CN117648703A - Data controllable use method - Google Patents
Data controllable use method Download PDFInfo
- Publication number
- CN117648703A CN117648703A CN202311241074.XA CN202311241074A CN117648703A CN 117648703 A CN117648703 A CN 117648703A CN 202311241074 A CN202311241074 A CN 202311241074A CN 117648703 A CN117648703 A CN 117648703A
- Authority
- CN
- China
- Prior art keywords
- data
- security domain
- private key
- key
- tpm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 90
- 230000008569 process Effects 0.000 claims abstract description 43
- 238000005259 measurement Methods 0.000 claims description 14
- 230000005540 biological transmission Effects 0.000 claims description 3
- 230000000694 effects Effects 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 6
- 238000005192 partition Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000001514 detection method Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000008676 import Effects 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000002716 delivery method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000011112 process operation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Abstract
The embodiment of the invention discloses a controllable data use method which is operated by a data user, and the data user can only process asymmetrically encrypted data delivered by a data provider in a preset security domain by implementing the method provided by the embodiment of the invention. The data, although visible, cannot be written out of the security domain, i.e., the data in the security domain can only be read by a process but cannot be written into a file outside the security domain, thereby avoiding the possibility of the original data being revealed by the data consumer. Moreover, the controllable data use method is realized based on the conventional TPM, LSM and asymmetric encryption technology, and high efficiency and high compatibility of the method are ensured. The traditional data processing application can achieve the effect of privacy protection without changing any source code.
Description
Technical Field
The invention relates to the technical field of software engineering, in particular to a data controllable use method.
Background
The TPM is an abbreviation for trusted platform module (Trusted Platform Module), the core of which is to provide hardware-based security-related functionality. The TPM chip is a secure encryption processor intended to perform cryptographic related operations. The TPM chip contains multiple physical security mechanisms to make it tamper-resistant, and malware cannot tamper with the security functions of the TPM.
The TPM can generate a key, for example, referred to as an A key, which consists of an A public key and an A private key. Wherein the A private key is generated by the TPM in combination with the system's metric value, and cannot be obtained by anyone. Wherein the metric is an integrity metric generated at system start-up and stored in the TPM. When the hardware, firmware and any functional modules are tampered, the metric value changes, and the metric value is not matched with the A key, so that the file encrypted by the A key cannot be decrypted. The TPM ensures that the A key can only be used if the various system components on which the present invention relies are all booted in the correct manner. Meanwhile, the TPM comprises a function of decrypting and restoring the ciphertext encrypted by the A key.
Full disk encryption technology (LUKS): all data in a disk partition is encrypted with a B key consisting of a B public key and a B private key.
The security domain refers to one or more disk partitions encrypted using the same set B of keys. For processes that own the B private key device, the security domain is completely transparent to the process. Any attacker without the B private key can not decrypt the encrypted data even if cracking the disk, so that the data security is ensured.
The LSM is a Linux security module (Linux Security Modules) that supports functions of checking whether a user operation satisfies a defined security policy, including several tens of operations such as file opening, closing, and the like. If the user operation does not conform to the security policy, such as opening a file outside the security domain, the LSM may disable the operation.
Privacy computing scenarios: assuming that the data provider has the original data, the data provider needs to send the original data to the data user for processing and treatment to obtain a result file. But the original data cannot be leaked throughout the process.
Aiming at the problem of how to prevent the data user from disfiguring to cause the original data leakage in the related art, no effective solution is proposed at present.
Disclosure of Invention
Aiming at the technical defects in the prior art, the embodiment of the invention aims to provide a data controllable use method so as to prevent the problem that the original data is leaked due to disuse of a data user.
To achieve the above object, an embodiment of the present invention provides a method for controllably using data, where the method is operated by a data user, and the method includes:
transmitting a first public key to a data provider, wherein the first public key and a first private key form a pair of first asymmetric keys, the first asymmetric keys are generated by a TPM according to a measurement value of a system, and the first private key is stored in the TPM;
receiving first encrypted data sent by the data provider, wherein the first encrypted data is a result obtained by encrypting a second private key by adopting the first public key, the second private key and the second public key form a pair of second asymmetric keys, and the second asymmetric keys are provided by the data provider;
invoking the TPM to decrypt the first encryption result by using a first private key to obtain a second private key, and taking the second asymmetric private key as a security domain key of a preset security domain;
receiving second encrypted data delivered by the data provider, and importing the second encrypted data into the preset security domain; the second encrypted data is a result obtained by encrypting the original data by adopting a second public key;
receiving an operation request of a process on second encrypted data in the preset security domain;
and responding to the operation request, calling the second private key to decrypt the second encrypted data to obtain the original data, and allowing the process to controllably use the original data in the preset security domain according to the operation request.
Further, the operation request is a read request or a write request.
Further, allowing the process to controllably use the original data in the preset security domain according to the operation request, including:
when the process performs read operation or write operation on the original data in the preset security domain, the process is not allowed to open the file outside the preset security domain in a write operation mode.
Further, before sending the first public key to the data provider, the method further comprises:
and (3) finishing system initialization, and storing the measurement value of the system into the TPM.
Further, the method further comprises:
and verifying whether the measurement value of the system is legal or not, and if so, returning an error.
Further, the data provider delivers the second encrypted data by means of a hardware copy or a network transmission.
Further, the method further comprises:
after the second private key is obtained, the second private key is stored in a memory file of the daemon.
Further, the method further comprises:
and if the second private key is reused after the system is restarted, storing the first encrypted data in a file system.
Further, the method further comprises:
the TPM additionally generates a first asymmetric key certificate according to the measurement value of the system, wherein the first asymmetric key certificate is a signature containing the measurement value of the system, which is given by the TPM;
and sending the first asymmetric key certificate to the data provider so that the data provider can verify that the first public key is legal according to the first asymmetric key certificate.
Further, the content of the metric metrics of the system includes hardware, firmware, and various functional modules.
Further, the method further comprises:
adding preset category data in the preset security domain to a white list;
and when the process performs read operation or write operation on the preset category data in the white list in the preset security domain, allowing the process to open the file outside the preset security domain in a write operation mode.
By implementing the method provided by the embodiment of the invention, the data user can only process the asymmetrically encrypted data delivered by the data provider in a preset security domain. The data, although visible, cannot be written out of the security domain, i.e., the data in the security domain can only be read by a process but cannot be written into a file outside the security domain, thereby avoiding the possibility of the original data being revealed by the data consumer.
Moreover, the controllable data use method is realized based on the conventional TPM, LSM and asymmetric encryption technology, and high efficiency and high compatibility of the method are ensured. The traditional data processing application can achieve the effect of privacy protection without changing any source code.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
FIG. 1 is a schematic diagram of data interaction between a data provider and a data consumer in a practical environment provided by an embodiment of the present invention;
FIG. 2 is a schematic flow chart of a method for data controllable use according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a data provider and a data consumer according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be understood that the terms "comprises" and "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
It is noted that unless otherwise indicated, technical or scientific terms used herein should be given the ordinary meaning as understood by one of ordinary skill in the art to which this invention pertains.
As shown in fig. 1, the actual environment described in this embodiment includes two parties, namely, a data provider and a data consumer, which are corresponding system terminals. The data provider provides data, the data user processes and processes the data in the set security domain, the data can not be written out of the security domain although the data is visible, and the data is not allowed to be written into a part outside the security domain, namely, the data in the security domain can only be read by an application process but not written into a file outside the security domain.
A security domain is a logical concept, meaning a storage, computing unit protected by a corresponding key and encryption algorithm, and may include one or more disk partitions encrypted using the same set of keys. The security domain may be specified by the data user by itself or by the data provider, for example, a certain disk partition or the whole disk may be used as the security domain. After the security domain is configured, all data within the security domain is encrypted using a second asymmetric key, which is generated and imported by the data provider, using a full disk encryption technique (LUKS).
It should be noted that, in the case of no conflict, the embodiments and features in the embodiments may be combined with each other. The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
As shown in fig. 2, the present embodiment provides a flowchart of a method for controllable use of data, where the method is operated by a data user. Specifically, the method comprises the following steps:
step S110: and sending a first public key to the data provider, wherein the first public key and a first private key form a pair of first asymmetric keys, the first asymmetric keys are generated by a TPM according to the measurement value of the system, and the first private key is stored in the TPM.
As shown in fig. 3, the data consumer includes a utility module, a daemon module, and a kernel module. Wherein the utility module is a tool for user operation, configuration, which provides operations such as initializing security domains, expanding security domains, deleting security domains, exporting data from security domains, etc.
The daemon module is a daemon running in the system, the functions including initializing the system, handling related operations for the utility module, providing configuration for the kernel regarding the security domain, and communicating with the data provider.
The kernel module is an LSM module which runs in the kernel after the Linux kernel is modified. The kernel module checks the read-write operation of the process to the file according to the configuration given by the daemon module. The LSM module does not change the process, only judges the process operation, and only can write in the security domain by one process reading the data in the security domain.
The realization of the method depends on the measurement start of the TPM, and after the system initialization of the data user is completed, including after the system is restarted, the daemon module stores the measurement value of the system into the TPM. The content of the metric value measurement of the system comprises hardware, firmware and various functional modules. The TPM generates a pair of first asymmetric keys according to the metric value of the system, wherein the first asymmetric keys comprise a first public key and a first private key, the first private key is stored in the TPM, and any third party except the TPM cannot acquire the first private key.
Further, in order for the data provider to verify that the first public key was generated by the TPM and that the system metric is legitimate, and cannot be counterfeited by anyone else, the TPM additionally generates a first asymmetric key certificate based on the system metric, the first asymmetric key certificate being a signature given by the TPM that contains the system metric.
The daemon module synchronously sends the first asymmetric secret key certificate and the first public key to the data provider, and the data provider can verify the first public key according to the first asymmetric secret key certificate to ensure the authenticity of the first public key.
After the system is started, the daemon module verifies whether the measurement value of the system is legal or not, and if so, an error is returned. If the system hardware, the operating system and/or the functional module are tampered, the metric value of the system is different from the metric value after the system initialization is completed.
Step S120: and receiving first encrypted data sent by the data provider, wherein the first encrypted data is a result obtained by encrypting a second private key by adopting the first public key, the second private key and the second public key form a pair of second asymmetric keys, and the second asymmetric keys are provided by the data provider.
The data provider generates or imports a pair of second asymmetric keys through the setting module and transmits the second asymmetric keys to the server module, wherein the second asymmetric keys comprise a second public key and a second private key. The server module encrypts the second private key with the first public key to obtain first encrypted data, and sends the first encrypted data to the daemon module.
Step S130: and invoking the TPM to decrypt the first encryption result by using the first private key to obtain a second private key, and taking the second asymmetric private key as a security domain key of a preset security domain.
After the daemon module receives the first encrypted data, the decryption function of the TPM is invoked to decrypt the first encrypted data through the first private key to obtain a second private key, and the second private key is stored in a memory file of the daemon process. In the starting operation process of the daemon, the system allocates virtual memory for the daemon, when the daemon is closed, the virtual memory is cleaned by the system, and a data user cannot directly acquire data from the virtual memory. Therefore, the second private key obtained by decryption is stored in the memory file of the daemon, so that the second private key can be prevented from being stolen by a data user, and the second private key is prevented from being compromised.
Alternatively, the first encrypted data may be stored in the file system if the second asymmetric key needs to be reused after the data consumer system is restarted.
The data usage then initiates a request to the utility module, which specifies a security domain scope via the daemon module and uses the second asymmetric key as the security domain key for the security domain. The daemon module configures the security domain information to the kernel module at the same time to finish the initialization of the security domain.
Step S140: receiving second encrypted data delivered by the data provider, and importing the second encrypted data into the preset security domain; the second encrypted data is a result obtained by encrypting the original data by adopting a second public key.
The data provider delivers the second encrypted data, which is obtained by encrypting the original data with the second public key, to the data consumer, wherein the delivery method includes, but is not limited to, copying through hardware, network transmission, etc., and the embodiment is not limited.
After the data consumer receives the second encrypted data, it invokes the utility module, which will import the second encrypted data into the security domain corresponding to the second asymmetric key via the daemon module.
Step S150: and receiving an operation request of a process on the second encrypted data in the preset security domain.
Step S160: and responding to the operation request, calling the second private key to decrypt the second encrypted data to obtain the original data, and allowing the process to controllably use the original data in the preset security domain according to the operation request.
Specifically, the operation request is a read request or a write request.
After receiving an operation request of the process for the second encrypted data in the preset security domain, the kernel module performs controllable use supervision on the operation of the process, and specifically, when the process performs a read operation or a write operation on the original data in the preset security domain, the process is not allowed to open the file outside the preset security domain in a write operation mode.
Further, the method further comprises:
step S170: and adding the preset category data in the preset security domain to a white list.
It should be noted that the intermediate data and the result data after processing and processing of the process in the secure domain should also be in the same secure domain.
After the data in the security domain is analyzed and processed, the generated result file needs to be delivered to a data provider. To prevent the resulting file from revealing privacy, the security policy of the data provider is violated, which moves out that authorization of the data provider needs to be obtained. At this time, a white list configuration function in the kernel module needs to be applied, for example, the result file may be added to the white list.
Step S180: and when the process performs read operation or write operation on the preset category data in the white list in the preset security domain, allowing the process to open the file outside the preset security domain in a write operation mode.
For example, the result file is added to the white list, and after the process opens the result file in the white list, the kernel module no longer tracks the process, i.e., allows the process to write open the file outside the secure domain, thereby allowing the result data to be written into the file outside the full domain.
In summary, by implementing the method provided by the embodiment of the invention, the data user can only process the asymmetrically encrypted data delivered by the data provider in the preset security domain. The data, although visible, cannot be written out of the security domain, i.e., the data in the security domain can only be read by a process but cannot be written into a file outside the security domain, thereby avoiding the possibility of the original data being revealed by the data consumer.
Moreover, the controllable data use method is realized based on the conventional TPM, LSM and asymmetric encryption technology, and high efficiency and high compatibility of the method are ensured. The traditional data processing application can achieve the effect of privacy protection without changing any source code.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.
Claims (10)
1. A method of data controllable use, the method operating on a data consumer, the method comprising:
transmitting a first public key to a data provider, wherein the first public key and a first private key form a pair of first asymmetric keys, the first asymmetric keys are generated by a TPM according to a measurement value of a system, and the first private key is stored in the TPM;
receiving first encrypted data sent by the data provider, wherein the first encrypted data is a result obtained by encrypting a second private key by adopting the first public key, the second private key and the second public key form a pair of second asymmetric keys, and the second asymmetric keys are provided by the data provider;
invoking the TPM to decrypt the first encryption result by using a first private key to obtain a second private key, and taking the second asymmetric private key as a security domain key of a preset security domain;
receiving second encrypted data delivered by the data provider, and importing the second encrypted data into the preset security domain; the second encrypted data is a result obtained by encrypting the original data by adopting a second public key;
receiving an operation request of a process on second encrypted data in the preset security domain;
and responding to the operation request, calling the second private key to decrypt the second encrypted data to obtain the original data, and allowing the process to controllably use the original data in the preset security domain according to the operation request.
2. A method of data controllable use according to claim 1, wherein the operation request is a read request or a write request.
3. A method of controllable use of data according to claim 2, wherein allowing the process to controllably use the original data in the predetermined security domain in accordance with the operation request comprises:
when the process performs read operation or write operation on the original data in the preset security domain, the process is not allowed to open the file outside the preset security domain in a write operation mode.
4. A method of data controllable use according to claim 1, wherein prior to sending the first public key to the data provider, the method further comprises:
and (3) finishing system initialization, and storing the measurement value of the system into the TPM.
5. A method of controllable use of data according to claim 1, wherein the data provider delivers the second encrypted data by means of a hardware copy or a network transmission.
6. A method of data controllable use according to claim 1, wherein the method further comprises:
after the second private key is obtained, the second private key is stored in a memory file of the daemon.
7. A method of data controllable use according to claim 1, wherein the method further comprises:
and if the second private key is reused after the system is restarted, storing the first encrypted data in a file system.
8. A method of data controllable use according to claim 1, wherein the method further comprises:
the TPM additionally generates a first asymmetric key certificate according to the measurement value of the system, wherein the first asymmetric key certificate is a signature containing the measurement value of the system, which is given by the TPM;
and sending the first asymmetric key certificate to the data provider so that the data provider can verify that the first public key is legal according to the first asymmetric key certificate.
9. A method of data controllable use according to claim 1, wherein the system's metric metrics include hardware, firmware, and various functional modules.
10. A method of data controllable use according to claim 1, wherein the method further comprises:
adding preset category data in the preset security domain to a white list;
and when the process performs read operation or write operation on the preset category data in the white list in the preset security domain, allowing the process to open the file outside the preset security domain in a write operation mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311241074.XA CN117648703A (en) | 2023-09-25 | 2023-09-25 | Data controllable use method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311241074.XA CN117648703A (en) | 2023-09-25 | 2023-09-25 | Data controllable use method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117648703A true CN117648703A (en) | 2024-03-05 |
Family
ID=90043949
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311241074.XA Pending CN117648703A (en) | 2023-09-25 | 2023-09-25 | Data controllable use method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117648703A (en) |
-
2023
- 2023-09-25 CN CN202311241074.XA patent/CN117648703A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109858265B (en) | Encryption method, device and related equipment | |
| KR100737628B1 (en) | Attestation using both fixed token and portable token | |
| JP6370722B2 (en) | Inclusive verification of platform to data center | |
| KR100996784B1 (en) | Saving and retrieving data based on public key encryption | |
| KR101067399B1 (en) | Saving and retrieving data based on symmetric key encryption | |
| CN108055133B (en) | Key security signature method based on block chain technology | |
| US7639819B2 (en) | Method and apparatus for using an external security device to secure data in a database | |
| CN105718807B (en) | Android system and its authentic authentication system based on soft TCM and credible software stack and method | |
| CN107908574B (en) | Safety protection method for solid-state disk data storage | |
| US20050283826A1 (en) | Systems and methods for performing secure communications between an authorized computing platform and a hardware component | |
| US20040117318A1 (en) | Portable token controlling trusted environment launch | |
| KR20040094724A (en) | Multi-token seal and unseal | |
| JP7256862B2 (en) | Secure communication method and system between protected containers | |
| WO2022052665A1 (en) | Wireless terminal and interface access authentication method for wireless terminal in uboot mode | |
| JP2020150318A (en) | Information processing unit, information processing method and program | |
| CN115357948A (en) | Hardware anti-copying encryption method and device based on TEE and encryption chip | |
| CN117648703A (en) | Data controllable use method | |
| CN111523129A (en) | TPM-based data leakage protection method | |
| CN117786667A (en) | Process authority management method, system and storage medium for controllable computation | |
| CN117763601A (en) | Privacy protection method and system for shared memory | |
| CN115292727A (en) | TrustZone-based root file system encryption method, device, equipment and storage medium | |
| CN110059489A (en) | Safe electronic equipment | |
| CN116451188A (en) | Software program operation safety protection method, system and storage medium | |
| Reimair | Trusted virtual security module | |
| Emanuel | Tamper free deployment and execution of software using TPM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |