CN105046138A - FT-processor based trust management system and method - Google Patents
FT-processor based trust management system and method Download PDFInfo
- Publication number
- CN105046138A CN105046138A CN201510407123.1A CN201510407123A CN105046138A CN 105046138 A CN105046138 A CN 105046138A CN 201510407123 A CN201510407123 A CN 201510407123A CN 105046138 A CN105046138 A CN 105046138A
- Authority
- CN
- China
- Prior art keywords
- tcm
- module
- bios
- user
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses an FT-processor based trust management system and method. The system comprises: 1) a terminal management module; 2) a TCM (Trusted Cryptography Module) initialization module; 3) a terminal trust module; 4) a BIOS (Basic Input Output System) measurement module; 5) a USBKey; and 6) a TCM. According to the system and the method, the integrity measurement of a BIOS and an operating system is realized through the TCM, the BIOS and the operating system are ensured to be legal, and the attack caused by destruction of the BIOS or the operating system is avoided; the operational control of a terminal program is realized through the terminal trust module, and the operational environment of the operating system is ensured to be secure and trusted; and flexible management of a trust policy is realized through the terminal management module and the terminal trust module.
Description
Technical field
The present invention relates to field of information security technology, be specifically related to a kind of credible management system based on Feiteng processor and method.
Background technology
Along with the lifting of domestic processor performance, country is to the support of production domesticization, and under Domestic Platform, the research of secure and trusted technology is more and more heavier with breakthrough.Domestic processor provides the safety of bottom instruction set rank, can effectively solve the problems such as processor back door, but on processor instruction set, other safety of operating system grade still exists security breaches.
Production domesticization reliable computing technology is more and more ripe under production domesticization environment, based on domestic trusted cryptography chip, realize other secure and trusted of operating system grade in conjunction with credible software stack, realize the secure and trusted from processor instruction set to application software, ensure the safety of whole production domesticization platform.
Traditional computer BIOS does not carry out integrity verification to operating system file, if operating system is destroyed, performs malicious code, is very easy to form potential safety hazard.
Summary of the invention
The technical problem to be solved in the present invention is: for production domesticization processor and reliable computing technology, the present invention proposes a kind of credible management system based on Feiteng processor and method, the method realizes secure and trusted tactical management by credible administrative unit to terminal, installed by trusted end-user software simulating terminal program and control with operation, realized the integrity verification of operating system critical file by BIOS.
The technical solution adopted in the present invention is:
Based on a credible management system for Feiteng processor, described system comprises:
1) termination management module: for managing terminal and the credible strategy of terminal security;
2) TCM initialization module: dispose first after credible management system TCM initialization and the initialization of program white list for terminal;
3) trusted end-user module: install for terminal program and control with operation, and communicate with termination management module, realize the renewal of secure and trusted strategy;
4) BIOS metric module: for carrying out integrity measurement to operating system nucleus and system core file;
5) USBKey: for operating system authentication and storage TCM key;
6) TCM module: credible password module, is used for storage key, and built-in cryptographic algorithm provides the cryptography services such as hash calculating.
Described BIOS metric module operating procedure is as follows:
Step I1: start powers up, BIOS call TCM cryptographic algorithm and calculate operating system nucleus and system core file hash, obtain Hash Value;
The desired value of Hash Value and BIOS storage inside contrasts by step I2:BIOS, if the same continues next step, otherwise forbids that system starts.
Described TCM initialization module operating procedure is as follows:
Step S1: user USBKey equipment is connected with computing machine, USBKey storage key;
Step S2: by USBKey register system, TCM initial module starts automatically, prompting input user basic information, then calls USBKey interface function and is read from USBkey by key, by TCM interface, key is imported TCM inside modules;
Step S3: scan operation system file, calls TCM cryptographic algorithm generator program and runs control white list, and program is run and controlled white list for trusted end-user module.
Described trusted end-user module operating procedure is as follows:
Step V1: when user's working procedure, trusted end-user block intercepts program operation process, controls white list with operation and mates, and if there is no then forbids running in white list, if be present in white list, carries out next step;
Step V2: call TCM cryptographic algorithm calculation procedure Hash Value, the desired value of preserving in Hash Value and white list is contrasted, equal, run execution, otherwise forbid performing;
Step V3: trusted end-user module also provides user UI, runs control application for initiating program to termination management module.
A kind of credible management method based on Feiteng processor, described method is called TCM cryptographic algorithm by BIOS and is carried out integrity measurement to operating system critical file, by terminal software, operating system ordinary file is measured, ensure that computing machine self is credible and secure by the transmission of trust chain.
For realizing BIOS to operating system integrity measurement, BIOS needs to transform, and after transformation, integrity measurement process is as follows:
Step V101: BIOS acquisition system critical file desired value during initial start-up is also stored in BIOS memory block, BIOS are driven and TCM chip communication by USB, by sending TCM command operation TCM correlation function;
Step V102:BIOS opens needs operating system file; by TCM_HASH_INIT_ORD order initialization hash algorithm; then by TCM_HASH_UPDATE_ORD order, operating system file is sent to TCM chip internal; finally call TCM_HASH_FINI_ORD order and terminate hash algorithm, obtain Hash Value;
Step V103: from BIOS memory block read operation system file desired value, the Hash Value that comparing calculation obtains and desired value, judge whether identical, if the same continues to start the operating system, otherwise stop starting the operating system.
For ensureing TCM key safety, key storage, in USBKey, imports to TCM inside modules when system starts by TCM initialization module, both can ensure the safety of key storage, and can import different keys for different users again, detailed step is as follows:
Step V201:TCM initialize routine input user basic information, calls USBKey interface function and reads key from USBKey;
Step V202:TCM initialize routine is called TCM interface function and key is imported to TCM memory block;
Step V203: after key has imported, calls TCM cryptographic algorithm generator program and runs control white list.
Described trusted end-user module is communicated with termination management module by network, and the program of submission runs application, and termination management module carries out examination & approval to application and issues, and concrete steps are as follows:
Step V301: terminal user opens a terminal credible management UI, and loading routine path, title and purposes also upload executable program file;
Step V302: user's input information is reported to termination management module by trusted end-user module;
Step V303: after termination management module receives user's application of terminal submission, sign to program, be issued to terminal after signature, terminal performs.
Beneficial effect of the present invention is: the present invention realizes BIOS and operating system integrity measurement by trusted cryptography chip TCM, ensures that BIOS and operating system are legal, avoids destroying because of BIOS or operating system the attack caused; Realize terminal program by trusted end-user module and run control, ensure that operating system Environmental security is credible; The flexible management of credible strategy is realized by termination management module and trusted end-user module.
Accompanying drawing explanation
Fig. 1 is that BIOS of the present invention measures process flow diagram;
Fig. 2 is TCM initialization flowchart of the present invention.
Embodiment
With reference to the accompanying drawings, by embodiment, the present invention is further described:
Embodiment 1:
Based on a credible management system for Feiteng processor, described system comprises:
1) termination management module: for managing terminal and the credible strategy of terminal security;
2) TCM initialization module: dispose first after credible management system TCM initialization and the initialization of program white list for terminal;
3) trusted end-user module: install for terminal program and control with operation, and communicate with termination management module, realize the renewal of secure and trusted strategy;
4) BIOS metric module: for carrying out integrity measurement to operating system nucleus and system core file;
5) USBKey: for operating system authentication and storage TCM key;
6) TCM module: credible password module, is used for storage key, and built-in cryptographic algorithm provides the cryptography services such as hash calculating.
Embodiment 2:
On the basis of embodiment 1, described in the present embodiment, BIOS metric module operating procedure is as follows:
Step I1: start powers up, BIOS call TCM cryptographic algorithm and calculate operating system nucleus and system core file hash, obtain Hash Value;
The desired value of Hash Value and BIOS storage inside contrasts by step I2:BIOS, if the same continues next step, otherwise forbids that system starts.
Embodiment 3:
On the basis of embodiment 1, described in the present embodiment, TCM initialization module operating procedure is as follows:
Step S1: user USBKey equipment is connected with computing machine, USBKey storage key;
Step S2: by USBKey register system, TCM initial module starts automatically, prompting input user basic information, then calls USBKey interface function and is read from USBkey by key, by TCM interface, key is imported TCM inside modules;
Step S3: scan operation system file, calls TCM cryptographic algorithm generator program and runs control white list, and program is run and controlled white list for trusted end-user module.
Embodiment 4:
On the basis of embodiment 1, described in the present embodiment, trusted end-user module operating procedure is as follows:
Step V1: when user's working procedure, trusted end-user block intercepts program operation process, controls white list with operation and mates, and if there is no then forbids running in white list, if be present in white list, carries out next step;
Step V2: call TCM cryptographic algorithm calculation procedure Hash Value, the desired value of preserving in Hash Value and white list is contrasted, equal, run execution, otherwise forbid performing;
Step V3: trusted end-user module also provides user UI, runs control application for initiating program to termination management module.
Embodiment 5:
A kind of credible management method based on Feiteng processor, described method is called TCM cryptographic algorithm by BIOS and is carried out integrity measurement to operating system critical file, by terminal software, operating system ordinary file is measured, ensure that computing machine self is credible and secure by the transmission of trust chain.
Embodiment 6:
On the basis of embodiment 5, the present embodiment is for realizing BIOS to operating system integrity measurement, and BIOS needs to transform, and as shown in Figure 1, after transformation, integrity measurement process is as follows:
Step V101: BIOS acquisition system critical file desired value during initial start-up is also stored in BIOS memory block, BIOS are driven and TCM chip communication by USB, by sending TCM command operation TCM correlation function;
Step V102:BIOS opens needs operating system file; by TCM_HASH_INIT_ORD order initialization hash algorithm; then by TCM_HASH_UPDATE_ORD order, operating system file is sent to TCM chip internal; finally call TCM_HASH_FINI_ORD order and terminate hash algorithm, obtain Hash Value;
Step V103: from BIOS memory block read operation system file desired value, the Hash Value that comparing calculation obtains and desired value, judge whether identical, if the same continues to start the operating system, otherwise stop starting the operating system.
Embodiment 7:
As shown in Figure 2, on the basis of embodiment 5, the present embodiment is for ensureing TCM key safety, key storage is in USBKey, TCM inside modules is imported to by TCM initialization module when system starts, both can ensure the safety of key storage, can import different keys for different users again, detailed step is as follows:
Step V201:TCM initialize routine input user basic information, calls USBKey interface function and reads key from USBKey;
Step V202:TCM initialize routine is called TCM interface function and key is imported to TCM memory block;
Step V203: after key has imported, calls TCM cryptographic algorithm generator program and runs control white list.
Embodiment 8:
On the basis of embodiment 5, described in the present embodiment, trusted end-user module is communicated with termination management module by network, and the program of submission runs application, and termination management module carries out examination & approval to application and issues, and concrete steps are as follows:
Step V301: terminal user opens a terminal credible management UI, and loading routine path, title and purposes also upload executable program file;
Step V302: user's input information is reported to termination management module by trusted end-user module;
Step V303: after termination management module receives user's application of terminal submission, sign to program, be issued to terminal after signature, terminal performs.
Above embodiment is only for illustration of the present invention; and be not limitation of the present invention; the those of ordinary skill of relevant technical field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all equivalent technical schemes also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (8)
1. based on a credible management system for Feiteng processor, it is characterized in that, described system comprises:
1) termination management module: for managing terminal and the credible strategy of terminal security;
2) TCM initialization module: dispose first after credible management system TCM initialization and the initialization of program white list for terminal;
3) trusted end-user module: install for terminal program and control with operation, and communicate with termination management module, realize the renewal of secure and trusted strategy;
4) BIOS metric module: for carrying out integrity measurement to operating system nucleus and system core file;
5) USBKey: for operating system authentication and storage TCM key;
6) TCM module: credible password module, is used for storage key, and built-in cryptographic algorithm provides the cryptography services such as hash calculating.
2. a kind of credible management system based on Feiteng processor according to claim 1, is characterized in that: described BIOS metric module operating procedure is as follows:
Step I1: start powers up, BIOS call TCM cryptographic algorithm and calculate operating system nucleus and system core file hash, obtain Hash Value;
The desired value of Hash Value and BIOS storage inside contrasts by step I2:BIOS, if the same continues next step, otherwise forbids that system starts.
3. a kind of credible management system based on Feiteng processor according to claim 1, is characterized in that: described TCM initialization module operating procedure is as follows:
Step S1: user USBKey equipment is connected with computing machine, USBKey storage key;
Step S2: by USBKey register system, TCM initial module starts automatically, prompting input user basic information, then calls USBKey interface function and is read from USBkey by key, by TCM interface, key is imported TCM inside modules;
Step S3: scan operation system file, calls TCM cryptographic algorithm generator program and runs control white list, and program is run and controlled white list for trusted end-user module.
4. a kind of credible management system based on Feiteng processor according to claim 1, is characterized in that: described trusted end-user module operating procedure is as follows:
Step V1: when user's working procedure, trusted end-user block intercepts program operation process, controls white list with operation and mates, and if there is no then forbids running in white list, if be present in white list, carries out next step;
Step V2: call TCM cryptographic algorithm calculation procedure Hash Value, the desired value of preserving in Hash Value and white list is contrasted, equal, run execution, otherwise forbid performing;
Step V3: trusted end-user module also provides user UI, runs control application for initiating program to termination management module.
5. the credible management method based on Feiteng processor, it is characterized in that: described method is called TCM cryptographic algorithm by BIOS and carried out integrity measurement to operating system critical file, by terminal software, operating system ordinary file is measured, ensure that computing machine self is credible and secure by the transmission of trust chain.
6. a kind of credible management method based on Feiteng processor according to claim 5, it is characterized in that, described integrity measurement process is as follows:
Step V101: BIOS acquisition system critical file desired value during initial start-up is also stored in BIOS memory block, BIOS are driven and TCM chip communication by USB, by sending TCM command operation TCM correlation function;
Step V102:BIOS opens needs operating system file; by TCM_HASH_INIT_ORD order initialization hash algorithm; then by TCM_HASH_UPDATE_ORD order, operating system file is sent to TCM chip internal; finally call TCM_HASH_FINI_ORD order and terminate hash algorithm, obtain Hash Value;
Step V103: from BIOS memory block read operation system file desired value, the Hash Value that comparing calculation obtains and desired value, judge whether identical, if the same continues to start the operating system, otherwise stop starting the operating system.
7. a kind of credible management method based on Feiteng processor according to claim 5, is characterized in that: described TCM key storage is in USBKey, and import to TCM inside modules when system starts by TCM initialization module, concrete steps are as follows:
Step V201:TCM initialize routine input user basic information, calls USBKey interface function and reads key from USBKey;
Step V202:TCM initialize routine is called TCM interface function and key is imported to TCM memory block;
Step V203: after key has imported, calls TCM cryptographic algorithm generator program and runs control white list.
8. a kind of credible management method based on Feiteng processor according to claim 5, it is characterized in that: described trusted end-user module is communicated with termination management module by network, the program submitted to runs application, and termination management module carries out examination & approval to application and issues, and concrete steps are as follows:
Step V301: terminal user opens a terminal credible management UI, and loading routine path, title and purposes also upload executable program file;
Step V302: user's input information is reported to termination management module by trusted end-user module;
Step V303: after termination management module receives user's application of terminal submission, sign to program, be issued to terminal after signature, terminal performs.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510407123.1A CN105046138A (en) | 2015-07-13 | 2015-07-13 | FT-processor based trust management system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510407123.1A CN105046138A (en) | 2015-07-13 | 2015-07-13 | FT-processor based trust management system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105046138A true CN105046138A (en) | 2015-11-11 |
Family
ID=54452677
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510407123.1A Pending CN105046138A (en) | 2015-07-13 | 2015-07-13 | FT-processor based trust management system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105046138A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106919825A (en) * | 2015-12-25 | 2017-07-04 | 航天信息股份有限公司 | Communication means and UKey based on UKey |
| CN107894905A (en) * | 2017-11-29 | 2018-04-10 | 郑州云海信息技术有限公司 | A kind of operating system file guard method based on BIOS |
| CN108664772A (en) * | 2018-04-27 | 2018-10-16 | 北京可信华泰信息技术有限公司 | A method of ensureing security of system |
| CN109255231A (en) * | 2018-09-28 | 2019-01-22 | 山东超越数控电子股份有限公司 | A kind of encryption hard disk cryptographic key protection system and method based on trust computing |
| CN109992933A (en) * | 2019-04-03 | 2019-07-09 | 中电科技(北京)有限公司 | The firmware of PIN-based code authorization starts method |
| CN110334517A (en) * | 2019-07-05 | 2019-10-15 | 北京可信华泰信息技术有限公司 | The update method and device of credible strategy, credible and secure management platform |
| CN110610091A (en) * | 2019-09-12 | 2019-12-24 | 江苏域固威芯科技有限公司 | Security PXE method based on domestic network platform |
| CN112260833A (en) * | 2020-12-21 | 2021-01-22 | 湖南航天捷诚电子装备有限责任公司 | Server with remote encryption function and encryption method |
| CN112449143A (en) * | 2021-01-28 | 2021-03-05 | 北京电信易通信息技术股份有限公司 | Implementation method and implementation system of secure video |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030188165A1 (en) * | 2002-03-29 | 2003-10-02 | Sutton James A. | System and method for execution of a secured environment initialization instruction |
| CN1869999A (en) * | 2006-06-28 | 2006-11-29 | 北京飞天诚信科技有限公司 | Protection method and device for opening computer |
| WO2007117879A1 (en) * | 2006-04-07 | 2007-10-18 | Intel Corporation | Method and apparatus to mate an external code image with an on-chip private key |
| US20080244257A1 (en) * | 2007-03-30 | 2008-10-02 | Kushagra Vaid | Server active management technology (AMT) assisted secure boot |
| CN102332070A (en) * | 2011-09-30 | 2012-01-25 | 中国人民解放军海军计算技术研究所 | Trust chain transfer method for trusted computing platform |
| CN103677935A (en) * | 2013-12-23 | 2014-03-26 | 北京奇虎科技有限公司 | Installation and control method, system and device for application programs |
-
2015
- 2015-07-13 CN CN201510407123.1A patent/CN105046138A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030188165A1 (en) * | 2002-03-29 | 2003-10-02 | Sutton James A. | System and method for execution of a secured environment initialization instruction |
| WO2007117879A1 (en) * | 2006-04-07 | 2007-10-18 | Intel Corporation | Method and apparatus to mate an external code image with an on-chip private key |
| CN1869999A (en) * | 2006-06-28 | 2006-11-29 | 北京飞天诚信科技有限公司 | Protection method and device for opening computer |
| US20080244257A1 (en) * | 2007-03-30 | 2008-10-02 | Kushagra Vaid | Server active management technology (AMT) assisted secure boot |
| CN102332070A (en) * | 2011-09-30 | 2012-01-25 | 中国人民解放军海军计算技术研究所 | Trust chain transfer method for trusted computing platform |
| CN103677935A (en) * | 2013-12-23 | 2014-03-26 | 北京奇虎科技有限公司 | Installation and control method, system and device for application programs |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106919825A (en) * | 2015-12-25 | 2017-07-04 | 航天信息股份有限公司 | Communication means and UKey based on UKey |
| CN107894905A (en) * | 2017-11-29 | 2018-04-10 | 郑州云海信息技术有限公司 | A kind of operating system file guard method based on BIOS |
| CN108664772A (en) * | 2018-04-27 | 2018-10-16 | 北京可信华泰信息技术有限公司 | A method of ensureing security of system |
| CN109255231A (en) * | 2018-09-28 | 2019-01-22 | 山东超越数控电子股份有限公司 | A kind of encryption hard disk cryptographic key protection system and method based on trust computing |
| CN109992933A (en) * | 2019-04-03 | 2019-07-09 | 中电科技(北京)有限公司 | The firmware of PIN-based code authorization starts method |
| CN110334517A (en) * | 2019-07-05 | 2019-10-15 | 北京可信华泰信息技术有限公司 | The update method and device of credible strategy, credible and secure management platform |
| CN110334517B (en) * | 2019-07-05 | 2021-05-14 | 北京可信华泰信息技术有限公司 | Trusted policy updating method and device and trusted security management platform |
| CN110610091A (en) * | 2019-09-12 | 2019-12-24 | 江苏域固威芯科技有限公司 | Security PXE method based on domestic network platform |
| CN112260833A (en) * | 2020-12-21 | 2021-01-22 | 湖南航天捷诚电子装备有限责任公司 | Server with remote encryption function and encryption method |
| CN112260833B (en) * | 2020-12-21 | 2021-03-09 | 湖南航天捷诚电子装备有限责任公司 | Server with remote encryption function and encryption method |
| CN112449143A (en) * | 2021-01-28 | 2021-03-05 | 北京电信易通信息技术股份有限公司 | Implementation method and implementation system of secure video |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105046138A (en) | FT-processor based trust management system and method | |
| CN102136043B (en) | Computer system and measuring method thereof | |
| Francillon et al. | A minimalist approach to remote attestation | |
| US11093258B2 (en) | Method for trusted booting of PLC based on measurement mechanism | |
| CN106471768B (en) | Method and apparatus for establishing secure communication channel | |
| CN101034991B (en) | Secure guiding system, method, code signature construction method and authentication method | |
| US10635821B2 (en) | Method and apparatus for launching a device | |
| CN102646077B (en) | A kind of method of the full disk encryption based on credible password module | |
| CN105718807B (en) | Android system and its authentic authentication system based on soft TCM and credible software stack and method | |
| CN106384052A (en) | BMC U-boot trusted starting control method | |
| CN103514414A (en) | Encryption method and encryption system based on ARM TrustZone | |
| US20200074122A1 (en) | Cryptographic operation processing method, apparatus, and system, and method for building measurement for trust chain | |
| CN104200165A (en) | Initiative trusted measurement method based on CPU made in China | |
| CN103902915B (en) | Trustable industrial control terminal and establishing method thereof | |
| US20200026882A1 (en) | Methods and systems for activating measurement based on a trusted card | |
| CN103825737B (en) | Security apparatus, system and method for on-line upgrading of industrial control system | |
| CN109144584A (en) | A kind of programmable logic device and its starting method, system and storage medium | |
| CN104268477A (en) | Safety control method and network device | |
| CN104408371A (en) | Implementation method of high security application system based on trusted execution environment | |
| CN103200008A (en) | Linux identity authentication system and Linux identity authentication method | |
| CN102244684A (en) | EFI (Extensible Firmware Interface) trusted Cloud chain guiding method based on USBKey | |
| EP3217310A1 (en) | Hypervisor-based attestation of virtual environments | |
| CN107480535A (en) | The reliable hardware layer design method and device of a kind of two-way server | |
| CN107704308A (en) | Virtual platform vTPM management systems, trust chain constructing method and device, storage medium | |
| Wang et al. | Survey on key technology development and application in trusted computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151111 |
|
| RJ01 | Rejection of invention patent application after publication |