WO2018086469A1 - Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit - Google Patents

Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit Download PDF

Info

Publication number
WO2018086469A1
WO2018086469A1 PCT/CN2017/108254 CN2017108254W WO2018086469A1 WO 2018086469 A1 WO2018086469 A1 WO 2018086469A1 CN 2017108254 W CN2017108254 W CN 2017108254W WO 2018086469 A1 WO2018086469 A1 WO 2018086469A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
owner
chip
address range
space
Prior art date
Application number
PCT/CN2017/108254
Other languages
French (fr)
Chinese (zh)
Inventor
付颖芳
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2018086469A1 publication Critical patent/WO2018086469A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/061Improving I/O performance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0638Organizing or formatting or addressing of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/0671In-line storage system
    • G06F3/0673Single storage device
    • G06F3/0679Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to the field of data storage, and in particular to a data storage method and a trusted chip for a non-volatile storage space in a chip.
  • the user can create a non-volatile space in the trusted security chip, and can assign the attributes shown in Table 1 to the non-volatile space:
  • FIG. 1 is a schematic diagram of interaction of a user acquiring non-volatile spatial data according to the prior art. As shown in FIG. 1 , the method includes the following steps:
  • the owner C initiates a request to access the non-volatile space to the trusted chip T;
  • the trusted chip T responds to the owner C request and requests its feedback password password, non-volatile space number and data length;
  • the owner C returns the password, the non-volatile space number to be accessed, and the non-volatile data length to the trusted chip T;
  • First_adress represents the initial physical address of the nonvolatile space
  • Last_adress represents the physical address of the last bit of the nonvolatile space
  • the trusted chip If the password and the nonvolatile space number are correct, and the obtained data length L also satisfies the formula (1), the trusted chip returns the data to be accessed by the owner C, and the flow ends. Otherwise, the process is terminated directly.
  • the existing international TCG standard security chip specifies the fixed size and access grant of the non-volatile space of the trusted security chip. Right, the status identification data in the specification defaults to 0, which is easily confused with the owner data 0. When the user obtains the data, the obtained partial data may be the status identification data 0, instead of the data 0 actually stored by the user.
  • owner C applies for a 6-byte non-volatile space, which stores 4 bytes of data, as shown in Table 2: the owner space number is 1, the owner name is C, and the owner space number corresponds to The size of the nonvolatile space is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding physical address is FFFFF0 to FFFFF6, and 4 bytes are stored in the physical address, and the data written by the owner is "1101", the TCG standard does not write data by default, the two bytes are 00, that is, the main data is 110100 (the bold italic number indicates the status data, and the unbold number indicates the owner data, as shown in Table 1. Owner data).
  • the owner C may not be able to remember how long it has been stored, and what data is stored, such as when the owner C and the owner obtains the data length 5 from the user, and responds
  • the trusted chip requires feedback information: the user enters the correct password ****, Nv_index number 1, after the trusted chip receives the information, verifies the correctness of the password and the Nv index number, and also verifies that the length is 5 ⁇ 6, which is Within the allowable range, the data length returned to the owner C is 11010, so that the original data of the owner C is changed from 1101 to 11010, causing data errors.
  • Embodiments of the present invention provide a data storage method and a trusted chip for a non-volatile storage space in a chip, so as to at least solve the prior art when reading raw data from a non-volatile space of a trusted security chip.
  • Technical problems with poor accuracy of raw data
  • a data storage method for a non-volatile storage space in a chip including: creating a non-volatile storage space in a chip, wherein the non-volatile storage space has at least attributes
  • the method includes: a parameter for characterizing the storage of the owner data in the non-volatile storage space, and a storage address range of the owner data; wherein the storage address range of the owner data is used to represent the maximum data length when the data is requested from the chip .
  • a method for obtaining data stored in a chip comprising: receiving an access request for accessing a non-volatile storage space of a chip; and obtaining verification information in response to the access request And the length of the data that needs to be requested; in the case where the verification verification information is passed, it is judged whether the length of the data to be requested is The storage address range of the owner data preset in the non-volatile storage space; if the requested data length is within the storage address range of the owner data, the content of the owner data is allowed to be returned; The storage address range of the primary data is used to characterize the maximum data length at which data is allowed to be requested from the chip.
  • a trusted chip including: a memory, including a non-volatile storage space, wherein the attributes of the non-volatile storage space at least include: The parameter storing the master data in the loss storage space belongs to the storage address range of the master data; wherein the storage address range of the owner data is used to represent the maximum data length when the data is allowed to be requested from the chip.
  • a system for acquiring data stored in a chip including: an access device end, is configured to issue an access request for accessing a non-volatile storage space of the chip;
  • the communication chip communicates with the access device, and is configured to obtain the verification information returned by the access device and the data length required to be requested in response to the access request, and if the verification verification information passes, if the required data length is in the owner data Within the storage address range, the contents of the owner data are allowed to be returned; wherein the storage address range of the owner data is used to characterize the maximum data length at which data is allowed to be requested from the chip.
  • an apparatus for acquiring data stored in a chip comprising: a receiving module, configured to receive an access request for accessing a non-volatile storage space of the chip; and a response module And responsive to the access request, obtaining the verification information and the length of the data that needs to be requested; and the determining module, configured to determine, in the case that the verification verification information passes, whether the data length that needs to be requested is in a preset genus in the non-volatile storage space a storage address range of the main data; the control module is configured to allow returning the content of the owner data if the length of the data to be requested is within the storage address range of the owner data; wherein the storage address range of the owner data is used The maximum data length at which the data is allowed to be requested from the chip.
  • the owner data is written to the non-volatile storage space by using the storage address range that defines the owner data, and according to the owner data.
  • the size determines the storage address range of the owner data, and returns the data that the owner needs to obtain according to the size of the owner data and the storage address range of the owner data, so as to achieve the purpose of accurately obtaining the owner data, thereby realizing the original acquisition of the owner.
  • the technical effect of the correctness of the data further solves the technical problem that the accuracy of the original data read is poor when the prior art reads the original data from the non-volatile space of the trusted security chip.
  • FIG. 1 is a schematic diagram of interaction of a user acquiring non-volatile spatial data according to the prior art
  • FIG. 2 is a block diagram showing the hardware structure of an optional computer terminal according to an embodiment of the present invention.
  • FIG. 3 is a flow chart of a data storage method for a non-volatile storage space in a chip according to an embodiment of the invention
  • FIG. 4 is a flow chart of a data storage method for a non-volatile memory space in an optional chip according to an embodiment of the invention
  • FIG. 5 is a flow chart of an alternative method of accessing owner data of a non-volatile storage space, in accordance with an embodiment of the present invention
  • FIG. 6 is a schematic structural diagram of an optional TCG trust chain according to an embodiment of the present invention.
  • FIG. 7 is a flow chart of a method for acquiring data stored in a chip according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a trusted chip according to an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a system for acquiring data stored in a chip according to an embodiment of the present invention.
  • FIG. 10 is a schematic structural diagram of an apparatus for acquiring data stored in a chip according to an embodiment of the present invention.
  • FIG. 11 is a block diagram showing the structure of an optional computer terminal in accordance with an embodiment of the present invention.
  • Non-volatile memory (Nn-volatile memory, referred to as Nv), as a storage technology, can ensure that the data stored in the device will not be lost when the device is powered off, and is often used to protect user-sensitive data.
  • Owner data refers to the data stored by the user to the storage device, wherein the owner refers to the entity that operates on the data.
  • Trustworthy means that an entity has been running for a specific purpose in a predictable manner.
  • Trusted computing is a trusted computing platform supported by hardware security modules widely used in computing and communication systems.
  • the trusted computing platform can improve the overall security of the system.
  • the core mechanism is to build a trusted computing environment through the chain of trust mechanism.
  • the trusted security chip is a chip with the function of generating encryption and decryption keys.
  • the trusted security chip can also perform high-speed data encryption and decryption, and acts as an auxiliary processor that protects the basic input/output system and the operating system from being modified.
  • a method embodiment of a data storage method for a non-volatile storage space in a chip is also provided.
  • FIG. 2 is a block diagram showing the hardware structure of a computer terminal (or mobile device) for realizing a data storage method of a nonvolatile storage space in a chip.
  • computer terminal 10 may include one or more (shown in the figures 102a, 102b, ..., 102n) processor 102 (processor 102 may include, but is not limited to, micro A processing device such as a processor MCU or a programmable logic device FPGA, a memory 104 for storing data, and a transmission module 4 for communication functions.
  • FIG. 2 can also include: display, input/output interface (I/O interface), universal serial bus (USB) port (which can be included as one of the ports of the I/O interface), network interface, power supply And / or camera.
  • I/O interface input/output interface
  • USB universal serial bus
  • FIG. 2 is merely illustrative and does not limit the structure of the above electronic device.
  • computer terminal 10 may also include more or fewer components than those shown in FIG. 2, or have a different configuration than that shown in FIG. 2.
  • processors 102 and/or other data processing circuits may be referred to herein generally as "data processing circuits.”
  • the data processing circuit may be embodied in whole or in part as software, hardware, firmware or any other combination.
  • the data processing circuitry can be a single, separate processing module, or incorporated in whole or in part into any of the other components in computer terminal 10 (or mobile device).
  • the data processing circuit is controlled as a processor (e.g., selection of a variable resistance terminal path connected to the interface).
  • the memory 104 can be used to store software programs and modules of the application software, such as the program instruction/data storage device corresponding to the data storage method of the non-volatile storage space in the chip in the embodiment of the present invention, and the processor 102 is stored in the memory 104 by running. Software programs and modules within, thus performing various functional applications and data processing, that is, The vulnerability detection method of the above application.
  • Memory 104 may include high speed random access memory, and may also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, memory 104 may further include memory remotely located relative to processor 102, which may be coupled to computer terminal 10 via a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
  • the computer device (or mobile device) shown in FIG. 2 may include hardware components (including circuits), software components (including computers stored on a computer readable medium). Code), or a combination of both hardware and software components.
  • FIG. 2 is only one example of a specific embodiment, and is intended to show the types of components that may be present in the above-described computer device (or mobile device).
  • FIG. 3 is a flow chart of a data storage method for a non-volatile storage space in a chip according to Embodiment 1 of the present invention, comprising the following steps:
  • Step S302 creating a non-volatile storage space in the chip, wherein the attributes of the non-volatile storage space at least include: a parameter for characterizing the storage of the owner data in the non-volatile storage space, the storage of the owner data The address range; wherein the storage address range of the owner data is used to characterize the maximum data length when data is allowed to be requested from the chip.
  • the storage mode of the nonvolatile storage space may adopt a big end mode and a small end mode, and the big end mode means that a high byte of data is stored in a low address of the memory, and the data The low byte is stored in the high address of the memory; the little end mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, the storage mode can The address level is effectively combined with the bit weight of the data. The weight of the high address part data is high, and the weight of the low address part data is low.
  • one of the attributes of the non-volatile storage space belongs to the data that the user stores into the non-volatile storage space, for example, if the data stored by the user is “1101”, the data is stored to Owner data of a non-volatile storage space; another attribute of the non-volatile storage space is a storage address range of the main data, the length of which is a maximum data length that allows the user to read the non-volatile storage space, for example, the owner
  • the data storage address range is: FFFFF0 to FFFFF6, which allows the user to request data from the chip with a maximum data length of 7.
  • creating a non-volatile memory space in the chip ensures that the data stored in the chip is not lost when the device is powered down, so it can be used to store more important data.
  • step S302 of the foregoing embodiment it can be known that a non-volatile storage space is created in the chip, which can ensure that data stored in the chip by the user is not lost when the device is powered off, thereby improving data storage. safety.
  • the attributes of the non-volatile storage space further include at least one of the following: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range.
  • Table 3 is a list of attributes for the non-volatile storage space that has been written to the owner data, as shown in Table 3.
  • the space number of the owner is 1
  • the space owner name is C
  • the size of the owner space whose primary space number is 1 is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding space
  • the physical address range is FFFFF0 to FFFFF6, and 4 bytes are stored in its physical address.
  • the storage address range is FFFFF1 to FFFFF4, and the written owner data is "1101".
  • FIG. 4 is a schematic flowchart of a data storage method of a non-volatile storage space in a chip after creating a non-volatile storage space in the chip. As shown in FIG. 4, the method further includes the following steps:
  • Step S304 writing the owner data to the non-volatile storage space, and determining the storage address range of the owner data according to the size of the owner data, wherein the initial storage address and the last storage address of the data block of the owner data are used. Determine the range of storage addresses.
  • the size of the owner data is L
  • the initial storage address of the data block belonging to the main data that is, the main data.
  • the memory address of the low byte is Min_adress, which is the end storage address of the data block belonging to the main data. That is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfy the following formula:
  • the end address Max_adress of the owner data can be determined, and the storage address range of the owner data can be determined. For example, if the owner data written to the nonvolatile storage space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is also 4 bytes.
  • the initial storage address of the main data is FFFFF1
  • the end address of the main data is FFFFF4
  • the storage address range of the data block belonging to the main data is FFFFF1 to FFFFF4.
  • FIG. 5 shows the owner accessing the non-volatile storage space after writing the owner data to the non-volatile storage space and determining the storage address range of the owner data according to the size of the owner data.
  • Method flow chart of data As shown in FIG. 5, the method includes the following steps:
  • Step S502 receiving an access request for accessing a non-volatile storage space
  • Step S504 in response to the access request, obtaining the verification information and the length of the data that needs to be requested;
  • Step S506 in the case that the verification verification information passes, it is determined whether the data length that needs to be requested is within the storage address range of the owner data;
  • Step S508 if the data length required to be requested is within the storage address range of the owner data, the content of the owner data is allowed to be returned.
  • the access device end initiates a non-volatile space request to the trusted chip, and after receiving the non-volatile space request sent by the device, the trusted chip responds to the request of the access device, and Requires access to the device side feedback verification information and the length information of the owner data; the access device end sends the verification information and the length information of the owner data to the trusted chip, for example, the length of the accessed owner data is 4 bytes; the trusted chip Verify that the verification information returned by the access device meets the requirements. If the verification information meets the requirements, determine whether the required data length is within the storage address range of the owner data. For example, the required data length is 4 bytes.
  • the storage address range of the Owner data is FFFFF1 ⁇ FFFFF4, the maximum storage length of the Owner data is 4 bytes, and the requested data length satisfies the formula (2). Therefore, the trusted chip allows access to the Owner data and returns the storage address. Owner data in the range of FFFFF1 to FFFFF4.
  • the foregoing verification information may be used to verify whether the access device has access rights and determine the location of accessing the device to access data, thereby further improving the accuracy of accessing data.
  • the process of acquiring the owner data is aborted, and/or the prompt information for characterizing the request failure is output.
  • the trusted chip further determines whether the requested data length is within the storage address range of the owner data, if The length of the data to be requested is outside the range of the storage address of the owner data. For example, the length of the data to be requested is 4 bytes, and the range of the storage address of the owner data is FFFFF1 to FFFFF3, and the maximum storage length of the owner data is 3. Byte, the requested data length does not satisfy formula (2). Therefore, the trusted chip does not allow access to the owner data, directly terminates the process, and outputs the prompt message that the request failed.
  • the verification information includes at least one of the following: a space number that needs to be accessed, and a password password.
  • verifying the space number that needs to be accessed may confirm whether the space number exists in the trusted chip, and further verifying the password password may confirm whether the currently accessed user has access rights, thereby further improving access data.
  • the accuracy may be determined by verifying whether the space number exists in the trusted chip, and further verifying the password password may confirm whether the currently accessed user has access rights, thereby further improving access data.
  • the prompt information that cannot obtain the owner data is returned.
  • the space number that the user needs to access is 2, but the owner data of the space number 2 does not exist in the trusted chip. In this case, the process of acquiring the owner data is suspended, and Send a prompt message to the access device to indicate that there is no owner data with space number 2.
  • the space number that the user needs to access is 2, and the owner data of the space number 2 exists in the trusted chip. When the password is detected to be incorrect, in this case, the same is also suspended. Obtain the process of the owner data, and send a prompt message to the access device, prompting the password password is incorrect, and asking it to operate again.
  • owner C applies for a 6-byte non-volatile space that stores 4 bytes of data, as shown in Table 4: the owner space number Nv_index is 1, the space belongs to The main name User_name is C, and the space size corresponding to the main space number 1 is Nv_Size is 6 bytes, that is, the data length can be up to 6 bytes; the corresponding physical address is FFFFF0 to FFFFF6, and 4 bytes are stored in the physical address.
  • the data written by the owner is "1101".
  • the data of the owner data that is not written by the TCG standard by default is 00, that is, the data of the data data item is 110100 (the bolded italic number indicates the state data, and the bold number indicates the genus. Master data, as the master data shown in Table 4).
  • the owner may not remember how long the data length is stored in the storage space. For example, when the owner requests to obtain data from the trusted chip, the length is 5, and the response is ok.
  • the information requested by the letter chip includes: the correct password password **** input by the owner, and the space number Nv_index 1, after the trusted chip receives the above verification information, the password password and the space number are correctly fed back and verified.
  • the data length 5 required to be acquired is greater than the length 4 of the owner data. Since the requested data length is not within the range allowed by the access, the trusted chip prompts the request data to exceed the pre-stored range, and terminates the process of acquiring the owner data.
  • Trusted computing can perform security protection while calculating operations, so that the calculation results are always consistent with expectations, and the calculation can be controlled and controlled without interference.
  • trusted computing The core elements of trusted computing are the trusted chain and the trusted root. Trusted computing can construct a trusted computing environment through the chain of trust mechanism.
  • trusted root is a trusted chip containing non-volatile storage space
  • the trusted computing has two technical routes: the Trusted Platform Control Module (TPCM) and the Trusted Platform Module (TPM) of the international TCG standard organization.
  • TPCM Trusted Platform Control Module
  • TPM Trusted Platform Module
  • the core elements of trusted computing are the trusted chain and the trusted root.
  • the Trusted Platform Module (TPM) in the TCG specification is the hardware trusted root of the trusted computing platform.
  • the TPM provides protected secure storage.
  • the TPM is physically connected to the computing platform and connected to the CPU via an external bus, such as a PC platform that is directly solidified on the motherboard and connected via the LPC bus.
  • trusted an entity has always been running for a specific target in a predictable way.
  • the core mechanism of trusted computing is to build a trusted computing environment through the trust chain mechanism. Whether the running entity is trusted or not is based on whether the previous running process of the system is credible. Based on this trust relationship, if the system starts from an initial trust root, in the case of every conversion of the platform computing environment, the trust can be maintained by means of delivery, thereby establishing a level 1 verification level on the computing platform. At the level 1 trust level, the computing environment is always trusted, and it can be trusted by local users or remote entities.
  • Figure 6 shows the structure of the TCG trust chain, as shown in Figure 6, where the solid arrows indicate trusted metric connections, the dashed arrows indicate trusted report connections, and the bold solid arrows indicate trusted storage connections. The dotted arrows indicate trusted network connections.
  • trusted computing Key technologies for trusted computing include trusted metrics, trusted reports, trusted storage, and trusted network connections.
  • the Trusted Platform Control Module TPCM implements the basic functions of the Trusted Platform Module. Its functional composition is basically the same as that of the TPM. However, since the core metric root CRTM of the TPM is in the BIOS of the basic input/output system, it is not protected by the TPM. Therefore, TPCM A new trusted metric root design is proposed, which solves the problem of the starting metric point of the trusted metric root, changes the startup and metric order. On this basis, the trust chain metric process with the chip as the root of trust is established. The chip controls the startup of the whole system, I/O interface control and system configuration, etc., which embodies the control effect of the chip on the credibility of the system.
  • the trusted root TPCM determines whether the authenticity and integrity of the next-level execution code have been tampered with. If not, the system passes the operational control right to the next-level trusted execution code.
  • the credible scope is extended to the next level of function code; similarly, the control of this system is continuously transmitted, and the process of establishing and transmitting the chain of trust can be realized, and finally the system-wide trusted construction can be realized.
  • a complete system trusted delivery process begins with a trusted root, which is passed from the trusted platform control module to the trusted BIOS and then passed to the trusted operating system loader, loaded from the trusted operating system.
  • the device is passed to a trusted operating system and passed from a trusted operating system to a trusted application.
  • the trusted security chip has the function of generating an encryption and decryption key, high-speed data encryption and decryption, and an auxiliary processor that protects the BIOS and the operating system from being modified.
  • the TPM security chip is very versatile and can be used with the following special software:
  • the TPM security chip can perform a wide range of encryption. In addition to traditional boot encryption and encryption of the hard disk, the TPM security chip can also encrypt the system login and application software login. For example, MSN, QQ, online games, and online banking login information and passwords can be encrypted by TPM and then transmitted, so that you don't have to worry about information and password being stolen.
  • the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods of various embodiments of the present invention.
  • an embodiment of a method of acquiring data stored in a chip is also provided.
  • the present application provides a method of acquiring data stored in a chip as shown in FIG. 7 is a flow chart of a method of acquiring data stored in a chip according to Embodiment 2 of the present invention. Including the following steps:
  • Step S702 receiving an access request for accessing a non-volatile storage space of the chip
  • Step S704 in response to the access request, obtaining the verification information and the data length required to be requested;
  • Step S706 if the verification verification information is passed, determining whether the requested data length is within the storage address range of the preset owner data in the non-volatile storage space;
  • Step S708 if the data length required to be requested is within the storage address range of the owner data, the content of the owner data is allowed to be returned; wherein the storage address range of the owner data is used to represent the maximum data when the data is requested from the chip. length.
  • the access chip may be a trusted chip, and the trusted chip includes a non-volatile storage space.
  • the storage mode of the nonvolatile storage space may adopt a big end mode and a little end mode.
  • the size of the main data is L
  • the data block of the main data is The initial storage address, that is, the memory address of the low byte belonging to the main data is Min_adress, which is the end storage address of the data block belonging to the main data, that is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfies the following formula:
  • the trusted chip After the access device sends a non-volatile space request to the trusted chip, the trusted chip receives the non-volatile space request sent by the device, responds to the request of the access device, and requests the device to feed back the verification information and The length information of the Owner data; the access device sends the verification information to the trusted chip and the length information of the Owner data. For example, the length of the accessed Owner data is 4 bytes; the trusted chip verifies the verification information returned by the access device.
  • the verification information meets the requirements, it is determined whether the length of the data to be requested is within the storage address range of the owner data, for example, the length of the data to be requested is 4 bytes, and the storage address range of the primary data For FFFFF1 ⁇ FFFFF4, the maximum storage length of the owner data is 4 bytes, and the requested data length satisfies the formula:
  • the trusted chip allows access to the owner data and returns the owner data whose storage address range is FFFFF1 to FFFFF4.
  • the storage mode of the above nonvolatile storage space can adopt big end mode and little end mode, and the big end mode means that the high byte of data is stored in the low address of the memory, and the low byte of the data is stored in the high address of the memory.
  • the little endian mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, which can effectively combine the address level and the bit weight of the data.
  • the weight of the high address part data is high, and the weight of the low address part data is low.
  • step S702 to step S708 of the above embodiment it can be known that after the nonvolatile storage space is created in the chip, the owner data is written to the nonvolatile storage space, and is determined according to the size of the owner data.
  • the storage address range of the Owner data returns the data that the Owner needs to obtain according to the size of the Owner data and the storage address range of the Owner data, and achieves the purpose of accurately acquiring the Owner data, thereby realizing the Owner to obtain the original data.
  • the technical effect of the correctness further solves the technical problem that the accuracy of the original data read is poor when the prior art reads the original data from the non-volatile space of the trusted security chip.
  • the attributes of the non-volatile storage space further include at least one of the following: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range.
  • Table 5 is a list of attributes for the non-volatile storage space that has been written to the owner data, as shown in Table 5.
  • the space number of the owner is 1
  • the space owner name is C
  • the size of the owner space whose primary space number is 1 is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding space.
  • the physical address range is FFFFF0 to FFFFF6, and 4 bytes are stored in its physical address.
  • the storage address range is FFFFF1 to FFFFF4, and the written owner data is "1101".
  • the method before receiving the access request for accessing the non-volatile storage space of the chip, the method further includes: writing the owner data to the non-volatile storage space, and determining the owner data according to the size of the owner data.
  • the size of the owner data is L
  • the initial storage address of the data block belonging to the main data that is, the main data.
  • the memory address of the low byte is Min_adress, which is the end storage address of the data block belonging to the main data. That is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfy the following formula:
  • the end address Max_adress of the owner data can be determined, and the storage address range of the owner data can be determined. For example, if the owner data written to the nonvolatile storage space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is also 4 bytes.
  • the initial storage address of the main data is FFFFF1
  • the end address of the main data is FFFFF4
  • the storage address range of the data block belonging to the main data is FFFFF1 to FFFFF4.
  • the process of acquiring the owner data is aborted, and/or the prompt information for characterizing the request failure is output.
  • the trusted chip further determines whether the requested data length is within the storage address range of the owner data, if The length of the data to be requested is outside the range of the storage address of the owner data. For example, the length of the data to be requested is 4 bytes, and the range of the storage address of the owner data is FFFFF1 to FFFFF3, and the maximum storage length of the owner data is 3. Byte, the requested data length does not satisfy the formula L ⁇
  • An embodiment of a trusted chip is also provided in accordance with an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a trusted chip according to Embodiment 3 of the present invention.
  • the trusted chip includes: a memory 801. among them,
  • the memory 801 includes a non-volatile storage space, wherein the attributes of the non-volatile storage space at least include: a parameter for characterizing the storage of the owner data in the non-volatile storage space, and a storage address range of the owner data; The storage address range of the owner data is used to characterize the maximum data length when data is requested from the chip.
  • the storage mode of the nonvolatile storage space may adopt a big end mode and a small end mode, and the big end mode means that a high byte of data is stored in a low address of the memory, and the data The low byte is stored in the high address of the memory; the little end mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, the storage mode can
  • the address level is effectively combined with the bit weight of the data.
  • the weight of the high address part data is high, and the weight of the low address part data is low.
  • one of the attributes of the non-volatile storage space belongs to the data that the user stores into the non-volatile storage space, for example, if the data stored by the user is “1101”, the data is stored to Owner data of a non-volatile storage space; another attribute of the non-volatile storage space is a storage address range of the main data, the length of which is a maximum data length that allows the user to read the non-volatile storage space, for example, the owner
  • the data storage address range is: FFFFF0 to FFFFF6, which allows the user to request data from the chip with a maximum data length of 7.
  • creating a non-volatile memory space in the chip ensures that the data stored in the chip is not lost when the device is powered down, so it can be used to store more important data.
  • the non-volatile storage space is created in the chip, which can ensure that the data stored by the user in the chip is not lost when the device is powered off, thereby improving the security of the data storage.
  • a system embodiment for acquiring data stored in a chip is also provided.
  • FIG. Figure 9 is a representation of the present invention
  • the trusted chip 903 communicates with the access device, and is configured to obtain the verification information returned by the access device and the data length required to be requested in response to the access request. If the verification verification information passes, if the required data length is in the owner Within the storage address range of the data, the content of the owner data is allowed to be returned; wherein the range of storage addresses of the owner data is used to characterize the maximum data length allowed to request data from the trusted chip.
  • the trusted chip includes a non-volatile storage space.
  • the storage mode of the nonvolatile storage space may adopt a big end mode and a little end mode.
  • the size of the main data is L
  • the data block of the main data is The initial storage address, that is, the memory address of the low byte belonging to the main data is Min_adress, which is the end storage address of the data block belonging to the main data, that is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfies the following formula:
  • the trusted chip After the access device sends a non-volatile space request to the trusted chip, the trusted chip receives the non-volatile space request sent by the device, responds to the request of the access device, and requests the device to feed back the verification information and The length information of the Owner data; the access device sends the verification information to the trusted chip and the length information of the Owner data. For example, the length of the accessed Owner data is 4 bytes; the trusted chip verifies the verification information returned by the access device.
  • the verification information meets the requirements, it is determined whether the length of the data to be requested is within the storage address range of the owner data, for example, the length of the data to be requested is 4 bytes, and the storage address range of the primary data For FFFFF1 ⁇ FFFFF4, the maximum storage length of the owner data is 4 bytes, and the requested data length satisfies the formula:
  • the trusted chip allows access to the owner data and returns the owner data whose storage address range is FFFFF1 to FFFFF4.
  • the storage mode of the above nonvolatile storage space can adopt big end mode and little end mode, and the big end mode means that the high byte of data is stored in the low address of the memory, and the low byte of the data is stored in the high address of the memory.
  • the little endian mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, which can effectively combine the address level and the bit weight of the data.
  • the weight of the high address part data is high, and the weight of the low address part data is low.
  • the trusted chip 903 is further configured to write the owner data into the non-volatile storage space, and determine a storage address range of the owner data according to the size of the owner data, where the data block of the owner data is used. The initial storage address and the last storage address are used to determine the storage address range.
  • the device includes: a receiving module 1001, a response module 1003, and a determining module 1005. And control module 1007. among them,
  • the receiving module 1001 is configured to receive an access request for accessing a non-volatile storage space of the chip
  • the response module 1003 is configured to obtain the verification information and the length of the data that needs to be requested in response to the access request.
  • the determining module 1005 is configured to determine, in the case that the verification verification information passes, whether the data length that needs to be requested is within a storage address range of the owner data set in advance in the non-volatile storage space;
  • the control module 1007 is configured to allow returning the content of the owner data if the data length required to be requested is within the storage address range of the owner data; wherein the storage address range of the owner data is used to characterize the time when the data is allowed to be requested from the chip The maximum data length.
  • the access chip may be a trusted chip, and the trusted chip includes a non-volatile storage space.
  • the storage mode of the nonvolatile storage space may adopt a big end mode and a little end mode.
  • the size of the main data is L
  • the data block of the main data is The initial storage address, that is, the memory address of the low byte belonging to the main data is Min_adress, which is the end storage address of the data block belonging to the main data, that is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfies the following formula:
  • the trusted chip After the access device sends a non-volatile space request to the trusted chip, the trusted chip receives the non-volatile space request sent by the device, responds to the request of the access device, and requests the device to feed back the verification information and The length information of the Owner data; the access device sends the verification information to the trusted chip and the length information of the Owner data. For example, the length of the accessed Owner data is 4 bytes; the trusted chip verifies the verification information returned by the access device.
  • the verification information meets the requirements, it is determined whether the length of the data to be requested is within the storage address range of the owner data, for example, the length of the data to be requested is 4 bytes, and the storage address of the primary data is The range is from FFFFF1 to FFFFF4, and the maximum storage length of the primary data is 4 bytes.
  • the requested data length satisfies the formula:
  • the trusted chip allows access to the owner data and returns the owner data whose storage address range is FFFFF1 to FFFFF4.
  • the storage mode of the above nonvolatile storage space can adopt big end mode and little end mode, and the big end mode means that the high byte of data is stored in the low address of the memory, and the low byte of the data is stored in the high address of the memory.
  • the little endian mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, which can effectively combine the address level and the bit weight of the data.
  • the weight of the high address part data is high, and the weight of the low address part data is low.
  • the owner data is written into the nonvolatile storage space, and the storage address range of the owner data is determined according to the size of the owner data, according to the owner data.
  • the storage address range of the size and the owner data returns the data that the owner needs to obtain, and achieves the purpose of accurately obtaining the owner data, thereby realizing the technical effect of ensuring the correctness of the owner to obtain the original data, thereby solving the prior art.
  • a technical problem of poor accuracy of raw data read when reading raw data in a non-volatile space of a trusted security chip.
  • the foregoing receiving module 1001, the response module 1003, the determining module 1005, and the control module 1007 correspond to the steps S702 to S708 in Embodiment 2, and the examples and application scenarios implemented by the four modules and corresponding steps. The same, but not limited to, the content disclosed in the above embodiment 2. It should be noted that the above module can be operated as part of the device in the computer terminal 10 provided in the first embodiment.
  • the attributes of the non-volatile storage space further include at least one of the following: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range.
  • Table 6 is a list of attributes for the non-volatile storage space that has been written to the owner data, as shown in Table 6.
  • the space number of the owner is 1, the space owner name is C, and the size of the owner space whose main space number is 1 is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding space
  • the physical address range is FFFFF0 to FFFFF6 store 4 bytes in their physical addresses.
  • the memory address range is FFFFF1 to FFFFF4, and the written owner data is "1101".
  • the foregoing apparatus for acquiring data stored in a chip further includes: a writing module 1009, configured to write the owner data into the non-volatile storage space, and according to the size of the owner data.
  • a storage address range of the owner data is determined, wherein the storage address range is determined by the initial storage address and the last storage address of the data block of the owner data.
  • the size of the owner data is L
  • the initial storage address of the data block belonging to the main data that is, the main data.
  • the memory address of the low byte is Min_adress, which is the end storage address of the data block belonging to the main data. That is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfy the following formula:
  • the end address Max_adress of the owner data can be determined, and the storage address range of the owner data can be determined. For example, if the owner data written to the nonvolatile storage space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is also 4 bytes.
  • the initial storage address of the main data is FFFFF1
  • the end address of the main data is FFFFF4
  • the storage address range of the data block belonging to the main data is FFFFF1 to FFFFF4.
  • the process of acquiring the owner data is aborted, and/or the prompt information for characterizing the request failure is output.
  • the trusted chip further determines whether the requested data length is within the storage address range of the owner data, if The length of the data to be requested is outside the range of the storage address of the owner data. For example, the length of the data to be requested is 4 bytes, and the range of the storage address of the owner data is FFFFF1 to FFFFF3, and the maximum storage length of the owner data is 3. Byte, the requested data length does not satisfy the formula L ⁇
  • Embodiments of the present invention may provide a computer terminal, which may be any one of computer terminal groups.
  • the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.
  • the computer terminal may be located in at least one network device of the plurality of network devices of the computer network.
  • FIG. 11 is a structural block diagram of a computer terminal according to an embodiment of the present invention.
  • the computer terminal A may include one or more (only one shown in the figure) processor 1103 and memory 1101.
  • the memory can be used to store software programs and modules, such as the security vulnerability detection method and the program instruction/module corresponding to the device in the embodiment of the present invention.
  • the processor executes various functions by running a software program and a module stored in the memory.
  • Application and data processing that is, the detection method for implementing the above system vulnerability attack.
  • the memory may include a high speed random access memory, and may also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory.
  • the memory can further include memory remotely located relative to the processor, which can be connected to terminal A via a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
  • the processor may invoke the memory stored information and the application by the transmission device to perform the steps of: creating a non-volatile storage space in the chip, wherein the attributes of the non-volatile storage space include at least: The parameter storing the main data in the volatile storage space belongs to the storage address range of the main data; wherein the storage address range of the main data is used to represent the maximum data length when the data is allowed to be requested from the chip.
  • the foregoing processor may further execute the following program code: write the owner data into the non-volatile storage space, and determine a storage address range of the owner data according to the size of the owner data, where the owner The initial storage address and the last storage address of the data block of the data determine the storage address range.
  • the foregoing processor may further execute the following program code: receiving an access request for accessing the non-volatile storage space; responding to the access request, obtaining the verification information and the length of the data that needs to be requested; and verifying the verification information In the case, it is judged whether the length of the data to be requested is within the storage address range of the owner data; if the length of the data to be requested is within the storage address range of the owner data, the content of the owner data is allowed to be returned.
  • the foregoing processor may further execute the following program code: if the required data length is outside the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or the output is used to represent the request. Failed message.
  • a solution for acquiring data stored in a chip is provided.
  • the owner data is written to the nonvolatile storage space, and according to the genus
  • the size of the main data determines the storage address range of the main data, and returns the data that the owner needs to obtain according to the size of the owner data and the storage address range of the owner data, thereby achieving the purpose of accurately acquiring the owner data, thereby realizing the guarantee genus.
  • the technical effect of the correctness of the original data is obtained, thereby solving the technical problem that the accuracy of the original data read by the prior art is poor when the original data is read from the non-volatile space of the trusted security chip.
  • FIG. 11 is only schematic, and the computer terminal can also be a smart person.
  • FIG. 11 does not limit the structure of the above electronic device.
  • computer terminal 11 may also include more or fewer components (such as a network interface, display device, etc.) than shown in FIG. 11, or have a different configuration than that shown in FIG.
  • Embodiments of the present invention also provide a storage medium.
  • the foregoing storage medium may be used to save the program code executed by the method for acquiring data stored in the chip provided by Embodiment 2 above.
  • the foregoing storage medium may be located in any one of the computer terminal groups in the computer network, or in any one of the mobile terminal groups.
  • the storage medium is configured to store program code for performing the following steps: receiving an access request for accessing a non-volatile storage space of the chip; obtaining the verification information and the request in response to the access request The length of the requested data; if the verification verification information is passed, it is determined whether the length of the data to be requested is within the storage address range of the preset owner data in the non-volatile storage space; if the required data length is in the genus Within the storage address range of the primary data, the contents of the owner data are allowed to be returned; wherein the storage address range of the owner data is used to characterize the maximum data length at which data is allowed to be requested from the chip.
  • the storage medium is configured to store program code for performing the following steps: writing the owner data to the non-volatile storage space, and determining the owner data according to the size of the owner data.
  • the storage medium is arranged to store program code for performing the following steps: if the requested data length is outside the storage address range of the owner data, the acquisition of the owner data is aborted The process, and/or the output is used to characterize the prompt information for the request failure.
  • the disclosed technical contents may be implemented in other manners.
  • the device embodiments described above are merely illustrative, such as the division of units, only A logical function partitioning may be implemented in an actual manner. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, unit or module, and may be electrical or otherwise.
  • the units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
  • An integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, can be stored in a computer readable storage medium.
  • the technical solution of the present invention which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server or network device, etc.) to perform all or part of the steps of the various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and the like. .

Abstract

A data storage method utilized in a non-volatile storage space in an integrated circuit (IC), and a trusted integrated circuit. The data storage method comprises: creating, in the integrated circuit, the non-volatile storage space (S302); wherein the non-volatile storage space has attributes including a parameter representing storage of owner data in the non-volatile storage space, and a storage address range of the owner data; and the storage address range of the owner data represents a maximum data length allowable for requesting data from the integrated circuit. The method resolves a technical issue in the prior art in which when reading, from a non-volatile space of a trusted IC, the raw data, the read raw data has low accuracy.

Description

芯片中非易失性存储空间的数据存储方法和可信芯片Data storage method and trusted chip of non-volatile storage space in chip
本申请要求2016年11月11日递交的申请号为201610998449.0、发明名称为“芯片中非易失性存储空间的数据存储方法和可信芯片”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201610998449.0 filed on Nov. 11, 2016, entitled "Data Storage Method and Trusted Chip in Non-Volatile Storage Space in Chip", the entire contents of which are incorporated by reference. Combined in this application.
技术领域Technical field
本发明涉及数据存储领域,具体而言,涉及一种芯片中非易失性存储空间的数据存储方法和可信芯片。The present invention relates to the field of data storage, and in particular to a data storage method and a trusted chip for a non-volatile storage space in a chip.
背景技术Background technique
用户可以在可信安全芯片中创建非易失空间,可以为非易失空间赋予如表1所示的属性:The user can create a non-volatile space in the trusted security chip, and can assign the attributes shown in Table 1 to the non-volatile space:
表1Table 1
Figure PCTCN2017108254-appb-000001
Figure PCTCN2017108254-appb-000001
图1示出了根据现有技术的一种用户获取非易失空间数据的交互示意图,如图1所示,具体包括如下步骤:FIG. 1 is a schematic diagram of interaction of a user acquiring non-volatile spatial data according to the prior art. As shown in FIG. 1 , the method includes the following steps:
(1)属主C向可信芯片T发起访问非易失空间请求;(1) The owner C initiates a request to access the non-volatile space to the trusted chip T;
(2)可信芯片T响应属主C请求,要求其反馈密码口令、非易失空间编号以及数据长度;(2) The trusted chip T responds to the owner C request and requests its feedback password password, non-volatile space number and data length;
(3)属主C回传口令、要访问的非易失空间编号、非易失数据长度给可信芯片T;(3) The owner C returns the password, the non-volatile space number to be accessed, and the non-volatile data length to the trusted chip T;
(4)可信芯片T验证口令和非易失空间索引编号的正确性,以及非易失空间的数据长度L是否满足下式:(4) The correctness of the trusted chip T verification password and the nonvolatile space index number, and whether the data length L of the nonvolatile space satisfies the following formula:
L≤|Last_adress-First_adress|             (1)L≤|Last_adress-First_adress| (1)
上式中,First_adress表示非易失空间初始物理地址,Last_adress表示非易失空间末位物理地址。In the above formula, First_adress represents the initial physical address of the nonvolatile space, and Last_adress represents the physical address of the last bit of the nonvolatile space.
如果口令和非易失空间编号正确,其获取的数据长度L也满足公式(1),则可信芯片返回属主C要访问的数据,流程结束。否则,直接终止流程。If the password and the nonvolatile space number are correct, and the obtained data length L also satisfies the formula (1), the trusted chip returns the data to be accessed by the owner C, and the flow ends. Otherwise, the process is terminated directly.
现有国际TCG标准安全芯片规范了可信安全芯片的非易失空间的固定大小、访问授 权,该规范中其状态标识数据默认为0,容易与属主数据0相混淆,导致用户获取数据时,获取到的部分数据可能是状态标识数据0,而非用户真正存储的数据0。例如,属主C申请了6字节的非易失空间,其存放了4个字节的数据,如表2所示:属主空间编号为1,属主名称为C,属主空间编号对应的非易失空间的大小为6字节,即数据长度最大可为6字节,其对应的物理地址为FFFFF0~FFFFF6,在其物理地址中存放了4字节,属主写入的数据为“1101”,TCG标准默认没有写入数据的两字节为00,即属主数据为110100(加粗斜体的数字表示状态数据,不加粗的数字表示属主数据,如表1所示的属主数据)。The existing international TCG standard security chip specifies the fixed size and access grant of the non-volatile space of the trusted security chip. Right, the status identification data in the specification defaults to 0, which is easily confused with the owner data 0. When the user obtains the data, the obtained partial data may be the status identification data 0, instead of the data 0 actually stored by the user. For example, owner C applies for a 6-byte non-volatile space, which stores 4 bytes of data, as shown in Table 2: the owner space number is 1, the owner name is C, and the owner space number corresponds to The size of the nonvolatile space is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding physical address is FFFFF0 to FFFFF6, and 4 bytes are stored in the physical address, and the data written by the owner is "1101", the TCG standard does not write data by default, the two bytes are 00, that is, the main data is 110100 (the bold italic number indicates the status data, and the unbold number indicates the owner data, as shown in Table 1. Owner data).
表2Table 2
Nv_indexNv_index User_nameUser_name PasswordPassword Nv_SizeNv_Size Nv_F&L_adressNv_F&L_adress DataData
11 CC ******** 66 FFFFF0~FFFFF6FFFFF0~FFFFF6 110100110100
当存储数据较长,且经常变更时,属主C不一定能记住自己存了多长,且存了什么数据,比如当属主C并当属主向用户获取数据长度5时,且响应可信芯片要求反馈的信息:用户输入正确的口令****,Nv_index编号1,可信芯片接到信息后,验证口令和Nv索引编号的正确性,也验证其长度5<6,是其可允许的范围内,因此返回给属主C数据长度为11010,这样属主C的原始数据由1101变成了11010,造成了数据的错误。When the stored data is long and changes frequently, the owner C may not be able to remember how long it has been stored, and what data is stored, such as when the owner C and the owner obtains the data length 5 from the user, and responds The trusted chip requires feedback information: the user enters the correct password ****, Nv_index number 1, after the trusted chip receives the information, verifies the correctness of the password and the Nv index number, and also verifies that the length is 5<6, which is Within the allowable range, the data length returned to the owner C is 11010, so that the original data of the owner C is changed from 1101 to 11010, causing data errors.
针对上述现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题,目前尚未提出有效的解决方案。In view of the above-mentioned prior art, when reading raw data from a non-volatile space of a trusted security chip, the technical problem of poor accuracy of the read original data has not yet proposed an effective solution.
发明内容Summary of the invention
本发明实施例提供了一种芯片中非易失性存储空间的数据存储方法和可信芯片,以至少解决现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题。Embodiments of the present invention provide a data storage method and a trusted chip for a non-volatile storage space in a chip, so as to at least solve the prior art when reading raw data from a non-volatile space of a trusted security chip. Technical problems with poor accuracy of raw data.
根据本发明实施例的一个方面,提供了一种芯片中非易失性存储空间的数据存储方法,包括:在芯片中创建非易失性存储空间,其中,非易失性存储空间的属性至少包括:用于表征在非易失性存储空间中存储属主数据的参数,属主数据的存储地址范围;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。According to an aspect of the embodiments of the present invention, a data storage method for a non-volatile storage space in a chip is provided, including: creating a non-volatile storage space in a chip, wherein the non-volatile storage space has at least attributes The method includes: a parameter for characterizing the storage of the owner data in the non-volatile storage space, and a storage address range of the owner data; wherein the storage address range of the owner data is used to represent the maximum data length when the data is requested from the chip .
根据本发明实施例的另一方面,还提供了一种获取存储在芯片中的数据的方法,包括:接收用于访问芯片的非易失性存储空间的访问请求;响应访问请求,得到验证信息和需要请求的数据长度;在验证验证信息通过的情况下,判断需要请求的数据长度是否 处于非易失性存储空间中预先设置的属主数据的存储地址范围之内;如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。According to another aspect of an embodiment of the present invention, there is provided a method for obtaining data stored in a chip, comprising: receiving an access request for accessing a non-volatile storage space of a chip; and obtaining verification information in response to the access request And the length of the data that needs to be requested; in the case where the verification verification information is passed, it is judged whether the length of the data to be requested is The storage address range of the owner data preset in the non-volatile storage space; if the requested data length is within the storage address range of the owner data, the content of the owner data is allowed to be returned; The storage address range of the primary data is used to characterize the maximum data length at which data is allowed to be requested from the chip.
根据本发明实施例的另一方面,还提供了一种可信芯片,包括:存储器,包括非易失性存储空间,其中,非易失性存储空间的属性至少包括:用于表征在非易失性存储空间中存储属主数据的参数,属主数据的存储地址范围;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。According to another aspect of the present invention, a trusted chip is further provided, including: a memory, including a non-volatile storage space, wherein the attributes of the non-volatile storage space at least include: The parameter storing the master data in the loss storage space belongs to the storage address range of the master data; wherein the storage address range of the owner data is used to represent the maximum data length when the data is allowed to be requested from the chip.
根据本发明实施例的另一方面,还提供了一种获取存储在芯片中的数据的系统,包括:访问设备端,用于发出用于访问芯片的非易失性存储空间的访问请求;可信芯片,与访问设备端通信,用于响应访问请求,获取访问设备端返回的验证信息和需要请求的数据长度,在验证验证信息通过的情况下,如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。According to another aspect of the embodiments of the present invention, a system for acquiring data stored in a chip, including: an access device end, is configured to issue an access request for accessing a non-volatile storage space of the chip; The communication chip communicates with the access device, and is configured to obtain the verification information returned by the access device and the data length required to be requested in response to the access request, and if the verification verification information passes, if the required data length is in the owner data Within the storage address range, the contents of the owner data are allowed to be returned; wherein the storage address range of the owner data is used to characterize the maximum data length at which data is allowed to be requested from the chip.
根据本发明实施例的另一方面,还提供了一种获取存储在芯片中的数据的装置,包括:接收模块,用于接收用于访问芯片的非易失性存储空间的访问请求;响应模块,用于响应访问请求,得到验证信息和需要请求的数据长度;判断模块,用于在验证验证信息通过的情况下,判断需要请求的数据长度是否处于非易失性存储空间中预先设置的属主数据的存储地址范围之内;控制模块,用于如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。According to another aspect of an embodiment of the present invention, there is provided an apparatus for acquiring data stored in a chip, comprising: a receiving module, configured to receive an access request for accessing a non-volatile storage space of the chip; and a response module And responsive to the access request, obtaining the verification information and the length of the data that needs to be requested; and the determining module, configured to determine, in the case that the verification verification information passes, whether the data length that needs to be requested is in a preset genus in the non-volatile storage space a storage address range of the main data; the control module is configured to allow returning the content of the owner data if the length of the data to be requested is within the storage address range of the owner data; wherein the storage address range of the owner data is used The maximum data length at which the data is allowed to be requested from the chip.
在本发明实施例中,采用限定属主数据的存储地址范围的方式,通过在芯片中创建非易失存储空间之后,向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,根据属主数据的大小和属主数据的存储地址范围返回属主需要获取的数据,达到了准确获取属主数据的目的,从而实现了保证属主获取原始数据的正确性的技术效果,进而解决了现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题。In the embodiment of the present invention, after the non-volatile storage space is created in the chip, the owner data is written to the non-volatile storage space by using the storage address range that defines the owner data, and according to the owner data. The size determines the storage address range of the owner data, and returns the data that the owner needs to obtain according to the size of the owner data and the storage address range of the owner data, so as to achieve the purpose of accurately obtaining the owner data, thereby realizing the original acquisition of the owner. The technical effect of the correctness of the data further solves the technical problem that the accuracy of the original data read is poor when the prior art reads the original data from the non-volatile space of the trusted security chip.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中: The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是根据现有技术的一种用户获取非易失空间数据的交互示意图;1 is a schematic diagram of interaction of a user acquiring non-volatile spatial data according to the prior art;
图2是根据本发明实施例的一种可选的计算机终端的硬件结构框图;2 is a block diagram showing the hardware structure of an optional computer terminal according to an embodiment of the present invention;
图3是根据本发明实施例的一种芯片中非易失性存储空间的数据存储方法流程图;3 is a flow chart of a data storage method for a non-volatile storage space in a chip according to an embodiment of the invention;
图4是根据本发明实施例的一种可选的芯片中非易失性存储空间的数据存储方法流程图;4 is a flow chart of a data storage method for a non-volatile memory space in an optional chip according to an embodiment of the invention;
图5是根据本发明实施例的一种可选的访问非易失性存储空间的属主数据的方法流程图;5 is a flow chart of an alternative method of accessing owner data of a non-volatile storage space, in accordance with an embodiment of the present invention;
图6是根据本发明实施例的一种可选的TCG信任链的结构示意图;6 is a schematic structural diagram of an optional TCG trust chain according to an embodiment of the present invention;
图7是根据本发明实施例的一种获取存储在芯片中的数据的方法流程图;7 is a flow chart of a method for acquiring data stored in a chip according to an embodiment of the present invention;
图8是根据本发明实施例的一种可信芯片的结构示意图;FIG. 8 is a schematic structural diagram of a trusted chip according to an embodiment of the present invention; FIG.
图9是根据本发明实施例的一种获取存储在芯片中的数据的系统结构示意图;9 is a schematic structural diagram of a system for acquiring data stored in a chip according to an embodiment of the present invention;
图10是根据本发明实施例的一种获取存储在芯片中的数据的装置结构示意图;以及10 is a schematic structural diagram of an apparatus for acquiring data stored in a chip according to an embodiment of the present invention;
图11是根据本发明实施例的一种可选的计算机终端的结构框图。11 is a block diagram showing the structure of an optional computer terminal in accordance with an embodiment of the present invention.
具体实施方式detailed description
为了使本技术领域的人员更好地理解本发明方案,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分的实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is an embodiment of the invention, but not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts shall fall within the scope of the present invention.
需要说明的是,本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的本发明的实施例能够以除了在这里图示或描述的那些以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order. It is to be understood that the data so used may be interchanged where appropriate, so that the embodiments of the invention described herein can be implemented in a sequence other than those illustrated or described herein. In addition, the terms "comprises" and "comprises" and "the" and "the" are intended to cover a non-exclusive inclusion, for example, a process, method, system, product, or device that comprises a series of steps or units is not necessarily limited to Those steps or units may include other steps or units not explicitly listed or inherent to such processes, methods, products or devices.
首先,在对本申请实施例进行描述的过程中出现的部分名词或术语适用于如下解释:First, some of the nouns or terms that appear in the process of describing the embodiments of the present application are applicable to the following explanations:
非易失存储(Non-volatile memory,简称为Nv),作为一种存储技术,其可以保证在设备掉电的时候,设备中存储的数据不会丢失,常用来保护用户非常敏感的数据。 Non-volatile memory (Nn-volatile memory, referred to as Nv), as a storage technology, can ensure that the data stored in the device will not be lost when the device is powered off, and is often used to protect user-sensitive data.
属主数据,指用户向存储设备中存储的数据,其中,属主指对数据进行操作的主体。Owner data refers to the data stored by the user to the storage device, wherein the owner refers to the entity that operates on the data.
可信,指一个实体一直以一种可预期的方式为特定的目标运行。Trustworthy means that an entity has been running for a specific purpose in a predictable manner.
可信计算(Trusted computing),是在计算和通信系统中广泛使用的基于硬件安全模块支持下的可信计算平台,使用该可信计算平台可以提高系统整体的安全性。其核心机制是通过信任链机制构建可信计算环境。Trusted computing is a trusted computing platform supported by hardware security modules widely used in computing and communication systems. The trusted computing platform can improve the overall security of the system. The core mechanism is to build a trusted computing environment through the chain of trust mechanism.
可信安全芯片,是一种具有产生加解密密钥功能的芯片,可信安全芯片也能够进行高速的资料加密和解密,以及充当保护基本输入输出系统和操作系统不被修改的辅助处理器。The trusted security chip is a chip with the function of generating encryption and decryption keys. The trusted security chip can also perform high-speed data encryption and decryption, and acts as an auxiliary processor that protects the basic input/output system and the operating system from being modified.
实施例1Example 1
根据本发明实施例,还提供了一种芯片中非易失性存储空间的数据存储方法的方法实施例。According to an embodiment of the invention, a method embodiment of a data storage method for a non-volatile storage space in a chip is also provided.
本申请实施例1所提供的方法实施例可以在移动终端、计算机终端或者类似的运算装置中执行。图2示出了一种用于实现芯片中非易失性存储空间的数据存储方法的计算机终端(或移动设备)的硬件结构框图。如图2所示,计算机终端10(或移动设备10)可以包括一个或多个(图中采用102a、102b,……,102n来示出)处理器102(处理器102可以包括但不限于微处理器MCU或可编程逻辑器件FPGA等的处理装置)、用于存储数据的存储器104、以及用于通信功能的传输模块4。除此以外,还可以包括:显示器、输入/输出接口(I/O接口)、通用串行总线(USB)端口(可以作为I/O接口的端口中的一个端口被包括)、网络接口、电源和/或相机。本领域普通技术人员可以理解,图2所示的结构仅为示意,其并不对上述电子装置的结构造成限定。例如,计算机终端10还可包括比图2中所示更多或者更少的组件,或者具有与图2所示不同的配置。The method embodiment provided by Embodiment 1 of the present application can be executed in a mobile terminal, a computer terminal or the like. 2 is a block diagram showing the hardware structure of a computer terminal (or mobile device) for realizing a data storage method of a nonvolatile storage space in a chip. As shown in FIG. 2, computer terminal 10 (or mobile device 10) may include one or more (shown in the figures 102a, 102b, ..., 102n) processor 102 (processor 102 may include, but is not limited to, micro A processing device such as a processor MCU or a programmable logic device FPGA, a memory 104 for storing data, and a transmission module 4 for communication functions. In addition, it can also include: display, input/output interface (I/O interface), universal serial bus (USB) port (which can be included as one of the ports of the I/O interface), network interface, power supply And / or camera. It will be understood by those skilled in the art that the structure shown in FIG. 2 is merely illustrative and does not limit the structure of the above electronic device. For example, computer terminal 10 may also include more or fewer components than those shown in FIG. 2, or have a different configuration than that shown in FIG. 2.
应当注意到的是上述一个或多个处理器102和/或其他数据处理电路在本文中通常可以被称为“数据处理电路”。该数据处理电路可以全部或部分的体现为软件、硬件、固件或其他任意组合。此外,数据处理电路可为单个独立的处理模块,或全部或部分的结合到计算机终端10(或移动设备)中的其他元件中的任意一个内。如本申请实施例中所涉及到的,该数据处理电路作为一种处理器控制(例如与接口连接的可变电阻终端路径的选择)。It should be noted that one or more of the above-described processors 102 and/or other data processing circuits may be referred to herein generally as "data processing circuits." The data processing circuit may be embodied in whole or in part as software, hardware, firmware or any other combination. Moreover, the data processing circuitry can be a single, separate processing module, or incorporated in whole or in part into any of the other components in computer terminal 10 (or mobile device). As referred to in the embodiments of the present application, the data processing circuit is controlled as a processor (e.g., selection of a variable resistance terminal path connected to the interface).
存储器104可用于存储应用软件的软件程序以及模块,如本发明实施例中的芯片中非易失性存储空间的数据存储方法对应的程序指令/数据存储装置,处理器102通过运行存储在存储器104内的软件程序以及模块,从而执行各种功能应用以及数据处理,即实 现上述的应用程序的漏洞检测方法。存储器104可包括高速随机存储器,还可包括非易失性存储器,如一个或者多个磁性存储装置、闪存、或者其他非易失性固态存储器。在一些实例中,存储器104可进一步包括相对于处理器102远程设置的存储器,这些远程存储器可以通过网络连接至计算机终端10。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The memory 104 can be used to store software programs and modules of the application software, such as the program instruction/data storage device corresponding to the data storage method of the non-volatile storage space in the chip in the embodiment of the present invention, and the processor 102 is stored in the memory 104 by running. Software programs and modules within, thus performing various functional applications and data processing, that is, The vulnerability detection method of the above application. Memory 104 may include high speed random access memory, and may also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, memory 104 may further include memory remotely located relative to processor 102, which may be coupled to computer terminal 10 via a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
此处需要说明的是,在一些可选实施例中,上述图2所示的计算机设备(或移动设备)可以包括硬件元件(包括电路)、软件元件(包括存储在计算机可读介质上的计算机代码)、或硬件元件和软件元件两者的结合。应当指出的是,图2仅为特定具体实例的一个实例,并且旨在示出可存在于上述计算机设备(或移动设备)中的部件的类型。It should be noted that, in some optional embodiments, the computer device (or mobile device) shown in FIG. 2 may include hardware components (including circuits), software components (including computers stored on a computer readable medium). Code), or a combination of both hardware and software components. It should be noted that FIG. 2 is only one example of a specific embodiment, and is intended to show the types of components that may be present in the above-described computer device (or mobile device).
在上述运行环境下,本申请提供了如图3所示的芯片中非易失性存储空间的数据存储方法。图3是根据本发明实施例1的芯片中非易失性存储空间的数据存储方法的流程图,包括如下步骤:In the above operating environment, the present application provides a data storage method for a non-volatile storage space in the chip as shown in FIG. 3. 3 is a flow chart of a data storage method for a non-volatile storage space in a chip according to Embodiment 1 of the present invention, comprising the following steps:
步骤S302,在芯片中创建非易失性存储空间,其中,非易失性存储空间的属性至少包括:用于表征在非易失性存储空间中存储属主数据的参数,属主数据的存储地址范围;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。Step S302, creating a non-volatile storage space in the chip, wherein the attributes of the non-volatile storage space at least include: a parameter for characterizing the storage of the owner data in the non-volatile storage space, the storage of the owner data The address range; wherein the storage address range of the owner data is used to characterize the maximum data length when data is allowed to be requested from the chip.
在上述步骤S302所限定的技术方案中,上述非易失存储空间的存储模式可以采用大端模式和小端模式,大端模式是指数据的高字节保存在内存的低地址中,而数据的低字节保存在内存的高地址中;而小端模式是指数据的高字节保存在内存的高地址中,而数据的低字节保存在内在的低地址中,该存储模式可以将地址的高低和数据的位权有效结合起来,高地址部分数据的权值高,低地址部分数据的权值低。In the technical solution defined in the foregoing step S302, the storage mode of the nonvolatile storage space may adopt a big end mode and a small end mode, and the big end mode means that a high byte of data is stored in a low address of the memory, and the data The low byte is stored in the high address of the memory; the little end mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, the storage mode can The address level is effectively combined with the bit weight of the data. The weight of the high address part data is high, and the weight of the low address part data is low.
需要说明的是,非易失性存储空间的属性之一属主数据为用户存入到非易失性存储空间的数据,例如,用户存储的数据为“1101”,则该数据即为存储到非易失性存储空间的属主数据;非易失性存储空间的另一个属性属主数据的存储地址范围的长度为允许用户读取非易失性存储空间的最大数据长度,例如,属主数据的存储地址范围为:FFFFF0~FFFFF6,则允许用户向芯片请求数据时的最大数据长度为7。此外,在芯片中创建非易失性存储空间可以保证在设备掉电时,存储在芯片中的数据不会丢失,从而可以用来存储比较重要的数据。It should be noted that one of the attributes of the non-volatile storage space belongs to the data that the user stores into the non-volatile storage space, for example, if the data stored by the user is “1101”, the data is stored to Owner data of a non-volatile storage space; another attribute of the non-volatile storage space is a storage address range of the main data, the length of which is a maximum data length that allows the user to read the non-volatile storage space, for example, the owner The data storage address range is: FFFFF0 to FFFFF6, which allows the user to request data from the chip with a maximum data length of 7. In addition, creating a non-volatile memory space in the chip ensures that the data stored in the chip is not lost when the device is powered down, so it can be used to store more important data.
基于上述实施例步骤S302所公开的方案中,可以获知在芯片中创建非易失性存储空间,可以保证用户存储在芯片中的数据在设备掉电时,不会丢失,进而提高了数据存储的安全性。 Based on the solution disclosed in step S302 of the foregoing embodiment, it can be known that a non-volatile storage space is created in the chip, which can ensure that data stored in the chip by the user is not lost when the device is powered off, thereby improving data storage. safety.
可选的,非易失性存储空间的属性至少还包括如下至少之一:空间编号、空间属主名称、空间授权密码、空间大小和空间物理地址范围。Optionally, the attributes of the non-volatile storage space further include at least one of the following: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range.
在一种可选的实施例中,表3为已经写入属主数据的非易失性存储空间的属性表,如表3所示。In an alternative embodiment, Table 3 is a list of attributes for the non-volatile storage space that has been written to the owner data, as shown in Table 3.
表3table 3
Figure PCTCN2017108254-appb-000002
Figure PCTCN2017108254-appb-000002
在表3中,属主的空间编号为1,空间属主名称为C,属主空间编号为1的属主空间大小为6字节,即数据长度最大可为6字节,其对应的空间物理地址范围为FFFFF0~FFFFF6,在其物理地址中存放了4字节,其存储地址范围为FFFFF1~FFFFF4,写入的属主数据为“1101”。In Table 3, the space number of the owner is 1, the space owner name is C, and the size of the owner space whose primary space number is 1 is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding space The physical address range is FFFFF0 to FFFFF6, and 4 bytes are stored in its physical address. The storage address range is FFFFF1 to FFFFF4, and the written owner data is "1101".
可选的,图4示出了在芯片中创建非易失性存储空间之后,芯片中非易失性存储空间的数据存储方法的流程示意图,如图4所示,该方法还包括如下步骤:Optionally, FIG. 4 is a schematic flowchart of a data storage method of a non-volatile storage space in a chip after creating a non-volatile storage space in the chip. As shown in FIG. 4, the method further includes the following steps:
步骤S304,向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,其中,通过属主数据的数据块的初始存储地址和末尾存储地址来确定存储地址范围。Step S304, writing the owner data to the non-volatile storage space, and determining the storage address range of the owner data according to the size of the owner data, wherein the initial storage address and the last storage address of the data block of the owner data are used. Determine the range of storage addresses.
在一种可选的实施例中,在属主数据的存储模式为小端模式的情况下,假设属主数据的大小为L,属主数据的数据块的初始存储地址,即属主数据的低字节所在的内存地址为Min_adress,属主数据的数据块的末尾存储地址,即属主数据的高字节所在的内存地址为Max_adress,则L、Min_adress和Max_adress满足下式:In an optional embodiment, in the case that the storage mode of the owner data is the little end mode, it is assumed that the size of the owner data is L, and the initial storage address of the data block belonging to the main data, that is, the main data. The memory address of the low byte is Min_adress, which is the end storage address of the data block belonging to the main data. That is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfy the following formula:
L≤|Max_adress-Min_adress|             (2)L≤|Max_adress-Min_adress| (2)
因此,根据属主数据的大小L以及属主数据的初始存储地址Min_adress可以确定属主数据的末尾地址Max_adress,进而可以确定属主数据的存储地址范围。例如,向非易失性存储空间写入的属主数据为“1101”,该属主数据的大小为4字节,则该属主数据的存储地址范围的长度也为4字节,如果此时属主数据的初始存储地址为FFFFF1,则该属主数据的末尾地址为FFFFF4,属主数据的数据块的存储地址范围为FFFFF1~FFFFF4。Therefore, based on the size L of the owner data and the initial storage address Min_adress of the owner data, the end address Max_adress of the owner data can be determined, and the storage address range of the owner data can be determined. For example, if the owner data written to the nonvolatile storage space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is also 4 bytes. When the initial storage address of the main data is FFFFF1, the end address of the main data is FFFFF4, and the storage address range of the data block belonging to the main data is FFFFF1 to FFFFF4.
可选的,图5示出了在向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围之后,访问非易失性存储空间的属主数据的方法流程图, 如图5所示,该方法包括如下步骤:Optionally, FIG. 5 shows the owner accessing the non-volatile storage space after writing the owner data to the non-volatile storage space and determining the storage address range of the owner data according to the size of the owner data. Method flow chart of data, As shown in FIG. 5, the method includes the following steps:
步骤S502,接收用于访问非易失性存储空间的访问请求;Step S502, receiving an access request for accessing a non-volatile storage space;
步骤S504,响应访问请求,得到验证信息和需要请求的数据长度;Step S504, in response to the access request, obtaining the verification information and the length of the data that needs to be requested;
步骤S506,在验证验证信息通过的情况下,判断需要请求的数据长度是否处于属主数据的存储地址范围之内;Step S506, in the case that the verification verification information passes, it is determined whether the data length that needs to be requested is within the storage address range of the owner data;
步骤S508,如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容。Step S508, if the data length required to be requested is within the storage address range of the owner data, the content of the owner data is allowed to be returned.
作为一种可选的实施例,访问设备端向可信芯片发起访问非易失性空间请求,可信芯片接收到访问设备端发送的非易失性空间请求后,响应访问设备端的请求,并要求访问设备端反馈验证信息以及属主数据的长度信息;访问设备端向可信芯片发送验证信息以及属主数据的长度信息,例如,访问的属主数据的长度为4字节;可信芯片验证访问设备端返回的验证信息是否符合要求,在验证信息符合要求的情况下,判断需要请求的数据长度是否处于属主数据的存储地址范围之内,例如,需要请求的数据长度为4字节,属主数据的存储地址范围为FFFFF1~FFFFF4,属主数据的最大存储长度为4字节,请求的数据长度满足公式(2),因此,可信芯片允许访问属主数据,并返回存储地址范围为FFFFF1~FFFFF4的属主数据。As an optional embodiment, the access device end initiates a non-volatile space request to the trusted chip, and after receiving the non-volatile space request sent by the device, the trusted chip responds to the request of the access device, and Requires access to the device side feedback verification information and the length information of the owner data; the access device end sends the verification information and the length information of the owner data to the trusted chip, for example, the length of the accessed owner data is 4 bytes; the trusted chip Verify that the verification information returned by the access device meets the requirements. If the verification information meets the requirements, determine whether the required data length is within the storage address range of the owner data. For example, the required data length is 4 bytes. The storage address range of the Owner data is FFFFF1~FFFFF4, the maximum storage length of the Owner data is 4 bytes, and the requested data length satisfies the formula (2). Therefore, the trusted chip allows access to the Owner data and returns the storage address. Owner data in the range of FFFFF1 to FFFFF4.
需要说明的是,上述验证信息可以用来验证访问设备端是否有访问的权限以及确定访问设备端访问数据的位置,从而可以进一步提高访问数据的准确性。It should be noted that the foregoing verification information may be used to verify whether the access device has access rights and determine the location of accessing the device to access data, thereby further improving the accuracy of accessing data.
可选的,如果需要请求的数据长度处于属主数据的存储地址范围之外,则中止获取属主数据的流程,和/或输出用于表征请求失败的提示信息。Optionally, if the requested data length is outside the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or the prompt information for characterizing the request failure is output.
作为一种可选的实施例,在可信芯片验证访问设备端返回的验证信息符合要求的情况下,可信芯片进一步判断需要请求的数据长度是否处于属主数据的存储地址范围之内,如果需要请求的数据长度处于属主数据的存储地址范围之外,例如,需要请求的数据长度为4字节,而属主数据的存储地址范围为FFFFF1~FFFFF3,属主数据的最大存储长度为3字节,请求的数据长度不满足公式(2),因此,可信芯片不允许访问属主数据,直接终止流程,并输出此次请求失败的提示信息。As an optional embodiment, if the verification information returned by the trusted chip verification access device meets the requirement, the trusted chip further determines whether the requested data length is within the storage address range of the owner data, if The length of the data to be requested is outside the range of the storage address of the owner data. For example, the length of the data to be requested is 4 bytes, and the range of the storage address of the owner data is FFFFF1 to FFFFF3, and the maximum storage length of the owner data is 3. Byte, the requested data length does not satisfy formula (2). Therefore, the trusted chip does not allow access to the owner data, directly terminates the process, and outputs the prompt message that the request failed.
可选的,验证信息至少包括如下至少之一:需要访问的空间编号、密码口令。Optionally, the verification information includes at least one of the following: a space number that needs to be accessed, and a password password.
作为一种可选的实施例,验证上述需要访问的空间编号可以确认可信芯片中是否存有该空间编号,进一步验证密码口令可以确认当前访问的用户是否有访问权限,从而可以进一步提高访问数据的准确性。 As an optional embodiment, verifying the space number that needs to be accessed may confirm whether the space number exists in the trusted chip, and further verifying the password password may confirm whether the currently accessed user has access rights, thereby further improving access data. The accuracy.
可选的,在验证验证信息失败的情况下,返回无法获取属主数据的提示信息。Optionally, in the case that the verification verification information fails, the prompt information that cannot obtain the owner data is returned.
在一种可选的实施例中,用户需要访问的空间编号为2,但可信芯片中不存在空间编号为2的属主数据,在这种情况下,中止获取属主数据的流程,并向访问设备端发送提示信息,提示不存在空间编号为2的属主数据。在另一种可选的实施例中,用户需要访问的空间编号为2,可信芯片中存在空间编号为2的属主数据,当检测到密码口令不对,在这种情况下,同样会中止获取属主数据的流程,并向访问设备端发送提示信息,提示密码口令不正确,并要求其再次操作。In an optional embodiment, the space number that the user needs to access is 2, but the owner data of the space number 2 does not exist in the trusted chip. In this case, the process of acquiring the owner data is suspended, and Send a prompt message to the access device to indicate that there is no owner data with space number 2. In another optional embodiment, the space number that the user needs to access is 2, and the owner data of the space number 2 exists in the trusted chip. When the password is detected to be incorrect, in this case, the same is also suspended. Obtain the process of the owner data, and send a prompt message to the access device, prompting the password password is incorrect, and asking it to operate again.
在一种优选的实施例中,属主C申请了6字节的非易失性空间,其存放了4个字节的数据,如表4所示:属主空间编号Nv_index为1,空间属主名称User_name为C,属主空间编号1对应的空间大小Nv_Size为6字节,即数据长度最大可为6字节;其对应的物理地址为FFFFF0~FFFFF6,在物理地址中存放了4字节,属主写入的数据为“1101”,TCG标准默认没有写入的属主数据Data为00,即Data数据项数据为110100(加粗斜体的数字表示状态数据,不加粗的数字表示属主数据,如表4所示的属主数据)。In a preferred embodiment, owner C applies for a 6-byte non-volatile space that stores 4 bytes of data, as shown in Table 4: the owner space number Nv_index is 1, the space belongs to The main name User_name is C, and the space size corresponding to the main space number 1 is Nv_Size is 6 bytes, that is, the data length can be up to 6 bytes; the corresponding physical address is FFFFF0 to FFFFF6, and 4 bytes are stored in the physical address. The data written by the owner is "1101". The data of the owner data that is not written by the TCG standard by default is 00, that is, the data of the data data item is 110100 (the bolded italic number indicates the state data, and the bold number indicates the genus. Master data, as the master data shown in Table 4).
表4Table 4
Figure PCTCN2017108254-appb-000003
Figure PCTCN2017108254-appb-000003
当存储的数据较长且经常变更时,属主可能不记得在存储空间中存储数据长度为多长的数据,例如,当属主要求向可信芯片获取数据的长度为5,并响应了可信芯片要求反馈的信息,包括:属主输入的正确的密码口令****,以及空间编号Nv_index 1后,可信芯片接到上述验证信息后,验证密码口令和空间编号反馈正确,并验证其要求获取的数据长度5大于属主数据的长度4,由于请求数据长度不在其允许访问的范围内,因此可信芯片提示请求数据超出预存范围,终止获取属主数据的流程。When the stored data is long and frequently changed, the owner may not remember how long the data length is stored in the storage space. For example, when the owner requests to obtain data from the trusted chip, the length is 5, and the response is ok. The information requested by the letter chip includes: the correct password password **** input by the owner, and the space number Nv_index 1, after the trusted chip receives the above verification information, the password password and the space number are correctly fed back and verified. The data length 5 required to be acquired is greater than the length 4 of the owner data. Since the requested data length is not within the range allowed by the access, the trusted chip prompts the request data to exceed the pre-stored range, and terminates the process of acquiring the owner data.
可信计算能够在计算运算的同时进行安全防护,使计算结果总是与预期一致,计算全程可测可控,不被干扰。Trusted computing can perform security protection while calculating operations, so that the calculation results are always consistent with expectations, and the calculation can be controlled and controlled without interference.
可信计算的核心要素是可信链与可信根,其中,可信计算可以通过信任链机制构架可信计算环境。在可信根为包含有非易失性存储空间的可信芯片的情况下,存在另一种可选的实施例,具体如下:The core elements of trusted computing are the trusted chain and the trusted root. Trusted computing can construct a trusted computing environment through the chain of trust mechanism. In the case where the trusted root is a trusted chip containing non-volatile storage space, there is another alternative embodiment, as follows:
目前可信计算有国内可信平台控制模块(Trusted Platform Control Module,TPCM)和国际TCG标准组织的可信平台模块(Trusted Platform Module,TPM)两种技术路线。 At present, the trusted computing has two technical routes: the Trusted Platform Control Module (TPCM) and the Trusted Platform Module (TPM) of the international TCG standard organization.
可信计算的核心要素是可信链与可信根,TCG规范中的可信平台模块(Trusted Platform Module,TPM)是可信计算平台的硬件可信根,TPM是提供受保护的安全存储、密码运算能力的安全芯片。TPM通过物理方式与计算平台相连并通过外部总线连接到CPU上,例如PC机平台上采取直接固化在主板上的方式并通过LPC总线连接。The core elements of trusted computing are the trusted chain and the trusted root. The Trusted Platform Module (TPM) in the TCG specification is the hardware trusted root of the trusted computing platform. The TPM provides protected secure storage. A security chip with cryptographic computing capabilities. The TPM is physically connected to the computing platform and connected to the CPU via an external bus, such as a PC platform that is directly solidified on the motherboard and connected via the LPC bus.
TCG规范中给出了对可信(trusted)的定义:一个实体一直以一种可预期的方式为特定的目标运行。可信计算的核心机制是通过信任链机制构建可信计算环境,目前运行实体是否可信是建立系统前一运行过程是否可信的基础上。基于这种信任关系,如果系统从一个初始的信任根出发,在平台计算环境的每一次转换时,这种信任可以通过传递的方式维持下去,从而在计算平台上建立了一级验证一级,一级信任一级的可信链,该计算环境就始终是可信的,它就能够被本地用户或远程实体信任。图6示出了TCG信任链的结构示意图,如图6所示,图中实线箭头表示可信度量连接,虚线箭头表示可信报告连接,加粗实线箭头表示可信存储连接,加粗虚线箭头表示可信网络连接。The definition of trusted is given in the TCG specification: an entity has always been running for a specific target in a predictable way. The core mechanism of trusted computing is to build a trusted computing environment through the trust chain mechanism. Whether the running entity is trusted or not is based on whether the previous running process of the system is credible. Based on this trust relationship, if the system starts from an initial trust root, in the case of every conversion of the platform computing environment, the trust can be maintained by means of delivery, thereby establishing a level 1 verification level on the computing platform. At the level 1 trust level, the computing environment is always trusted, and it can be trusted by local users or remote entities. Figure 6 shows the structure of the TCG trust chain, as shown in Figure 6, where the solid arrows indicate trusted metric connections, the dashed arrows indicate trusted report connections, and the bold solid arrows indicate trusted storage connections. The dotted arrows indicate trusted network connections.
可信计算的关键技术包括可信度量,可信报告,可信存储和可信网络连接等几部分。Key technologies for trusted computing include trusted metrics, trusted reports, trusted storage, and trusted network connections.
可信平台控制模块TPCM实现了可信平台模块的基本功能,其功能组成和与TPM基本相同,但由于TPM的核心度量根CRTM处于基本输入输出系统BIOS中,不受TPM的保护,因此,TPCM提出新的可信度量根设计,解决了可信度量根的起始度量点问题,改变了启动和度量顺序,在此基础上,建立了以该芯片为信任根的信任链度量流程,实现了由该芯片控制整个系统的启动,I/O接口控制以及系统配置等,体现了该芯片对系统可信性的控制作用。The Trusted Platform Control Module TPCM implements the basic functions of the Trusted Platform Module. Its functional composition is basically the same as that of the TPM. However, since the core metric root CRTM of the TPM is in the BIOS of the basic input/output system, it is not protected by the TPM. Therefore, TPCM A new trusted metric root design is proposed, which solves the problem of the starting metric point of the trusted metric root, changes the startup and metric order. On this basis, the trust chain metric process with the chip as the root of trust is established. The chip controls the startup of the whole system, I/O interface control and system configuration, etc., which embodies the control effect of the chip on the credibility of the system.
在计算平台的运行控制传递过程中,可信根TPCM判断其下一级执行代码的真实性和完整性是否被篡改,如果没有,系统将运行控制权传递到下一级可信执行代码,系统的可信范围因扩大到下一级功能代码;同理,这种系统控制权不断传递,就可以实现信任链的建立和传递过程,最终实现系统范围可信构建。一个完整的系统可信传递过程要从可信根开始,系统控制权顺序由可信平台控制模块传递到可信的BIOS,再传递到可信的操作系统装载器,从可信的操作系统装载器传递到可信的操作系统,再从可信的操作系统传递到可信的应用。During the operation control transfer process of the computing platform, the trusted root TPCM determines whether the authenticity and integrity of the next-level execution code have been tampered with. If not, the system passes the operational control right to the next-level trusted execution code. The credible scope is extended to the next level of function code; similarly, the control of this system is continuously transmitted, and the process of establishing and transmitting the chain of trust can be realized, and finally the system-wide trusted construction can be realized. A complete system trusted delivery process begins with a trusted root, which is passed from the trusted platform control module to the trusted BIOS and then passed to the trusted operating system loader, loaded from the trusted operating system. The device is passed to a trusted operating system and passed from a trusted operating system to a trusted application.
可信安全芯片具有产生加解密密钥的功能,也能够进行高速的资料加密和解密,以及充当保护BIOS和操作系统不被修改的辅助处理器。The trusted security chip has the function of generating an encryption and decryption key, high-speed data encryption and decryption, and an auxiliary processor that protects the BIOS and the operating system from being modified.
TPM安全芯片用途十分广泛,配合专用软件可以实现以下用途:The TPM security chip is very versatile and can be used with the following special software:
(1)存储、管理BIOS开机密码以及硬盘密码。以往这些事务都是由BIOS做的, 玩过的朋友可能知道,忘记了密码只要取下CMOS电池,给CMOS放电就清除密码了。如今这些密钥实际上是存储于固化在芯片的存储单元中,即便是掉电其信息亦不会丢失。相比于BIOS管理密码,TPM安全芯片的安全性要大为提高。(1) Store and manage the BIOS power-on password and hard disk password. In the past, these transactions were all done by the BIOS. Friends who have played may know that if you forget the password, just remove the CMOS battery and discharge the CMOS to clear the password. Nowadays, these keys are actually stored in the storage unit that is solidified in the chip, and the information will not be lost even if the power is turned off. Compared with the BIOS management password, the security of the TPM security chip is greatly improved.
(2)TPM安全芯片可以进行范围较广的加密。TPM安全芯片除了能进行传统的开机加密以及对硬盘进行加密外,还能对系统登录、应用软件登录进行加密。比如MSN、QQ、网游以及网上银行的登录信息和密码,都可以通过TPM加密后再进行传输,这样就不用担心信息和密码被人窃取。(2) The TPM security chip can perform a wide range of encryption. In addition to traditional boot encryption and encryption of the hard disk, the TPM security chip can also encrypt the system login and application software login. For example, MSN, QQ, online games, and online banking login information and passwords can be encrypted by TPM and then transmitted, so that you don't have to worry about information and password being stolen.
(3)加密硬盘的任意分区。可以加密本本上的任意一个硬盘分区,也可以将一些敏感的文件放入该分区以策安全。比如有些本本厂商采用的一键恢复功能,就是该用途的集中体现之一(其将系统镜像放在一个TPM加密的分区中)。还有一些大型商业软件公司(如:Microsoft)也会利用其作为加密分区的手段(如:著名的BitLocker)。(3) Encrypt any partition of the hard disk. You can encrypt any hard disk partition on your notebook, or you can put some sensitive files into the partition for security. For example, some of the one-click recovery features used by the vendor are one of the centralized manifestations of this use (which puts the system image in a TPM-encrypted partition). There are also some large commercial software companies (such as Microsoft) that also use it as a means of encrypting partitions (eg, the famous BitLocker).
需要说明的是,对于前述的各方法实施例,为了简单描述,故将其都表述为一系列的动作组合,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其他顺序或者同时进行。其次,本领域技术人员也应该知悉,说明书中所描述的实施例均属于优选实施例,所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到根据上述实施例的方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods of various embodiments of the present invention.
实施例2Example 2
根据本发明实施例,还提供了一种获取存储在芯片中的数据的方法实施例。In accordance with an embodiment of the present invention, an embodiment of a method of acquiring data stored in a chip is also provided.
本申请提供了如图7所示的获取存储在芯片中的数据的方法。图7是根据本发明实施例2的获取存储在芯片中的数据的方法流程图。包括如下步骤:The present application provides a method of acquiring data stored in a chip as shown in FIG. 7 is a flow chart of a method of acquiring data stored in a chip according to Embodiment 2 of the present invention. Including the following steps:
步骤S702,接收用于访问芯片的非易失性存储空间的访问请求;Step S702, receiving an access request for accessing a non-volatile storage space of the chip;
步骤S704,响应访问请求,得到验证信息和需要请求的数据长度;Step S704, in response to the access request, obtaining the verification information and the data length required to be requested;
步骤S706,在验证验证信息通过的情况下,判断需要请求的数据长度是否处于非易失性存储空间中预先设置的属主数据的存储地址范围之内; Step S706, if the verification verification information is passed, determining whether the requested data length is within the storage address range of the preset owner data in the non-volatile storage space;
步骤S708,如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。Step S708, if the data length required to be requested is within the storage address range of the owner data, the content of the owner data is allowed to be returned; wherein the storage address range of the owner data is used to represent the maximum data when the data is requested from the chip. length.
在上述步骤S702至步骤S708所限定的方案中,上述访问芯片可以为可信芯片,该可信芯片中包含非易失性存储空间。上述非易失存储空间的存储模式可以采用大端模式和小端模式,在属主数据的存储模式为小端模式的情况下,假设属主数据的大小为L,属主数据的数据块的初始存储地址,即属主数据的低字节所在的内存地址为Min_adress,属主数据的数据块的末尾存储地址,即属主数据的高字节所在的内存地址为Max_adress,则L、Min_adress和Max_adress满足下式:In the solution defined in the foregoing steps S702 to S708, the access chip may be a trusted chip, and the trusted chip includes a non-volatile storage space. The storage mode of the nonvolatile storage space may adopt a big end mode and a little end mode. In the case where the storage mode of the main data is the little end mode, it is assumed that the size of the main data is L, and the data block of the main data is The initial storage address, that is, the memory address of the low byte belonging to the main data is Min_adress, which is the end storage address of the data block belonging to the main data, that is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfies the following formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
在访问设备端向可信芯片发起访问非易失性空间请求,可信芯片接收到访问设备端发送的非易失性空间请求后,响应访问设备端的请求,并要求访问设备端反馈验证信息以及属主数据的长度信息;访问设备端向可信芯片发送验证信息以及属主数据的长度信息,例如,访问的属主数据的长度为4字节;可信芯片验证访问设备端返回的验证信息是否符合要求,在验证信息符合要求的情况下,判断需要请求的数据长度是否处于属主数据的存储地址范围之内,例如,需要请求的数据长度为4字节,属主数据的存储地址范围为FFFFF1~FFFFF4,属主数据的最大存储长度为4字节,请求的数据长度满足公式:After the access device sends a non-volatile space request to the trusted chip, the trusted chip receives the non-volatile space request sent by the device, responds to the request of the access device, and requests the device to feed back the verification information and The length information of the Owner data; the access device sends the verification information to the trusted chip and the length information of the Owner data. For example, the length of the accessed Owner data is 4 bytes; the trusted chip verifies the verification information returned by the access device. Whether it meets the requirements, if the verification information meets the requirements, it is determined whether the length of the data to be requested is within the storage address range of the owner data, for example, the length of the data to be requested is 4 bytes, and the storage address range of the primary data For FFFFF1~FFFFF4, the maximum storage length of the owner data is 4 bytes, and the requested data length satisfies the formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
因此,可信芯片允许访问属主数据,并返回存储地址范围为FFFFF1~FFFFF4的属主数据。Therefore, the trusted chip allows access to the owner data and returns the owner data whose storage address range is FFFFF1 to FFFFF4.
需要说明的是,上述验证信息可以用来验证访问设备端是否有访问的权限以及确定访问设备端访问数据的位置,从而可以进一步提高访问数据的准确性。上述非易失存储空间的存储模式可以采用大端模式和小端模式,大端模式是指数据的高字节保存在内存的低地址中,而数据的低字节保存在内存的高地址中;而小端模式是指数据的高字节保存在内存的高地址中,而数据的低字节保存在内在的低地址中,该存储模式可以将地址的高低和数据的位权有效结合起来,高地址部分数据的权值高,低地址部分数据的权值低。It should be noted that the foregoing verification information may be used to verify whether the access device has access rights and determine the location of accessing the device to access data, thereby further improving the accuracy of accessing data. The storage mode of the above nonvolatile storage space can adopt big end mode and little end mode, and the big end mode means that the high byte of data is stored in the low address of the memory, and the low byte of the data is stored in the high address of the memory. The little endian mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, which can effectively combine the address level and the bit weight of the data. The weight of the high address part data is high, and the weight of the low address part data is low.
基于上述实施例步骤S702至步骤S708所公开的方案中,可以获知通过在芯片中创建非易失存储空间之后,向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,根据属主数据的大小和属主数据的存储地址范围返回属主需要获取的数据,达到了准确获取属主数据的目的,从而实现了保证属主获取原始数据 的正确性的技术效果,进而解决了现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题。Based on the solution disclosed in step S702 to step S708 of the above embodiment, it can be known that after the nonvolatile storage space is created in the chip, the owner data is written to the nonvolatile storage space, and is determined according to the size of the owner data. The storage address range of the Owner data returns the data that the Owner needs to obtain according to the size of the Owner data and the storage address range of the Owner data, and achieves the purpose of accurately acquiring the Owner data, thereby realizing the Owner to obtain the original data. The technical effect of the correctness further solves the technical problem that the accuracy of the original data read is poor when the prior art reads the original data from the non-volatile space of the trusted security chip.
可选的,非易失性存储空间的属性至少还包括如下至少之一:空间编号,空间属主名称、空间授权密码、空间大小和空间物理地址范围。Optionally, the attributes of the non-volatile storage space further include at least one of the following: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range.
在一种可选的实施例中,表5为已经写入属主数据的非易失性存储空间的属性表,如表5所示。In an alternative embodiment, Table 5 is a list of attributes for the non-volatile storage space that has been written to the owner data, as shown in Table 5.
表5table 5
Figure PCTCN2017108254-appb-000004
Figure PCTCN2017108254-appb-000004
在表5中,属主的空间编号为1,空间属主名称为C,属主空间编号为1的属主空间大小为6字节,即数据长度最大可为6字节,其对应的空间物理地址范围为FFFFF0~FFFFF6,在其物理地址中存放了4字节,其存储地址范围为FFFFF1~FFFFF4,写入的属主数据为“1101”。In Table 5, the space number of the owner is 1, the space owner name is C, and the size of the owner space whose primary space number is 1 is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding space. The physical address range is FFFFF0 to FFFFF6, and 4 bytes are stored in its physical address. The storage address range is FFFFF1 to FFFFF4, and the written owner data is "1101".
可选的,在接收用于访问芯片的非易失性存储空间的访问请求之前,方法还包括:向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,其中,通过属主数据的数据块的初始存储地址和末尾存储地址来确定存储地址范围。Optionally, before receiving the access request for accessing the non-volatile storage space of the chip, the method further includes: writing the owner data to the non-volatile storage space, and determining the owner data according to the size of the owner data. The storage address range in which the storage address range is determined by the initial storage address and the last storage address of the data block of the owner data.
在一种可选的实施例中,在属主数据的存储模式为小端模式的情况下,假设属主数据的大小为L,属主数据的数据块的初始存储地址,即属主数据的低字节所在的内存地址为Min_adress,属主数据的数据块的末尾存储地址,即属主数据的高字节所在的内存地址为Max_adress,则L、Min_adress和Max_adress满足下式:In an optional embodiment, in the case that the storage mode of the owner data is the little end mode, it is assumed that the size of the owner data is L, and the initial storage address of the data block belonging to the main data, that is, the main data. The memory address of the low byte is Min_adress, which is the end storage address of the data block belonging to the main data. That is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfy the following formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
因此,根据属主数据的大小L以及属主数据的初始存储地址Min_adress可以确定属主数据的末尾地址Max_adress,进而可以确定属主数据的存储地址范围。例如,向非易失性存储空间写入的属主数据为“1101”,该属主数据的大小为4字节,则该属主数据的存储地址范围的长度也为4字节,如果此时属主数据的初始存储地址为FFFFF1,则该属主数据的末尾地址为FFFFF4,属主数据的数据块的存储地址范围为FFFFF1~FFFFF4。Therefore, based on the size L of the owner data and the initial storage address Min_adress of the owner data, the end address Max_adress of the owner data can be determined, and the storage address range of the owner data can be determined. For example, if the owner data written to the nonvolatile storage space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is also 4 bytes. When the initial storage address of the main data is FFFFF1, the end address of the main data is FFFFF4, and the storage address range of the data block belonging to the main data is FFFFF1 to FFFFF4.
可选的,如果需要请求的数据长度处于属主数据的存储地址范围之外,则中止获取属主数据的流程,和/或输出用于表征请求失败的提示信息。 Optionally, if the requested data length is outside the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or the prompt information for characterizing the request failure is output.
作为一种可选的实施例,在可信芯片验证访问设备端返回的验证信息符合要求的情况下,可信芯片进一步判断需要请求的数据长度是否处于属主数据的存储地址范围之内,如果需要请求的数据长度处于属主数据的存储地址范围之外,例如,需要请求的数据长度为4字节,而属主数据的存储地址范围为FFFFF1~FFFFF3,属主数据的最大存储长度为3字节,请求的数据长度不满足公式L≤|Max_adress-Min_adress|,因此,可信芯片不允许访问属主数据,直接终止流程,并输出此次请求失败的提示信息。As an optional embodiment, if the verification information returned by the trusted chip verification access device meets the requirement, the trusted chip further determines whether the requested data length is within the storage address range of the owner data, if The length of the data to be requested is outside the range of the storage address of the owner data. For example, the length of the data to be requested is 4 bytes, and the range of the storage address of the owner data is FFFFF1 to FFFFF3, and the maximum storage length of the owner data is 3. Byte, the requested data length does not satisfy the formula L ≤ | Max_adress-Min_adress|, therefore, the trusted chip does not allow access to the owner data, directly terminates the process, and outputs the prompt message that the request failed.
实施例3Example 3
根据本发明实施例,还提供了一种可信芯片的实施例。An embodiment of a trusted chip is also provided in accordance with an embodiment of the present invention.
本申请提供了如图8所示的可信芯片的结构示意图。图8是根据本发明实施例3的可信芯片的结构示意图,该可信芯片包括:存储器801。其中,The application provides a schematic structural diagram of a trusted chip as shown in FIG. 8. FIG. 8 is a schematic structural diagram of a trusted chip according to Embodiment 3 of the present invention. The trusted chip includes: a memory 801. among them,
存储器801,包括非易失性存储空间,其中,非易失性存储空间的属性至少包括:用于表征在非易失性存储空间中存储属主数据的参数,属主数据的存储地址范围;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。The memory 801 includes a non-volatile storage space, wherein the attributes of the non-volatile storage space at least include: a parameter for characterizing the storage of the owner data in the non-volatile storage space, and a storage address range of the owner data; The storage address range of the owner data is used to characterize the maximum data length when data is requested from the chip.
在上述存储器801所限定的技术方案中,上述非易失存储空间的存储模式可以采用大端模式和小端模式,大端模式是指数据的高字节保存在内存的低地址中,而数据的低字节保存在内存的高地址中;而小端模式是指数据的高字节保存在内存的高地址中,而数据的低字节保存在内在的低地址中,该存储模式可以将地址的高低和数据的位权有效结合起来,高地址部分数据的权值高,低地址部分数据的权值低。In the technical solution defined by the foregoing memory 801, the storage mode of the nonvolatile storage space may adopt a big end mode and a small end mode, and the big end mode means that a high byte of data is stored in a low address of the memory, and the data The low byte is stored in the high address of the memory; the little end mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, the storage mode can The address level is effectively combined with the bit weight of the data. The weight of the high address part data is high, and the weight of the low address part data is low.
需要说明的是,非易失性存储空间的属性之一属主数据为用户存入到非易失性存储空间的数据,例如,用户存储的数据为“1101”,则该数据即为存储到非易失性存储空间的属主数据;非易失性存储空间的另一个属性属主数据的存储地址范围的长度为允许用户读取非易失性存储空间的最大数据长度,例如,属主数据的存储地址范围为:FFFFF0~FFFFF6,则允许用户向芯片请求数据时的最大数据长度为7。此外,在芯片中创建非易失性存储空间可以保证在设备掉电时,存储在芯片中的数据不会丢失,从而可以用来存储比较重要的数据。It should be noted that one of the attributes of the non-volatile storage space belongs to the data that the user stores into the non-volatile storage space, for example, if the data stored by the user is “1101”, the data is stored to Owner data of a non-volatile storage space; another attribute of the non-volatile storage space is a storage address range of the main data, the length of which is a maximum data length that allows the user to read the non-volatile storage space, for example, the owner The data storage address range is: FFFFF0 to FFFFF6, which allows the user to request data from the chip with a maximum data length of 7. In addition, creating a non-volatile memory space in the chip ensures that the data stored in the chip is not lost when the device is powered down, so it can be used to store more important data.
由上可知,在芯片中创建非易失性存储空间,可以保证用户存储在芯片中的数据在设备掉电时,不会丢失,进而提高了数据存储的安全性。It can be seen from the above that the non-volatile storage space is created in the chip, which can ensure that the data stored by the user in the chip is not lost when the device is powered off, thereby improving the security of the data storage.
实施例4Example 4
根据本发明实施例,还提供了一种获取存储在芯片中的数据的系统实施例。In accordance with an embodiment of the present invention, a system embodiment for acquiring data stored in a chip is also provided.
本申请提供了如图9所示的获取存储在芯片中的数据的系统。图9是根据本发明实 施例4的获取存储在芯片中的数据的系统结构示意图,该系统包括:访问设备端901和可信芯片903。其中,The present application provides a system for acquiring data stored in a chip as shown in FIG. Figure 9 is a representation of the present invention A schematic diagram of a system structure for acquiring data stored in a chip according to Embodiment 4, the system comprising: an access device end 901 and a trusted chip 903. among them,
访问设备端901,用于发出用于访问芯片的非易失性存储空间的访问请求;Accessing the device end 901 for issuing an access request for accessing a non-volatile storage space of the chip;
可信芯片903,与访问设备端通信,用于响应访问请求,获取访问设备端返回的验证信息和需要请求的数据长度,在验证验证信息通过的情况下,如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向可信芯片请求数据时的最大数据长度。The trusted chip 903 communicates with the access device, and is configured to obtain the verification information returned by the access device and the data length required to be requested in response to the access request. If the verification verification information passes, if the required data length is in the owner Within the storage address range of the data, the content of the owner data is allowed to be returned; wherein the range of storage addresses of the owner data is used to characterize the maximum data length allowed to request data from the trusted chip.
在一种可选的实施例中,上述可信芯片中包含非易失性存储空间。上述非易失存储空间的存储模式可以采用大端模式和小端模式,在属主数据的存储模式为小端模式的情况下,假设属主数据的大小为L,属主数据的数据块的初始存储地址,即属主数据的低字节所在的内存地址为Min_adress,属主数据的数据块的末尾存储地址,即属主数据的高字节所在的内存地址为Max_adress,则L、Min_adress和Max_adress满足下式:In an optional embodiment, the trusted chip includes a non-volatile storage space. The storage mode of the nonvolatile storage space may adopt a big end mode and a little end mode. In the case where the storage mode of the main data is the little end mode, it is assumed that the size of the main data is L, and the data block of the main data is The initial storage address, that is, the memory address of the low byte belonging to the main data is Min_adress, which is the end storage address of the data block belonging to the main data, that is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfies the following formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
在访问设备端向可信芯片发起访问非易失性空间请求,可信芯片接收到访问设备端发送的非易失性空间请求后,响应访问设备端的请求,并要求访问设备端反馈验证信息以及属主数据的长度信息;访问设备端向可信芯片发送验证信息以及属主数据的长度信息,例如,访问的属主数据的长度为4字节;可信芯片验证访问设备端返回的验证信息是否符合要求,在验证信息符合要求的情况下,判断需要请求的数据长度是否处于属主数据的存储地址范围之内,例如,需要请求的数据长度为4字节,属主数据的存储地址范围为FFFFF1~FFFFF4,属主数据的最大存储长度为4字节,请求的数据长度满足公式:After the access device sends a non-volatile space request to the trusted chip, the trusted chip receives the non-volatile space request sent by the device, responds to the request of the access device, and requests the device to feed back the verification information and The length information of the Owner data; the access device sends the verification information to the trusted chip and the length information of the Owner data. For example, the length of the accessed Owner data is 4 bytes; the trusted chip verifies the verification information returned by the access device. Whether it meets the requirements, if the verification information meets the requirements, it is determined whether the length of the data to be requested is within the storage address range of the owner data, for example, the length of the data to be requested is 4 bytes, and the storage address range of the primary data For FFFFF1~FFFFF4, the maximum storage length of the owner data is 4 bytes, and the requested data length satisfies the formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
因此,可信芯片允许访问属主数据,并返回存储地址范围为FFFFF1~FFFFF4的属主数据。Therefore, the trusted chip allows access to the owner data and returns the owner data whose storage address range is FFFFF1 to FFFFF4.
需要说明的是,上述验证信息可以用来验证访问设备端是否有访问的权限以及确定访问设备端访问数据的位置,从而可以进一步提高访问数据的准确性。上述非易失存储空间的存储模式可以采用大端模式和小端模式,大端模式是指数据的高字节保存在内存的低地址中,而数据的低字节保存在内存的高地址中;而小端模式是指数据的高字节保存在内存的高地址中,而数据的低字节保存在内在的低地址中,该存储模式可以将地址的高低和数据的位权有效结合起来,高地址部分数据的权值高,低地址部分数据的权值低。It should be noted that the foregoing verification information may be used to verify whether the access device has access rights and determine the location of accessing the device to access data, thereby further improving the accuracy of accessing data. The storage mode of the above nonvolatile storage space can adopt big end mode and little end mode, and the big end mode means that the high byte of data is stored in the low address of the memory, and the low byte of the data is stored in the high address of the memory. The little endian mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, which can effectively combine the address level and the bit weight of the data. The weight of the high address part data is high, and the weight of the low address part data is low.
由上可知,通过在芯片中创建非易失存储空间之后,向非易失性存储空间写入属主 数据,并根据属主数据的大小确定属主数据的存储地址范围,根据属主数据的大小和属主数据的存储地址范围返回属主需要获取的数据,达到了准确获取属主数据的目的,从而实现了保证属主获取原始数据的正确性的技术效果,进而解决了现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题。It can be seen from the above that by creating a non-volatile storage space in the chip, the owner is written to the non-volatile storage space. Data, and determining the storage address range of the owner data according to the size of the owner data, and returning the data that the owner needs to obtain according to the size of the owner data and the storage address range of the owner data, thereby achieving the purpose of accurately acquiring the owner data. Therefore, the technical effect of ensuring the correctness of the original data by the owner is realized, thereby solving the technical problem that the accuracy of the original data read by the prior art is poor when reading the original data from the non-volatile space of the trusted security chip. .
可选的,可信芯片903还用于向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,其中,通过属主数据的数据块的初始存储地址和末尾存储地址来确定存储地址范围。Optionally, the trusted chip 903 is further configured to write the owner data into the non-volatile storage space, and determine a storage address range of the owner data according to the size of the owner data, where the data block of the owner data is used. The initial storage address and the last storage address are used to determine the storage address range.
实施例5Example 5
根据本发明实施例,还提供了一种用于实施上述实施例2的获取存储在芯片中的数据的装置,如图10所示,该装置包括:接收模块1001、响应模块1003、判断模块1005和控制模块1007。其中,According to the embodiment of the present invention, there is also provided a device for implementing the data stored in the chip in the foregoing Embodiment 2, as shown in FIG. 10, the device includes: a receiving module 1001, a response module 1003, and a determining module 1005. And control module 1007. among them,
接收模块1001,用于接收用于访问芯片的非易失性存储空间的访问请求;The receiving module 1001 is configured to receive an access request for accessing a non-volatile storage space of the chip;
响应模块1003,用于响应访问请求,得到验证信息和需要请求的数据长度;The response module 1003 is configured to obtain the verification information and the length of the data that needs to be requested in response to the access request.
判断模块1005,用于在验证验证信息通过的情况下,判断需要请求的数据长度是否处于非易失性存储空间中预先设置的属主数据的存储地址范围之内;The determining module 1005 is configured to determine, in the case that the verification verification information passes, whether the data length that needs to be requested is within a storage address range of the owner data set in advance in the non-volatile storage space;
控制模块1007,用于如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。The control module 1007 is configured to allow returning the content of the owner data if the data length required to be requested is within the storage address range of the owner data; wherein the storage address range of the owner data is used to characterize the time when the data is allowed to be requested from the chip The maximum data length.
上述访问芯片可以为可信芯片,该可信芯片中包含非易失性存储空间。上述非易失存储空间的存储模式可以采用大端模式和小端模式,在属主数据的存储模式为小端模式的情况下,假设属主数据的大小为L,属主数据的数据块的初始存储地址,即属主数据的低字节所在的内存地址为Min_adress,属主数据的数据块的末尾存储地址,即属主数据的高字节所在的内存地址为Max_adress,则L、Min_adress和Max_adress满足下式:The access chip may be a trusted chip, and the trusted chip includes a non-volatile storage space. The storage mode of the nonvolatile storage space may adopt a big end mode and a little end mode. In the case where the storage mode of the main data is the little end mode, it is assumed that the size of the main data is L, and the data block of the main data is The initial storage address, that is, the memory address of the low byte belonging to the main data is Min_adress, which is the end storage address of the data block belonging to the main data, that is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfies the following formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
在访问设备端向可信芯片发起访问非易失性空间请求,可信芯片接收到访问设备端发送的非易失性空间请求后,响应访问设备端的请求,并要求访问设备端反馈验证信息以及属主数据的长度信息;访问设备端向可信芯片发送验证信息以及属主数据的长度信息,例如,访问的属主数据的长度为4字节;可信芯片验证访问设备端返回的验证信息是否符合要求,在验证信息符合要求的情况下,判断需要请求的数据长度是否处于属主数据的存储地址范围之内,例如,需要请求的数据长度为4字节,属主数据的存储地址 范围为FFFFF1~FFFFF4,属主数据的最大存储长度为4字节,请求的数据长度满足公式:After the access device sends a non-volatile space request to the trusted chip, the trusted chip receives the non-volatile space request sent by the device, responds to the request of the access device, and requests the device to feed back the verification information and The length information of the Owner data; the access device sends the verification information to the trusted chip and the length information of the Owner data. For example, the length of the accessed Owner data is 4 bytes; the trusted chip verifies the verification information returned by the access device. Whether it meets the requirements, if the verification information meets the requirements, it is determined whether the length of the data to be requested is within the storage address range of the owner data, for example, the length of the data to be requested is 4 bytes, and the storage address of the primary data is The range is from FFFFF1 to FFFFF4, and the maximum storage length of the primary data is 4 bytes. The requested data length satisfies the formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
因此,可信芯片允许访问属主数据,并返回存储地址范围为FFFFF1~FFFFF4的属主数据。Therefore, the trusted chip allows access to the owner data and returns the owner data whose storage address range is FFFFF1 to FFFFF4.
需要说明的是,上述验证信息可以用来验证访问设备端是否有访问的权限以及确定访问设备端访问数据的位置,从而可以进一步提高访问数据的准确性。上述非易失存储空间的存储模式可以采用大端模式和小端模式,大端模式是指数据的高字节保存在内存的低地址中,而数据的低字节保存在内存的高地址中;而小端模式是指数据的高字节保存在内存的高地址中,而数据的低字节保存在内在的低地址中,该存储模式可以将地址的高低和数据的位权有效结合起来,高地址部分数据的权值高,低地址部分数据的权值低。It should be noted that the foregoing verification information may be used to verify whether the access device has access rights and determine the location of accessing the device to access data, thereby further improving the accuracy of accessing data. The storage mode of the above nonvolatile storage space can adopt big end mode and little end mode, and the big end mode means that the high byte of data is stored in the low address of the memory, and the low byte of the data is stored in the high address of the memory. The little endian mode means that the high byte of the data is stored in the high address of the memory, and the low byte of the data is stored in the inner low address, which can effectively combine the address level and the bit weight of the data. The weight of the high address part data is high, and the weight of the low address part data is low.
由上可知,通过在芯片中创建非易失存储空间之后,向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,根据属主数据的大小和属主数据的存储地址范围返回属主需要获取的数据,达到了准确获取属主数据的目的,从而实现了保证属主获取原始数据的正确性的技术效果,进而解决了现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题。It can be seen from the above that after the nonvolatile storage space is created in the chip, the owner data is written into the nonvolatile storage space, and the storage address range of the owner data is determined according to the size of the owner data, according to the owner data. The storage address range of the size and the owner data returns the data that the owner needs to obtain, and achieves the purpose of accurately obtaining the owner data, thereby realizing the technical effect of ensuring the correctness of the owner to obtain the original data, thereby solving the prior art. A technical problem of poor accuracy of raw data read when reading raw data in a non-volatile space of a trusted security chip.
此处需要说明的是,上述接收模块1001、响应模块1003、判断模块1005和控制模块1007对应于实施例2中的步骤S702至步骤S708,四个模块与对应的步骤所实现的实例和应用场景相同,但不限于上述实施例2所公开的内容。需要说明的是,上述模块作为装置的一部分可以运行在实施例1提供的计算机终端10中。It should be noted that the foregoing receiving module 1001, the response module 1003, the determining module 1005, and the control module 1007 correspond to the steps S702 to S708 in Embodiment 2, and the examples and application scenarios implemented by the four modules and corresponding steps. The same, but not limited to, the content disclosed in the above embodiment 2. It should be noted that the above module can be operated as part of the device in the computer terminal 10 provided in the first embodiment.
可选的,非易失性存储空间的属性至少还包括如下至少之一:空间编号,空间属主名称、空间授权密码、空间大小和空间物理地址范围。Optionally, the attributes of the non-volatile storage space further include at least one of the following: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range.
在一种可选的实施例中,表6为已经写入属主数据的非易失性存储空间的属性表,如表6所示。In an alternative embodiment, Table 6 is a list of attributes for the non-volatile storage space that has been written to the owner data, as shown in Table 6.
表6Table 6
Figure PCTCN2017108254-appb-000005
Figure PCTCN2017108254-appb-000005
在表6中,属主的空间编号为1,空间属主名称为C,属主空间编号为1的属主空间大小为6字节,即数据长度最大可为6字节,其对应的空间物理地址范围为 FFFFF0~FFFFF6,在其物理地址中存放了4字节,其存储地址范围为FFFFF1~FFFFF4,写入的属主数据为“1101”。In Table 6, the space number of the owner is 1, the space owner name is C, and the size of the owner space whose main space number is 1 is 6 bytes, that is, the data length can be up to 6 bytes, and the corresponding space The physical address range is FFFFF0 to FFFFF6 store 4 bytes in their physical addresses. The memory address range is FFFFF1 to FFFFF4, and the written owner data is "1101".
可选的,如图10所示,上述获取存储在芯片中的数据的装置还包括:写入模块1009,用于向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,其中,通过属主数据的数据块的初始存储地址和末尾存储地址来确定存储地址范围。Optionally, as shown in FIG. 10, the foregoing apparatus for acquiring data stored in a chip further includes: a writing module 1009, configured to write the owner data into the non-volatile storage space, and according to the size of the owner data. A storage address range of the owner data is determined, wherein the storage address range is determined by the initial storage address and the last storage address of the data block of the owner data.
在一种可选的实施例中,在属主数据的存储模式为小端模式的情况下,假设属主数据的大小为L,属主数据的数据块的初始存储地址,即属主数据的低字节所在的内存地址为Min_adress,属主数据的数据块的末尾存储地址,即属主数据的高字节所在的内存地址为Max_adress,则L、Min_adress和Max_adress满足下式:In an optional embodiment, in the case that the storage mode of the owner data is the little end mode, it is assumed that the size of the owner data is L, and the initial storage address of the data block belonging to the main data, that is, the main data. The memory address of the low byte is Min_adress, which is the end storage address of the data block belonging to the main data. That is, the memory address of the high byte belonging to the main data is Max_adress, then L, Min_adress and Max_adress satisfy the following formula:
L≤|Max_adress-Min_adress|L≤|Max_adress-Min_adress|
因此,根据属主数据的大小L以及属主数据的初始存储地址Min_adress可以确定属主数据的末尾地址Max_adress,进而可以确定属主数据的存储地址范围。例如,向非易失性存储空间写入的属主数据为“1101”,该属主数据的大小为4字节,则该属主数据的存储地址范围的长度也为4字节,如果此时属主数据的初始存储地址为FFFFF1,则该属主数据的末尾地址为FFFFF4,属主数据的数据块的存储地址范围为FFFFF1~FFFFF4。Therefore, based on the size L of the owner data and the initial storage address Min_adress of the owner data, the end address Max_adress of the owner data can be determined, and the storage address range of the owner data can be determined. For example, if the owner data written to the nonvolatile storage space is "1101" and the size of the owner data is 4 bytes, the length of the storage address range of the owner data is also 4 bytes. When the initial storage address of the main data is FFFFF1, the end address of the main data is FFFFF4, and the storage address range of the data block belonging to the main data is FFFFF1 to FFFFF4.
可选的,如果需要请求的数据长度处于属主数据的存储地址范围之外,则中止获取属主数据的流程,和/或输出用于表征请求失败的提示信息。Optionally, if the requested data length is outside the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or the prompt information for characterizing the request failure is output.
作为一种可选的实施例,在可信芯片验证访问设备端返回的验证信息符合要求的情况下,可信芯片进一步判断需要请求的数据长度是否处于属主数据的存储地址范围之内,如果需要请求的数据长度处于属主数据的存储地址范围之外,例如,需要请求的数据长度为4字节,而属主数据的存储地址范围为FFFFF1~FFFFF3,属主数据的最大存储长度为3字节,请求的数据长度不满足公式L≤|Max_adress-Min_adress|,因此,可信芯片不允许访问属主数据,直接终止流程,并输出此次请求失败的提示信息。As an optional embodiment, if the verification information returned by the trusted chip verification access device meets the requirement, the trusted chip further determines whether the requested data length is within the storage address range of the owner data, if The length of the data to be requested is outside the range of the storage address of the owner data. For example, the length of the data to be requested is 4 bytes, and the range of the storage address of the owner data is FFFFF1 to FFFFF3, and the maximum storage length of the owner data is 3. Byte, the requested data length does not satisfy the formula L ≤ | Max_adress-Min_adress|, therefore, the trusted chip does not allow access to the owner data, directly terminates the process, and outputs the prompt message that the request failed.
实施例6Example 6
本发明的实施例可以提供一种计算机终端,该计算机终端可以是计算机终端群中的任意一个计算机终端设备。可选地,在本实施例中,上述计算机终端也可以替换为移动终端等终端设备。Embodiments of the present invention may provide a computer terminal, which may be any one of computer terminal groups. Optionally, in this embodiment, the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.
可选地,在本实施例中,上述计算机终端可以位于计算机网络的多个网络设备中的至少一个网络设备。 Optionally, in this embodiment, the computer terminal may be located in at least one network device of the plurality of network devices of the computer network.
可选地,图11是根据本发明实施例的一种计算机终端的结构框图。如图11所示,该计算机终端A可以包括:一个或多个(图中仅示出一个)处理器1103以及存储器1101。Optionally, FIG. 11 is a structural block diagram of a computer terminal according to an embodiment of the present invention. As shown in FIG. 11, the computer terminal A may include one or more (only one shown in the figure) processor 1103 and memory 1101.
其中,存储器可用于存储软件程序以及模块,如本发明实施例中的安全漏洞检测方法和装置对应的程序指令/模块,处理器通过运行存储在存储器内的软件程序以及模块,从而执行各种功能应用以及数据处理,即实现上述的系统漏洞攻击的检测方法。存储器可包括高速随机存储器,还可以包括非易失性存储器,如一个或者多个磁性存储装置、闪存、或者其他非易失性固态存储器。在一些实例中,存储器可进一步包括相对于处理器远程设置的存储器,这些远程存储器可以通过网络连接至终端A。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The memory can be used to store software programs and modules, such as the security vulnerability detection method and the program instruction/module corresponding to the device in the embodiment of the present invention. The processor executes various functions by running a software program and a module stored in the memory. Application and data processing, that is, the detection method for implementing the above system vulnerability attack. The memory may include a high speed random access memory, and may also include non-volatile memory such as one or more magnetic storage devices, flash memory, or other non-volatile solid state memory. In some examples, the memory can further include memory remotely located relative to the processor, which can be connected to terminal A via a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
处理器可以通过传输装置调用存储器存储的信息及应用程序,以执行下述步骤:在芯片中创建非易失性存储空间,其中,非易失性存储空间的属性至少包括:用于表征在非易失性存储空间中存储属主数据的参数,属主数据的存储地址范围;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。The processor may invoke the memory stored information and the application by the transmission device to perform the steps of: creating a non-volatile storage space in the chip, wherein the attributes of the non-volatile storage space include at least: The parameter storing the main data in the volatile storage space belongs to the storage address range of the main data; wherein the storage address range of the main data is used to represent the maximum data length when the data is allowed to be requested from the chip.
可选的,上述处理器还可以执行如下步骤的程序代码:向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,其中,通过属主数据的数据块的初始存储地址和末尾存储地址来确定存储地址范围。Optionally, the foregoing processor may further execute the following program code: write the owner data into the non-volatile storage space, and determine a storage address range of the owner data according to the size of the owner data, where the owner The initial storage address and the last storage address of the data block of the data determine the storage address range.
可选的,上述处理器还可以执行如下步骤的程序代码:接收用于访问非易失性存储空间的访问请求;响应访问请求,得到验证信息和需要请求的数据长度;在验证验证信息通过的情况下,判断需要请求的数据长度是否处于属主数据的存储地址范围之内;如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容。Optionally, the foregoing processor may further execute the following program code: receiving an access request for accessing the non-volatile storage space; responding to the access request, obtaining the verification information and the length of the data that needs to be requested; and verifying the verification information In the case, it is judged whether the length of the data to be requested is within the storage address range of the owner data; if the length of the data to be requested is within the storage address range of the owner data, the content of the owner data is allowed to be returned.
可选的,上述处理器还可以执行如下步骤的程序代码:如果需要请求的数据长度处于属主数据的存储地址范围之外,则中止获取属主数据的流程,和/或输出用于表征请求失败的提示信息。Optionally, the foregoing processor may further execute the following program code: if the required data length is outside the storage address range of the owner data, the process of acquiring the owner data is aborted, and/or the output is used to represent the request. Failed message.
采用本发明实施例,提供了一种获取存储在芯片中的数据的方法的方案,通过在芯片中创建非易失存储空间之后,向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,根据属主数据的大小和属主数据的存储地址范围返回属主需要获取的数据,达到了准确获取属主数据的目的,从而实现了保证属主获取原始数据的正确性的技术效果,进而解决了现有技术从可信安全芯片的非易失空间中读取原始数据时,读取到的原始数据准确性差的技术问题。With the embodiment of the present invention, a solution for acquiring data stored in a chip is provided. After creating a nonvolatile storage space in the chip, the owner data is written to the nonvolatile storage space, and according to the genus The size of the main data determines the storage address range of the main data, and returns the data that the owner needs to obtain according to the size of the owner data and the storage address range of the owner data, thereby achieving the purpose of accurately acquiring the owner data, thereby realizing the guarantee genus. The technical effect of the correctness of the original data is obtained, thereby solving the technical problem that the accuracy of the original data read by the prior art is poor when the original data is read from the non-volatile space of the trusted security chip.
本领域普通技术人员可以理解,图11所示的结构仅为示意,计算机终端也可以是智 能手机(如Android手机、iOS手机等)、平板电脑、掌声电脑以及移动互联网设备(Mobile Internet Devices,MID)、PAD等终端设备。图11其并不对上述电子装置的结构造成限定。例如,计算机终端11还可包括比图11中所示更多或者更少的组件(如网络接口、显示装置等),或者具有与图11所示不同的配置。A person skilled in the art can understand that the structure shown in FIG. 11 is only schematic, and the computer terminal can also be a smart person. Can be mobile phones (such as Android phones, iOS phones, etc.), tablets, applause computers and mobile Internet devices (Mobile Internet Devices, MID), PAD and other terminal devices. FIG. 11 does not limit the structure of the above electronic device. For example, computer terminal 11 may also include more or fewer components (such as a network interface, display device, etc.) than shown in FIG. 11, or have a different configuration than that shown in FIG.
本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令终端设备相关的硬件来完成,该程序可以存储于一计算机可读存储介质中,存储介质可以包括:闪存盘、只读存储器(Read-Only Memory,ROM)、随机存取器(Random Access Memory,RAM)、磁盘或光盘等。A person of ordinary skill in the art may understand that all or part of the steps of the foregoing embodiments may be completed by a program to instruct terminal device related hardware, and the program may be stored in a computer readable storage medium, and the storage medium may be Including: flash disk, read-only memory (ROM), random access memory (RAM), disk or optical disk.
实施例7Example 7
本发明的实施例还提供了一种存储介质。可选地,在本实施例中,上述存储介质可以用于保存上述实施例2所提供的获取存储在芯片中的数据的方法所执行的程序代码。Embodiments of the present invention also provide a storage medium. Optionally, in this embodiment, the foregoing storage medium may be used to save the program code executed by the method for acquiring data stored in the chip provided by Embodiment 2 above.
可选地,在本实施例中,上述存储介质可以位于计算机网络中计算机终端群中的任意一个计算机终端中,或者位于移动终端群中的任意一个移动终端中。Optionally, in this embodiment, the foregoing storage medium may be located in any one of the computer terminal groups in the computer network, or in any one of the mobile terminal groups.
可选地,在本实施例中,存储介质被设置为存储用于执行以下步骤的程序代码:接收用于访问芯片的非易失性存储空间的访问请求;响应访问请求,得到验证信息和需要请求的数据长度;在验证验证信息通过的情况下,判断需要请求的数据长度是否处于非易失性存储空间中预先设置的属主数据的存储地址范围之内;如果需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回属主数据的内容;其中,属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。Optionally, in the embodiment, the storage medium is configured to store program code for performing the following steps: receiving an access request for accessing a non-volatile storage space of the chip; obtaining the verification information and the request in response to the access request The length of the requested data; if the verification verification information is passed, it is determined whether the length of the data to be requested is within the storage address range of the preset owner data in the non-volatile storage space; if the required data length is in the genus Within the storage address range of the primary data, the contents of the owner data are allowed to be returned; wherein the storage address range of the owner data is used to characterize the maximum data length at which data is allowed to be requested from the chip.
可选地,在本实施例中,存储介质被设置为存储还用于执行以下步骤的程序代码:向非易失性存储空间写入属主数据,并根据属主数据的大小确定属主数据的存储地址范围,其中,通过属主数据的数据块的初始存储地址和末尾存储地址来确定存储地址范围。Optionally, in the embodiment, the storage medium is configured to store program code for performing the following steps: writing the owner data to the non-volatile storage space, and determining the owner data according to the size of the owner data. The storage address range in which the storage address range is determined by the initial storage address and the last storage address of the data block of the owner data.
可选地,在本实施例中,存储介质被设置为存储还用于执行以下步骤的程序代码:如果需要请求的数据长度处于属主数据的存储地址范围之外,则中止获取属主数据的流程,和/或输出用于表征请求失败的提示信息。Optionally, in the embodiment, the storage medium is arranged to store program code for performing the following steps: if the requested data length is outside the storage address range of the owner data, the acquisition of the owner data is aborted The process, and/or the output is used to characterize the prompt information for the request failure.
上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。The serial numbers of the embodiments of the present invention are merely for the description, and do not represent the advantages and disadvantages of the embodiments.
在本发明的上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the above-mentioned embodiments of the present invention, the descriptions of the various embodiments are different, and the parts that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.
在本申请所提供的几个实施例中,应该理解到,所揭露的技术内容,可通过其它的方式实现。其中,以上所描述的装置实施例仅仅是示意性的,例如单元的划分,仅仅为 一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,单元或模块的间接耦合或通信连接,可以是电性或其它的形式。In the several embodiments provided by the present application, it should be understood that the disclosed technical contents may be implemented in other manners. Wherein, the device embodiments described above are merely illustrative, such as the division of units, only A logical function partitioning may be implemented in an actual manner. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, unit or module, and may be electrical or otherwise.
作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可为个人计算机、服务器或者网络设备等)执行本发明各个实施例方法的全部或部分步骤。而前述的存储介质包括:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。An integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, can be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium. A number of instructions are included to cause a computer device (which may be a personal computer, server or network device, etc.) to perform all or part of the steps of the various embodiments of the present invention. The foregoing storage medium includes: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and the like. .
以上仅是本发明的优选实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本发明的保护范围。 The above is only a preferred embodiment of the present invention, and it should be noted that those skilled in the art can also make several improvements and retouchings without departing from the principles of the present invention. These improvements and retouchings should also be considered. It is the scope of protection of the present invention.

Claims (14)

  1. 一种可信芯片,其特征在于,包括:A trusted chip, comprising:
    存储器,包括非易失性存储空间,其中,所述非易失性存储空间的属性至少包括:用于表征在所述非易失性存储空间中存储属主数据的参数,和所述属主数据的存储地址范围;a memory, including a non-volatile storage space, wherein the attributes of the non-volatile storage space include at least: parameters for characterizing the owner data in the non-volatile storage space, and the owner The storage address range of the data;
    其中,所述属主数据的存储地址范围用于表征允许向芯片请求数据时的最大数据长度。The storage address range of the owner data is used to characterize the maximum data length when data is allowed to be requested from the chip.
  2. 一种获取存储在芯片中的数据的系统,其特征在于,包括:A system for acquiring data stored in a chip, comprising:
    访问设备端,用于发出用于访问芯片的非易失性存储空间的访问请求;Accessing the device side for issuing an access request for accessing a non-volatile storage space of the chip;
    可信芯片,与所述访问设备端通信,用于响应所述访问请求,获取所述访问设备端返回的验证信息和需要请求的数据长度,在验证所述验证信息通过的情况下,如果所述需要请求的数据长度处于属主数据的存储地址范围之内,则允许返回所述属主数据的内容;a trusted chip, configured to communicate with the access device, to obtain the verification information returned by the access device and the length of the data that needs to be requested in response to the access request, and if the verification information is verified, if The data length required to be requested is within the storage address range of the owner data, and the content of the owner data is allowed to be returned;
    其中,所述属主数据的存储地址范围用于表征允许向所述可信芯片请求数据时的最大数据长度。The storage address range of the owner data is used to represent a maximum data length when data is allowed to be requested from the trusted chip.
  3. 一种芯片中非易失性存储空间的数据存储方法,其特征在于,包括:A data storage method for a non-volatile storage space in a chip, comprising:
    在芯片中创建非易失性存储空间,其中,所述非易失性存储空间的属性至少包括:用于表征在所述非易失性存储空间中存储属主数据的参数,所述属主数据的存储地址范围;Creating a non-volatile storage space in the chip, wherein the attributes of the non-volatile storage space at least include: parameters for characterizing the storage of the owner data in the non-volatile storage space, the owner The storage address range of the data;
    其中,所述属主数据的存储地址范围用于表征允许向所述芯片请求数据时的最大数据长度。The storage address range of the owner data is used to characterize the maximum data length when data is requested from the chip.
  4. 根据权利要求3所述的方法,其特征在于,所述非易失性存储空间的属性至少还包括如下至少之一:空间编号、空间属主名称、空间授权密码、空间大小和空间物理地址范围。The method according to claim 3, wherein the attribute of the non-volatile storage space further comprises at least one of: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range. .
  5. 根据权利要求3或4所述的方法,其特征在于,在芯片中创建非易失性存储空间之后,所述方法还包括:向所述非易失性存储空间写入所述属主数据,并根据所述属主数据的大小确定所述属主数据的存储地址范围,其中,通过所述属主数据的数据块的初始存储地址和末尾存储地址来确定所述存储地址范围。The method according to claim 3 or 4, wherein after the non-volatile storage space is created in the chip, the method further comprises: writing the owner data to the non-volatile storage space, And determining, according to the size of the owner data, a storage address range of the owner data, wherein the storage address range is determined by an initial storage address and a last storage address of the data block of the owner data.
  6. 根据权利要求5所述的方法,其特征在于,在向所述非易失性存储空间写入所述属主数据,并根据所述属主数据的大小确定所述属主数据的存储地址范围之后,所述方 法还包括:The method according to claim 5, wherein said owner data is written to said nonvolatile storage space, and said storage address range of said owner data is determined according to a size of said owner data After that, the party The law also includes:
    接收用于访问所述非易失性存储空间的访问请求;Receiving an access request for accessing the non-volatile storage space;
    响应所述访问请求,得到验证信息和需要请求的数据长度;Responding to the access request, obtaining verification information and length of data required to be requested;
    在验证所述验证信息通过的情况下,判断所述需要请求的数据长度是否处于所述属主数据的存储地址范围之内;When it is verified that the verification information is passed, determining whether the data length required to be requested is within a storage address range of the owner data;
    如果所述需要请求的数据长度处于所述属主数据的存储地址范围之内,则允许返回所述属主数据的内容。If the data length required to be requested is within the storage address range of the owner data, then the content of the owner data is allowed to be returned.
  7. 根据权利要求6所述的方法,其特征在于,如果所述需要请求的数据长度处于所述属主数据的存储地址范围之外,则中止获取所述属主数据的流程,和/或输出用于表征请求失败的提示信息。The method according to claim 6, wherein if the data length of the request request is outside the storage address range of the owner data, the process of acquiring the owner data is suspended, and/or output A message indicating the failure of the request.
  8. 根据权利要求6所述的方法,其特征在于,所述验证信息至少包括如下至少之一:需要访问的空间编号、密码口令。The method according to claim 6, wherein the verification information comprises at least one of: a space number that requires access, and a password password.
  9. 根据权利要求6所述的方法,其特征在于,在验证所述验证信息失败的情况下,返回无法获取所述属主数据的提示信息。The method according to claim 6, wherein in the case where the verification of the verification information fails, the prompt information that the owner data cannot be acquired is returned.
  10. 一种获取存储在芯片中的数据的方法,其特征在于,包括:A method for obtaining data stored in a chip, comprising:
    接收用于访问芯片的非易失性存储空间的访问请求;Receiving an access request for accessing a non-volatile storage space of the chip;
    响应所述访问请求,得到验证信息和需要请求的数据长度;Responding to the access request, obtaining verification information and length of data required to be requested;
    在验证所述验证信息通过的情况下,判断所述需要请求的数据长度是否处于所述非易失性存储空间中预先设置的属主数据的存储地址范围之内;In the case of verifying that the verification information is passed, determining whether the data length required to be requested is within a storage address range of the owner data set in advance in the non-volatile storage space;
    如果所述需要请求的数据长度处于所述属主数据的存储地址范围之内,则允许返回所述属主数据的内容;If the data length required to be requested is within the storage address range of the owner data, allowing the content of the owner data to be returned;
    其中,所述属主数据的存储地址范围用于表征允许向所述芯片请求数据时的最大数据长度。The storage address range of the owner data is used to characterize the maximum data length when data is requested from the chip.
  11. 根据权利要求10所述的方法,其特征在于,所述非易失性存储空间的属性至少还包括如下至少之一:空间编号,空间属主名称、空间授权密码、空间大小和空间物理地址范围。The method according to claim 10, wherein the attribute of the non-volatile storage space further comprises at least one of: a space number, a space owner name, a space authorization password, a space size, and a spatial physical address range. .
  12. 根据权利要求10或11所述的方法,其特征在于,在接收用于访问芯片的非易失性存储空间的访问请求之前,所述方法还包括:向所述非易失性存储空间写入所述属主数据,并根据所述属主数据的大小确定所述属主数据的存储地址范围,其中,通过所述属主数据的数据块的初始存储地址和末尾存储地址来确定所述存储地址范围。 The method according to claim 10 or 11, wherein before receiving the access request for accessing the non-volatile storage space of the chip, the method further comprises: writing to the non-volatile storage space Determining the storage address range of the owner data according to the size of the owner data, wherein the storage is determined by an initial storage address and a last storage address of the data block of the owner data Address range.
  13. 根据权利要求10所述的方法,其特征在于,如果所述需要请求的数据长度处于所述属主数据的存储地址范围之外,则中止获取所述属主数据的流程,和/或输出用于表征请求失败的提示信息。The method according to claim 10, wherein if the data length of the request request is outside the storage address range of the owner data, the process of acquiring the owner data is suspended, and/or output A message indicating the failure of the request.
  14. 一种获取存储在芯片中的数据的装置,其特征在于,包括:An apparatus for acquiring data stored in a chip, comprising:
    接收模块,用于接收用于访问芯片的非易失性存储空间的访问请求;a receiving module, configured to receive an access request for accessing a non-volatile storage space of the chip;
    响应模块,用于响应所述访问请求,得到验证信息和需要请求的数据长度;a response module, configured to respond to the access request, obtain verification information, and a data length that requires the request;
    判断模块,用于在验证所述验证信息通过的情况下,判断所述需要请求的数据长度是否处于所述非易失性存储空间中预先设置的属主数据的存储地址范围之内;a determining module, configured to determine, in a case where the verification information is verified, whether the data length required to be requested is within a storage address range of the owner data preset in the non-volatile storage space;
    控制模块,用于如果所述需要请求的数据长度处于所述属主数据的存储地址范围之内,则允许返回所述属主数据的内容;a control module, configured to allow returning content of the owner data if the data length required to be requested is within a storage address range of the owner data;
    其中,所述属主数据的存储地址范围用于表征允许向所述芯片请求数据时的最大数据长度。 The storage address range of the owner data is used to characterize the maximum data length when data is requested from the chip.
PCT/CN2017/108254 2016-11-11 2017-10-30 Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit WO2018086469A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610998449.0A CN108073351B (en) 2016-11-11 2016-11-11 Data storage method of nonvolatile storage space in chip and credible chip
CN201610998449.0 2016-11-11

Publications (1)

Publication Number Publication Date
WO2018086469A1 true WO2018086469A1 (en) 2018-05-17

Family

ID=62109463

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/108254 WO2018086469A1 (en) 2016-11-11 2017-10-30 Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit

Country Status (3)

Country Link
CN (1) CN108073351B (en)
TW (1) TW201818258A (en)
WO (1) WO2018086469A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625831A (en) * 2019-02-28 2020-09-04 阿里巴巴集团控股有限公司 Trusted security measurement method and device
CN115079803A (en) * 2022-05-20 2022-09-20 上海瑞浦青创新能源有限公司 Abnormal power failure data storage device suitable for microcontroller

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109634541B (en) * 2018-12-06 2022-06-10 中国船舶重工集团公司第七0七研究所 Printer information security monitoring method based on trusted computing
CN109670349B (en) 2018-12-13 2021-10-01 英业达科技有限公司 Hardware architecture of trusted computer and trusted starting method of computer
TWI687837B (en) * 2018-12-18 2020-03-11 英業達股份有限公司 Hardware structure of a trusted computer and trusted booting method for a computer
TWI745784B (en) * 2019-11-08 2021-11-11 精品科技股份有限公司 Disc security system
CN112784322A (en) * 2019-11-08 2021-05-11 精品科技股份有限公司 Bit lock disk management system
TWI728635B (en) * 2020-01-02 2021-05-21 系微股份有限公司 Storage device information management method compatible with different storage specifications
TWI748633B (en) * 2020-09-07 2021-12-01 神雲科技股份有限公司 Server device and server system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1183198A (en) * 1995-04-03 1998-05-27 亚特兰大科技公司 Information terminal having reconfigurable memory
CN101986325A (en) * 2010-11-01 2011-03-16 山东超越数控电子有限公司 Computer security access control system and method
US20130010519A1 (en) * 2007-11-12 2013-01-10 Micron Technology, Inc. System and method for updating read-only memory in smart card memory modules
CN104951405A (en) * 2014-03-28 2015-09-30 三星电子株式会社 Storage system and method for performing and authenticating write-protection thereof
US20160028546A1 (en) * 2012-09-28 2016-01-28 Intel Corporation Methods, systems and apparatus to self authorize platform code
US20160246964A1 (en) * 2015-02-24 2016-08-25 Dell Products, Lp Method to Protect BIOS NVRAM from Malicious Code Injection by Encrypting NVRAM Variables and System Therefor

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101477494B (en) * 2009-01-20 2011-12-21 成都市华为赛门铁克科技有限公司 Data write-in method and memory system
US8793462B2 (en) * 2011-05-24 2014-07-29 International Business Machines Corporation Implementing storage adapter performance optimization with enhanced resource pool allocation
CN103645863B (en) * 2013-12-12 2017-12-08 北京奇安信科技有限公司 Method for reading data and system, the wiring method and system of shared drive
CN105159847A (en) * 2015-08-12 2015-12-16 北京因特信安软件科技有限公司 Disk change record method based on trusted chip
CN105955916B (en) * 2016-04-29 2019-09-20 华为技术有限公司 A kind of method that writing immediate, equipment and system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1183198A (en) * 1995-04-03 1998-05-27 亚特兰大科技公司 Information terminal having reconfigurable memory
US20130010519A1 (en) * 2007-11-12 2013-01-10 Micron Technology, Inc. System and method for updating read-only memory in smart card memory modules
CN101986325A (en) * 2010-11-01 2011-03-16 山东超越数控电子有限公司 Computer security access control system and method
US20160028546A1 (en) * 2012-09-28 2016-01-28 Intel Corporation Methods, systems and apparatus to self authorize platform code
CN104951405A (en) * 2014-03-28 2015-09-30 三星电子株式会社 Storage system and method for performing and authenticating write-protection thereof
US20160246964A1 (en) * 2015-02-24 2016-08-25 Dell Products, Lp Method to Protect BIOS NVRAM from Malicious Code Injection by Encrypting NVRAM Variables and System Therefor

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625831A (en) * 2019-02-28 2020-09-04 阿里巴巴集团控股有限公司 Trusted security measurement method and device
CN111625831B (en) * 2019-02-28 2023-05-30 阿里巴巴集团控股有限公司 Trusted security measurement method and device
CN115079803A (en) * 2022-05-20 2022-09-20 上海瑞浦青创新能源有限公司 Abnormal power failure data storage device suitable for microcontroller
CN115079803B (en) * 2022-05-20 2024-03-29 上海瑞浦青创新能源有限公司 Abnormal power-down data storage device suitable for microcontroller

Also Published As

Publication number Publication date
CN108073351A (en) 2018-05-25
TW201818258A (en) 2018-05-16
CN108073351B (en) 2021-06-15

Similar Documents

Publication Publication Date Title
WO2018086469A1 (en) Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit
US11741230B2 (en) Technologies for secure hardware and software attestation for trusted I/O
KR101662618B1 (en) Measuring platform components with a single trusted platform module
US10592670B2 (en) Technologies for provisioning and managing secure launch enclave with platform firmware
TWI667586B (en) System and method for verifying changes to uefi authenticated variables
US20170364689A1 (en) Technologies for securely binding a platform manifest to a platform
US8201239B2 (en) Extensible pre-boot authentication
US20200026882A1 (en) Methods and systems for activating measurement based on a trusted card
TWI745629B (en) Computer system and method for initializing computer system
US10853086B2 (en) Information handling systems and related methods for establishing trust between boot firmware and applications based on user physical presence verification
US20230342471A1 (en) System and method for providing security protection for fpga based solid state drives
US11907386B2 (en) Platform root-of-trust system
US11909882B2 (en) Systems and methods to cryptographically verify an identity of an information handling system
CN114969713A (en) Equipment verification method, equipment and system
JP6769999B2 (en) Secure computing environment
US11822669B2 (en) Systems and methods for importing security credentials for use by an information handling system
US20230009032A1 (en) Systems and methods for authenticating the identity of an information handling system
US8185941B2 (en) System and method of tamper-resistant control
US11822668B2 (en) Systems and methods for authenticating configurations of an information handling system
US11843707B2 (en) Systems and methods for authenticating hardware of an information handling system
CN111357003A (en) Data protection in a pre-operating system environment
US20230344620A1 (en) Personal private key encryption device
Holoubková Rešerše a ukázka zabezpečení platformy (TPM)
CN113966510A (en) Trusted device and computing system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17869698

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17869698

Country of ref document: EP

Kind code of ref document: A1