CN116167040A - Debug permission control method based on security certificate and security chip - Google Patents
Debug permission control method based on security certificate and security chip Download PDFInfo
- Publication number
- CN116167040A CN116167040A CN202111407821.3A CN202111407821A CN116167040A CN 116167040 A CN116167040 A CN 116167040A CN 202111407821 A CN202111407821 A CN 202111407821A CN 116167040 A CN116167040 A CN 116167040A
- Authority
- CN
- China
- Prior art keywords
- security
- certificate
- security certificate
- chip
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a debug permission control method based on a security certificate and a security chip, wherein the method comprises the steps of obtaining the security certificate through a preset debug interface, decrypting the security certificate by using an encryption and decryption module, and obtaining at least one piece of security authentication information of the security certificate; the security certificate authentication module is used for verifying the security authentication information, if the security authentication information passes the verification, the debug mode information in the security certificate is obtained, and the debug authority control module sets a hardware access and/or debug authority of the security chip according to the debug mode information; the encryption and decryption module, the security certificate authentication module and the debugging authority control module are all hardware circuit modules arranged in the security chip. The security chip comprises a memory, an encryption and decryption module, a security certificate authentication module and a debugging authority control module. The invention can improve the convenience of safety debugging of the safety chip and reduce the cost of safety debugging.
Description
Technical Field
The invention relates to the field of debugging of a security chip, in particular to a security certificate-based debugging authority control method and a security chip for realizing the method.
Background
The electronic device often needs to use a security chip, which is a trusted module, usually a device capable of independently generating and encrypting and decrypting a key, and has an independent processor and a storage unit inside. After an enterprise purchases a security chip, it is often necessary to use the security chip for debugging, referred to as "secure debugging". Secure debugging is an important issue for current secure chip applications. Currently, internet technology development is gradually changed, and applications such as user privacy, data security, secure payment and the like have higher requirements on secure debugging.
The security debugging is to make the security chip in the debugging mode to protect the resources and contents inside the security chip and make them safe and not attacked by the attacker by using the debugging interface. The main technical difficulty of secure debugging is to be compatible with security and debugging requirements, because the debugging interface is to meet the debugging requirements of each stage of the chip, and how to determine the current authority of the debugging interface according to the state of the chip is a difficulty.
In the process of secure debugging, efficient and secure protection needs to be realized at the initiating terminal, the transmission path, the storage path and the destination terminal of the data. Wherein security commissioning is the back door protection of the above system, the whole security system is compromised if there is a significant security problem with this back door. Therefore, it is necessary to set debug rights, such as access rights of various hardware resources in the security chip, a path of a transmission path, and the like, before security debugging.
Some existing secure debugging is implemented based on a cloud server, for example, the current debugging authority is obtained through the cloud server, or the debugging authority is controlled through a secure certificate, for example, a secure certificate is generated through a preset tool, the debugging authority is set through the secure certificate, and generally, the secure certificate has a fixed life cycle, namely, a fixed service life, and once the service life is exceeded, the secure certificate cannot be used continuously. However, this approach is inconvenient for secure debugging, since secure debugging often needs to be performed multiple times, which would be disadvantageous if a fixed period of time was set.
In addition, when the existing secure debugging sets the debugging rights, many participants often exist, resulting in higher cost of secure debugging. In addition, the authentication of many existing security certificates is realized based on software arranged in a security chip, cloud participation is needed, so that the security debugging cost is high, and the resource requirements of the security certificates are high, and generally, the security certificates are in a size of several MB. And if the authentication of the security certificate is realized by using software, once the authentication software of the security chip is uploaded to the cloud server, the risk of software program leakage exists, and the security of security debugging is affected.
Disclosure of Invention
The first object of the present invention is to provide a security certificate-based debug right control method which can be realized at low cost and has high security.
A second object of the present invention is to provide a security chip that can be applied to security debugging and is low in cost and flexible in debugging.
In order to achieve the first object of the present invention, the method for controlling the debug permission based on the security certificate provided by the present invention includes obtaining the security certificate through a preset debug interface, decrypting the security certificate by using an encryption and decryption module, and obtaining at least one piece of security authentication information of the security certificate; the security certificate authentication module is used for verifying the security authentication information, if the security authentication information passes the verification, the debug mode information in the security certificate is obtained, and the debug authority control module sets a hardware access and/or debug authority of the security chip according to the debug mode information; the encryption and decryption module, the security certificate authentication module and the debugging authority control module are all hardware circuit modules arranged in the security chip.
According to the scheme, the encryption and decryption module, the security certificate authentication module and the debugging authority control module in the security chip are all hardware modules, and the authentication process of the security certificate is not required to be connected with the Internet, namely, off-line authentication is realized, so that the problem that the security authentication program is leaked due to the fact that the software program is transmitted to the Internet is solved. And, because the security certificate is authenticated through hardware, the data volume of the security certificate is small, and the resource used by the security certificate is small.
On the other hand, since the security debugging does not involve a large number of participants, the production process of the security certificate does not need to involve a large number of participants, and the cost of the security certificate production can be reduced, thereby reducing the cost of the security debugging. And the storage resources occupied by the security certificate are fewer, so that the cost of the security chip can be reduced.
The preferred scheme is that before decrypting the security certificate, the identification of the security certificate is obtained, whether the identification of the security certificate meets the preset requirement is judged, and if not, the security certificate is not decrypted.
Therefore, when the security certificate is authenticated by writing the identifier meeting the requirements, whether the security certificate meets the most basic requirements can be rapidly judged by judging whether the identifier of the security certificate meets the preset requirements or not, and if not, the authentication program is directly exited, so that the calculation amount of subsequent authentication is reduced.
Further, if at least one piece of security authentication information of the security certificate is not verified, the authentication process is exited, and the number of times of the recorded authentication failure is increased once.
Further, after the number of authentication failures recorded is increased once, the method further comprises the steps of: and judging whether the times of authentication failure reach a preset threshold value, if so, resetting the security chip.
Therefore, if the security chip is authenticated in a plurality of failures, the security chip is reset to ensure the data security of the security chip, so that the data security of the security chip is effectively ensured.
In a preferred scheme, the security certificate is generated by using a preset security certificate making device, and when the security certificate is generated, the security certificate making device acquires target security authentication information recorded by the security chip and generates the security certificate according to the target security authentication information.
Therefore, when the security certificate is manufactured, corresponding target security authentication information is obtained from the security chip and written into the security certificate, and when the security certificate is authenticated, the consistency of the security authentication information in the security certificate and the target security authentication information can be compared, so that the authenticity of the security certificate can be rapidly confirmed.
In a further aspect, the security authentication information includes at least one of: chip unique identification, count value of counter, debug mode.
Further, the debug mode information is at least one of a plurality of debug modes set in advance.
Therefore, when the security chip is generated, one or more of the preset multiple debugging modes are selected and written into the security chip, so that the security chip can meet the requirement of debugging authority control.
In order to achieve the second objective, the present invention provides a security chip, which includes a memory, an encryption/decryption module, a security certificate authentication module, and a debug authority control module, wherein the memory is used for storing a security certificate obtained through a preset debug interface; the encryption and decryption module is used for decrypting the security certificate to obtain at least one piece of security authentication information of the security certificate; the security certificate authentication module is used for verifying the security authentication information, and if the security authentication information passes the verification, the debug mode information in the security certificate is obtained; the debugging authority control module is used for setting a hardware access and/or debugging authority of the security chip according to the debugging mode information; the encryption and decryption module, the security certificate authentication module and the debugging authority control module are all hardware circuit modules arranged in the security chip.
Drawings
FIG. 1 is a block diagram of a security chip embodiment of the present invention and a security certificate, security certificate loading interface.
FIG. 2 is a first portion of a flow chart of an embodiment of a security certificate based debug rights control method of the present invention.
FIG. 3 is a second part of a flow chart of an embodiment of a security certificate based debug rights control method of the present invention.
The invention is further described below with reference to the drawings and examples.
Detailed Description
The method for controlling the debugging authority based on the security certificate is mainly used for debugging the security chip, for example, the security chip is connected with the host computer through the debugging, the security certificate is transmitted to the security chip, and after the security certificate is authenticated through the security chip, the corresponding debugging authority is controlled.
Secure chip embodiment:
referring to fig. 1, a memory 21, an encryption/decryption module 22, a security certificate authentication module 23, and a debug authority control module 24 are provided in a security chip 20 of the present embodiment, and a security certificate 10 is generated by a preset security certificate generation device, for example, a known security certificate generation device is used for generation. Preferably, when the security certificate is generated using the security certificate generation device, the security certificate generation device is connected to the security chip, and acquires the target security authentication information recorded by the security chip from the security chip, and generates the security certificate in accordance with the target security authentication information.
Preferably, the target security authentication information may include one or more of a chip unique identifier, a count value of a counter, and a debug mode, and when the security chip is manufactured, the security certificate manufacturing device obtains one or more target security authentication information, and writes the target security authentication information into the security certificate according to a preset rule to form security authentication information of the security certificate.
Preferably, when the security certificate is generated, the debugging enterprise selects one of a plurality of debug modes according to actual debug requirements, and selects the required debug mode through the security certificate making device so that information of the debug mode is recorded in the generated security certificate.
Further, the security certificate should meet certain requirements in design: firstly, the security certificate itself needs to have a signature characteristic, i.e. the security certificate itself needs to sign the whole security certificate by using an asymmetric algorithm; secondly, the security certificate itself needs to have a hash value of the whole security certificate for checking the integrity of the security certificate in the transmission process; finally, the security certificate needs to contain at least 5 pieces of information inside, such as certificate version, count value of counter, unique identification of security chip, signature data of security certificate, and information of debug mode. Specifically, the constitution of the security certificate designed in this embodiment is described below with reference to table 1.
TABLE 1
| Security certificate identification |
| Security certificate length |
| Version number of security certificate header |
| Device type of security chip |
| Signature type of security certificate |
| Version number of security certificate |
| Debug mode |
| ID of SOC |
| Public key information |
| Length of signature information of security certificate |
| Reserved area |
| Signature information of security certificate |
As can be seen from table 1, the security certificate includes a plurality of fields, specifically including a security certificate identification, a security certificate length, a version number of a security certificate header, a device type of a security chip, a signature type of a security certificate, a version number of a security certificate, a debug mode, an ID of an SOC, public key information, a length of signature information of a security certificate, a reserved area, signature information of a security certificate, and the like.
For example, the security certificate identification has a value of 0x12345678, which may be generated from the unique identification of the security chip, indicating that the security certificate is applicable to the security chip. The security certificate length is head_len, indicating the size of the entire security certificate. The version number head_version of the security certificate header is a preset fixed value, and the device type Soc Specific of the security chip indicates the type of the security chip to which the security certificate is applicable. The signature type sign_type of the security certificate is used to indicate which type of signature the security certificate uses. For example, the security certificate may use two types of signatures, such as RSA or ECC. The version number cert_nvc of the security certificate is used to represent a specific version number of the full certificate. The ID of the SOC, i.e., the soc_id, is used to store the hash value of the ID of the secure chip for verifying the security certificate. Public key information public_key is used to store the related data of the Public key. Typically, the security chip will only use RSA or ECC signatures, and this embodiment shares the same structure with the public keys of RSA and ECC. The length sign_len of the signature information of the security certificate indicates the length of the signature of the security certificate, the reserved area Reserve does not store information and is reserved for subsequent use, and the signature information Sign of the security certificate stores the signature information of the security certificate and is used for authentication of the security certificate.
In addition, a counter is arranged in the security certificate, and the counter is a unidirectional irreversible counter, and the count value of the counter is self-increased once each time the security certificate is read.
Preferably, a part of information in the security certificate is encrypted information, for example, a version number of a security certificate header, a device type of the security chip, an ID of the SOC, a count value of the counter, etc., which is required to be obtained after decryption by the security chip. For example, the encryption and decryption module 22 of the security chip uses a public key in the security certificate and decrypts by using a private key stored in the encryption and decryption module 22, so as to obtain decrypted information, and the security certificate authentication module performs comparison verification on the encrypted information, so as to confirm whether the security certificate passes authentication.
In this embodiment, the security chip may preset a plurality of debug modes, each including a different hardware path and debug permission control, that is, each debug mode includes two dimensions of hardware path and debug permission control. Specifically, the preset debug mode may include multiple types, for example, a mode including all open debug rights and all close debug rights, and a mode including open local rights. In this embodiment, in order to meet different debug scenarios, the preset debug mode is designed as finely as possible, for example, the debug rights under different scenarios need to be supported, and table 2 is an illustration of several debug modes.
TABLE 2
Therefore, the security certificate is a private security certificate, the debugging enterprises can set a debugging mode according to actual debugging requirements, the security certificate does not have a service life, and the debugging enterprises can conveniently and flexibly debug the security chip.
Debug permission control method embodiment based on security certificate:
the flow of security chip security debugging is described below in conjunction with fig. 2 and 3. After the debugging enterprises use the security certificate making apparatus to generate the security certificates, as shown in fig. 1, the security certificates 10 are loaded into the memory 21 of the security chip 20 using the security certificate loading interface 15. The security certificate loading interface 15 may be an interface such as JTAG or SW, or an external interface such as UART or USB.
After the security certificate 10 is loaded into the memory 21, the security chip 20 performs step S1 to acquire the identification of the security certificate, that is, to acquire the first column information in table 1, and to determine whether the identification of the security certificate satisfies the preset requirement. When the security certificate is generated, the security certificate making device acquires the unique identification information of the security chip from the security chip and generates the identification of the security chip by using the unique identification information of the security chip, so that the identification of the security chip has a corresponding relationship with the unique identification of the security chip, namely, the preset requirement is met. If the identification of the security certificate does not meet the preset requirement, that is, there is no corresponding relation between the identification of the security certificate and the unique identification of the security chip, the security is considered to be the security certificate generated based on the security chip, so when the judgment result in the step S1 is no, the authentication of the security certificate is directly exited, the setting of the debugging authority is not performed, and the security chip does not execute the debugging operation.
If the identification of the security certificate meets the preset requirement, step S2 is executed to identify the signature type in the security certificate and the size of the security certificate, that is, or the signature type information of the security certificate and the size information of the security certificate. Next, step S3 is executed to obtain public key information in the security certificate, and the public key of the security certificate is used to drive the encryption/decryption module 22 to verify the signature of the security certificate. At this time, the secure chip performs step S4, the encryption and decryption module 22 decrypts the secure certificate, specifically, the encryption and decryption module 22 obtains public key information in the secure certificate 10, decrypts the encrypted information of the secure certificate using the public key information, and obtains the decrypted information, for example, obtains information such as a version number of a header of the secure certificate, a device type of the secure chip, an ID of the SOC, a count value of the counter, and the like, and obtains information such as a debug mode and the like.
And then, verifying the plurality of security authentication information in the security certificate one by one respectively, specifically, executing step S5, judging whether the file header of the security certificate passes verification, namely judging whether the version number of the security certificate header is consistent with the file header of the security certificate stored in the security chip, if so, executing step S6, otherwise, executing step S9, exiting the authentication program of the security certificate and recording the authentication failure times, namely, increasing the recorded authentication failure times once.
In step S6, it is determined whether the cure characteristic information of the security certificate passes the verification, for example, whether the device type information of the security chip is identical to the device type information stored in the security chip memory, if not, step S9 is performed, and if so, step S7 is performed to determine whether the count value of the counter of the security chip passes the verification. Since the security chip producing device is connected to the security chip when the security certificate is generated, the security chip will record the count value of the counter in the security certificate, and if the count value of the counter of the security certificate is smaller than the count value recorded by the security chip, it means that the count value has been tampered with, step S9 is performed. If the count value of the counter in the security certificate is greater than the count value recorded by the security chip, the count value of the counter of the security certificate is considered to pass the verification, step S8 is executed, the unique identification of the security chip recorded by the security certificate is obtained, whether the unique identification of the security chip recorded by the security certificate passes the verification is judged, if so, step S12 is executed, and if not, step S9 is executed. It can be seen that, after the security certificate authentication module 23 reads the plurality of security authentication information, the obtained security authentication information is compared with the target security authentication information stored in the security chip, if the obtained security authentication information is consistent or meets the requirement, the security authentication information passes the verification, otherwise, if any security authentication information does not pass the verification, step S9 is executed, the authentication program is exited, and the information of one authentication failure is recorded.
Then, step S10 is executed to determine whether the number of security authentication failures recorded by the security chip exceeds a preset number, if yes, step S11 is executed to reset the security chip, otherwise, the process is directly ended. Therefore, the security chip is reset, so that the security chip can be prevented from being maliciously debugged, and the security of the data stored by the security chip is ensured.
If all the security authentication information of the security chip passes the verification, step S12 is executed to obtain the information of the debug mode in the security certificate. Since the debug mode is one or more of the preset plurality of debug modes, that is, one or more of the allowable debug modes set by the secure chip, in step S13, debug rights are set according to the obtained debug mode, for example, debug rights corresponding to the debug mode determined in table 2, and each hardware path of the secure chip and corresponding debug rights are set.
Therefore, the debugging enterprises can set the debugging authority of the security chip according to the actual debugging requirements, and write the required debugging authority into the security certificate when the security certificate is manufactured so as to meet the debugging requirements. In addition, the authentication process of the security certificate in the security chip is realized off-line, namely, the security of the security certificate authentication can be greatly improved without passing through the Internet or a cloud server or using a software program for authentication.
Finally, it should be emphasized that the present invention is not limited to the above embodiments, for example, the specific steps of the security certificate generation device when generating the security certificate, or the types of debug modes recorded by the security chip, the changes of the debug rights corresponding to the debug modes, etc., and these changes should also be included in the protection scope of the claims of the present invention.
Claims (10)
1. The method for controlling the debugging authority based on the security certificate is characterized by comprising the following steps:
the method comprises the steps of obtaining a safety certificate through a preset debugging interface, decrypting the safety certificate by using an encryption and decryption module, and obtaining at least one piece of safety authentication information of the safety certificate;
verifying the security authentication information by using a security certificate authentication module, and if the security authentication information passes verification, acquiring debugging mode information in the security certificate, wherein a debugging authority control module sets a hardware access and/or a debugging authority of a security chip according to the debugging mode information;
the encryption and decryption module, the security certificate authentication module and the debugging authority control module are all hardware circuit modules arranged in the security chip.
2. The security certificate-based debug rights control method as set forth in claim 1, wherein:
before decrypting the security certificate, acquiring the identifier of the security certificate, judging whether the identifier of the security certificate meets the preset requirement, and if not, not decrypting the security certificate.
3. The security certificate-based debug rights control method according to claim 1 or 2, wherein:
if at least one of the security authentication information of the security certificates fails verification, the authentication process is exited and the number of recorded authentication failures is increased once.
4. A security certificate-based debug rights control method as set forth in claim 3, wherein:
after increasing the number of recorded authentication failures once, further performing: and judging whether the times of authentication failure reach a preset threshold value, if so, resetting the security chip.
5. The security certificate-based debug rights control method according to claim 1 or 2, wherein:
the security certificate is generated by using a preset security certificate manufacturing device, and when the security certificate is generated, the security certificate manufacturing device acquires target security authentication information recorded by the security chip and generates the security certificate according to the target security authentication information.
6. The security certificate-based debug rights control method according to claim 1 or 2, wherein:
the security authentication information includes at least one of: chip unique identification, count value of counter, debug mode.
7. The security certificate-based debug rights control method according to claim 1 or 2, wherein:
the debug mode information is at least one of a plurality of debug modes set in advance.
8. A security chip, comprising:
the memory is used for storing the security certificate acquired through a preset debugging interface;
the encryption and decryption module is used for decrypting the security certificate and acquiring at least one piece of security authentication information of the security certificate;
the security certificate authentication module is used for verifying the security authentication information, and if the security authentication information passes the verification, the debug mode information in the security certificate is obtained;
the debugging authority control module is used for setting a hardware access and/or debugging authority of the security chip according to the debugging mode information;
the encryption and decryption module, the security certificate authentication module and the debugging authority control module are all hardware circuit modules arranged in the security chip.
9. The security chip of claim 8, wherein:
before the encryption and decryption module decrypts the security certificate, the identification of the security certificate is obtained, whether the identification of the security certificate meets the preset requirement is judged, and if not, the security certificate is not decrypted.
10. The security chip of claim 8 or 9, wherein:
the security certificate authentication module exits the authentication process and increases the number of recorded authentication failures once when at least one of the security authentication information of the security certificate fails to pass verification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111407821.3A CN116167040A (en) | 2021-11-24 | 2021-11-24 | Debug permission control method based on security certificate and security chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111407821.3A CN116167040A (en) | 2021-11-24 | 2021-11-24 | Debug permission control method based on security certificate and security chip |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116167040A true CN116167040A (en) | 2023-05-26 |
Family
ID=86413744
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111407821.3A Pending CN116167040A (en) | 2021-11-24 | 2021-11-24 | Debug permission control method based on security certificate and security chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116167040A (en) |
-
2021
- 2021-11-24 CN CN202111407821.3A patent/CN116167040A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2020192406A1 (en) | Method and apparatus for data storage and verification | |
| CN105144626B (en) | The method and apparatus of safety is provided | |
| US7082539B1 (en) | Information processing apparatus | |
| CN107004083B (en) | Device key protection | |
| CN100578473C (en) | Embedded system and method for increasing embedded system security | |
| KR20190063264A (en) | Method and Apparatus for Device Security Verification Utilizing a Virtual Trusted Computing Base | |
| US20140025944A1 (en) | Secure Storage and Signature | |
| US20150317495A1 (en) | Protecting Critical Data Structures in an Embedded Hypervisor System | |
| US9449193B2 (en) | Information processing apparatus | |
| CN112311718B (en) | Method, device, equipment and storage medium for detecting hardware | |
| EP2503482A1 (en) | Electronic device with flash memory component | |
| US9152576B2 (en) | Mode-based secure microcontroller | |
| KR20210128016A (en) | Local Ledger Blockchain for Security Updates | |
| KR20210134054A (en) | Local Ledger Blockchain for Secure Electronic Control Unit Updates | |
| CN109445705A (en) | Firmware authentication method and solid state hard disk | |
| CN105893837A (en) | Application program installation method, security encryption chip and terminal | |
| CN111147259B (en) | Authentication method and device | |
| JP2008005408A (en) | Recorded data processing apparatus | |
| CN104077243A (en) | SATA hard disc device encryption method and system | |
| CN110659522B (en) | Storage medium security authentication method and device, computer equipment and storage medium | |
| CN115062330B (en) | TPM-based intelligent password key password application interface implementation method | |
| KR20210132730A (en) | How to use memory as a block in a blockchain | |
| CN114816549B (en) | Method and system for protecting bootloader and environment variable thereof | |
| CN108345804B (en) | Storage method and device in trusted computing environment | |
| CN116167040A (en) | Debug permission control method based on security certificate and security chip |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |