not to be construed as limiting the present invention.
Furthermore, the terms "first", "second", "third", "fourth" are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated, whereby the features defined as "first", "second", "third", "fourth" may explicitly or implicitly include at least one such feature.
In the present invention, unless otherwise expressly specified or limited, the terms "mounted," "disposed," "connected," "secured," "screwed" and the like are to be construed broadly, e.g., as meaning fixedly connected, detachably connected, or integrally formed; can be mechanically or electrically connected; the terms may be directly connected or indirectly connected through an intermediate, and may be communication between two elements or interaction relationship between two elements, unless otherwise specifically limited, and the specific meaning of the terms in the present invention will be understood by those skilled in the art according to specific situations.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (9)
1. A cross-domain secure multi-party computing method based on a trusted execution environment is characterized in that: the method comprises the following steps:
s1, inputting data to be calculated by an input unit, and sending a calculation request to a receiving module;
s2, the receiving module receives the calculation request, the identity unit carries out identity verification on the calculation request to obtain verification information, and the verification information is transmitted to the storage module for backup;
s3, if the identity unit fails to verify, rejecting the request, if the identity unit succeeds in verifying, the abnormity monitoring unit monitors;
s4, if no abnormity exists, sending the data to an identification module, if an abnormity monitoring unit monitors abnormity, generating a random verification certificate through a random generation module, and sending the random verification certificate to an initial address through a sending module;
s5, comparing the random certificate by the comparison module, rejecting the request if the comparison fails, and identifying the data by the identification module and sending the data to the multi-party calculation module if the comparison succeeds;
s6, the multi-party calculation module calculates the data, and sends the data to the trusted node module after the calculation is completed, the verification module verifies the trusted node module, and the trusted node module verifies the calculation result;
s7, the detection module detects the identification, if the identification is abnormal, the calculation result is sent to the isolation module for isolation, and an alarm is given out through the alarm module;
and S8, if no abnormity exists, sending the result to the key management module to encrypt the calculation result, authenticating the key management module by the authentication module, and sending the calculation result through the communication module after the encryption is finished.
2. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: the input unit includes a data module and a request module, and the step of inputting data and sending a request in the step S1 includes:
the data module inputs data to be calculated;
the request module sends a calculation request to the receiving module.
3. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: the identity unit comprises a signature information module, a public and private key module and a dynamic verification module, and the identity unit identity verification step in the step S2 comprises:
the signature information module verifies the signature information of the requester;
the public and private key module verifies the public key and the private key of the requester;
the dynamic authentication module dynamically authenticates the requester.
4. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: the abnormality monitoring unit includes an address detection module, an equipment detection module, a sensitivity detection module, and a frequency detection module, and the abnormality monitoring unit monitoring step in step S3 includes:
the address detection module detects whether the IP address of the requester is a common IP address;
the equipment detection module detects whether the equipment used by the requester is the commonly used equipment;
the sensitive detection module detects the importance degree of the calculation data requested by the requester;
the frequency detection module detects the frequency of the identity verification of the requester in the identity unit.
5. The trusted execution environment based cross-domain secure multi-party computing method of claim 1, wherein: in step S6, the verification module verifies the trusted node module, where the verification is identity verification, and detects whether the trusted node module is an agreed program.
6. The device for cross-domain safe multi-party computation based on the trusted execution environment is characterized by comprising an input unit, a receiving module, an identity unit, a storage module, an abnormity monitoring unit, a random generation module, a comparison module, an identification module, a multi-party computation module, a trusted node module, a verification module, a detection module, an isolation module, an alarm module, an authentication module, a key management module, an authentication module and a communication module;
the authentication module is used for authenticating the key management module and avoiding the key management module from being tampered;
the verification module is used for verifying the trusted node module, ensuring that the trusted node module is an agreed program, and avoiding the calculation data leakage at the trusted node module.
7. The trusted execution environment based cross-domain secure multi-party computing apparatus of claim 6, wherein: the input unit comprises a data module and a request module.
8. The trusted execution environment based cross-domain secure multi-party computing apparatus of claim 6, wherein: the identity unit comprises a signature information module, a public and private key module and a dynamic verification module.
9. The trusted execution environment based cross-domain secure multi-party computing apparatus of claim 6, wherein: the abnormity monitoring unit comprises an address detection module, an equipment detection module, a sensitive detection module and a frequency detection module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110833138.XA CN113569211A (en) | 2021-07-22 | 2021-07-22 | Cross-domain secure multiparty computing method and device based on trusted execution environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110833138.XA CN113569211A (en) | 2021-07-22 | 2021-07-22 | Cross-domain secure multiparty computing method and device based on trusted execution environment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113569211A true CN113569211A (en) | 2021-10-29 |
Family
ID=78166488
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110833138.XA Pending CN113569211A (en) | 2021-07-22 | 2021-07-22 | Cross-domain secure multiparty computing method and device based on trusted execution environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113569211A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113990045A (en) * | 2021-11-19 | 2022-01-28 | 国网上海市电力公司 | Internet of things encryption system for SF6 gas leakage alarm device system |
CN114679453A (en) * | 2022-03-10 | 2022-06-28 | 蚂蚁区块链科技(上海)有限公司 | Method and device for detecting malicious attack in multi-party cooperative computing |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030041250A1 (en) * | 2001-07-27 | 2003-02-27 | Proudler Graeme John | Privacy of data on a computer platform |
CN103856477A (en) * | 2012-12-06 | 2014-06-11 | 阿里巴巴集团控股有限公司 | Trusted computing system, corresponding attestation method and corresponding devices |
CN109274694A (en) * | 2018-11-14 | 2019-01-25 | 天津市国瑞数码安全系统股份有限公司 | A kind of general cross-domain authentication method based on mark |
CN110166444A (en) * | 2019-05-05 | 2019-08-23 | 桂林电子科技大学 | Isomery cross-domain authentication method based on trusted agent under a kind of cloud environment |
CN111027086A (en) * | 2019-12-16 | 2020-04-17 | 支付宝(杭州)信息技术有限公司 | Private data protection method and system |
CN111143890A (en) * | 2019-12-26 | 2020-05-12 | 百度在线网络技术(北京)有限公司 | Calculation processing method, device, equipment and medium based on block chain |
-
2021
- 2021-07-22 CN CN202110833138.XA patent/CN113569211A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030041250A1 (en) * | 2001-07-27 | 2003-02-27 | Proudler Graeme John | Privacy of data on a computer platform |
CN103856477A (en) * | 2012-12-06 | 2014-06-11 | 阿里巴巴集团控股有限公司 | Trusted computing system, corresponding attestation method and corresponding devices |
CN109274694A (en) * | 2018-11-14 | 2019-01-25 | 天津市国瑞数码安全系统股份有限公司 | A kind of general cross-domain authentication method based on mark |
CN110166444A (en) * | 2019-05-05 | 2019-08-23 | 桂林电子科技大学 | Isomery cross-domain authentication method based on trusted agent under a kind of cloud environment |
CN111027086A (en) * | 2019-12-16 | 2020-04-17 | 支付宝(杭州)信息技术有限公司 | Private data protection method and system |
CN111143890A (en) * | 2019-12-26 | 2020-05-12 | 百度在线网络技术(北京)有限公司 | Calculation processing method, device, equipment and medium based on block chain |
Non-Patent Citations (2)
Title |
---|
刘浩东: "基于安全多方计算的隐私保护异常检测算法的外包计算", 硕士电子期刊, 15 January 2019 (2019-01-15) * |
闫世斗: "云计算中认证与隐私保护技术的研究", 硕士电子期刊, 15 May 2013 (2013-05-15) * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113990045A (en) * | 2021-11-19 | 2022-01-28 | 国网上海市电力公司 | Internet of things encryption system for SF6 gas leakage alarm device system |
CN114679453A (en) * | 2022-03-10 | 2022-06-28 | 蚂蚁区块链科技(上海)有限公司 | Method and device for detecting malicious attack in multi-party cooperative computing |
CN114679453B (en) * | 2022-03-10 | 2023-10-27 | 蚂蚁区块链科技(上海)有限公司 | Method, device, medium and computing equipment for detecting malicious attack in multiparty collaborative computing |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI512524B (en) | System and method for identifying users | |
WO2020000786A1 (en) | Voting method and apparatus, and computer device and computer readable storage medium | |
US20230033988A1 (en) | Consensus-based online authentication | |
US10333930B2 (en) | System and method for transparent multi-factor authentication and security posture checking | |
CN105553666B (en) | Intelligent power terminal safety authentication system and method | |
Jaidhar | Enhanced mutual authentication scheme for cloud architecture | |
CN113569211A (en) | Cross-domain secure multiparty computing method and device based on trusted execution environment | |
Han et al. | An Improved Biometric Based Authentication Scheme with User Anonymity Using Elliptic Curve Cryptosystem. | |
CN105791282A (en) | Private information protection method, mobile terminal and wearable device | |
Han et al. | A survey on MITM and its countermeasures in the TLS handshake protocol | |
CN114584331A (en) | Power distribution internet of things edge internet of things agent network security protection method and system | |
CN114003888B (en) | Bidirectional authentication method and device for storage system access based on hardware information | |
JP4874007B2 (en) | Authentication system, server computer, program, and recording medium | |
CN111654378B (en) | Data security self-checking method based on electric power security gateway | |
CN110830507B (en) | Resource access method, device, electronic equipment and system | |
CN110868415B (en) | Remote identity verification method and device | |
CN112261103A (en) | Node access method and related equipment | |
CN107026734A (en) | A kind of method and system that Password Management is carried out using certification lasting effectiveness | |
CN113783846B (en) | Trusted data transmission system and method | |
CN111669746B (en) | Protection system for information security of Internet of things | |
CN116633530A (en) | Quantum key transmission method, device and system | |
Malina et al. | Efficient and secure access control system based on programmable smart cards | |
CN116471081B (en) | Indoor security anonymous authentication method based on Internet of things technology | |
CN115208696B (en) | Remote communication method and device for substation telecontrol device | |
Chen et al. | Detection and Prevention of New Attacks for ID-based Authentication Protocols |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |