CN114647868A - Secure computing method, apparatus, device, medium, and program product - Google Patents
Secure computing method, apparatus, device, medium, and program product Download PDFInfo
- Publication number
- CN114647868A CN114647868A CN202210266609.8A CN202210266609A CN114647868A CN 114647868 A CN114647868 A CN 114647868A CN 202210266609 A CN202210266609 A CN 202210266609A CN 114647868 A CN114647868 A CN 114647868A
- Authority
- CN
- China
- Prior art keywords
- function
- confidential
- computing
- calculation
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Abstract
The disclosure provides a secure computing method, and relates to the field of cloud computing. The method comprises the following steps: acquiring a function calculation event according to function calculation operation of a user; sending a calling request based on the function computing event, wherein the calling request comprises information of a target function to be triggered to execute; if the target function is a confidential function, executing the target function in a confidential computing environment in response to the call request, wherein the confidential computing environment comprises a hardware encryption-based execution environment. The present disclosure also provides a secure computing apparatus, device, storage medium and program product.
Description
Technical Field
The present disclosure relates to the field of cloud computing, and more particularly, to a secure computing method, apparatus, device, medium, and program product.
Background
Function computing is a cloud computing technology based on a Serverless architecture, which further abstracts and encapsulates in terms of infrastructure and software environment. Taking the service application development as an example, the management work in the aspect of the bottom layer server does not need to be concerned any more, so that the development of the application layer of the service logic is focused, the service development work can be more specialized, and the quick iteration of the service product is assisted.
With the widespread use of function computing services, private data containing a large number of citizens or other entities may be used with user authorization. How to protect the security of private data in the process of providing function computing service becomes a problem to be solved urgently at present.
Disclosure of Invention
In view of the foregoing, the present disclosure provides a secure computing method, apparatus, device, medium, and program product capable of securing private data.
One aspect of the disclosed embodiments provides a secure computing method, including: acquiring a function calculation event according to function calculation operation of a user; sending a calling request based on the function computing event, wherein the calling request comprises information of a target function to be triggered to execute; if the target function is a confidential function, executing the target function in a confidential computing environment in response to the call request, wherein the confidential computing environment comprises a hardware encryption-based execution environment.
According to an embodiment of the present disclosure, if the objective function is a confidential function, before executing the objective function, the method further includes: creating a confidential function container based on the confidential computing environment; deploying the objective function in the confidential function container.
According to an embodiment of the present disclosure, the sending a call request based on the function computation event includes: forwarding the call request to the confidential function container to execute the target function.
According to an embodiment of the present disclosure, the objective function is to process objective data, the executing the objective function in the confidential computing environment in response to the call request includes: decrypting the target function and/or the target data prior to executing the target function; after executing the objective function, encrypting the objective function and/or the objective data.
According to an embodiment of the present disclosure, before sending the invocation request, the method further includes: analyzing the function calculation event and determining the target function; and generating the calling request based on the target function.
According to an embodiment of the present disclosure, if the objective function is a non-confidential function, the method further includes: executing the objective function in the non-confidential computing environment in response to the call request.
Another aspect of the disclosed embodiments provides a secure computing device, comprising: the event trigger unit is used for acquiring a function calculation event according to the function calculation operation of a user; the core engine unit is used for receiving the function calculation event sent by the event trigger unit and sending a calling request based on the function calculation event, wherein the calling request comprises information of a target function to be triggered and executed; a confidential calculation unit for executing the target function in a confidential calculation environment in response to the call request if the target function is a confidential function, wherein the confidential calculation environment includes an execution environment based on hardware encryption.
Another aspect of the disclosed embodiments provides an electronic device, including: one or more processors; a storage device to store one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method as described above.
Yet another aspect of the embodiments of the present disclosure provides a computer-readable storage medium having stored thereon executable instructions, which when executed by a processor, cause the processor to perform the method as described above.
Yet another aspect of the disclosed embodiments provides a computer program product comprising a computer program that when executed by a processor implements the method as described above.
One or more of the above embodiments have the following advantageous effects: the objective function corresponding to the function calculation operation of the user can be flexibly processed, and under the condition that the user has the requirement of protecting private data, the objective function is set as a secret function, and the objective function can be executed in a secret computing environment. The server-free architecture provides function computing service, and a confidential computing technology is utilized to encrypt or decrypt hardware in the process of executing the target function, so that the high-efficiency development requirement and the privacy data protection requirement of a user can be met.
Drawings
The foregoing and other objects, features and advantages of the disclosure will be apparent from the following description of embodiments of the disclosure, which proceeds with reference to the accompanying drawings, in which:
fig. 1 schematically illustrates an application scenario of a secure computing method according to an embodiment of the present disclosure;
FIG. 2 schematically illustrates a flow diagram of a secure computing method according to an embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow diagram for generating a call request according to an embodiment of the disclosure;
FIG. 4 schematically illustrates a flow diagram for deploying an objective function according to an embodiment of the disclosure;
FIG. 5 schematically illustrates a block diagram of a secure computing device, in accordance with an embodiment of the present disclosure;
FIG. 6 schematically illustrates a block diagram of a secure computing device, according to another embodiment of the present disclosure;
FIG. 7 schematically illustrates a confidential function deployment flow diagram based on a secure computing device, in accordance with an embodiment of the present disclosure;
FIG. 8 schematically shows a block diagram of a function computation software unit according to an embodiment of the present disclosure;
fig. 9 schematically illustrates a block diagram of a cloud computing virtualization software unit according to an embodiment of the present disclosure;
FIG. 10 schematically shows a block diagram of a confidential computing hardware unit according to an embodiment of the present disclosure;
FIG. 11 schematically shows a block diagram of a secret calculation software unit according to an embodiment of the present disclosure;
FIG. 12 schematically illustrates a block diagram of an electronic device adapted to implement a secure computing method in accordance with an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
The serverless computing does not no longer use servers, but background servers are transparent to users, and users no longer need to pay attention to complex deployment and maintenance problems. A user-oriented function computing platform is provided based on a serverless architecture, and functions can be provided for users to develop or use by taking the functions as service granularity.
In some embodiments, the bottom layer of the function computation platform may employ container technology. For example, Docker is employed as the underlying container technology and Kubernets as the underlying cluster management technology (by way of example only). Docker provides a novel isolation method on the system kernel, and can realize a safe runtime virtual environment. Kubernetes, a distributed large-scale container management technology, can be used for automatic deployment, operation and maintenance and scaling of container clusters.
With the widespread application of cloud computing services such as function computing, more and more business data need to be processed or stored on a cloud computing platform (hereinafter referred to as a function computing platform), and the data contains a large amount of private data of citizens or other entities. An attacker can steal data used in the cloud computing process, so that private data is leaked.
Confidential computation refers to a technique of protecting a function to be run or data in use by executing a computation process through a hardware-based trusted execution environment. The confidential computing environment may include a trusted execution environment based on hardware encryption that is supported by confidential computing software and confidential computing hardware. The hardware may include a CPU, a memory, and the like, for example, in the secret calculation process, the function code or the data is stored in a specific area in the memory, the CPU is used to encrypt and decrypt the data, and the specific area in the memory can be accessed only after the data is authorized, so that the private data protection is realized.
The secure computing method provided by the embodiment of the disclosure can deploy container service through a bottom layer hardware (CPU) based on a secret computing encryption technology, and provide function computing service to the outside through a server technical architecture. Specifically, the objective function corresponding to the function calculation operation of the user can be flexibly processed, and when the user has a requirement for protecting private data, the objective function is set as a confidential function, and the objective function can be executed in a confidential calculation environment. The server-free architecture provides function computing service, and a confidential computing technology is utilized to encrypt or decrypt hardware in the process of executing the target function, so that the high-efficiency development requirement and the privacy data protection requirement of a user can be met.
In the technical scheme of the disclosure, the collection, storage, use, processing, transmission, provision, disclosure, application and other processing of the related user privacy data all accord with the regulations of related laws and regulations, necessary security measures are taken, and the public order and the good custom are not violated. In addition, before the user privacy data is acquired or collected, the authorization or the consent of the user is acquired.
It should be noted that the secure computing method, apparatus, device, medium, and program product provided by the present disclosure may be used in the related aspects of cloud computing technology in the financial field, and may also be used in any field other than the financial field.
Fig. 1 schematically shows an application scenario diagram of a secure computing method according to an embodiment of the present disclosure.
As shown in fig. 1, the application scenario 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104 and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have installed thereon various communication client applications, such as shopping-like applications, web browser applications, search-like applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 105 may be a server providing various services, such as a background management server (for example only) providing support for websites browsed by users using the terminal devices 101, 102, 103. The backend management server may analyze and process the received data such as the user request, and feed back a processing result (for example, a web page, information, or data obtained or generated according to the user request) to the terminal device.
It should be noted that the secure computing method provided by the embodiment of the present disclosure may be generally executed by the server 105. Accordingly, the function calculation device provided by the embodiment of the present disclosure may be generally disposed in the server 105. The security calculation method provided by the embodiment of the present disclosure may also be performed by a server or a server cluster that is different from the server 105 and is capable of communicating with the terminal devices 101, 102, 103 and/or the server 105. Accordingly, the function calculating device provided by the embodiment of the present disclosure may also be disposed in a server or a server cluster different from the server 105 and capable of communicating with the terminal devices 101, 102, 103 and/or the server 105.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
The security calculation method according to the embodiment of the present disclosure will be described in detail below with reference to fig. 2 to 4 based on the scenario described in fig. 1.
Fig. 2 schematically shows a flow diagram of a secure computing method according to an embodiment of the present disclosure.
As shown in fig. 2, the security calculation method of this embodiment includes operations S210 to S230.
In operation S210, a function calculation event is obtained according to a function calculation operation of a user;
illustratively, the function computing operation may be a business transaction operation performed by a user using a function computing platform. The business transaction can be processed through a business application developed in advance based on the function computing platform. The business application can allow the user to access, and the transaction processing is realized by function calculation with the function as service granularity in the transaction processing process.
Illustratively, the function computing platform may work in an event-driven manner, in particular, the function may be triggered by predefined events, such as HTTP requests, timed tasks, message queue triggers, and the like.
In operation S220, a call request is sent based on the function computation event, where the call request includes information of a target function to be triggered to execute;
the call request is used to call a function to trigger execution. After obtaining the function computation event, the call request may assign the event to a function instance (e.g., a function container) for execution. The objective function is a function corresponding to the function computation event. The function computing platform may be deployed with one or more function services, each function in the function services for processing a different function computing event. The information of the target function may include a name of the target function, function instance information or calling information, and the like.
In operation S230, if the target function is a confidential function, the target function is executed in a confidential computing environment in response to the call request, wherein the confidential computing environment includes a hardware encryption-based execution environment.
Illustratively, confidential functions include functions where the user has data privacy protection requirements. When the confidential function is used for calculating the function, a hardware encryption service is provided, and data leakage is avoided. Therefore, any function in the cloud computing platform can be flexibly set to be a confidential function according to the requirements of the user.
In some embodiments, a user may flexibly set (e.g., identify) whether an objective function is a confidential function during the creation of the objective function according to privacy data protection requirements. In the process of calculation by the user using the objective function, whether secret calculation is performed is determined according to the preset. In other embodiments, the user may select whether to perform the secret calculation each time a function calculation operation is performed. For example, accounting data from different individuals or enterprises and public institutions have different confidentiality requirements, and whether confidential calculation is performed or not can be flexibly selected according to the confidentiality degree of the source accounting data, so that the purpose of protecting privacy is achieved.
According to the embodiment of the disclosure, the objective function corresponding to the function calculation operation of the user can be flexibly processed, and under the condition that the user has the requirement of protecting the private data, the objective function is set as a secret function, so that the objective function can be executed in a secret calculation environment. The server-free architecture provides function computing service, and a confidential computing technology is utilized to encrypt or decrypt hardware in the process of executing the target function, so that the high-efficiency development requirement and the privacy data protection requirement of a user can be met.
In some embodiments, the target function is executed in the non-confidential computing environment in response to the call request if the target function is a non-confidential function.
Illustratively, the non-confidential computing environment is used to distinguish from a trusted execution environment based on hardware encryption, which may be a software system based computing environment.
According to the embodiment of the disclosure, if the user does not have the requirement for protecting the private data, the target function is a non-confidential function, and the execution in the non-confidential computing environment can reduce the dependency on the bottom hardware, save the bottom hardware resources, improve the expandability and flexibility of the function computing service, and improve the function computing efficiency.
FIG. 3 schematically shows a flow diagram for generating a call request according to an embodiment of the disclosure.
Before the call request is transmitted in the execution operation S220, as shown in fig. 3, operations S310 to S320 may be performed to generate the call request.
In operation S310, the function calculation event is parsed, and an objective function is determined;
the function calculation operation parameters of the user, such as user information, business transaction types, event types, function service information and the like, can be acquired by monitoring and acquiring function calculation events. And analyzing the event to obtain related parameters so as to determine a corresponding objective function. The access rights of the user, i.e. which functions can be accessed, can be determined, for example, by means of the user information. By way of example only, the type of business transaction, the functions that the user may access and process the business transaction may be determined.
In operation S320, a call request is generated based on the target function.
Taking the call Interface as an example, after creating a function service, an Application Programming Interface (API) may be exposed. When the function service is accessed, the API is called. If the function served by the function is a confidential function, the API is a confidential calculation interface, and a calling request is generated according to the format and the requirement of the confidential calculation interface. For example, the call request may restart a process and launch the trusted execution environment, loading the confidential computation container to perform the function computation.
According to the embodiment of the disclosure, the target function can be accurately obtained through the analysis of the function calculation event. And according to whether the target function is a confidential function or not, the corresponding call request is flexibly generated, so that the stability of function calculation can be improved, the failure of function calculation or the failure of the confidential calculation function is avoided, and the user experience is improved.
Illustratively, whether the target function is a confidential function or not may be managed by the function management unit, and whether a corresponding function instance exists or not may be queried, thereby generating a corresponding call request. If a function instance already exists, a call request may be generated for the call. If no function instance exists, then creation is performed first, as further described below with respect to FIG. 4.
FIG. 4 schematically shows a flow diagram for deploying an objective function according to an embodiment of the disclosure.
Before executing the objective function in operation S230, as shown in fig. 4, operations S410 to S420 may be further included to deploy the objective function.
In operation S410, creating a confidential function container based on the confidential computing environment;
illustratively, before the secret function container is created in operation S410, the following steps may be included:
step 1): preparing a server, wherein hardware such as a CPU (central processing unit) and the like with a hardware encryption technology is needed, such as Intel SGX (Software Guard Extensions), ARM TrustZone, AMD SEV and the like, and related configuration (BIOS) of the server hardware is carried out, and functions such as virtualization, memory encryption and the like related to confidential calculation are opened;
step 2): installing a server operating system compatible with hardware encryption technology, such as an open source linux operating system like ubuntu 18.04;
step 3): installing and operating cloud computing virtualization software such as Docker and Kubernets;
and step 4): installing and running confidential calculation software such as sgx sdk, Occlum, Graphene and the like;
step 5): installing operation function computing platform software;
step 6): transforming function computing platform software to enable the function computing platform software to create and schedule a secret computing container and operate a function;
the secret function container created in operation S410 may be that the function computing platform software may be compatible with the secret computing software, and the secret computing container is created based on the underlying hardware using the functions provided by the secret computing software. Specifically, if the objective function is a secret function, the secret computing technology is used to obtain the relevant information of the objective function, the base mirror image can be pulled from the mirror image warehouse of the Docker, and the secret computing Docker is created by using the mirror image. Among other things, using secret computing techniques may be understood as signing and authorizing a secret computing container with the ability to run functions in a trusted execution environment (underlying hardware) by invoking secret computing software.
In operation S420, an objective function is deployed in a cryptographic function container.
Illustratively, the application development stage creates a function calculation project, deploys the function in a confidential function container, and executes the function by using the confidential calculation container at the bottom layer runtime, thereby completing the privacy protection service.
According to the embodiment of the disclosure, the function computing platform provides development of business applications, and the resources depended on can include cloud services, operating systems, container services, server hardware and the like. The container service is deployed through the server hardware, so that the defense degree against the attack can be improved, and the cost and the technical difficulty of the attack are increased.
According to an embodiment of the present disclosure, sending a call request based on a function computation event in operation S420 includes: the call request is forwarded to the confidential function container to execute the target function.
Illustratively, the confidential function container in which the objective function is deployed can be considered as a function instance for taking charge of the execution of the code corresponding to the actual objective function. For example, the function platform software may call an API exposed based on the confidential computing technology, sending a call request to the confidential function container.
According to the embodiment of the present disclosure, the objective function may be regarded as a code function block, and a secret function container is created based on a secret computing technology, and the code of the objective function deployed in the container is stored in a specific area (memory space) in the memory. The controller in the CPU can deny access to the area by unauthorized peripherals, preventing code leakage.
According to an embodiment of the present disclosure, the target function is used for processing target data, i.e., data used in a function calculation process, and executing the target function in the confidential computing environment in response to a call request includes: decrypting the target function and/or the target data before executing the target function; after the target function is executed, the target function and/or the target data are encrypted.
For example, in the stage of creating the function service, if the target function is a confidential function, the user encrypts the target function and uploads the encrypted target function, for example, chip-level encryption is performed by using a CPU. And uploading the target data to a function computing platform for processing, and encrypting. Prior to executing the target function, a key exchange protocol (by way of example only) is executed in the trusted execution environment to decrypt in order to successfully execute the function to process the target data. After execution is complete, encryption may be performed and then returned to the user. The target data may include initial data before the target function is executed and calculation result data after the target function is executed.
According to the embodiment of the disclosure, the target data can also be stored in a specific area in the memory together with the target function. The CPU-based chip-level hardware encryption of data in a specific area does not reveal privacy even if an attacker steals the data.
Based on the above secure computing method, the present disclosure also provides a secure computing device. The apparatus will be described in detail below with reference to fig. 5.
Fig. 5 schematically illustrates a block diagram of a secure computing device, in accordance with an embodiment of the present disclosure.
As shown in fig. 5, the secure computing apparatus 500 of this embodiment includes an event trigger unit 510, a core engine unit 520, and a secret computing unit 530.
The event trigger unit 510 may perform operation S210 for acquiring a function calculation event according to a function calculation operation of a user;
the core engine unit 520 may perform operation S220, configured to receive a function computation event sent by the event trigger unit, and send a call request based on the function computation event, where the call request includes information of a target function to be triggered to be executed;
according to an embodiment of the present disclosure, the core engine unit 520 may perform operations S410 to S420, and if the objective function is a secret function, before the objective function is executed, schedule the secret calculation unit to create a secret function container based on the secret calculation environment; and deploying the target function in a confidential function container.
According to an embodiment of the present disclosure, the core engine unit 520 may be configured to forward the call request to the confidential function container to execute the target function.
According to an embodiment of the present disclosure, the core engine unit 520 may perform operations S310 to S320 for parsing the function calculation event and determining the target function; a call request is generated based on the target function.
The secret calculation unit 530 may perform operation S230 for, in case the target function is a secret function, executing the target function in a secret computing environment in response to the call request, wherein the secret computing environment includes an execution environment based on hardware encryption.
According to an embodiment of the present disclosure, the secret calculation unit 530 may be configured to decrypt the objective function and/or the objective data before executing the objective function; after the target function is executed, the target function and/or the target data are encrypted.
According to an embodiment of the present disclosure, the secure computing device 500 may further include a non-confidential function executing unit for executing the target function in the non-confidential computing environment in response to the call request, if the target function is a non-confidential function.
Fig. 6 schematically illustrates a block diagram of a secure computing device, according to another embodiment of the present disclosure.
As shown in fig. 6, the secure computing apparatus 600 of this embodiment includes a function computing software unit 610, a cloud computing virtualization software unit 620, a secret computing hardware unit 630, and a secret computing software unit 640. Referring to fig. 5, the secret calculation unit 530 may include a secret calculation hardware unit 630 and a secret calculation software unit 640.
According to the embodiment of the present disclosure, the secret computing hardware unit 630 is communicatively connected to the cloud computing virtualization software unit 620, the secret computing software unit 640, and the cloud computing virtualization software unit, the cloud computing virtualization software unit 620 is communicatively connected to the secret computing software unit 640 and the function computing software unit 610, and the secret computing software unit 640 is communicatively connected to the function computing software unit 610.
The confidential computing hardware unit 630 is used to cause the confidential computing hardware to provide memory encryption functions, providing encryption or decryption of data when in use. The cloud computing virtualization software unit 620 is used for realizing virtualization and containerization of server resources, so that the server resources can be flexibly used and efficiently used. The confidential computing software unit 640 is used to provide the SDK and confidential computing framework (such as Occlum, Graphene, etc.) providing developers with the ability to operate on confidential computing hardware. The function calculation software unit 610 is configured to provide a function calculation development platform and a function running platform to a developer through technologies such as a lightweight virtualization container.
According to the embodiment of the disclosure, the secure computing device 600 may use CPU encryption hardware as an encryption core component, provide stronger data security than software encryption, and higher computing performance, and merge a confidential computing development framework, support multiple development languages, and make application layer development more friendly. In addition, a function computing platform based on a server-free architecture can be provided, the development test and production operation environment is unified, new products and new services on line can be conveniently developed by service application, the related management configuration of bottom server resources is not needed to be concerned, the function computing platform automatically and flexibly expands and contracts the capacity according to the service transaction amount, and the efficient operation of the service is met.
Fig. 7 schematically illustrates a confidential function deployment flow diagram based on a secure computing device 600 according to an embodiment of the disclosure.
As shown in fig. 7, the flow of secret function deployment by the secure computing apparatus 600 of this embodiment may include operations S701 to S707.
In operation S701: and starting a function computing platform.
In operation S702: an authorized development user logs in a function computing platform (development test environment) and prepares to develop a function (confidential function) for privacy protection.
In operation S703: developers develop debugging secret functions on a function computing platform (development test environment).
In operation S704: the tester tests the confidential function on the function computing platform (development test environment) to determine whether the confidential function can normally operate.
In operation S705: and after the test is finished, the confidential function is subjected to version release and delivered to a production operation environment.
In operation S706: the confidential function is online in a production environment of the function computing platform and runs after a specific event is triggered.
In operation S707: and the business user evaluates the production operation condition of the confidential function, puts forward business requirements, and waits for a developer to create or update the confidential function.
Fig. 8 schematically shows a block diagram of the structure of the function calculation software unit 610 according to an embodiment of the present disclosure.
Referring to fig. 5 and 8, the function calculation software unit 610 may include an event trigger unit 510, a core engine unit 520, and a function management unit 611.
The event trigger unit 510 is configured to provide an external event trigger function execution capability, including capabilities of Http request trigger, timing trigger, kafka message trigger, and the like, and mainly achieve capturing of an external event and assigning the event to a function core engine for execution.
The core engine unit 520 is used to provide functions of function controller, function instance scaling, monitoring, log collection, and the like. The function controller realizes event analysis and event forwarding and realizes the expansion and contraction of the function instance. The function instance is responsible for the execution of the actual function code.
The function management unit 611 is configured to store the function code package and the function meta information using the S3 object and the mysql database, provide API and WEB services for external use, perform management operations such as uploading or publishing functions, confidential functions, configuring function triggers, and implement function authority management.
Fig. 9 schematically shows a block diagram of a cloud computing virtualization software unit 620 according to an embodiment of the present disclosure.
As shown in fig. 9, the cloud computing virtualization software unit 620 may include a container service unit 621, a container management unit 622, and a storage unit 623.
The container service unit 621 is used to provide a container service, such as Docker, on an operating system (such as linux), provide a containerized computing environment and a mirroring service.
The container management unit 622 is used to provide container management services on an operating system (such as linux), such as providing software kubernets, and providing various management scheduling services for container runtime.
The storage unit 623 is used to provide storage services on an operating system (such as linux), such as providing distributed storage using open source software etcd (distributed storage system), and providing other auxiliary management functions for the containerized computing environment, such as high availability, load balancing, and the like.
Fig. 10 schematically shows a block diagram of the secret computing hardware unit 630 according to an embodiment of the present disclosure.
As shown in fig. 10, the secret calculation hardware unit 630 may include a CPU unit 631, a memory unit 632, and a parameter setting unit 633.
The CPU unit 631 is used to provide cryptographic computation functions such as Intel sgx, ARM TrustZone, AMD SEV, etc. with CPU chip level.
The parameter setting unit 13 is configured to adjust relevant parameters of the CPU encryption function, such as a virtualization switch, an encryption/decryption algorithm, a key, a maximum encryption memory, and the like.
Fig. 11 schematically shows a block diagram of the secret calculation software unit 640 according to an embodiment of the present disclosure.
As shown in FIG. 11, the secret calculation software unit 640 may include an underlying SDK unit 641 and a development framework unit 642.
The bottom layer SDK unit 641 is configured to provide a driver of the CPU encryption function and a basic development interface of the encryption/decryption function.
Because it is difficult to directly use the bottom layer SDK to develop the application (generally, C language or C + +), the development framework unit 642 is used to provide a development framework, encapsulate the interface of the bottom layer SDK, provide a friendly and rich development interface to the outside, and support multiple development languages, such as Occlum and Graphene.
It should be noted that the implementation, solved technical problems, implemented functions, and achieved technical effects of each module/unit/subunit and the like in the apparatus part embodiment are respectively the same as or similar to the implementation, solved technical problems, implemented functions, and achieved technical effects of each corresponding step in the method part embodiment, and are not described herein again.
According to the embodiment of the present disclosure, any plurality of units in the secure computing unit 500 or the secure computing unit 600 may be combined and implemented in one unit, or any one of the units may be split into a plurality of units. Alternatively, at least part of the functionality of one or more of these units may be combined with at least part of the functionality of other units and implemented in one unit.
According to an embodiment of the present disclosure, at least one of the secure computing unit 500 or the secure computing unit 600 may be implemented at least partially as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware by any other reasonable way of integrating or packaging a circuit, or in any one of three implementations of software, hardware, and firmware, or in a suitable combination of any of them. Alternatively, at least one of the secure computing unit 500 or the secure computing unit 600 may be at least partly implemented as a computer program element, which when executed may perform a corresponding function.
FIG. 12 schematically illustrates a block diagram of an electronic device adapted to implement a secure computing method in accordance with an embodiment of the present disclosure.
As shown in fig. 12, an electronic apparatus 1200 according to an embodiment of the present disclosure includes a processor 1201, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)1202 or a program loaded from a storage section 1208 into a Random Access Memory (RAM) 1203. The processor 1201 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. The processor 1201 may also include on-board memory for caching purposes. The processor 1201 may include a single processing unit or multiple processing units for performing the different actions of the method flows according to embodiments of the present disclosure.
In the RAM1203, various programs and data necessary for the operation of the electronic apparatus 1200 are stored. The processor 1201, the ROM 1202, and the RAM1203 are connected to each other by a bus 1204. The processor 1201 performs various operations of the method flow according to the embodiments of the present disclosure by executing programs in the ROM 1202 and/or the RAM 1203. Note that the programs may also be stored in one or more memories other than the ROM 1202 and the RAM 1203. The processor 1201 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM 1202 and/or the RAM1203 and/or one or more memories other than the ROM 1202 and the RAM1203 described above.
Embodiments of the present disclosure also include a computer program product comprising a computer program containing program code for performing the method illustrated in the flow chart. When the computer program product runs in a computer system, the program code is used for causing the computer system to realize the method provided by the embodiment of the disclosure.
The computer program performs the above-described functions defined in the system/apparatus of the embodiments of the present disclosure when executed by the processor 1201. The above described systems, devices, modules, units, etc. may be implemented by computer program modules according to embodiments of the present disclosure.
In one embodiment, the computer program may be hosted on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted in the form of a signal over a network medium, distributed, and downloaded and installed through the communication section 1209, and/or installed from the removable medium 1211. The computer program containing program code may be transmitted using any suitable network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
In such an embodiment, the computer program can be downloaded and installed from a network through the communication portion 1209 and/or installed from the removable medium 1211. The computer program, when executed by the processor 1201, performs the above-described functions defined in the system of the embodiments of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
In accordance with embodiments of the present disclosure, program code for executing computer programs provided by embodiments of the present disclosure may be written in any combination of one or more programming languages, and in particular, these computer programs may be implemented using high level procedural and/or object oriented programming languages, and/or assembly/machine languages. The programming language includes, but is not limited to, programming languages such as Java, C + +, python, the "C" language, or the like. The program code may execute entirely on the user computing device, partly on the user device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used in advantageous combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.
Claims (10)
1. A secure computing method, comprising:
acquiring a function calculation event according to function calculation operation of a user;
sending a calling request based on the function computing event, wherein the calling request comprises information of a target function to be triggered to execute;
if the target function is a confidential function, executing the target function in a confidential computing environment in response to the call request, wherein the confidential computing environment comprises a hardware encryption-based execution environment.
2. The method of claim 1, wherein if the objective function is a confidential function, prior to executing the objective function, the method further comprises:
creating a confidential function container based on the confidential computing environment;
deploying the objective function in the confidential function container.
3. The method of claim 2, wherein the sending a call request based on the function computation event comprises:
forwarding the call request to the confidential function container to execute the target function.
4. The method of claim 3, wherein the objective function is to process objective data, the executing the objective function in the confidential computing environment in response to the call request comprising:
decrypting the target function and/or the target data prior to executing the target function;
after executing the objective function, encrypting the objective function and/or the objective data.
5. The method of claim 3, wherein prior to sending the invocation request, the method further comprises:
analyzing the function calculation event and determining the target function;
and generating the calling request based on the target function.
6. The method of claim 1, wherein if the objective function is a non-confidential function, the method further comprises:
executing the objective function in the non-confidential computing environment in response to the call request.
7. A secure computing device, comprising:
the event trigger unit is used for acquiring a function calculation event according to the function calculation operation of a user;
the core engine unit is used for receiving the function calculation event sent by the event trigger unit and sending a calling request based on the function calculation event, wherein the calling request comprises information of a target function to be triggered and executed;
a confidential calculation unit for executing the target function in a confidential calculation environment in response to the call request if the target function is a confidential function, wherein the confidential calculation environment includes an execution environment based on hardware encryption.
8. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-6.
9. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method of any one of claims 1 to 6.
10. A computer program product comprising a computer program which, when executed by a processor, implements a method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210266609.8A CN114647868A (en) | 2022-03-16 | 2022-03-16 | Secure computing method, apparatus, device, medium, and program product |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210266609.8A CN114647868A (en) | 2022-03-16 | 2022-03-16 | Secure computing method, apparatus, device, medium, and program product |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114647868A true CN114647868A (en) | 2022-06-21 |
Family
ID=81995560
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210266609.8A Pending CN114647868A (en) | 2022-03-16 | 2022-03-16 | Secure computing method, apparatus, device, medium, and program product |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114647868A (en) |
-
2022
- 2022-03-16 CN CN202210266609.8A patent/CN114647868A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111541785B (en) | Block chain data processing method and device based on cloud computing | |
| US11720410B2 (en) | Secure service isolation between instances of cloud products using a SaaS model | |
| CN112119374A (en) | Selectively providing mutual transport layer security using alternate server names | |
| US20230259386A1 (en) | Data processing method based on container engine and related device | |
| US11082219B2 (en) | Detection and protection of data in API calls | |
| CN103748556A (en) | Communication with a virtual trusted runtime bios | |
| CN102411693A (en) | Inherited Product Activation For Virtual Machines | |
| CN112948900A (en) | Method and device for acquiring data under link applied to block chain system | |
| CN115668147A (en) | Preventing unauthorized deployment of packages in a cluster | |
| CN116491104A (en) | Container-based cryptographic hardware security module management | |
| US10984108B2 (en) | Trusted computing attestation of system validation state | |
| CN113544674A (en) | Secure execution client owner control for secure interface controls | |
| Syed et al. | Towards secure instance migration in the cloud | |
| US20220114023A1 (en) | Infrastructure as code deployment mechanism | |
| CN114586032B (en) | Secure workload configuration | |
| US20230082851A1 (en) | Open-source container data management | |
| CN114647868A (en) | Secure computing method, apparatus, device, medium, and program product | |
| US20210281561A1 (en) | Certification for connection of virtual communication endpoints | |
| CN116249980A (en) | Software access through heterogeneous encryption | |
| KR102411144B1 (en) | Method and system for remote terminal access through application of communication module during boot | |
| US20230037986A1 (en) | Autoencryption system for data in a container | |
| US11907405B2 (en) | Secure data storage device access control and sharing | |
| US11645092B1 (en) | Building and deploying an application | |
| Mohan et al. | Research in cloud computing-an overview | |
| CN114301695A (en) | Data transmission method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |