CN113886862B - Trusted computing system and resource processing method based on trusted computing system - Google Patents
Trusted computing system and resource processing method based on trusted computing system Download PDFInfo
- Publication number
- CN113886862B CN113886862B CN202111477932.1A CN202111477932A CN113886862B CN 113886862 B CN113886862 B CN 113886862B CN 202111477932 A CN202111477932 A CN 202111477932A CN 113886862 B CN113886862 B CN 113886862B
- Authority
- CN
- China
- Prior art keywords
- computing system
- task
- resource
- trusted computing
- resources
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 20
- 230000015654 memory Effects 0.000 claims abstract description 53
- 238000004364 calculation method Methods 0.000 claims abstract description 18
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 10
- 238000013475 authorization Methods 0.000 claims description 62
- 238000000034 method Methods 0.000 claims description 54
- 230000008569 process Effects 0.000 claims description 40
- 239000003999 initiator Substances 0.000 claims description 10
- 238000002955 isolation Methods 0.000 claims description 9
- 238000004891 communication Methods 0.000 claims description 6
- 230000008859 change Effects 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 5
- 230000006870 function Effects 0.000 claims description 3
- 238000007726 management method Methods 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 6
- 238000011161 development Methods 0.000 description 5
- 238000012550 audit Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008521 reorganization Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5011—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
- G06F9/5016—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a trusted computing system and a resource processing method based on the trusted computing system, wherein the trusted computing system comprises: the encryption and decryption module, the memory unit and the calculation unit; the trusted computing system carries out data input and output through a host bus interface; the encryption and decryption module is used for receiving the encrypted resources, decrypting the encrypted resources and then sending the decrypted resources to the memory unit; the memory unit is used for storing the decrypted resource sent by the encryption and decryption module; the computing unit is used for computing the decrypted resource in the memory unit according to the computing instruction and sending the computed resource to the encryption and decryption module; the encryption and decryption module is further used for encrypting the calculated resources sent by the calculation unit and outputting the encrypted resources through the host bus interface. The invention realizes that each party of the data and the algorithm can not access the data of other unauthorized parties, and realizes the privacy protection of the data.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a trusted computing system and a resource processing method based on the trusted computing system.
Background
In a broad sense, the privacy protection is oriented to the whole life cycle of privacy information and mainly comprises data transmission, data storage and data application. Data transmission and data storage technologies are relatively mature at present, such as SM2, SM3, SM4, RSA, SHA2, AES, SSL/TLS, and the like, and privacy protection technologies related to data applications are still in a development stage, wherein trusted computing based on a hardware Trusted Execution Environment (TEE) to achieve data computing protection is in widespread interest.
In 1983, the department of defense of a country published the first evaluation criterion of a Trusted computer system in the world, namely the evaluation standard of a Trusted Computer System (TCSEC), and in 2003, a plurality of international well-known manufacturers initiated the development and reorganization of a Trusted Computing Alliance (TCPA) into a Trusted Computing Group (TCG), and the emergence of the Trusted Computing Group promoted the further development of research and application of Trusted Computing technology. To reduce reliance on proper software trust, trusted computing protects privacy security in data applications by performing computations in a hardware-based trusted execution environment. The core of the trusted computing is that a security chip architecture is introduced on a computer hardware platform, and the security of a terminal system is improved through the provided security characteristics.
The existing hardware Trusted Execution Environment (TEE) solution mainly comprises an SGX technology and a TrustZone technology, which both extend the architecture of a CPU and divide a "secure area" (other areas are referred to as "normal area") ensured by the CPU, wherein codes and data in the secure area are not allowed to be accessed and used by other programs (even software with operating system level authority cannot be accessed and used), so that confidentiality and integrity of important data and codes are ensured.
However, the prior art solutions have the following limitations: the security area and the normal area share memory and computing resources, so that the existing technical scheme cannot support large-scale and large-data-volume privacy computation, and taking the SGX technology as an example, the security area (Intel is called Enclave) cannot be flexibly configured, and the requirement of large-scale privacy computation is difficult to meet. In addition, the existing technical scheme can not realize multi-party trusted computing, and can not support the functions of registration and authorization of multi-party data, control of task authorization authority, certificate storage audit and the like based on the hardware extension of a CPU.
Accordingly, the prior art is yet to be improved and developed.
Disclosure of Invention
The invention mainly aims to provide a trusted computing system and a resource processing method based on the trusted computing system, and aims to solve the problems that the existing hardware trusted execution environment in the prior art cannot meet the large-scale private computing requirement and cannot realize multi-party trusted computing.
To achieve the above object, the present invention provides a trusted computing system, wherein the trusted computing system comprises: the encryption and decryption module, the memory unit and the calculation unit; the trusted computing system carries out data input and output through a host bus interface;
the encryption and decryption module is used for receiving the encrypted resources input by the host bus interface, decrypting the encrypted resources and sending the decrypted resources to the memory unit;
the memory unit is used for storing the decrypted resource sent by the encryption and decryption module;
the computing unit is used for computing the decrypted resource in the memory unit according to the computing instruction and sending the computed resource to the encryption and decryption module;
the encryption and decryption module is further used for encrypting the calculated resources sent by the calculation unit and outputting the encrypted resources through the host bus interface.
The trusted computing system, wherein the trusted computing system further comprises a secure key management module; the security key management module is used for providing keys and key management when the encryption and decryption module encrypts or decrypts resources.
The trusted computing system, wherein the trusted computing system implements resource exchange with a host or an external system through the host bus interface.
In addition, the invention also provides a resource processing method based on the trusted computing system, wherein the resource processing method of the trusted computing system comprises the following steps:
acquiring encrypted resources, and controlling the encrypted resources to enter the trusted computing system through the host bus interface;
the encrypted resources are decrypted by the encryption and decryption module and then stored in the memory unit, and then enter the computing unit for computing according to a computing instruction;
and encrypting the calculated resources through the encryption and decryption module, and outputting the encrypted resources through the host bus interface.
The resource processing method of the trusted computing system, wherein the resource processing method of the trusted computing system further includes:
for each resource transmitted into the trusted computing system, the trusted computing system records the belonger of each resource and maintains an authorization table for each resource, wherein the authorization table is used for recording the belonged relationship and the authorization relationship of the resource;
for each initiated task, the trusted computing system checks whether the initiator of the current task has the authorization authority of the resources required by the current task according to the authorization table;
if the authorization authority of the required resource is not provided, the current task is refused to be executed, and if the authorization authority of the required resource is provided, the current task is executed.
The resource processing method of the trusted computing system, wherein if the authorization authority of the required resource is provided, the current task is executed, and then the method further comprises:
and if the authorization table of the resource is detected to be changed in the task execution process, the trusted computing system traverses the running task and forcibly stops the task depending on the authorization relationship.
The resource processing method of the trusted computing system, wherein the resource processing method of the trusted computing system further includes:
for each executable task, the trusted computing system allocates a process to each task, and the mutual isolation of the resources processed by each task is realized through the isolation of the processes on the memory address space;
the trusted computing system sets the read-write of each task to the disk as an independent authority, and prohibits the task from accessing files which are not created by the trusted computing system;
for each executable task, the trusted computing system checks the codes of the task operation through the computing unit, and prohibits the system call of communication between the network and different task processes when the codes are compiled.
The resource processing method of the trusted computing system, wherein the resource processing method of the trusted computing system further includes:
in the running process of each task, the trusted computing system records a detailed service operation log through the memory unit; the service operation log comprises algorithm calling time, data calling time, called users and encrypted input and output.
In the resource processing method of the trusted computing system, the service operation log is stored in each participant of a task in a block chain manner, and the participant, namely a resource owner recorded in the trusted computing system, includes a resource provider and a resource user.
The resource processing method of the trusted computing system, wherein the resource comprises data and code.
The invention realizes the isolation of a 'safe area' and a 'normal area' of trusted computing through a system bus, so that any number of computing units and memory units can be deployed on the trusted computing system theoretically, and the invention can support the large-scale privacy computing requirement; the trusted computing system can realize authorization and authentication of multi-party data access, authorization authority check and control before operation of computing tasks, authorization authority check and control during operation, and evidence storage and after-event audit of operation logs, so that resources of all parties in multi-party trusted computing are prevented from being accessed and abused by unauthorized, and development of multi-party trusted computing is promoted.
Drawings
FIG. 1 is a schematic diagram of the hardware architecture of the trusted computing system of the present invention;
FIG. 2 is a schematic diagram of the hardware architecture of the trusted computing system of the present invention supporting large-scale computing;
FIG. 3 is a flow chart of a preferred embodiment of the resource handling method based on a trusted computing system according to the present invention;
FIG. 4 is a flow diagram of a data or code protection framework in the present invention that supports multi-party collaboration.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
In a trusted computing system (SPU, Secure Processing Unit, a new trusted computing system) according to a preferred embodiment of the present invention, as shown in fig. 1, the trusted computing system includes: an encryption and decryption module 10, a memory unit 20 and a calculation unit 30; the trusted computing system performs data input and output through a host bus interface 50 (host bus PCIe, peripheral component interconnect express, high-speed serial computer expansion bus standard), that is, the trusted computing system implements resource exchange with a host or an external system through the host bus interface 50.
Specifically, the encryption and decryption module 10 is configured to receive an encrypted resource (the resource includes data and a code, that is, the encrypted resource input by the host bus interface 50 may be encrypted data or an encrypted code, and the input resource may be one or more resources), decrypt the encrypted resource, and send the decrypted resource to the memory unit 20; the memory unit 20 is configured to store the decrypted resource sent by the encryption and decryption module 10; the computing unit 30 is configured to compute the decrypted resource in the memory unit 20 according to the computing instruction, and send the computed resource to the encryption and decryption module 10; the encryption and decryption module 10 is further configured to encrypt the calculated resource sent by the calculating unit 30, and output the encrypted resource through the host bus interface 50. Further, the trusted computing system also includes a secure key management module 40; the security key management module 40 is configured to provide keys and key management when the encryption and decryption module 10 encrypts or decrypts resources.
Wherein, the encryption/decryption module 10 includes an encryption module and a decryption module, the encryption module is used to encrypt the resource, the decryption module is used to decrypt the resource, the encryption module provides an encryption key (for example, the encryption key is a first key) by the security key management module 40 when encrypting the resource, the decryption module provides a decryption key (for example, the decryption key is a second key) by the security key management module 40 when decrypting the resource, the encryption key and the decryption key may be dynamic keys generated according to a certain key generation mechanism, or may use a same static key for each received resource, the encryption key and the decryption key may be the same or different, the security key management module 40 is further used to manage the keys (encryption key or decryption key), keys are updated in real time (e.g., expired keys are replaced, keys are updated periodically, updated keys are added, etc.).
As shown in fig. 2, the memory unit 20 may be configured to be multiple, for example, memory unit 1, memory unit 2, memory unit 3, …, and memory unit n, n is a positive integer greater than 1, the memory unit 20 is configured to store the resource decrypted by the encryption/decryption module 10 in time, the computing unit 30 may be configured to be multiple, for example, computing unit 1, computing unit 2, computing unit 3, …, and computing unit m, m is a positive integer greater than 1, the computing unit 30 is configured to compute the decrypted resource in the memory unit 20 according to a computing instruction, for example, compute (score estimation computation, credit estimation computation, rank estimation computation, etc.) according to an actual requirement of a user, that is, the trusted computing System (SPU) may deploy any number of computing units and memory units, and the trusted computing system is isolated from an external system through a host bus interface, the invention can support the requirement of large-scale privacy computation.
Further, based on the trusted computing system shown in fig. 1, the resource processing method based on the trusted computing system according to the preferred embodiment of the present invention, as shown in fig. 3, includes the following steps:
step S10, acquiring an encrypted resource (the resource is data or code), and controlling the encrypted resource to enter the trusted computing system through the host bus interface;
step S20, the encrypted resources are decrypted by the encryption and decryption module and then stored in the memory unit, and then enter the computing unit for computing according to the computing instruction;
and step S30, encrypting the calculated resources through the encryption and decryption module, and outputting the encrypted resources through the host bus interface.
That is to say, in a working scenario, the resource (data or code) enters the trusted computing System (SPU) in an encrypted state, is decrypted by the encryption and decryption module and then stored in the memory unit, then enters the computing unit inside the trusted computing System (SPU) according to a computing instruction to perform computing, the output resource (data or code) is encrypted by the encryption and decryption module and then output, each party of the data and the algorithm holds a respective key, and the data and the algorithm cannot access unauthorized other parties, so that privacy protection of the data is realized.
In particular, for each piece of data or code (referred to herein as a "resource") that is transmitted to the trusted computing System (SPU), the trusted computing System (SPU) records the belongings of the resource, including the provider of the resource and the consumer of the resource (i.e., also the initiator of the task). For example, where the provider of the resource is a data provider, multiple types of data may be provided for use by task execution code of different task initiators). For example, when the resource provider is a code, it can provide a plurality of data processing functions, and when the data resource owned by the resource user needs to process data, it can apply to process the data by using the code of the resource provider. For each resource, the trusted computing System (SPU) maintains an authorization table (i.e., the authorization table is stored in the SPU), and the relationship and the authorization relationship (including both the authorization of the data resource and the authorization of the code resource) of the resource are recorded in the authorization table. For each task (e.g., a computing task), the trusted computing System (SPU) checks whether the initiator of the task has the authorization right of the resource required by the task (i.e., checks whether the initiator of the task has the authorization right of the resource according to the previous authorization relationship), and if not, the task is rejected, for example, 4 kinds of resources are required for executing a certain task, wherein 3 kinds of resources have authorization rights, and 4 kinds of resources do not have authorization rights, the task is rejected for execution. If the task is refused to be executed, the computer returns failure information outwards from the host bus interface. The task can only be executed if it has the authorization of the required resource. Further, if the authorization table of a resource changes during task execution (the authorization table may change rather than change all the time, for example, if the authorization for an object expires and the authorization for the object ends, the change is indicated by the authorization table, and generally the authorization table is checked only when the object is added, deleted and initiated), the trusted computing System (SPU) will stop the task without authorization right immediately, that is, when the change is detected during task execution, the trusted computing system will traverse the running task and forcibly stop the task depending on the authorization relationship.
Specifically, for each executable task, the trusted computing System (SPU) allocates a process (a program execution process) to the SPU, and the isolation of the process on the memory address space is used to implement the mutual isolation of the resources processed by each task, thereby implementing an independent memory address space to avoid the occurrence of potential safety hazard; the trusted computing System (SPU) sets an independent authority for the reading and writing of each task to the disk, and does not allow the task to access files which are not created by the SPU; the trusted computing System (SPU) checks the code of the task running through the computing unit, prohibits the system call of the communication between the network and the different task processes when the code is compiled, and prevents the tasks from exchanging information through the communication between the network and the processes. Through the combination of the three steps, the access of each task to the memory, the file and the network is limited in the space of the task, and the task is prevented from being leaked or other task information is prevented from being acquired.
Specifically, for the running process of each task, the trusted computing System (SPU) records a detailed service operation log, such as the time of algorithm call and data call, the user of the call, the encrypted input and output, and the like, through the memory unit. The service operation log is to be stored (recorded) in a blockchain manner in each participant of the service, wherein the participants comprise a resource provider and a resource user, such as a data provider, an algorithm provider, a data user, a code provider and the like.
A set of data and code protection framework (namely a trusted computing system) supporting multi-party cooperation is constructed, all accesses to data and codes are guaranteed to be legally authorized, as shown in figure 4, after a task request starts, an authorization table is firstly inquired to check whether an initiator of a current task has authorization permission for accessing resources required by the current task, namely the authorization table is inquired to judge whether the authorization is sufficient, if the initiator does not have the authorization permission for the required resources (namely the authorization is insufficient), the current task is ended (namely the current task is refused to be executed), and if the initiator has the authorization permission for the required resources (namely the authorization is sufficient), a task compiling process is started (namely the current task is executed), and information synchronization is carried out; then checking whether the access control authority is violated or not (namely whether the authorization authority of the authorization table is met or not) in the compiling process, if the access control authority is violated in the compiling process, ending the current task, and if the access control authority is not violated in the compiling process, checking whether the access control authority is violated or not (namely whether the authorization authority of the authorization table is met or not) in the task running process, and meanwhile, carrying out information synchronization; if the access control authority is violated in the running process, the current task is ended, if the access control authority is not violated in the compiling process, the current task is continuously run, and meanwhile, information synchronization is carried out; after the task is completed, the information (the information generated by information synchronization) is subjected to evidence storage and post audit, so that the resources of all parties in the multi-party trusted computing are prevented from being accessed and abused by unauthorized, and the development of the multi-party trusted computing is promoted.
In the hardware architecture of the trusted computing System (SPU), data or code in the encrypted state of an external system enters the trusted computing environment through a host bus PCIe; in the trusted computing environment, data or codes enter an encryption and decryption module, are decrypted through an RSA/ED 25519/national encryption and decryption algorithm, are stored in a framework memory unit, enter a computing unit according to a computing instruction to perform data computing, are encrypted through the encryption and decryption module after the computing is completed, and are output through a host bus PCIe.
The trusted computing System (SPU) of the invention is internally provided with an independent memory and a computing unit, exchanges data or codes with the outside through an independent encryption and decryption module, exchanges data with an external system through a host bus, and does not share computing and storage resources with the external system. Under the structure, a large number of computing units and storage units can be deployed in the structure according to needs, so that support for large-scale privacy computation is realized; meanwhile, the encryption and decryption module and a bus isolation mechanism with an external system ensure the safety of the encryption and decryption module.
The invention aims to provide a solution of a trusted computing system based on multi-party cooperation, under the framework of an SPU (unified processor module), the invention realizes that a 'safe area' and a 'normal area' of trusted computing are isolated through a system bus, and the 'normal area' of a CPU (central processing unit) is isolated through the system bus, so that side channel attacks can be reduced; different from the prior art that a trusted computing system is integrated in a hardware chip, the trusted computing system provided by the invention can be used for deploying any number of computing units and memory units, and the large-scale privacy computing requirements can be supported by flexibly configuring the independent computing units and memory units.
The invention provides a trusted computing system and a resource processing method based on the trusted computing system, wherein the trusted computing system comprises: the encryption and decryption module, the memory unit and the calculation unit; the trusted computing system carries out data input and output through a host bus interface; the encryption and decryption module is used for receiving the encrypted resources input by the host bus interface, decrypting the encrypted resources and sending the decrypted resources to the memory unit; the memory unit is used for storing the decrypted resource sent by the encryption and decryption module; the computing unit is used for computing the decrypted resource in the memory unit according to the computing instruction and sending the computed resource to the encryption and decryption module; the encryption and decryption module is further used for encrypting the calculated resources sent by the calculation unit and outputting the encrypted resources through the host bus interface. The data of the invention enters the trusted computing system in an encrypted state, after being decrypted by the encryption and decryption module, the data is computed in the trusted computing system, the output data is encrypted by the encryption and decryption module and then output, each party of the data and the algorithm has respective secret key, and the data of other parties which are not authorized can not be mutually accessed, thereby realizing the privacy protection of the data.
In summary, the invention can bring the following beneficial effects:
the encryption and decryption module in the trusted computing system decrypts the input encrypted resources and inputs the decrypted resources to the memory unit, the calculation is carried out through the calculation unit, the encrypted resources are output through the encryption and decryption module, a plurality of calculation units and memory units can be arranged, and independent calculation units and memory units can be flexibly configured, so that any number of calculation cores and memories can be deployed theoretically on an SPU (unified peripheral component interconnect) system, and the large-scale privacy calculation requirements can be supported; in addition, the isolation between a 'safe area' and a 'normal area' of trusted computing is realized by isolating the host bus interface from an external system, and the overall security is enhanced because external interfaces are minimized (only the host bus interface is available) and attack surfaces are reduced; finally, the invention carries out flexible multi-party authorization on a plurality of data providers and algorithm (program) providers, carries out authorization authority control, log storage and later multi-party audit on the calculation task, stops unauthorized resource access of the calculation task and solves the problem of privacy calculation under multi-party cooperation.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
Of course, it will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by instructing relevant hardware (such as a processor, a controller, etc.) through a computer program, and the program can be stored in a computer readable storage medium, and when executed, the program can include the processes of the embodiments of the methods described above. The computer readable storage medium may be a memory, a magnetic disk, an optical disk, etc.
It is to be understood that the invention is not limited to the examples described above, but that modifications and variations may be effected thereto by those of ordinary skill in the art in light of the foregoing description, and that all such modifications and variations are intended to be within the scope of the invention as defined by the appended claims.
Claims (9)
1. A trusted computing system, the trusted computing system comprising: the encryption and decryption module, the memory unit and the calculation unit; the trusted computing system performs data input and output through a host bus interface without sharing computing and storage resources with an external system; the trusted computing system is provided with an independent memory unit and a computing unit, and the memory unit and the computing unit are not integrated in a hardware chip; the trusted computing system realizes resource exchange with a host or an external system through the host bus interface;
the encryption and decryption module is used for receiving the encrypted resources input by the host bus interface, decrypting the encrypted resources and sending the decrypted resources to the memory unit; the encrypted resources include data and code; when the resource provider is a data provider, providing various types of data for task execution codes of different task initiators to use; when the resource provider is a code provider, providing a plurality of data processing functions, and when data resources owned by a resource user need to be processed, applying for processing the data by using the code of the resource provider;
the memory unit is used for storing the decrypted resource sent by the encryption and decryption module;
the computing unit is used for computing the decrypted resource in the memory unit according to the computing instruction and sending the computed resource to the encryption and decryption module;
the encryption and decryption module is also used for encrypting the calculated resources sent by the calculation unit and outputting the encrypted resources through the host bus interface;
if in the task execution process, when the change of the authorization table of the resource is detected, the trusted computing system traverses the running task and forcibly stops the task depending on the authorization relationship;
the trusted computing system sets the read-write of each task to the disk as an independent authority, and prohibits the task from accessing files which are not created by the trusted computing system;
for each executable task, the trusted computing system checks the codes operated by the tasks through the computing unit, and prohibits the system call of communication between networks and different task processes when the codes are compiled, so as to prevent the tasks from exchanging information through the communication between the networks and the processes;
the task with the authorization authority of the required resource enters a task compiling process, whether the access control authority is violated is checked in the compiling process, if the access control authority is violated in the compiling process, the current task is ended, if the access control authority is not violated in the compiling process, whether the access control authority is violated is checked in the task running process, if the access control authority is violated in the running process, the current task is ended, and if the access control authority is not violated in the running process, the current task continues to run, and meanwhile, information synchronization is carried out.
2. The trusted computing system of claim 1, wherein the trusted computing system further comprises a secure key management module; the security key management module is used for providing keys and key management when the encryption and decryption module encrypts or decrypts resources.
3. A resource processing method based on the trusted computing system of any one of claims 1-2, wherein the resource processing method of the trusted computing system comprises:
acquiring encrypted resources, and controlling the encrypted resources to enter the trusted computing system through the host bus interface;
the encrypted resources are decrypted by the encryption and decryption module and then stored in the memory unit, and then enter the computing unit for computing according to a computing instruction;
and encrypting the calculated resources through the encryption and decryption module, and outputting the encrypted resources through the host bus interface.
4. The method of resource handling by a trusted computing system of claim 3, further comprising:
for each resource transmitted to the trusted computing system, the trusted computing system records the belonger of each resource and maintains an authorization table for each resource, wherein the authorization table is used for recording the authorization relation for accessing the resource;
for each initiated task, the trusted computing system checks whether the initiator of the current task has the authorization authority of the resources required by the current task according to the authorization table;
if the authorization authority of the required resource is not provided, the current task is refused to be executed, and if the authorization authority of the required resource is provided, the current task is executed.
5. The method of claim 4, wherein if the authorization authority of the required resource is provided, the current task is executed, and then the method further comprises:
and if the authorization table of the resource is detected to be changed in the task execution process, the trusted computing system traverses the running task and forcibly stops the task depending on the authorization relationship.
6. The method of resource handling by a trusted computing system of claim 3, further comprising:
for each executable task, the trusted computing system allocates a process to each task, and the mutual isolation of the resources processed by each task is realized through the isolation of the processes on the memory address space;
the trusted computing system sets the read-write of each task to the disk as an independent authority, and prohibits the task from accessing files which are not created by the trusted computing system;
for each executable task, the trusted computing system checks the codes of the task operation through the computing unit, and prohibits the system call of communication between the network and different task processes when the codes are compiled.
7. The method of resource handling by a trusted computing system of claim 3, further comprising:
in the running process of each task, the trusted computing system records a detailed service operation log through the memory unit; the service operation log comprises algorithm calling time, data calling time, called users and encrypted input and output.
8. The method of claim 7, wherein the service operation log is stored in a blockchain manner in each participant of the task, wherein the participants are belonged to the resource recorded in the trusted computing system, and comprise a resource provider and a resource user.
9. A method for resource handling by a trusted computing system according to any of claims 3 to 8 wherein said resources include data and code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111477932.1A CN113886862B (en) | 2021-12-06 | 2021-12-06 | Trusted computing system and resource processing method based on trusted computing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111477932.1A CN113886862B (en) | 2021-12-06 | 2021-12-06 | Trusted computing system and resource processing method based on trusted computing system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113886862A CN113886862A (en) | 2022-01-04 |
| CN113886862B true CN113886862B (en) | 2022-04-15 |
Family
ID=79015627
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111477932.1A Active CN113886862B (en) | 2021-12-06 | 2021-12-06 | Trusted computing system and resource processing method based on trusted computing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113886862B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115186300B (en) * | 2022-09-08 | 2023-01-06 | 粤港澳大湾区数字经济研究院(福田) | File security processing system and file security processing method |
| CN115237843B (en) * | 2022-09-23 | 2023-02-14 | 粤港澳大湾区数字经济研究院(福田) | Trusted computing system and method |
| CN116049837B (en) * | 2023-03-31 | 2024-03-15 | 摩尔线程智能科技(北京)有限责任公司 | Trusted computing system and method, electronic equipment and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10169007B1 (en) * | 2015-12-18 | 2019-01-01 | Amazon Technologies, Inc. | Service provider network integrated compilation service and runtime system |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1349033B1 (en) * | 2002-03-26 | 2004-03-31 | Soteres GmbH | A method of protecting the integrity of a computer program |
| JP2004206389A (en) * | 2002-12-25 | 2004-07-22 | Denso Corp | Risc type cpu, compiler, microcomputer, and auxiliary arithmetic unit |
| US9569638B2 (en) * | 2014-12-31 | 2017-02-14 | Google Inc. | Trusted computing |
| US11126757B2 (en) * | 2018-10-19 | 2021-09-21 | Microsoft Technology Licensing, Llc | Peripheral device |
| US11277267B2 (en) * | 2019-05-07 | 2022-03-15 | International Business Machines Corporation | Fine-grained token based access control |
| CN110855671B (en) * | 2019-11-15 | 2022-02-08 | 三星电子(中国)研发中心 | Trusted computing method and system |
| CN113569248A (en) * | 2020-04-28 | 2021-10-29 | 华为技术有限公司 | Data processing method and computing device |
| CN112380565A (en) * | 2020-11-20 | 2021-02-19 | 天翼电子商务有限公司 | Secure multi-party computing method based on trusted hardware and block chain |
-
2021
- 2021-12-06 CN CN202111477932.1A patent/CN113886862B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10169007B1 (en) * | 2015-12-18 | 2019-01-01 | Amazon Technologies, Inc. | Service provider network integrated compilation service and runtime system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113886862A (en) | 2022-01-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113886862B (en) | Trusted computing system and resource processing method based on trusted computing system | |
| US20190036693A1 (en) | Controlled access to data in a sandboxed environment | |
| AU2010256810B2 (en) | Workgroup key wrapping for community of interest membership authentication | |
| US10122713B2 (en) | Method and device for the secure authentication and execution of programs | |
| US20140270179A1 (en) | Method and system for key generation, backup, and migration based on trusted computing | |
| CN103026347A (en) | Virtual machine memory compartmentalization in multi-core architectures | |
| CN103534976A (en) | Data security protection method, server, host, and system | |
| US10887085B2 (en) | System and method for controlling usage of cryptographic keys | |
| CA3176858A1 (en) | Data processing method and system | |
| WO2015094326A1 (en) | Secure import and export of keying material | |
| CN103246850A (en) | Method and device for processing file | |
| CN116490868A (en) | System and method for secure and fast machine learning reasoning in trusted execution environments | |
| EP3790257B1 (en) | Security system for using shared computational facilities | |
| CN108491724A (en) | A kind of hardware based computer interface encryption device and method | |
| CN111191217B (en) | Password management method and related device | |
| CN115473678A (en) | Controllable data sharing method based on SGX and intelligent contract | |
| Liu et al. | DF-RBAC: dynamic and fine-grained role-based access control scheme with smart contract | |
| CN113901507B (en) | Multi-party resource processing method and privacy computing system | |
| CN111859379A (en) | Processing method and device for protecting data model | |
| WO2019222501A1 (en) | Method for securing an automated system | |
| CN115048672A (en) | Data auditing method and device based on block chain, processor and electronic equipment | |
| WO2021170049A1 (en) | Method and apparatus for recording access behavior | |
| CN111475844A (en) | Data sharing method, device, equipment and computer readable storage medium | |
| Fornero et al. | Sekey: A distributed hardware-based key management system | |
| US11340801B2 (en) | Data protection method and electronic device implementing data protection method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20220104 Assignee: Shenzhen Qiangji Computing Technology Co.,Ltd. Assignor: Guangdong Hong Kong Macao Dawan District Digital Economy Research Institute (Futian) Contract record no.: X2023980045750 Denomination of invention: A Trusted Computing System and Resource Processing Method Based on Trusted Computing Systems Granted publication date: 20220415 License type: Exclusive License Record date: 20231103 |
|
| EE01 | Entry into force of recordation of patent licensing contract |