CN114117412A - Virtual encryption machine platform based on trusted technology and creation method thereof - Google Patents

Virtual encryption machine platform based on trusted technology and creation method thereof Download PDF

Info

Publication number
CN114117412A
CN114117412A CN202111440048.0A CN202111440048A CN114117412A CN 114117412 A CN114117412 A CN 114117412A CN 202111440048 A CN202111440048 A CN 202111440048A CN 114117412 A CN114117412 A CN 114117412A
Authority
CN
China
Prior art keywords
tee
trusted
safe
ree
virtual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111440048.0A
Other languages
Chinese (zh)
Inventor
贺明
伦占群
李欣
叶崛宇
张海阔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Internet Network Information Center
Original Assignee
China Internet Network Information Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Internet Network Information Center filed Critical China Internet Network Information Center
Priority to CN202111440048.0A priority Critical patent/CN114117412A/en
Publication of CN114117412A publication Critical patent/CN114117412A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5072Grid computing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/4557Distribution of virtual machine instances; Migration and load balancing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a virtual encryption machine platform based on a trusted technology and a creating method thereof, wherein the creating method comprises the following steps: establishing a software and hardware encryption system on a processor platform integrated with a trusted computing module to realize the operation of a trusted execution environment TEE and a common execution environment REE; the REE and the TEE are divided into mutually independent hardware areas by applying memory isolation and CPU access authority control technologies on the bottom layer, so that mutual isolation is realized; establishing a plurality of virtual encryption machines in the TEE; the virtual encryption machine realizes hardware isolation with a common execution environment REE, establishes a safe and trusted environment and a specified exclusive safe service program TA for the CA of different users, and effectively manages the safe and trusted environment and the specified exclusive safe service program TA. According to the invention, the user data safety can be independently controlled, the system safety can be effectively improved, the requirement of multi-tenant data cloud safety is met, and the data safety construction cost is reduced.

Description

Virtual encryption machine platform based on trusted technology and creation method thereof
Technical Field
The invention relates to the technical field of computer information security, in particular to a virtual encryption machine platform based on a trusted technology and a creating method thereof.
Background
At present, the booming development of the internet promotes the continuous flourishing of the information industry, mass information and data become key production elements and play more and more important roles in promoting the high-speed development of the whole society, and related technologies, systems, platforms and applications thereof have comprehensively penetrated in various fields of production, consumption, communication and the like, so that diversified and efficient services are provided for people. Meanwhile, network attacks facing large public service information and data platforms occur occasionally, and various security events such as malicious infringement frequency of personal information, data tampering, data leakage and the like are developed, so that social and public benefits and personal information security are seriously harmed. Therefore, information and data security has been mentioned as a high degree of attention, and related technologies have been rapidly developed, in which data encryption is widely used in various fields of production and life as an important technical means for ensuring information and data security.
The encryption machine is a specific device for providing a special security encryption service for key information of a user to ensure confidentiality and integrity of data, is an important carrier for implementing a data encryption technology, is generally used for a system or infrastructure for providing public information services, such as a commercial bank system, a social security card system, a comprehensive business system, an online security trading system, a DNS system and the like, and is vital to ensuring the safe operation of the public services and social public benefits. For example, in a domain name system DNS, a DNSSEC mechanism is generally applied to ensure the security of domain name area data, and the domain name area data is protected by using an asymmetric encryption technology, wherein the confidentiality of a private key and the security of an encryption operation are important to the overall security of the DNS system, and the private key management and data signature are generally completed by an encryptor, which can lead to the complete paralysis of the internet once the encryptor is attacked or maliciously utilized.
The current service of the encryption machine exists in a mode of a third-party service provider, a user needs to purchase corresponding equipment and service and trusteeship a key to a third party, key data needs to be sent to the encryption machine during encryption, and a result is returned to the user after encryption operation is completed. The service mode enables the encryption machine manufacturer to have key data of the user, and if the encryption machine is in failure or invaded, or the data is hijacked in the communication process, even the encryption machine manufacturer utilizes the user data to earn illegal benefits, the encryption machine manufacturer can bring huge damage to the user and public benefits. Meanwhile, in the face of a multi-tenant cloud service mode based on platforms such as SaaS and the like which are applied in a large scale at present, the traditional entity encryption machine deployment scheme facing a single user has the problems of poor flexibility, difficult multi-tenant management and authority control, incapability of realizing distributed deployment and the like, is difficult to fuse with the existing cloud computing architecture, and cannot meet the security encryption requirements of cloud tenants.
Disclosure of Invention
The invention provides a virtual encryption machine platform based on a trusted computing technology and a creation method thereof, which are used for solving the problems that a user cannot realize independent control of data safety in a traditional encryption machine mode and cannot well adapt to the current multi-tenant cloud service mode.
The invention is realized by the following technical scheme:
in a first aspect, a virtual cryptographic machine platform based on trusted technology includes: establishing a software and hardware encryption system on a processor platform integrated with a trusted computing module to realize the operation of a trusted execution environment TEE and a common execution environment REE; the REE and the TEE are divided into mutually independent hardware areas by applying memory isolation and CPU access authority control technologies on the bottom layer, so that mutual isolation is realized; establishing a plurality of virtual encryption machines in the TEE; the virtual encryption machine realizes hardware isolation with a common execution environment REE, establishes a safe trusted environment and a specified exclusive safe service program TA for CA of different users, and effectively manages the safe trusted environment and the specified exclusive safe service program TA;
wherein, CA is the user business application program example for realizing the interface with TEE in REE user space; TA is an application instance that provides secure cryptographic services for tenants in TEE user space.
The application provides a virtual encryption machine platform creation method based on a trusted technology, wherein an ARM core which is running is divided into a safe state and a non-safe state based on a TrustZone technology, the safe state corresponds to a system environment with OP-TEE as a trusted execution environment TEE, and the non-safe state corresponds to a common execution environment REE; the TEE provides a safe running deployment environment for the virtual encryption machine, and the private information and related operations are processed by a trusted application TA running in the TEE, wherein the TA is an application program instance providing safe encryption service for tenants in a TEE user space; CA is the user business application program example for realizing the connection with TEE in REE user space; establishing a shared memory between the TEE and the REE for data interaction in the mounting process through the OP-TEE drive between the CA and the TA; in the aspect of hardware isolation, the TrustZone completes the hardware resource isolation between the TEE and the REE by using a security extension component, and constructs an independent hardware security operation environment; in the aspect of software isolation, the OP-TEE realizes a safe operating system by utilizing a microkernel and a library operating system and fusing a trusted core framework, a trusted communication agent and a trusted hardware drive; establishing a plurality of virtual encryption machines in the TEE, wherein the virtual encryption machines establish exclusive security service program (TA) for CA of different users.
Further, the security extension assembly includes: TZASC, TZIC, TZPC;
a safety state read-write signal is added on the system bus to forbid the REE from accessing the resources in the TEE; in the address space, an address space controller TZASC is used for dividing a safe address area to reject non-safe access, and a dynamic memory controller DMC is connected to the address space controller TZASC in a hanging mode, so that the safe access of the DRAM dynamic random access memory is realized;
the memory adapter TZMA can realize dynamic partition of the on-chip RAM, and each partitioned low address segment is used as a safe area;
the protection controller TZPC can set the peripheral equipment as the safety peripheral equipment;
the interrupt controller TZIC prevents the processor from capturing the secure interrupt while in the secure state;
further, the hardware isolation is to isolate resources between the TEE and the REE in aspects of memory, cache, interruption and peripheral; specifically, the memory isolation is completed by MMU and TZASC together, TEE and REE have independent MMU system control registers, different execution environments have independent page table sets, the respective logic MMU completes the conversion from virtual address to physical address, and the address spaces of TEE and REE are isolated from each other;
the peripheral protection is realized by TZPC, the equipment is configured to be safe or non-safe through the TZPC, and the equipment configured to be safe can only be accessed under a safe environment;
the interruption isolation is realized by TZIC which is used as a primary interruption source controller to control all external interruption sources, and the relevant register of the TZIC is programmed to set which interruption source is a safe interruption source.
Further, before establishing a plurality of virtual crypto-machines in the TEE:
an interface layer is required to be established on the security operating system, functions such as certificate management and various mainstream encryption and decryption algorithms are realized by calling a trusted module in a kernel for calculation, and the functions are packaged as a bottom interface function for an upper-layer security service program to use.
Further, after the virtual encryption machine is created:
the TEE receives an instruction sent by a user and generates a first instruction;
according to the first instruction, the trusted execution environment applies for accessing configuration TZPC and TZASC to obtain a first physical memory isolation area;
separating the first physical memory isolation region into a plurality of memory isolation regions, wherein the plurality of memory isolation regions correspond to a plurality of security service programs;
the trusted execution environment sends the security service to the user.
Further, before the trusted execution environment sends the security service to the user:
creating a logical link for communication between the REE and the TEE by the CA and the TA, and generating a session unique identification code;
the TA marks the identity of the TA through the unique identification code, the CA calls an interface to establish a session, the interface calls a driving function to send a calling request to a security monitoring mode, and the TEE is informed to execute session establishing operation;
and the OP-TEE matches or loads the corresponding TA according to the unique identification code to complete the session establishment.
Further, the memory isolation area matches different physical memories according to the user requirements.
Further, the user and the security service program are in a unique mapping relation.
Furthermore, the virtual encryption machine provides a full-period trusted key management mechanism to realize the functions of automatic generation, safe storage, addition and deletion, backup and recovery of keys, and the full-period trusted key management mechanism establishes a safe service program with data encryption, decryption, signature and signature verification according to the user requirements.
The invention provides a virtual encryption machine platform based on a trusted computing technology and a creating method thereof. By depending on a trusted computing module and a safe trusted capability integrated in a main stream processor, a Trusted Execution Environment (TEE) is used for replacing a traditional encryption machine system and serving as a new operation carrier for key management and safe encryption, and a native virtual encryption machine platform based on a processor and oriented to multiple tenants is constructed, so that a user can realize a self service system and an encryption machine function in the same processing platform, the integration of the service system and a safety system is completed, the safety risk that key data of the user is invaded, hijacked and maliciously utilized in the encryption machine is avoided, the key information is really mastered in the hands of the user, and the safety and the independent control are realized. Meanwhile, aiming at a cloud platform multi-tenant scene, a plurality of virtual encryption machines can be established in the same TEE, and independent physically-isolated safe trusted environments and exclusive safety services are distributed for each cloud tenant, so that the cloud safety of user data is guaranteed.
This application technical scheme possesses following advantage: 1) the virtual encryption machine platform and the user service platform are integrally constructed, so that the safety risk caused by exposure of key data and sensitive operation of a user to a third-party encryption machine is avoided, and the safety and the independent control of user data are realized. 2) The butt joint fusion of the encryption machine system and the multi-tenant scene in the cloud computing platform is realized. 3) The user is prevented from continuously paying service fee to the service provider of the encryption machine, and the data security construction cost of the user is greatly reduced. 4) The hardware power consumption of a plurality of virtual encryptors established in the same processor platform is lower than the whole power consumption of the traditional encryptor, the efficiency is improved, and the new development concept of energy conservation in China is met.
Drawings
In order to more clearly explain the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained according to the drawings without any creative effort.
Fig. 1 is a schematic diagram of TrustZone hardware isolation in a virtual cryptographic machine platform creation method based on a trusted technology according to the present application;
fig. 2 is a schematic structural diagram of an OP-TEE in a virtual cryptographic machine platform creation method based on a trusted technology provided in the present application;
fig. 3 is a schematic diagram of a virtual cryptographic machine platform in a virtual cryptographic machine platform creation method based on a trusted technology according to the present application;
fig. 4 is a schematic diagram of a trusted key management mechanism in a virtual cryptographic machine platform creation method based on a trusted technology according to the present application;
fig. 5 is a schematic view of multi-tenant memory isolation in a virtual cryptographic machine platform creation method based on a trusted technology provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The service of the encryption machine exists in a mode of a third-party service provider, a user needs to purchase corresponding equipment and service and trusteeship a key to a third party, key data needs to be sent to the encryption machine during encryption, and a result is returned to the user after encryption operation is completed. The service mode enables the encryption machine manufacturer to have key data of the user, and once the key data is failed or invaded, huge damage is brought to the user and public interests. Therefore, the virtual encryption machine platform based on the trusted technology and the creating method thereof are provided, the integrated fusion of the business system and the safety system can be completed, the key information is really mastered in hands of the user, and the safety independent control is realized. By establishing a plurality of virtual encryption machines, independent safe and reliable environments and exclusive safety services are distributed to each cloud tenant, and the cloud safety of user data is guaranteed.
The construction of a safe trusted environment TEE is a key for ensuring the security of a secret key and encryption, and the TEE is also an important development direction in the field of trusted computing, wherein each large processor manufacturer typically represents Intel Software protection extension (SGX), ARM TrustZone, AMD SEV (Secure Encrypted virtualization) and RISC-V Enclave by expanding the security function of a general CPU and adding security functions such as memory isolation, data code encryption and integrity protection in a special security mode, and besides, manufacturers in foreign highpass, samsung, LG, domestic exhibition, joint, wisdom, asterism and star also provide solutions supporting the TEE in various fields such as intelligent terminals and internet of things. The technical scheme of the application is not limited, and only the establishment of the safe trusted environment TEE is supported.
A virtual crypto platform based on trusted technology, comprising: establishing a software and hardware encryption system on a processor platform integrated with a trusted computing module to realize the operation of a trusted execution environment TEE and a common execution environment REE; the REE and the TEE are divided into mutually independent hardware areas by applying memory isolation and CPU access authority control technologies on the bottom layer, so that mutual isolation is realized; establishing a plurality of virtual encryption machines in the TEE; the virtual encryption machine realizes hardware isolation with a common execution environment REE, establishes a safe trusted environment and a specified exclusive safe service program TA for CA of different users, and effectively manages the safe trusted environment and the specified exclusive safe service program TA; wherein, CA is the user business application program example for realizing the interface with TEE in REE user space; TA is an application instance that provides secure cryptographic services for tenants in TEE user space. The technical scheme of the application is explained in detail as follows:
in the embodiment of the application, the TrustZone technology is used for constructing the safe and trusted environment TEE, and other technologies can be used for constructing the safe and trusted environment TEE without limitation. Because the TrustZone technology is a hardware security extension technology proposed by ARM company, the TrustZone technology supports the independent development and design of a specific security system by users, and is widely supported by mobile embedded equipment at present. The TrustZone technology divides the whole ARM system on a chip into two physically isolated execution areas through processor extension: the Normal World (Normal World) and the Secure World (Secure World). The OP-TEE (Open-source Portable Trusted Execution Environment) is a Trusted Execution Environment built based on the ARM TrustZone technology, and the two are combined to provide security protection at a hardware level for system software. Therefore, the invention adopts the TrustZone hardware module of the ARM to carry the open source OP-TEE software framework as the basic platform to realize the virtual encryption machine platform based on the trusted technology and the establishing method thereof.
TrustZone: completing hardware resource isolation between the TEE and the REE by utilizing a security extension component, and providing an independent hardware security operation environment for the virtual encryption machine; OP-TEE: and the microkernel and the library operating system are utilized, and a trusted core framework, a trusted communication agent and a trusted hardware driver are fused to realize a safe operating system and provide a safety service program TA for the virtual encryption machine.
Specifically, an ARM core running is divided into a secure state and a non-secure state based on a TrustZone technology, the secure state corresponds to a system environment with an OP-TEE as a trusted Execution environment TEE (trusted Execution environment), and the non-secure state corresponds to a common Execution environment ree (rich Execution environment); the TEE provides a safe running deployment environment for the virtual encryption machine, and the private information and related operations are processed by a Trusted Application (TA) (trust application) running in the TEE, wherein the TA is an application program example providing safe encryption service for the tenant in the TEE user space; CA is the user business application program example for realizing the connection with TEE in REE user space; and establishing a shared memory between the TEE and the REE for data interaction in the mounting process through the OP-TEE drive between the CA and the TA.
The REE is based on non-sensitive tasks and logic with low safety requirements for running general hardware and an operating system, and the TEE is based on a trusted hardware module and a safe operating system to store key data and execute sensitive encryption operation with high safety requirements and the like. The two are separated into mutually independent hardware areas by applying the technologies of memory isolation, CPU access authority control and the like on the bottom layer, so that mutual isolation is realized. The TEE has access to the REE resources, while the REE does not have direct access to the TEE resources. The construction of the TEE can narrow the attack surface of the system to the maximum extent, and even when the REE is attacked or even paralyzed, the TEE can still normally operate, so that the key information placed in the TEE is not damaged.
As shown in fig. 1, in terms of hardware isolation, TrustZone utilizes security extension components including an Address Space controller tzsc (TrustZone Address Space controller), a Cache, an MMU extension, an Interrupt controller tzic (TrustZone Interrupt controller), a Protection controller tzpc (TrustZone Protection controller), and the like. The TrustZone carries out safety expansion on the whole processor to realize hardware isolation, a safety state read-write signal is added on a system bus, and REE is prohibited from accessing resources in the TEE; in an address space, a safe address area is divided by utilizing TZASC (time-zero-sequence assisted secure) to reject non-safe Access, and a dynamic Memory controller DMC (dynamic Memory controller) is connected to the safe address area, so that the safe Access of a DRAM (dynamic Random Access Memory) dynamic Random Access Memory is realized; the Memory adapter TZMA (TrustZone Memory adapter) can realize the dynamic division of the on-chip RAM, and each divided low address segment is used as a safety area; the TZPC can set the peripheral as a safety peripheral; TZIC makes the processor unable to capture a secure interrupt while in a secure state; each item of the Cache expands a state label and can be marked according to a safe state and a non-safe state, the processor intelligently uses the Cache of the corresponding state, and meanwhile, each page table description in the MMU contains a state bit to indicate whether a mapped memory is in a safe state or not.
The method comprises the steps of completing resource isolation between the TEE and the REE in aspects of internal storage, cache, interruption, peripheral equipment and the like on a hardware level, constructing an independent hardware safe operation environment, and dividing an independent hardware space for the TEE so that the REE cannot directly access. Specifically, the memory isolation is completed by MMU and TZASC together, TEE and REE have independent MMU system control registers, different execution environments have independent page table sets, the respective logic MMU completes the conversion from virtual address to physical address, and the address spaces of TEE and REE are isolated from each other; the peripheral protection is realized by TZPC, the equipment is configured to be safe or non-safe through the TZPC, and the equipment configured to be safe can only be accessed under a safe environment; the interruption isolation is realized by TZIC which is used as a primary interruption source controller to control all external interruption sources, and a relevant register of the TZIC is programmed to set which interruption source is a safe interruption source, so that the interruption sent by the safety equipment can only be processed by a safe environment interruption processing program.
As shown in fig. 2, in terms of software isolation, the OP-TEE implements a secure operating system by using techniques such as microkernels and library operating systems, and integrating functions such as a trusted core framework, a trusted communication agent, and a trusted hardware driver, and compared with a general operating system running in an REE environment, a kernel of the secure operating system only integrates kernel core components such as memory management and thread scheduling, and a security module specific to trusted computing, so that the secure operating system has a smaller size, and can effectively reduce an attacked surface of the system.
Before establishing a virtual encryption machine based on TEE, an interface layer is required to be established on a secure operating system, functions such as certificate management, various mainstream encryption and decryption algorithms, secure interfaces related to a trusted computing module, system calling and the like are realized by calling the trusted module in a kernel for computing, and the functions are packaged as a bottom interface function for an upper-layer secure service program to use.
As shown in fig. 3, the virtual cryptographic machine platform may deploy multiple virtual cryptographic machines on the same platform, that is, multiple virtual cryptographic machines are established in the TEE, and the virtual cryptographic machines establish a secure trusted environment and a designated proprietary security service for different users and effectively manage the secure trusted environment and the designated proprietary security service. For each cloud tenant, the virtual encryption machine platform establishes a unique mapping relation between a user process (in the REE) and an exclusive security service program (in the TEE), and ensures that the exclusive security service program serves the designated user; meanwhile, independent physical memories which are physically isolated from each other and are not overlapped with each other are distributed for each security service program, so that the exclusive security service programs of different users are not influenced with each other. In addition, a service function module provided by the virtual encryption machine platform can be flexibly applied to development according to the actual requirements of users, and a customized security solution is formed.
As shown in fig. 4, the main service functions of the virtual crypto platform are implemented by upper application programs, on one hand, a full-period trusted key and an encryption management mechanism need to be established, and a user key and key data are stored in the TEE, so that a hacker can be effectively prevented from invading the system to steal and steal; meanwhile, security control is implemented on operations such as storage, use, deletion, update, recovery and the like of the key, so that confidentiality of key data and the operations is guaranteed; in addition, the data encryption, signature and signature verification engine can provide efficient and safe signature and signature verification capabilities and interfaces supporting various mainstream algorithms for sensitive data, and the integrity of user data is ensured.
As shown in fig. 5, after the virtual cryptographic machine platform is created, the executable environment TEE receives an instruction sent by a user, and generates a first instruction; according to the first instruction, the kernel of the executable environment applies for accessing configuration TZPC and TZASC, and a first physical memory isolation area is created; and separating the first physical memory isolation area into a plurality of memory isolation areas, and then loading a security service program TA corresponding to a user to the memory isolation areas for operation. The plurality of memory isolation areas correspond to a plurality of security service programs, and the virtual encryption machine platform supports a plurality of security service programs TA which are isolated from each other on a physical memory and are established for different services of a plurality of different users, namely a plurality of independent virtual encryption machines, so that exclusive security service is realized.
The memory isolation area is matched with different physical memories according to the user requirements, the size of the physical memory can be matched with the memory with the corresponding size according to the actual requirements of the user, after the memory allocation is completed, a session is established between CA and TA, a logical link for communication between REE and TEE is established, a session Unique identification code is generated to identify the link, and the TA identifies the identity of the TA through a Unique identification code UUID (Universal Unique identifier), so that the CA is indicated to bind the appointed TA. In the CA, a session is established by calling an interface in libteec, the interface further calls a driving function to send a security monitoring mode calling request, and the security monitoring mode is used for completing switching and communication between the TEE and the REE and informing the TEE to execute a session establishing operation. And the OP-TEE matches or loads the corresponding TA according to the UUID to complete the session establishment. In addition, data interaction is carried out between the CA and the TA through a shared memory between the TEE and the REE which is established in the mounting process by the OP-TEE drive, the TA receives an instruction and data sent by the CA, executes a virtual encryption machine service logic, returns a result and provides a safe encryption service for a user.
The embodiment of the application takes a CN domain name top authority analysis main node upper zone file signature process in a DNS system DNSSEC mechanism as a specific application scenario, which is specifically described as follows:
and the CN domain name top authority analysis main node area file signature function module is operated on a processor platform supporting ARM TrustZone technology. After the platform is started, firstly, a hardware level is divided into a safe state and a non-safe state, which respectively correspond to a TEE and a REE, wherein the TEE provides a safe operation deployment environment for the encryption machine. TrustZone utilizes the safe extension assembly, accomplishes the resources isolation in each aspect of memory, cache, interrupt, peripheral equipment and the like between TEE and REE on the hardware level, and constructs an independent hardware safe operation environment.
After the platform hardware trusted environment is prepared, the loaded OP-TEE is used for constructing a secure operating system environment with good support for the TrustZone technology, an establishment mechanism of CA and TA is realized on the upper layer, an interface library (libteec) used by the REE and a daemon TEE _ subordinate for accessing REE resources are provided. And the kernel realizes the switching between the safety state and the non-safety state of the ARM kernel, interrupt processing, memory and cache management, thread management, system calling, special operation supporting the TA and the like.
And after the loading of the secure operating system environment is finished, the file signature function module in the CN area is started. During the module initialization process, the CA itself and the corresponding dedicated security service program TA are established. At this time, after a CA established by file signatures in a CN area sends an instruction to a TEE, a kernel applies for accessing configuration TZPC and TZASC, a new physical memory isolation area is created, and then a security service program TA corresponding to the CA is loaded to the memory isolation area to operate. The virtual encryption machine platform can support a plurality of TAs (timing advance) isolated from each other on a physical memory, namely a plurality of independent virtual encryption machines, established for different services of a plurality of different users, so that exclusive safety service is realized.
After the CN area file signature TA secure memory is distributed, a CN area file signature CA establishes a session with the CN area file signature TA, the session is established by calling an interface in libteec in the CA, the interface further calls a driving function to send a security monitoring mode calling (used for completing switching and communication between the TEE and the REE) request, and the TEE is informed to execute session establishing operation. And the OP-TEE matches or loads the corresponding TA according to the UUID to complete the session establishment. And after the session is established, returning the TA matched with the UUID to the CN area file signature CA.
The CN zone file signature module after the session is completed completes the full-period management of a zone file signature key (ZSK) and a Key Signature Key (KSK) by applying a trusted key management mechanism provided by a virtual encryption machine platform, the operations comprise the generation, storage, deletion, rotation and the like of a private key, and meanwhile, the platform can realize authority management functions of login, addition, deletion, password modification and the like of an administrator aiming at administrators of different levels.
Taking the process of generating and storing the private key as an example, the CA firstly calls a key generation interface to inform the TA to generate an asymmetric encryption key pair (the private key and the public key), the TA generates a public and private key pair according to the algorithm type and the key length provided by the user, and returns the public key to the CA through a shared memory between the TEE and the REE, so that the CN area main node issues the public key to the auxiliary node for area data signature checking; the storage structure of the key is divided into a user layer and a service layer, the user layer corresponds to a DNS domain name management user in the embodiment of the application, the service layer corresponds to a zone file signature service in the DNS domain name management, the key is stored in a safety space under the zone file signature service in the DNS user and provides a quick search matching interface, keys related to other services of other users are assigned with new safety spaces by corresponding TAs for storage, and the keys are isolated from one another.
And the CN zone file signature module finishes zone file signature by applying a mainstream cipher algorithm interface provided by the virtual encryption machine platform. The CN area file signature module analyzes the area file data, the resource record collection needing to be signed is sent to the TA one by one through the CA, the TA calls a beating algorithm (HMAC, SHA and the like) and an asymmetric encryption algorithm (RSA, ECDSA and the like) interface provided by the virtual encryption machine platform to execute signature operation, a signature result is returned to the CA through a shared memory between the TEE and the REE, and the CN area file signature module writes the signature result into a new signature area file to complete the complete signature process of the CN area. The virtual encryptor platform supports interfaces such as a symmetric encryption algorithm (AES, 3DES, etc.), a RANDOM number generation algorithm (RANDOM), and the like, in addition to the miscellaneous and asymmetric encryption algorithms.
The invention provides a virtual encryption machine platform based on a trusted computing technology and a creating method thereof. By depending on a trusted computing module and a safe trusted capability integrated in a main stream processor, a Trusted Execution Environment (TEE) is used for replacing a traditional encryption machine system and serving as a new operation carrier for key management and safe encryption, and a native virtual encryption machine platform based on a processor and oriented to multiple tenants is constructed, so that a user can realize a self service system and an encryption machine function in the same processing platform, the integration of the service system and a safety system is completed, the safety risk that key data of the user is invaded, hijacked and maliciously utilized in the encryption machine is avoided, the key information is really mastered in the hands of the user, and the safety and the independent control are realized. Meanwhile, aiming at a cloud platform multi-tenant scene, a plurality of virtual encryption machines can be established in the same TEE, and independent physically-isolated safe trusted environments and exclusive safety services are distributed for each cloud tenant, so that the cloud safety of user data is guaranteed. The technical scheme of the invention can conveniently and flexibly provide light-weight exclusive security service for different tenants on the same platform, and realize the integrated deployment and construction of the encryption machine and the cloud platform.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims (10)

1. A virtual cryptographic machine platform based on trusted technology, comprising: establishing a software and hardware encryption system on a processor platform integrated with a trusted computing module to realize the operation of a trusted execution environment TEE and a common execution environment REE; the REE and the TEE are divided into mutually independent hardware areas by applying memory isolation and CPU access authority control technologies on the bottom layer, so that mutual isolation is realized; establishing a plurality of virtual encryption machines in the TEE; the virtual encryption machine realizes hardware isolation with a common execution environment REE, establishes a safe trusted environment and a specified exclusive safe service program TA for CA of different users, and effectively manages the safe trusted environment and the specified exclusive safe service program TA;
wherein, CA is the user business application program example for realizing the interface with TEE in REE user space; TA is an application instance that provides secure cryptographic services for tenants in TEE user space.
2. A virtual encryption machine platform establishing method based on a trusted technology is characterized in that an ARM core which is running is divided into a safe state and a non-safe state based on a TrustZone technology, wherein the safe state corresponds to a system environment with OP-TEE as a trusted execution environment TEE, and the non-safe state corresponds to a common execution environment REE; the TEE provides a safe running deployment environment for the virtual encryption machine, and the private information and related operations are processed by a trusted application TA running in the TEE, wherein the TA is an application program instance providing safe encryption service for tenants in a TEE user space; CA is the user business application program example for realizing the connection with TEE in REE user space; establishing a shared memory between the TEE and the REE for data interaction in the mounting process through the OP-TEE drive between the CA and the TA; in the aspect of hardware isolation, the TrustZone completes the hardware resource isolation between the TEE and the REE by using a security extension component, and constructs an independent hardware security operation environment; in the aspect of software isolation, the OP-TEE realizes a safe operating system by utilizing a microkernel and a library operating system and fusing a trusted core framework, a trusted communication agent and a trusted hardware drive; establishing a plurality of virtual encryption machines in the TEE, wherein the virtual encryption machines establish exclusive security service program (TA) for CA of different users.
3. The method for creating the virtual encryption machine platform based on the trusted technology as claimed in claim 2, wherein said security extension component comprises: TZASC, TZIC, TZPC;
a safety state read-write signal is added on the system bus to forbid the REE from accessing the resources in the TEE; in the address space, an address space controller TZASC is used for dividing a safe address area to reject non-safe access, and a dynamic memory controller DMC is connected to the address space controller TZASC in a hanging mode, so that the safe access of the DRAM dynamic random access memory is realized;
the memory adapter TZMA can realize dynamic partition of the on-chip RAM, and each partitioned low address segment is used as a safe area;
the protection controller TZPC can set the peripheral equipment as the safety peripheral equipment;
the interrupt controller TZIC disables the processor from capturing secure interrupts while in the secure state.
4. The method for creating the virtual encryption machine platform based on the trusted technology according to claim 2, wherein the hardware isolation is to isolate resources between the TEE and the REE in terms of memory, cache, interrupt and peripheral devices; specifically, the memory isolation is completed by MMU and TZASC together, TEE and REE have independent MMU system control registers, different execution environments have independent page table sets, the respective logic MMU completes the conversion from virtual address to physical address, and the address spaces of TEE and REE are isolated from each other;
the peripheral protection is realized by TZPC, the equipment is configured to be safe or non-safe through the TZPC, and the equipment configured to be safe can only be accessed under a safe environment;
the interruption isolation is realized by TZIC which is used as a primary interruption source controller to control all external interruption sources, and the relevant register of the TZIC is programmed to set which interruption source is a safe interruption source.
5. The method for creating the virtual encryption machine platform based on the trusted technology as claimed in claim 2, wherein before the plurality of virtual encryption machines are established in the TEE:
an interface layer is required to be established on the security operating system, functions such as certificate management and various mainstream encryption and decryption algorithms are realized by calling a trusted module in a kernel for calculation, and the functions are packaged as a bottom interface function for an upper-layer security service program to use.
6. The method for creating the virtual encryption machine platform based on the trusted technology according to claim 2, wherein after the virtual encryption machine is created:
the TEE receives an instruction sent by a user and generates a first instruction;
according to the first instruction, the trusted execution environment applies for accessing configuration TZPC and TZASC to obtain a first physical memory isolation area;
separating the first physical memory isolation region into a plurality of memory isolation regions, wherein the plurality of memory isolation regions correspond to a plurality of security service programs;
the trusted execution environment sends the security service to the user.
7. A virtual cryptographic machine platform creation method based on trusted technology as claimed in claim 6, wherein before said trusted execution environment sends said security service to said user:
creating a logical link for communication between the REE and the TEE by the CA and the TA, and generating a session unique identification code;
the TA marks the identity of the TA through the unique identification code, the CA calls an interface to establish a session, the interface calls a driving function to send a calling request to a security monitoring mode, and the TEE is informed to execute session establishing operation;
and the OP-TEE matches or loads the corresponding TA according to the unique identification code to complete the session establishment.
8. The method for creating the virtual cryptographic machine platform based on the trusted technology as claimed in claim 6, wherein the memory isolation area matches different physical memories according to the user requirements.
9. The method for creating a virtual cryptographic machine platform based on trusted technology as claimed in claim 7, wherein said user and said security service are in unique mapping relation.
10. The virtual encryption machine platform creation method based on the trusted technology as claimed in claim 2, wherein the virtual encryption machine provides a full-period trusted key management mechanism, and realizes functions of automatic generation, secure storage, addition and deletion, and backup and recovery of keys, and the full-period trusted key management mechanism establishes a secure service program with functions of data encryption and decryption, signature, and signature verification according to the user requirements.
CN202111440048.0A 2021-11-30 2021-11-30 Virtual encryption machine platform based on trusted technology and creation method thereof Pending CN114117412A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111440048.0A CN114117412A (en) 2021-11-30 2021-11-30 Virtual encryption machine platform based on trusted technology and creation method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111440048.0A CN114117412A (en) 2021-11-30 2021-11-30 Virtual encryption machine platform based on trusted technology and creation method thereof

Publications (1)

Publication Number Publication Date
CN114117412A true CN114117412A (en) 2022-03-01

Family

ID=80368259

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111440048.0A Pending CN114117412A (en) 2021-11-30 2021-11-30 Virtual encryption machine platform based on trusted technology and creation method thereof

Country Status (1)

Country Link
CN (1) CN114117412A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220092196A1 (en) * 2021-12-08 2022-03-24 Intel Corporation Mechanism for secure library sharing
CN116150740A (en) * 2023-04-17 2023-05-23 杭州鸿钧微电子科技有限公司 Resource isolation method and device, chip system and electronic equipment
CN116339510A (en) * 2023-02-27 2023-06-27 荣耀终端有限公司 Eye movement tracking method, eye movement tracking device, electronic equipment and computer readable storage medium
WO2024002342A1 (en) * 2022-07-01 2024-01-04 华为云计算技术有限公司 Cloud technology-based trusted execution system and method
CN117744117A (en) * 2023-12-20 2024-03-22 元心信息科技集团有限公司 Authority setting method, authority setting device, electronic equipment and computer readable storage medium

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220092196A1 (en) * 2021-12-08 2022-03-24 Intel Corporation Mechanism for secure library sharing
WO2024002342A1 (en) * 2022-07-01 2024-01-04 华为云计算技术有限公司 Cloud technology-based trusted execution system and method
CN116339510A (en) * 2023-02-27 2023-06-27 荣耀终端有限公司 Eye movement tracking method, eye movement tracking device, electronic equipment and computer readable storage medium
CN116339510B (en) * 2023-02-27 2023-10-20 荣耀终端有限公司 Eye movement tracking method, eye movement tracking device, electronic equipment and computer readable storage medium
CN116150740A (en) * 2023-04-17 2023-05-23 杭州鸿钧微电子科技有限公司 Resource isolation method and device, chip system and electronic equipment
CN116150740B (en) * 2023-04-17 2023-12-12 杭州鸿钧微电子科技有限公司 Resource isolation method and device, chip system and electronic equipment
CN117744117A (en) * 2023-12-20 2024-03-22 元心信息科技集团有限公司 Authority setting method, authority setting device, electronic equipment and computer readable storage medium

Similar Documents

Publication Publication Date Title
US11416415B2 (en) Technologies for secure device configuration and management
EP3937424B1 (en) Blockchain data processing methods and apparatuses based on cloud computing
Tiburski et al. Lightweight security architecture based on embedded virtualization and trust mechanisms for IoT edge devices
US10171432B2 (en) Systems to implement security in computer systems
CN114117412A (en) Virtual encryption machine platform based on trusted technology and creation method thereof
JP6857193B2 (en) Systems and methods for decoding network traffic in virtualized environments
US9698988B2 (en) Management control method, apparatus, and system for virtual machine
US9300640B2 (en) Secure virtual machine
US11323259B2 (en) Version control for trusted computing
CN110348204B (en) Code protection system, authentication method, authentication device, chip and electronic equipment
US10083128B2 (en) Generating memory dumps
US11575672B2 (en) Secure accelerator device pairing for trusted accelerator-to-accelerator communication
WO2017128720A1 (en) Vtpm-based method and system for virtual machine security and protection
KR20150092890A (en) Security-Enhanced Device based on Virtualization and the Method thereof
WO2023273647A1 (en) Method for realizing virtualized trusted platform module, and secure processor and storage medium
Wang et al. SvTPM: SGX-based virtual trusted platform modules for cloud computing
CN113342473A (en) Data processing method, migration method of secure virtual machine, related device and architecture
US10691356B2 (en) Operating a secure storage device
US20230066427A1 (en) Distributed trusted platform module key management protection for roaming data
Nolte et al. A Secure Workflow for Shared HPC Systems
US20230267214A1 (en) Virtual trusted platform module implementation method and related apparatus
Jian et al. A New Method to Enhance Container with vTPM
Choi et al. Isolated mini-domain for trusted cloud computing
CN117194284A (en) Memory access method, initialization method and related devices thereof
CN118214562A (en) Attestation service method based on TEE and TPM confidential computing node

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination