Disclosure of Invention
The invention mainly aims to provide a trusted computing system and a resource processing method based on the trusted computing system, and aims to solve the problems that the existing hardware trusted execution environment in the prior art cannot meet the large-scale private computing requirement and cannot realize multi-party trusted computing.
To achieve the above object, the present invention provides a trusted computing system, wherein the trusted computing system comprises: the encryption and decryption module, the memory unit and the calculation unit; the trusted computing system carries out data input and output through a host bus interface;
the encryption and decryption module is used for receiving the encrypted resources input by the host bus interface, decrypting the encrypted resources and sending the decrypted resources to the memory unit;
the memory unit is used for storing the decrypted resource sent by the encryption and decryption module;
the computing unit is used for computing the decrypted resource in the memory unit according to the computing instruction and sending the computed resource to the encryption and decryption module;
the encryption and decryption module is further used for encrypting the calculated resources sent by the calculation unit and outputting the encrypted resources through the host bus interface.
The trusted computing system, wherein the trusted computing system further comprises a secure key management module; the security key management module is used for providing keys and key management when the encryption and decryption module encrypts or decrypts resources.
The trusted computing system, wherein the trusted computing system implements resource exchange with a host or an external system through the host bus interface.
In addition, the invention also provides a resource processing method based on the trusted computing system, wherein the resource processing method of the trusted computing system comprises the following steps:
acquiring encrypted resources, and controlling the encrypted resources to enter the trusted computing system through the host bus interface;
the encrypted resources are decrypted by the encryption and decryption module and then stored in the memory unit, and then enter the computing unit for computing according to a computing instruction;
and encrypting the calculated resources through the encryption and decryption module, and outputting the encrypted resources through the host bus interface.
The resource processing method of the trusted computing system, wherein the resource processing method of the trusted computing system further includes:
for each resource transmitted into the trusted computing system, the trusted computing system records the belonger of each resource and maintains an authorization table for each resource, wherein the authorization table is used for recording the belonged relationship and the authorization relationship of the resource;
for each initiated task, the trusted computing system checks whether the initiator of the current task has the authorization authority of the resources required by the current task according to the authorization table;
if the authorization authority of the required resource is not provided, the current task is refused to be executed, and if the authorization authority of the required resource is provided, the current task is executed.
The resource processing method of the trusted computing system, wherein if the authorization authority of the required resource is provided, the current task is executed, and then the method further comprises:
and if the authorization table of the resource is detected to be changed in the task execution process, the trusted computing system traverses the running task and forcibly stops the task depending on the authorization relationship.
The resource processing method of the trusted computing system, wherein the resource processing method of the trusted computing system further includes:
for each executable task, the trusted computing system allocates a process to each task, and the mutual isolation of the resources processed by each task is realized through the isolation of the processes on the memory address space;
the trusted computing system sets the read-write of each task to the disk as an independent authority, and prohibits the task from accessing files which are not created by the trusted computing system;
for each executable task, the trusted computing system checks the codes of the task operation through the computing unit, and prohibits the system call of communication between the network and different task processes when the codes are compiled.
The resource processing method of the trusted computing system, wherein the resource processing method of the trusted computing system further includes:
in the running process of each task, the trusted computing system records a detailed service operation log through the memory unit; the service operation log comprises algorithm calling time, data calling time, called users and encrypted input and output.
In the resource processing method of the trusted computing system, the service operation log is stored in each participant of a task in a block chain manner, and the participant, namely a resource owner recorded in the trusted computing system, includes a resource provider and a resource user.
The resource processing method of the trusted computing system, wherein the resource comprises data and code.
The invention realizes the isolation of a 'safe area' and a 'normal area' of trusted computing through a system bus, so that any number of computing units and memory units can be deployed on the trusted computing system theoretically, and the invention can support the large-scale privacy computing requirement; the trusted computing system can realize authorization and authentication of multi-party data access, authorization authority check and control before operation of computing tasks, authorization authority check and control during operation, and evidence storage and after-event audit of operation logs, so that resources of all parties in multi-party trusted computing are prevented from being accessed and abused by unauthorized, and development of multi-party trusted computing is promoted.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In a trusted computing system (SPU, Secure Processing Unit, a new trusted computing system) according to a preferred embodiment of the present invention, as shown in fig. 1, the trusted computing system includes: an encryption and decryption module 10, a memory unit 20 and a calculation unit 30; the trusted computing system performs data input and output through a host bus interface 50 (host bus PCIe, peripheral component interconnect express, high-speed serial computer expansion bus standard), that is, the trusted computing system implements resource exchange with a host or an external system through the host bus interface 50.
Specifically, the encryption and decryption module 10 is configured to receive an encrypted resource (the resource includes data and a code, that is, the encrypted resource input by the host bus interface 50 may be encrypted data or an encrypted code, and the input resource may be one or more resources), decrypt the encrypted resource, and send the decrypted resource to the memory unit 20; the memory unit 20 is configured to store the decrypted resource sent by the encryption and decryption module 10; the computing unit 30 is configured to compute the decrypted resource in the memory unit 20 according to the computing instruction, and send the computed resource to the encryption and decryption module 10; the encryption and decryption module 10 is further configured to encrypt the calculated resource sent by the calculating unit 30, and output the encrypted resource through the host bus interface 50. Further, the trusted computing system also includes a secure key management module 40; the security key management module 40 is configured to provide keys and key management when the encryption and decryption module 10 encrypts or decrypts resources.
Wherein, the encryption/decryption module 10 includes an encryption module and a decryption module, the encryption module is used to encrypt the resource, the decryption module is used to decrypt the resource, the encryption module provides an encryption key (for example, the encryption key is a first key) by the security key management module 40 when encrypting the resource, the decryption module provides a decryption key (for example, the decryption key is a second key) by the security key management module 40 when decrypting the resource, the encryption key and the decryption key may be dynamic keys generated according to a certain key generation mechanism, or may use a same static key for each received resource, the encryption key and the decryption key may be the same or different, the security key management module 40 is further used to manage the keys (encryption key or decryption key), keys are updated in real time (e.g., expired keys are replaced, keys are updated periodically, updated keys are added, etc.).
As shown in fig. 2, the memory unit 20 may be configured to be multiple, for example, memory unit 1, memory unit 2, memory unit 3, …, and memory unit n, n is a positive integer greater than 1, the memory unit 20 is configured to store the resource decrypted by the encryption/decryption module 10 in time, the computing unit 30 may be configured to be multiple, for example, computing unit 1, computing unit 2, computing unit 3, …, and computing unit m, m is a positive integer greater than 1, the computing unit 30 is configured to compute the decrypted resource in the memory unit 20 according to a computing instruction, for example, compute (score estimation computation, credit estimation computation, rank estimation computation, etc.) according to an actual requirement of a user, that is, the trusted computing System (SPU) may deploy any number of computing units and memory units, and the trusted computing system is isolated from an external system through a host bus interface, the invention can support the requirement of large-scale privacy computation.
Further, based on the trusted computing system shown in fig. 1, the resource processing method based on the trusted computing system according to the preferred embodiment of the present invention, as shown in fig. 3, includes the following steps:
step S10, acquiring an encrypted resource (the resource is data or code), and controlling the encrypted resource to enter the trusted computing system through the host bus interface;
step S20, the encrypted resources are decrypted by the encryption and decryption module and then stored in the memory unit, and then enter the computing unit for computing according to the computing instruction;
and step S30, encrypting the calculated resources through the encryption and decryption module, and outputting the encrypted resources through the host bus interface.
That is to say, in a working scenario, the resource (data or code) enters the trusted computing System (SPU) in an encrypted state, is decrypted by the encryption and decryption module and then stored in the memory unit, then enters the computing unit inside the trusted computing System (SPU) according to a computing instruction to perform computing, the output resource (data or code) is encrypted by the encryption and decryption module and then output, each party of the data and the algorithm holds a respective key, and the data and the algorithm cannot access unauthorized other parties, so that privacy protection of the data is realized.
In particular, for each piece of data or code (referred to herein as a "resource") that is transmitted to the trusted computing System (SPU), the trusted computing System (SPU) records the belongings of the resource, including the provider of the resource and the consumer of the resource (i.e., also the initiator of the task). For example, where the provider of the resource is a data provider, multiple types of data may be provided for use by task execution code of different task initiators). For example, when the resource provider is a code, it can provide a plurality of data processing functions, and when the data resource owned by the resource user needs to process data, it can apply to process the data by using the code of the resource provider. For each resource, the trusted computing System (SPU) maintains an authorization table (i.e., the authorization table is stored in the SPU), and the relationship and the authorization relationship (including both the authorization of the data resource and the authorization of the code resource) of the resource are recorded in the authorization table. For each task (e.g., a computing task), the trusted computing System (SPU) checks whether the initiator of the task has the authorization right of the resource required by the task (i.e., checks whether the initiator of the task has the authorization right of the resource according to the previous authorization relationship), and if not, the task is rejected, for example, 4 kinds of resources are required for executing a certain task, wherein 3 kinds of resources have authorization rights, and 4 kinds of resources do not have authorization rights, the task is rejected for execution. If the task is refused to be executed, the computer returns failure information outwards from the host bus interface. The task can only be executed if it has the authorization of the required resource. Further, if the authorization table of a resource changes during task execution (the authorization table may change rather than change all the time, for example, if the authorization for an object expires and the authorization for the object ends, the change is indicated by the authorization table, and generally the authorization table is checked only when the object is added, deleted and initiated), the trusted computing System (SPU) will stop the task without authorization right immediately, that is, when the change is detected during task execution, the trusted computing system will traverse the running task and forcibly stop the task depending on the authorization relationship.
Specifically, for each executable task, the trusted computing System (SPU) allocates a process (a program execution process) to the SPU, and the isolation of the process on the memory address space is used to implement the mutual isolation of the resources processed by each task, thereby implementing an independent memory address space to avoid the occurrence of potential safety hazard; the trusted computing System (SPU) sets an independent authority for the reading and writing of each task to the disk, and does not allow the task to access files which are not created by the SPU; the trusted computing System (SPU) checks the code of the task running through the computing unit, prohibits the system call of the communication between the network and the different task processes when the code is compiled, and prevents the tasks from exchanging information through the communication between the network and the processes. Through the combination of the three steps, the access of each task to the memory, the file and the network is limited in the space of the task, and the task is prevented from being leaked or other task information is prevented from being acquired.
Specifically, for the running process of each task, the trusted computing System (SPU) records a detailed service operation log, such as the time of algorithm call and data call, the user of the call, the encrypted input and output, and the like, through the memory unit. The service operation log is to be stored (recorded) in a blockchain manner in each participant of the service, wherein the participants comprise a resource provider and a resource user, such as a data provider, an algorithm provider, a data user, a code provider and the like.
A set of data and code protection framework (namely a trusted computing system) supporting multi-party cooperation is constructed, all accesses to data and codes are guaranteed to be legally authorized, as shown in figure 4, after a task request starts, an authorization table is firstly inquired to check whether an initiator of a current task has authorization permission for accessing resources required by the current task, namely the authorization table is inquired to judge whether the authorization is sufficient, if the initiator does not have the authorization permission for the required resources (namely the authorization is insufficient), the current task is ended (namely the current task is refused to be executed), and if the initiator has the authorization permission for the required resources (namely the authorization is sufficient), a task compiling process is started (namely the current task is executed), and information synchronization is carried out; then checking whether the access control authority is violated or not (namely whether the authorization authority of the authorization table is met or not) in the compiling process, if the access control authority is violated in the compiling process, ending the current task, and if the access control authority is not violated in the compiling process, checking whether the access control authority is violated or not (namely whether the authorization authority of the authorization table is met or not) in the task running process, and meanwhile, carrying out information synchronization; if the access control authority is violated in the running process, the current task is ended, if the access control authority is not violated in the compiling process, the current task is continuously run, and meanwhile, information synchronization is carried out; after the task is completed, the information (the information generated by information synchronization) is subjected to evidence storage and post audit, so that the resources of all parties in the multi-party trusted computing are prevented from being accessed and abused by unauthorized, and the development of the multi-party trusted computing is promoted.
In the hardware architecture of the trusted computing System (SPU), data or code in the encrypted state of an external system enters the trusted computing environment through a host bus PCIe; in the trusted computing environment, data or codes enter an encryption and decryption module, are decrypted through an RSA/ED 25519/national encryption and decryption algorithm, are stored in a framework memory unit, enter a computing unit according to a computing instruction to perform data computing, are encrypted through the encryption and decryption module after the computing is completed, and are output through a host bus PCIe.
The trusted computing System (SPU) of the invention is internally provided with an independent memory and a computing unit, exchanges data or codes with the outside through an independent encryption and decryption module, exchanges data with an external system through a host bus, and does not share computing and storage resources with the external system. Under the structure, a large number of computing units and storage units can be deployed in the structure according to needs, so that support for large-scale privacy computation is realized; meanwhile, the encryption and decryption module and a bus isolation mechanism with an external system ensure the safety of the encryption and decryption module.
The invention aims to provide a solution of a trusted computing system based on multi-party cooperation, under the framework of an SPU (unified processor module), the invention realizes that a 'safe area' and a 'normal area' of trusted computing are isolated through a system bus, and the 'normal area' of a CPU (central processing unit) is isolated through the system bus, so that side channel attacks can be reduced; different from the prior art that a trusted computing system is integrated in a hardware chip, the trusted computing system provided by the invention can be used for deploying any number of computing units and memory units, and the large-scale privacy computing requirements can be supported by flexibly configuring the independent computing units and memory units.
The invention provides a trusted computing system and a resource processing method based on the trusted computing system, wherein the trusted computing system comprises: the encryption and decryption module, the memory unit and the calculation unit; the trusted computing system carries out data input and output through a host bus interface; the encryption and decryption module is used for receiving the encrypted resources input by the host bus interface, decrypting the encrypted resources and sending the decrypted resources to the memory unit; the memory unit is used for storing the decrypted resource sent by the encryption and decryption module; the computing unit is used for computing the decrypted resource in the memory unit according to the computing instruction and sending the computed resource to the encryption and decryption module; the encryption and decryption module is further used for encrypting the calculated resources sent by the calculation unit and outputting the encrypted resources through the host bus interface. The data of the invention enters the trusted computing system in an encrypted state, after being decrypted by the encryption and decryption module, the data is computed in the trusted computing system, the output data is encrypted by the encryption and decryption module and then output, each party of the data and the algorithm has respective secret key, and the data of other parties which are not authorized can not be mutually accessed, thereby realizing the privacy protection of the data.
In summary, the invention can bring the following beneficial effects:
the encryption and decryption module in the trusted computing system decrypts the input encrypted resources and inputs the decrypted resources to the memory unit, the calculation is carried out through the calculation unit, the encrypted resources are output through the encryption and decryption module, a plurality of calculation units and memory units can be arranged, and independent calculation units and memory units can be flexibly configured, so that any number of calculation cores and memories can be deployed theoretically on an SPU (unified peripheral component interconnect) system, and the large-scale privacy calculation requirements can be supported; in addition, the isolation between a 'safe area' and a 'normal area' of trusted computing is realized by isolating the host bus interface from an external system, and the overall security is enhanced because external interfaces are minimized (only the host bus interface is available) and attack surfaces are reduced; finally, the invention carries out flexible multi-party authorization on a plurality of data providers and algorithm (program) providers, carries out authorization authority control, log storage and later multi-party audit on the calculation task, stops unauthorized resource access of the calculation task and solves the problem of privacy calculation under multi-party cooperation.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Of course, it will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by instructing relevant hardware (such as a processor, a controller, etc.) through a computer program, and the program can be stored in a computer readable storage medium, and when executed, the program can include the processes of the embodiments of the methods described above. The computer readable storage medium may be a memory, a magnetic disk, an optical disk, etc.
It is to be understood that the invention is not limited to the examples described above, but that modifications and variations may be effected thereto by those of ordinary skill in the art in light of the foregoing description, and that all such modifications and variations are intended to be within the scope of the invention as defined by the appended claims.