WO2020213050A1 - Système de traitement de données, dispositif de traitement de données et procédé de vérification de programme d'application - Google Patents

Système de traitement de données, dispositif de traitement de données et procédé de vérification de programme d'application Download PDF

Info

Publication number
WO2020213050A1
WO2020213050A1 PCT/JP2019/016280 JP2019016280W WO2020213050A1 WO 2020213050 A1 WO2020213050 A1 WO 2020213050A1 JP 2019016280 W JP2019016280 W JP 2019016280W WO 2020213050 A1 WO2020213050 A1 WO 2020213050A1
Authority
WO
WIPO (PCT)
Prior art keywords
data processing
application program
data
verification
unit
Prior art date
Application number
PCT/JP2019/016280
Other languages
English (en)
Japanese (ja)
Inventor
伸一郎 西馬
督 那須
Original Assignee
三菱電機株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三菱電機株式会社 filed Critical 三菱電機株式会社
Priority to CN201980095316.4A priority Critical patent/CN113678128A/zh
Priority to PCT/JP2019/016280 priority patent/WO2020213050A1/fr
Priority to JP2020515993A priority patent/JP6737424B1/ja
Publication of WO2020213050A1 publication Critical patent/WO2020213050A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present invention relates to a data processing system having an application program verification function, a data processing device, and a method for verifying an application program.
  • Patent Document 1 the data is digitally signed and the OS program checks the data to confirm the validity of the signature information, and the signer himself maliciously falsifies and re-signs the data attached to the application program.
  • the application program itself has a built-in function (tampering check routine) to confirm the validity of the confidential information created based on the signature information so that the computer can detect falsification even if it is performed. With this function, if the application program itself determines that the data attached to the application program has been tampered with, the execution of the application program is stopped (see Patent Document 1).
  • Patent Document 1 When the system of Patent Document 1 is used, for example, when the data (resource data or auxiliary file) attached to the application program is falsified after the platform management organization certifies the application program and issues a signature to it. Can detect the tampering. However, since the tampering check function depends on the application program, if the application program is tampered with and the tampering check routine is modified so as not to operate, the computer cannot detect the tampering of the application program. Therefore, the computer may not be able to stop the execution of the tampered application program.
  • the present invention has been made in view of the above circumstances, and an object of the present invention is to provide a verification technique capable of accurately detecting falsification of an application program.
  • the data processing system includes a verification means for verifying an application program having authentication data pre-encrypted with a first private key held by a certification body, and the verification means includes verification included in the application program.
  • Acquiring dynamic information which is information expanded in memory when a function is executed, and decrypting authentication data using the first public key corresponding to the first private key held in advance.
  • the application program is verified by comparing it with the dynamic information for verification obtained in.
  • the data processing device publishes a public key storage unit that stores the public key of the certification authority and authentication data that is pre-encrypted with the private key of the certification authority corresponding to the public key and embedded in the application program.
  • the authentication data decryption unit that decrypts using the key, the dynamic information that is the information expanded in the memory when the verification function included in the application program is executed, and the acquired dynamic information. It is provided with a consistency confirmation unit that verifies the application program by comparing it with the dynamic information for verification obtained by decrypting the authentication data.
  • the verification method of the application program includes a step of decrypting authentication data encrypted with the private key of the certification authority and embedded in the application program using the public key of the certification authority corresponding to the private key, and authentication.
  • the step of extracting the dynamic information for verification from the data the step of acquiring the dynamic information expanded in the memory when the verification function included in the application program is executed, and the step of acquiring the acquired dynamic information and verification. It includes a step to verify the application program by comparing it with the dynamic information.
  • the data processing device In the verification method of the data processing system, the data processing device, and the application program of the present invention, whether or not the application program is a genuine product of the information expanded in the memory when the verification function included in the application program is executed. Since it is used for verification of, it is possible to detect falsification of the application program with high accuracy.
  • the figure which shows the hardware configuration of the data processing system which concerns on embodiment of this invention The figure which shows the hardware configuration of the data processing apparatus which concerns on embodiment of this invention.
  • the figure which shows the system structure of the data processing system which concerns on embodiment of this invention The figure which shows the flow of the authentication of the application program which concerns on embodiment of this invention.
  • the figure which shows the verification method of the application program which concerns on embodiment of this invention The figure which shows the system structure of the data processing unit and the data processing control unit which concerns on embodiment of this invention.
  • the flowchart which shows the flow of the verification of the application program which concerns on embodiment of this invention.
  • the figure which shows the modification of the system structure of the data processing system which concerns on embodiment of this invention The figure which shows the hardware configuration of the data processing apparatus which concerns on embodiment of this invention.
  • the figure which shows the system structure of the data processing system which concerns on embodiment of this invention The figure which shows the flow of the authentication of the application program which concerns on embodiment of this invention.
  • the data processing system is a system that processes data transmitted from an apparatus.
  • the data processing system is installed in the factory as a product production system. Data processing by the data processing system is performed to achieve, for example, detection of defective products and exclusion from the manufacturing process, classification of materials, or monitoring of anomalies.
  • the user sets the content of the processing to be applied to the data.
  • the hardware configuration of the data processing system is shown in FIG.
  • the data processing system includes devices 201 and 202 that operate in the manufacturing process of products, and a data processing device 100 that processes data transmitted from the devices 201 and 202.
  • the data processing device 100 is connected to the devices 201 and 202 via the network 210, and communicates with each other by transmitting and receiving signals to and from the devices 201 and 202. Although the data processing device 100 and the devices 201 and 202 are both connected via the network 210, they may be connected via networks of different standards.
  • the network 210 is an industrial network.
  • the network 210 may be a dedicated line for realizing serial communication.
  • the device 201 is a control device provided with a sensor 201a used in the manufacturing process of the product.
  • the sensor 201a is, for example, an optical sensor, a pressure sensor, an ultrasonic sensor, or another detector.
  • the device 201 repeats the data including the sensing result by the sensor 201a at a cycle specified by the data processing device 100, and transmits the data to the data processing device 100. This period is, for example, 10 ms, 100 ms, or 1 sec.
  • the device 202 is, for example, an actuator or a robot used in a product manufacturing process.
  • the device 202 operates according to the data processing result of the data processing device 100. Specifically, when the device 202 receives an operation command from the data processing device 100 instructing one of operation mode designation, operation start, and operation stop as a data processing result, the device 202 changes the operation state according to the operation command. To do.
  • the data transmission line that connects the data processing device 100 and the device 200 is not limited to a wired communication transmission line such as the network 210, and may be a wireless communication transmission line.
  • the device 200 is not limited to either a device that transmits data including a sensing result or a device that operates according to an operation command from the data processing device 100.
  • the device 200 may be a device that transmits data to the data processing device 100 and operates in accordance with an operation command from the data processing device 100.
  • the number of devices 200 is not limited to two.
  • the data processing device 100 is a PLC or an industrial personal computer, and is an FA (Factory Automation) device that performs preset processing on data collected from the device 200 and outputs a processing result.
  • the data processing device 100 transmits an operation command to the device 200 as an output of the processing result, but the present invention is not limited to this, and quality control information obtained by analyzing or processing the data may be presented to the user, or data processing may be performed. Quality control information may be stored in the device 100 itself or an external server device.
  • FIG. 2 shows the hardware configuration of the data processing device 100.
  • the data processing device 100 is a computer having a processor 101, a main storage unit 102, an auxiliary storage unit 103, an input unit 104, an output unit 105, and a communication unit 106.
  • the main storage unit 102, the auxiliary storage unit 103, the input unit 104, the output unit 105, and the communication unit 106 are all connected to the processor 101 via the internal bus 107.
  • the processor 101 includes an MPU (Micro Processing Unit).
  • the processor 101 realizes various functions of the data processing device 100 by executing a program stored in the auxiliary storage unit 103, and executes the processing described later.
  • the main storage unit 102 includes a RAM (RandomAccessMemory). A program is loaded into the main storage unit 102 from the auxiliary storage unit 103. Then, the main storage unit 102 is used as a work area of the processor 101.
  • RAM RandomAccessMemory
  • the auxiliary storage unit 103 includes a non-volatile memory represented by an EEPROM (Electrically Erasable Programmable Read-Only Memory). In addition to the program, the auxiliary storage unit 103 stores various data used in the processing of the processor 101. The auxiliary storage unit 103 supplies the data used by the processor 101 to the processor 101 according to the instruction of the processor 101, and stores the data supplied from the processor 101. A plurality of programs are stored in the auxiliary storage unit 103. Further, the program includes a program preset in the data processing device 100 and a program added by the user of the data processing device 100.
  • EEPROM Electrically Erasable Programmable Read-Only Memory
  • the input unit 104 includes an input key and an input device represented by a pointing device.
  • the input unit 104 acquires the information input by the user of the data processing device 100, and notifies the processor 101 of the acquired information.
  • the output unit 105 includes an output device represented by a display device and a speaker.
  • the output unit 105 presents various information to the user according to the instruction of the processor 101.
  • the communication unit 106 includes a network interface circuit for communicating with the external device 200.
  • the communication unit 106 receives a signal from the device 200 and outputs the data indicated by this signal to the processor 101. Further, the communication unit 106 transmits a signal indicating the data output from the processor 101 to the device 200.
  • FIG. 3 shows the system configuration of the data processing system according to the embodiment of the present invention.
  • the data processing system is composed of a data processing device 100 and devices 201 and 202.
  • the data processing device 100 includes an engineering tool 140, a data processing platform 110, data collecting units 131 and 132, data processing units 121a and 121b, and a verification data transmitting unit 150.
  • the engineering tool 140 includes a data processing control setting unit 141 in which the content of data processing is set by the user.
  • the engineering tool 140 is realized by reading the software stored in the auxiliary storage unit 103 into the main storage unit 102 and executing the software by the processor 101.
  • the user sets the contents of the data processing via the input unit 104.
  • the data processing platform 110 has a setting information construction unit 111 that receives the setting information data received from the engineering tool 140, a setting information storage unit 112 that stores the constructed setting information, and a data collection unit that analyzes the accumulated setting information. It has 131, 132 and a data processing control unit 113 that gives instructions to the data processing units 121a, 121b.
  • the setting information construction unit 111, the setting information storage unit 112, and the data processing control unit 113 are realized by reading the program stored in the auxiliary storage unit 103 into the main storage unit 102 and executing it by the processor 101. ..
  • the setting information storage unit 112 stores the setting information in the auxiliary storage unit 103.
  • the data collection units 131 and 132 collect data from the devices 201 and 202 according to the instructions of the data processing control unit 113, deliver the data to the data processing control unit 113, and deliver the data received from the data processing control unit 113 to the device 201, It has a function to pass to 202.
  • the instruction from the data processing control unit 113 includes, for example, information such as the type of data to be collected and the collection cycle.
  • the data collection units 131 and 132 are realized by reading the program stored in the auxiliary storage unit 103 into the main storage unit 102 and executing the program by the processor 101.
  • the communication unit 106 is used for communication with the devices 201 and 202.
  • the data collection units 131 and 132 are interposed between the device 200 and the data processing control unit 113, and have an interface conversion function. Even if the device 200 is connected by a network having a different communication protocol, it absorbs the difference in the communication protocol and communicates with the data processing control unit 113 in the format specified on the data processing platform 110 side.
  • the data processing units 121a and 121b process the data transferred from the data processing control unit 113 in accordance with the instructions of the data processing control unit 113.
  • the data processing units 121a and 121b are provided by the application vendor 310 as application programs, and the program stored in the auxiliary storage unit 103 is read into the main storage unit 102 and executed by the processor 101. Is realized by.
  • the instruction given by the data processing control unit 113 to the data processing units 121a and 121b includes, for example, parameters such as a data format (number of digits) when outputting data.
  • the parameters given to the data processing units 121a and 121b depend on the data processing units 121a and 121b.
  • the data processing units 121a and 121b perform processing independently of each other, but the data processing control unit 113 can intervene to perform processing substantially in cooperation with each other.
  • the data processing unit 121a may be an application program that removes noise from the sensing data
  • the data processing unit 121b may be an application program that analyzes the sensing data and diagnoses the presence or absence of an abnormality in the device 201.
  • the data processing control unit 113 gives the sensing data collected from the device 201 to the data processing unit 121a, causes the data processing unit 121a to remove the noise, and receives the sensing data from which the noise has been removed from the data processing unit 121a. ..
  • the data processing control unit 113 gives the sensing data from which the noise has been removed to the data processing unit 121b, and causes the device 201 to perform the diagnosis of the presence or absence of an abnormality.
  • the data processing units 121a and 121b can be substantially linked to perform data processing.
  • the verification data transmission unit 150 acquires verification data from the memory and transmits the verification data to the data processing control unit 113 when the application program is verified.
  • the verification data transmission unit 150 is a functional unit realized by calling and executing the verification module by the data processing units 121a and 121b.
  • the verification module is prepared in advance by the platform provider and provided to the user, and the verification data transmission unit has an interface function for secure communication with the data processing control unit 113.
  • the verification module is provided, for example, in the form of a DLL (Dynamic Link Library) file.
  • the data processing units 121a and 121b can be added by the user 320 installing the application program 305 provided by the application vendor 310 in the data processing device 100.
  • the application program 305 is certified by the certification body 300 (platform provider) and is provided to the user 320 with the authentication information 304 embedded.
  • the application vendor 310 passes the application runtime information 302, which is information unique to the application program 305, to the certification body 300.
  • the application execution time information 302 is dynamic information generated when a computer such as the data processing device 100 executes the application program 305.
  • Specific examples of the dynamic information include information expanded on the memory in the data processing device 100 in which the application program 305 operates when the application program 305 is executed, such as information secured in the stack area at the time of function call. Be done.
  • the application program 305 is provided with a verification function for outputting application runtime information, which is verification data, and the stack memory of this verification function (when the verification function is executed).
  • the information secured in the stack area on the memory allocated to the verification function) is used as the application runtime information 302.
  • the information secured in this stack area is, for example, a set of data recording a series of calling functions including a verification function, and includes information on the return address of each function.
  • the application execution time information 302 is stored as the address information of the global variable on the memory and the global variable when a predetermined verification function is executed. It may be a value that is set.
  • the memory is not limited to the main storage unit 102 of the data processing device 100, and may include the cache memory inside the processor 101 and use the information expanded on the cache memory.
  • the certification authority 300 collects the application execution time information 302 and the authentication information 304, creates the authentication data 303 encrypted with the authentication authority private key 301, and provides the authentication data 303 to the application vendor 310.
  • the certification authority private key 301 corresponds to the first private key.
  • the authentication information 304 is an electronic signature created by the certification body 300, and is electronic data that guarantees that the authentication data 303 is created by the certification body 300.
  • the application vendor 310 embeds the received authentication data 303 in the developed application program 305 and provides it to the user 320.
  • the application program 305 certified by the certification body 300 is provided to the user 320.
  • the application runtime information 302 corresponds to the verification dynamic information.
  • the data processing unit 121 realized by executing the application program 305 passes the authentication data 303 to the data processing control unit 113.
  • the data processing control unit 113 decrypts the output authentication data 303 with the authentication authority public key 401 owned by the data processing control unit 113, and obtains the decrypted authentication information 304 and the application execution time information 302.
  • the certification authority public key 401 is paired with the authentication authority private key 301 used when creating the authentication data 303, and the authentication data 303 encrypted with the authentication authority private key 301 can be decrypted, and the authentication authority secret
  • the authentication data 303 encrypted with the key 301 can be decrypted only with the authentication authority public key 401.
  • the certification authority public key 401 corresponds to the first public key.
  • the data processing control unit 113 extracts the authentication information 304 from the decrypted authentication data 303, and verifies that the authentication data 303 is a genuine product certified by the certification body 300. Then, when the authentication data 303 is found to be a genuine product certified by the legitimate certification body 300, the data processing control unit 113 inputs the application execution information 402 which is the information generated when the application program 305 is executed. get. The data processing control unit 113 acquires the application execution time information 402 from the memory 403 via the verification data transmission unit 150.
  • the verification data transmission unit is realized by calling and executing the verification module by the verification function 122 possessed by the data processing unit 121.
  • the verification data transmission unit 150 reads the information expanded in the memory 403 while the verification function 122 is being executed, and transmits the information to the data processing control unit 113.
  • the verification module is provided by the platform provider, and the verification data transmission unit 150 transmits data to the data processing control unit 113 via a predetermined dedicated interface function. Therefore, the application program 305 is an application. Run-time information 402 cannot be spoofed.
  • the data processing control unit 113 may acquire the application execution time information 402 by directly reading the information expanded in the memory 403 when the verification function 122 is executed, without going through the verification data transmission unit 150. In this case as well, since the application runtime information 402 is fetched from the memory 403, the application program 305 cannot disguise the application runtime information 402.
  • the data processing control unit 113 verifies the consistency between the application execution time information 302 extracted from the decrypted authentication data 303 and the newly acquired application execution time information 402, and the authentication data 303 embedded in the application program 305. Is issued to the application program 305.
  • the application runtime information 402 corresponds to dynamic information.
  • the data processing unit 121 includes a data processing execution unit 500, an authentication data storage unit 501, an authentication data transmission unit 505, an application private key storage unit 502, an encryption / decryption unit 503, and a distribution key storage unit 504. To be equipped.
  • the data processing execution unit 500 performs data processing on the data received from the data processing control unit 113.
  • the authentication data storage unit 501 stores the encrypted authentication data 303.
  • the authentication data transmission unit 505 transmits the authentication data 303 to the data processing control unit 113.
  • the application private key storage unit 502 stores the application private key.
  • the application private key is pre-embedded in the application program 305.
  • the application private key corresponds to the second private key.
  • the encryption / decryption unit 503 encrypts the data transmitted to the data processing control unit 113 and decrypts the data received from the data processing control unit 113.
  • the distribution key storage unit 504 stores the distribution key, which will be described later.
  • the data processing execution unit 500, the authentication data storage unit 501, and the encryption / decryption unit 503 are realized by executing the application program 305 by the processor 101.
  • the authentication data storage unit 501, the application private key storage unit 502, and the distribution key storage unit 504 are realized by the auxiliary storage unit 103.
  • the data processing control unit 113 confirms the consistency between the authentication authority public key storage unit 511, the authentication data decryption unit 512, the authentication information extraction unit 513, the application execution time information extraction unit 514, and the application public key extraction unit 515. It includes a unit 516, an application public key storage unit 517, a distribution key generation unit 518, a distribution key storage unit 519, and an encryption / decryption unit 520.
  • the authentication data decryption unit 512, the authentication information extraction unit 513, the application execution time information extraction unit 514, the application public key extraction unit 515, and the consistency confirmation unit 516 constitute a verification unit 521.
  • the verification unit 521 corresponds to the verification means.
  • the certification body public key storage unit 511 stores the certification body public key 401 previously given by the certification body 300.
  • the authentication data decryption unit 512 receives the encrypted authentication data 303 from the authentication data transmission unit 505 of the data processing unit 121, and uses the authentication authority public key 401 stored in the authentication authority public key storage unit 511 to use the authentication authority public key 401.
  • the authentication data 303 is decrypted.
  • the authentication information extraction unit 513 extracts the authentication information 304 from the decrypted authentication data 303 and passes it to the consistency confirmation unit 516.
  • the application runtime information extraction unit 514 extracts the application runtime information 302 from the decrypted authentication data 303 and passes it to the consistency confirmation unit 516.
  • the application public key extraction unit 515 extracts the application public key from the decrypted authentication data 303, and stores the application public key in the application public key storage unit 517.
  • the app private key and the app public key are a pair.
  • the application public key corresponds to the second public key.
  • the consistency confirmation unit 516 verifies the authentication information 304 received from the authentication information extraction unit 513, and verifies whether or not the authentication data 303 is certified by the legitimate certification body 300. Further, the consistency confirmation unit 516 verifies the application execution time information 302 received from the application execution time information extraction unit 514, and the authentication data 303 is issued to the application program 305 that realizes the data processing unit 121. Make sure there is.
  • the authentication data decryption unit 512, the authentication information extraction unit 513, the application execution time information extraction unit 514, the application public key extraction unit 515, and the consistency confirmation unit 516 are executed by the program module corresponding to each unit on the processor 101. It is realized by being done.
  • the certification body public key storage unit 511 and the application public key storage unit 517 are realized by the auxiliary storage unit 103.
  • the distribution key generation unit 518 generates a distribution key and stores it in the distribution key storage unit 519 when the consistency confirmation unit 516 confirms the validity of the data processing unit 121. Further, the distribution key is encrypted by the encryption / decryption unit 520 using the application public key stored in the application public key storage unit 517, and passed to the data processing unit 121. On the other hand, since the data processing unit 121 holds the application private key paired with the application public key in the application private key storage unit 502, the distribution key encrypted with the application public key is stored in the encryption / decryption unit 503. Can be decrypted.
  • the data processing control unit 113 and the data processing unit 121 can safely share the distribution key.
  • the distribution key generation unit 518 and the encryption / decryption unit 520 are realized by executing the corresponding program modules in the processor 101.
  • the distribution key storage unit 519 is realized by the auxiliary storage unit 103.
  • the distribution key is used for data encryption and decryption when the data processing control unit 113 transmits data to be processed by the data processing unit 121 and when the data processed by the data processing unit 121 is returned to the data processing control unit 113. It is a common key to be used.
  • the data processing control unit 113 transmits data to be processed by the data processing unit 121, the data is encrypted by the encryption / decryption unit 520 using the distribution key using the distribution key, and decrypted by the encryption / decryption unit 503. Will be done.
  • the data processed by the data processing unit 121 is returned to the data processing control unit 113, the data is encrypted by the encryption / decryption unit 503 using the distribution key and decrypted by the encryption / decryption unit 520.
  • the distribution key that is safely shared, it is possible to exchange data securely between the data processing control unit 113 and the data processing unit 121.
  • the authentication data decryption unit 512 decrypts the authentication data 303 acquired from the authentication data storage unit 501 of the data processing unit 121 by using the authentication authority public key 401 stored in the authentication authority public key storage unit 511 (. S101).
  • the authentication information 304 included in the decrypted authentication data 303 is verified, and it is confirmed whether the authentication data 303 is certified by the legitimate certification body 300 (S102).
  • the data processing control unit 113 acquires the application execution time information 402 from the memory 403 (S103).
  • the data processing control unit 113 verifies the application execution time information 302 by comparing the application execution time information 302 included in the decrypted authentication data 303 with the acquired application execution time information 402 (S104). .. If the validity cannot be confirmed as a result of the verification, the execution of the application program 305 is prohibited (S110). On the other hand, if the validity can be confirmed, the data processing in the application program 305 is permitted.
  • the application public key is extracted from the decrypted authentication data 303 and stored in the application public key storage unit 517 (S105). Then, the distribution key generation unit 518 creates a distribution key, which is a common key used for data encryption and decryption when the data processing control unit 113 and the data processing unit 121 exchange data, and the distribution key storage unit 519. It is stored in (S106). After that, the encryption / decryption unit 520 encrypts the distribution key using the application public key (S107), and sends the encrypted distribution key to the data processing unit 121 (S108). The distribution key corresponds to a common key for data distribution.
  • the data processing unit 121 uses the application private key paired with the application public key to decrypt the distribution key encrypted using the application public key, and stores the distribution key in the distribution key storage unit. Store in 504. Since the application private key paired with the application public key is held only by the data processing unit 121, only the data processing unit 121 can decrypt the distribution key encrypted using the application public key. .. Therefore, the distribution key can be safely shared between the data processing control unit 113 and the data processing unit 121. This enables encrypted communication between the data processing control unit 113 and the data processing unit 121.
  • the data processing units 121a and 121b and the data processing control unit 113 are provided in the same data processing device 100, but other data processing devices capable of high-speed arithmetic processing. In some cases, it is preferable to perform data processing. Therefore, in the system configuration of the data processing system shown in FIG. 8, the data processing unit 121c is provided on an external processing device 180 separate from the data processing device 100.
  • the data processing device 100 and the external processing device 180 are connected via a network, and the data processing control unit 113 and the data processing unit 121c are configured to be communicable.
  • the verification module provided by the platform provider is called and executed by the data processing unit 121c by the verification function 122 owned by the data processing unit 121c, thereby performing external processing.
  • a verification data transmission unit 152 is provided on the device 180. Since the verification data transmission unit 152 has an interface function for communicating with the data processing control unit 113, the data processing control unit 113 performs external processing even when the application program 305 is provided on the external processing device 180. It is possible to acquire the application execution time information 302 which is the information on the memory of the device 180. Therefore, even when the application program 305 is provided on the external processing device 180, the validity of the application program 305 can be verified.
  • 100 data processing device 101 processor, 102 main storage unit, 103 auxiliary storage unit, 104 input unit, 105 output unit, 106 communication unit, 107 internal bus, 110 data processing platform, 111 setting information construction unit, 112 setting information storage unit , 113 Data processing control unit, 121, 121a, 121b, 121c Data processing unit, 122 Verification function, 131, 132 Data collection unit, 140 Engineering tool, 141 Data processing control setting unit, 150, 152 Verification data transmission unit, 180 External processing device, 200, 201, 202 equipment, 201a sensor, 210 network, 300 certification body, 301 certification body private key, 302 application execution information, 303 authentication data, 304 authentication information, 310 application vendor, 305 application program, 320 User, 401 certification body public key, 402 application execution information, 403 memory, 500 data processing execution unit, 501 authentication data storage unit, 502 application private key storage unit, 503 encryption / decryption unit, 504 distribution key storage unit, 505 Authentication data transmission unit, 511 Certification

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un système de traitement de données qui est caractérisé en ce qu'il comprend un moyen de vérification 521 qui vérifie un programme d'application 310 comprenant des données d'authentification 303 qui ont été chiffrées à l'avance à l'aide d'une première clé privée 301 retenue par une organisation d'authentification. Le moyen de vérification 521 : acquiert des informations dynamiques 402, qui sont des informations chargées dans une mémoire 403 lorsqu'une fonction de vérification 122 comprise dans le programme d'application 310 est exécutée ; et vérifie le programme d'application 310 en comparant les informations dynamiques 402 à des informations dynamiques de vérification 302, qui sont obtenues par déchiffrement des données d'authentification 303 à l'aide d'une première clé publique 401 associée à la première clé privée 301 conservée à l'avance.
PCT/JP2019/016280 2019-04-16 2019-04-16 Système de traitement de données, dispositif de traitement de données et procédé de vérification de programme d'application WO2020213050A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201980095316.4A CN113678128A (zh) 2019-04-16 2019-04-16 数据处理系统、数据处理装置及应用程序的验证方法
PCT/JP2019/016280 WO2020213050A1 (fr) 2019-04-16 2019-04-16 Système de traitement de données, dispositif de traitement de données et procédé de vérification de programme d'application
JP2020515993A JP6737424B1 (ja) 2019-04-16 2019-04-16 データ処理システム、データ処理装置およびアプリケーションプログラムの検証方法

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/016280 WO2020213050A1 (fr) 2019-04-16 2019-04-16 Système de traitement de données, dispositif de traitement de données et procédé de vérification de programme d'application

Publications (1)

Publication Number Publication Date
WO2020213050A1 true WO2020213050A1 (fr) 2020-10-22

Family

ID=71949274

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/016280 WO2020213050A1 (fr) 2019-04-16 2019-04-16 Système de traitement de données, dispositif de traitement de données et procédé de vérification de programme d'application

Country Status (3)

Country Link
JP (1) JP6737424B1 (fr)
CN (1) CN113678128A (fr)
WO (1) WO2020213050A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113282951A (zh) * 2021-03-12 2021-08-20 北京字节跳动网络技术有限公司 一种应用程序的安全校验方法、装置及设备

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003337630A (ja) * 2002-05-17 2003-11-28 Ntt Docomo Inc 通信端末、プログラム、記録媒体、通信端末のアクセス制御方法およびコンテンツの提供方法
JP2005222341A (ja) * 2004-02-05 2005-08-18 Trend Micro Inc 情報機器上および伝送経路上でのプログラム分析によるセキュリティの確保
US20180260564A1 (en) * 2017-03-08 2018-09-13 Secure-Ic Sas Secured execution context data

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7607122B2 (en) * 2005-06-17 2009-10-20 Microsoft Corporation Post build process to record stack and call tree information
CN102047266A (zh) * 2008-10-10 2011-05-04 松下电器产业株式会社 信息处理装置、认证系统、认证装置、信息处理方法、信息处理程序、记录介质及集成电路

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003337630A (ja) * 2002-05-17 2003-11-28 Ntt Docomo Inc 通信端末、プログラム、記録媒体、通信端末のアクセス制御方法およびコンテンツの提供方法
JP2005222341A (ja) * 2004-02-05 2005-08-18 Trend Micro Inc 情報機器上および伝送経路上でのプログラム分析によるセキュリティの確保
US20180260564A1 (en) * 2017-03-08 2018-09-13 Secure-Ic Sas Secured execution context data

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113282951A (zh) * 2021-03-12 2021-08-20 北京字节跳动网络技术有限公司 一种应用程序的安全校验方法、装置及设备
CN113282951B (zh) * 2021-03-12 2024-02-09 北京字节跳动网络技术有限公司 一种应用程序的安全校验方法、装置及设备

Also Published As

Publication number Publication date
JP6737424B1 (ja) 2020-08-12
JPWO2020213050A1 (ja) 2021-05-06
CN113678128A (zh) 2021-11-19

Similar Documents

Publication Publication Date Title
US20200106775A1 (en) Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium
CN107612698B (zh) 一种商用密码检测方法、装置与系统
US9042553B2 (en) Communicating device and communicating method
CN108475319A (zh) 装置出生凭证
JP7458150B2 (ja) データ流通方法及び認証サーバ
CN105099705B (zh) 一种基于usb协议的安全通信方法及其系统
JP2020504583A (ja) 証明書を使用して識別及び信頼を確立することによる正規デバイス保証のための技術
CN104636680A (zh) 维护部件的真实性验证及使用的许可证密钥的提供和获取
CN113254947A (zh) 一种车辆数据保护方法、系统、设备和存储介质
CN100334519C (zh) 建立可信输入输出通道的方法
US9367708B2 (en) Method for producing a hardware device and hardware device
CN103686711B (zh) 网络连接方法和电子设备
JP6737424B1 (ja) データ処理システム、データ処理装置およびアプリケーションプログラムの検証方法
JP2007220072A (ja) 画像読取装置、認証方法、評価システム、評価方法およびプログラム
US9756044B2 (en) Establishment of communication connection between mobile device and secure element
CN112383577A (zh) 授权方法、装置、系统、设备和存储介质
CN116881936A (zh) 可信计算方法及相关设备
CN112579374B (zh) 一种用于嵌入式设备的安全调试的系统和方法
CN106156548A (zh) 用于程序加密的认证方法和装置
JP2012173388A (ja) ログ採取システム、ストレージ装置及び採取ログ検査方法
CN114065302A (zh) 数据处理方法、装置、设备、介质和区块链网络
CN103827877A (zh) 用于剽窃保护的方法以及执行装置
WO2016111079A1 (fr) Système de collecte de journal et procédé de collecte de journal
CN113132455A (zh) 一种分布式工业物联网监控方法和系统
JP2008004065A (ja) 半導体装置、電子機器及び機器認証プログラム

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2020515993

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19925159

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19925159

Country of ref document: EP

Kind code of ref document: A1