CN114641769A - 一种处理器的安全度量装置及方法 - Google Patents
一种处理器的安全度量装置及方法 Download PDFInfo
- Publication number
- CN114641769A CN114641769A CN202080008627.5A CN202080008627A CN114641769A CN 114641769 A CN114641769 A CN 114641769A CN 202080008627 A CN202080008627 A CN 202080008627A CN 114641769 A CN114641769 A CN 114641769A
- Authority
- CN
- China
- Prior art keywords
- processor
- instruction
- information
- address information
- tracker
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 230000015654 memory Effects 0.000 claims abstract description 82
- 238000012544 monitoring process Methods 0.000 claims description 80
- 238000005259 measurement Methods 0.000 abstract description 14
- 230000006870 function Effects 0.000 description 10
- 230000001960 triggered effect Effects 0.000 description 10
- 238000012795 verification Methods 0.000 description 7
- 238000004364 calculation method Methods 0.000 description 6
- 238000001514 detection method Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000000691 measurement method Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 238000013461 design Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- FFBHFFJDDLITSX-UHFFFAOYSA-N benzyl N-[2-hydroxy-4-(3-oxomorpholin-4-yl)phenyl]carbamate Chemical compound OC1=C(NC(=O)OCC2=CC=CC=C2)C=CC(=C1)N1CCOCC1=O FFBHFFJDDLITSX-UHFFFAOYSA-N 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
一种处理器的安全度量装置及方法,涉及电子技术领域,用于提供处理器运行时的安全性。该安全度量装置包括:处理器(101),用于运行存储器(105)中的指令;访问控制器(103),用于控制处理器跟踪器(102)访问存储器(105)中的第一存储区域,处理器(101)无法访问第一存储区域;处理器跟踪器(102),用于获取所述指令中第一指令在存储器(105)中的第一地址信息,并将第一地址信息存储在第一存储区域中;安全防护系统(104),用于从第一存储区域中获取第一地址信息,并基于第一地址信息度量第一指令的安全性。
Description
PCT国内申请,说明书已公开。
Claims (15)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2020/121303 WO2022077388A1 (zh) | 2020-10-15 | 2020-10-15 | 一种处理器的安全度量装置及方法 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114641769A true CN114641769A (zh) | 2022-06-17 |
Family
ID=81208736
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202080008627.5A Pending CN114641769A (zh) | 2020-10-15 | 2020-10-15 | 一种处理器的安全度量装置及方法 |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US20230259636A1 (zh) |
| EP (1) | EP4209947A4 (zh) |
| CN (1) | CN114641769A (zh) |
| WO (1) | WO2022077388A1 (zh) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023246373A1 (zh) * | 2022-06-21 | 2023-12-28 | 华为技术有限公司 | 一种计算设备及数据保护方法 |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117992960A (zh) * | 2022-10-27 | 2024-05-07 | 华为技术有限公司 | 一种安全启动方法、装置及设备 |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4677546A (en) * | 1984-08-17 | 1987-06-30 | Signetics | Guarded regions for controlling memory access |
| EP1843250B1 (en) * | 2006-04-05 | 2015-06-10 | Texas Instruments France | System and method for checking the integrity of computer program code |
| GB2453174B (en) * | 2007-09-28 | 2011-12-07 | Advanced Risc Mach Ltd | Techniques for generating a trace stream for a data processing apparatus |
| US9395993B2 (en) * | 2013-07-29 | 2016-07-19 | Intel Corporation | Execution-aware memory protection |
| US10007784B2 (en) * | 2015-03-27 | 2018-06-26 | Intel Corporation | Technologies for control flow exploit mitigation using processor trace |
| CN109670312A (zh) * | 2017-10-13 | 2019-04-23 | 华为技术有限公司 | 安全控制方法及计算机系统 |
| CN111651778B (zh) * | 2020-05-26 | 2023-05-05 | 上海交通大学 | 基于risc-v指令架构的物理内存隔离方法 |
-
2020
- 2020-10-15 EP EP20957167.8A patent/EP4209947A4/en active Pending
- 2020-10-15 WO PCT/CN2020/121303 patent/WO2022077388A1/zh unknown
- 2020-10-15 CN CN202080008627.5A patent/CN114641769A/zh active Pending
-
2023
- 2023-04-16 US US18/301,238 patent/US20230259636A1/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023246373A1 (zh) * | 2022-06-21 | 2023-12-28 | 华为技术有限公司 | 一种计算设备及数据保护方法 |
Also Published As
| Publication number | Publication date |
|---|---|
| US20230259636A1 (en) | 2023-08-17 |
| EP4209947A4 (en) | 2023-09-27 |
| WO2022077388A1 (zh) | 2022-04-21 |
| EP4209947A1 (en) | 2023-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9111097B2 (en) | Secure execution architecture | |
| US9317450B2 (en) | Security protection for memory content of processor main memory | |
| US7917741B2 (en) | Enhancing security of a system via access by an embedded controller to a secure storage device | |
| KR101689204B1 (ko) | 디바이스의 펌웨어 무결성 검증 | |
| US8028174B2 (en) | Controlling update of content of a programmable read-only memory | |
| US8434067B2 (en) | Method and system for whitelisting software components | |
| US8122514B2 (en) | Software enhanced trusted platform module | |
| US20230259636A1 (en) | Security assessment apparatus and method for processor | |
| US8843742B2 (en) | Hypervisor security using SMM | |
| CN113254949A (zh) | 对存储器区域的访问权限 | |
| CN112818327A (zh) | 基于TrustZone的用户级代码和数据安全可信保护方法及装置 | |
| US11775649B2 (en) | Perform verification check in response to change in page table base register | |
| US11251976B2 (en) | Data security processing method and terminal thereof, and server | |
| CN113448682B (zh) | 一种虚拟机监控器加载方法、装置及电子设备 | |
| US11269986B2 (en) | Method for authenticating a program and corresponding integrated circuit | |
| CN110413351B (zh) | 一种可信免疫力检测方法 | |
| US20180226136A1 (en) | System management mode test operations | |
| US20210224386A1 (en) | Electronic system and method for preventing malicious actions on a processing system of the electronic system | |
| CN114462041A (zh) | 基于双体系架构的动态可信访问控制方法及系统 | |
| EP1535124B1 (en) | Computer architecture for executing a program in a secure of insecure mode | |
| CN112114908A (zh) | 硬件平台及其启动方法、装置和电子设备 | |
| US20180307629A1 (en) | Command source verification | |
| EP4095725A1 (en) | Electronic device and security protection method | |
| US20220342984A1 (en) | Integrity monitor | |
| KR100638713B1 (ko) | 불안전 모드에서 안전하게 프로그램을 실행하는 컴퓨터 구조 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |