CN112527358B - Self-measurement-based trusted application trusted measurement method, device and system - Google Patents
Self-measurement-based trusted application trusted measurement method, device and system Download PDFInfo
- Publication number
- CN112527358B CN112527358B CN202011485939.3A CN202011485939A CN112527358B CN 112527358 B CN112527358 B CN 112527358B CN 202011485939 A CN202011485939 A CN 202011485939A CN 112527358 B CN112527358 B CN 112527358B
- Authority
- CN
- China
- Prior art keywords
- trusted
- application
- measurement
- trusted application
- reference file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000005259 measurement Methods 0.000 title claims abstract description 174
- 238000000691 measurement method Methods 0.000 title claims abstract description 12
- 238000000034 method Methods 0.000 claims abstract description 34
- 238000004806 packaging method and process Methods 0.000 claims abstract description 12
- 238000011161 development Methods 0.000 claims description 18
- 238000012795 verification Methods 0.000 claims description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a self-measurement-based trusted application trusted measurement method, a self-measurement-based trusted application trusted measurement device and a self-measurement-based trusted application trusted measurement system, which comprise the following steps: creating an application program and an operating component and a trusted application measurement reference file thereof according to a specified text format; private key signature is carried out on the trusted application measurement reference file; packaging the application program, the running component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package; and importing the trusted application software package into the trusted cloud platform so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file. The complexity in the deployment and updating processes of the trusted application is simplified, and the application program is ensured to be started in a trusted state.
Description
Technical Field
The present invention relates to the field of application security technologies, and in particular, to a method, an apparatus, and a system for trusted application trusted measurement based on self-measurement.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
In a trusted cloud environment, the software system and the application program are ensured to be trusted through a trusted measurement method. In order to perform trusted measurement, a measurement standard is required to be established in the trusted cloud construction process, the existing method is to firstly install and deploy an application program, then scan an operation component related to the application program and establish the measurement standard, and after the measurement standard is established, the problem of increasing the application deployment requirement is faced; meanwhile, as the number of applications increases, management of the metrology components becomes complex, and it becomes a prominent problem whether the metrology objects can be flexibly and conveniently managed.
Disclosure of Invention
In order to solve the problems, the invention provides a trusted application trusted measurement method, device and system based on self-measurement, which are used for creating a trusted application software package and a trusted application measurement reference file in advance, marking a trusted certificate and the trusted reference file through the self-measurement of the trusted application, measuring the application program based on the trusted application software package, completing the update or upgrade of the application program based on the update of the trusted application measurement reference file, simplifying the complexity in the deployment and update process of the trusted application, and ensuring the start of the application program in a trusted state.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
in a first aspect, the present invention provides a trusted application trusted measurement method based on self-measurement, implemented at a development end, including:
creating an application program and an operating component and a trusted application measurement reference file thereof according to a specified text format;
private key signature is carried out on the trusted application measurement reference file;
Packaging the application program, the running component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package;
and importing the trusted application software package into the trusted cloud platform so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file.
In a second aspect, the present invention provides a trusted application trusted measurement method based on self-measurement, implemented at a trusted cloud platform end, including:
Receiving a trusted application software package, wherein the trusted application software package comprises an application program, an operating component, a signed trusted application measurement reference file and a development owned application certificate;
Marking the developed self application certificate as a trusted certificate, and verifying the security of the trusted measurement reference file according to the signature;
And measuring the application program and the running component one by one according to the trusted application measurement reference file, comparing the measurement result with the measurement value in the trusted application measurement reference file, and obtaining the trusted state of the application program according to the comparison result.
In a third aspect, the present invention provides a trusted application trusted measurement device based on self-measurement, which is set at a development end, and includes:
the file creation module is used for creating an application program, an operating component thereof and a trusted application measurement reference file according to a specified text format;
The signature module is used for carrying out private key signature on the trusted application measurement reference file;
the packaging module is used for packaging the application program, the operation component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package;
And the measurement module is used for importing the trusted application software package into the trusted cloud platform so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file.
In a fourth aspect, the present invention provides a trusted application trusted measurement device based on self-measurement, which is disposed at a trusted cloud platform end, and includes:
the receiving module is used for receiving a trusted application software package, wherein the trusted application software package comprises an application program, an operating component, a signed trusted application measurement reference file and a development owned application certificate;
The verification module is used for verifying the security of the trusted measurement reference file according to the signature after marking the developed own application certificate as a trusted certificate;
And the measurement module is used for measuring the application programs and the operation components one by one according to the trusted application measurement reference file, comparing the measurement result with the measurement value in the trusted application measurement reference file, and obtaining the trusted state of the application program according to the comparison result.
In a fifth aspect, the invention provides a trusted application trusted measurement system based on self-measurement, which comprises a development end and a trusted cloud platform end,
The development end comprises the device of the third aspect, and adopts the method of the first aspect to generate a trusted application software package and send the trusted application software package to the trusted cloud platform end;
the trusted cloud platform end comprises the device of the fourth aspect, and obtains the trusted state of the application program according to the received trusted application software package by adopting the method of the second aspect.
In a sixth aspect, the invention provides an electronic device comprising a memory and a processor and computer instructions stored on the memory and running on the processor, which when executed by the processor, perform the method of the first aspect and/or perform the method of the second aspect.
In a seventh aspect, the present invention provides a computer readable storage medium storing computer instructions which, when executed by a processor, perform the method of the first aspect and/or perform the method of the second aspect.
Compared with the prior art, the invention has the beneficial effects that:
The invention simplifies the complexity of the trusted application deployment and updating process based on the self-measurement processing of the trusted application, improves the safety in the process, ensures the starting of the application program in a trusted state, and ensures the safety of running data.
In the trusted application deployment stage, the trusted certificate is marked, so that the certificate can be trusted and the application program and the operating components thereof can be measured based on the certificate when the application program is operated in the future, and the simplification of the trusted application deployment program is also realized.
When the trusted application needs to be updated or updated, the measurement standard generated by the changed or newly added operation component is updated into the measurement standard file, and the generated new application software package or application upgrading package is directly used for replacing the original operation component and the measurement standard file; the deployment application does not need to be reinstalled, and the complexity in the process of updating the trusted application is reduced.
Before the trusted application operates, the method confirms that the certificate is a trusted certificate through verifying the validity of the signature certificate of the measurement reference file, and confirms the security of the measurement reference file by adopting the certificate, so that the validity of the application issuing and operating process is ensured, and the malicious application packaged illegally is prevented from being installed by a user.
In the packaging stage, an application developer generates a measurement reference of an application program and an operation component thereof according to a specified text format, then signs the measurement reference file by using an own private key, and packages the signed measurement reference file and an own certificate into an application software package; the process is based on the security of the private key of the developer, and the security and the credibility of the measurement standard of the operation component are ensured.
Additional aspects of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention.
FIG. 1 is a schematic diagram of trusted application software package and trusted application metric reference file provided in embodiment 1 of the present invention;
FIG. 2 is a flow chart of trusted application self-measurement provided in embodiment 1 of the present invention;
FIG. 3 is a flow chart of trusted application deployment and runtime metrics provided in embodiment 1 of the present invention.
Detailed Description
The invention is further described below with reference to the drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the invention. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the present invention. As used herein, unless the context clearly indicates otherwise, the singular forms also are intended to include the plural forms, and furthermore, it is to be understood that the terms "comprises" and "comprising" and any variations thereof are intended to cover non-exclusive inclusions, such as, for example, processes, methods, systems, products or devices that comprise a series of steps or units, are not necessarily limited to those steps or units that are expressly listed, but may include other steps or units that are not expressly listed or inherent to such processes, methods, products or devices.
Embodiments of the invention and features of the embodiments may be combined with each other without conflict.
Example 1
At the development end, the embodiment provides a trusted application trusted measurement method based on self-measurement, as shown in fig. 1-2, specifically including:
s11: creating an application program and an operating component and a trusted application measurement reference file thereof according to a specified text format;
s12: private key signature is carried out on the trusted application measurement reference file;
S13: packaging the application program, the running component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package;
s14: and importing the trusted application software package into the trusted cloud platform so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file.
At the trusted cloud platform end, the trusted application trusted measurement method based on self-measurement provided by the embodiment, as shown in fig. 3, specifically includes:
S21: receiving a trusted application software package, wherein the trusted application software package comprises an application program, an operating component, a signed trusted application measurement reference file and a development owned application certificate;
S22: marking the developed self application certificate as a trusted certificate, and verifying the security of the trusted measurement reference file according to the signature;
S23: and measuring the application program and the running component one by one according to the trusted application measurement reference file, comparing the measurement result with the measurement value in the trusted application measurement reference file, and obtaining the trusted state of the application program according to the comparison result.
In this embodiment, before packaging the trusted application, the public key, the private key, and the application certificate are determined, where the application certificate may correspond to the trusted application, or may correspond to the application developer, that is, allow multiple trusted applications to share the same application certificate.
In this embodiment, after the trusted application metrics reference file is created, the application and the running component are measured one by one and their metrics are written into the metrics reference file.
In said step S22, the developed from-available certificate is marked as a trusted certificate in order to trust this certificate and to measure the application and its components based on it when running the application in the future.
Before the trusted application runs, the trusted application measurement reference file is read, the certificate is confirmed to be a trusted certificate according to the signature certificate in the file, and then the certificate is adopted to confirm the security of the trusted application measurement reference file.
Under the condition that the trusted application measures the security of the benchmark file, the application program and the operating components are measured one by one, the measurement result is compared with the measurement value recorded in the benchmark file, if the measurement result is consistent with the measurement value recorded in the benchmark file, the credibility of each operating component is confirmed, and finally the credibility of the application program is confirmed, so that the application program is operated.
In this embodiment, when the trusted application needs to be upgraded or updated, a measurement reference is generated for the changed or newly added running component, and updated into a measurement reference file of the trusted application, the measurement reference file of the trusted application is signed again, and a new application software package or an application upgrade package is generated, and in the trusted cloud environment, the original running component and the measurement reference file are replaced.
In further embodiments, there is also provided:
A trusted application trusted measurement device based on self-measurement, which is arranged at a development end, comprising:
the file creation module is used for creating an application program, an operating component thereof and a trusted application measurement reference file according to a specified text format;
The signature module is used for carrying out private key signature on the trusted application measurement reference file;
the packaging module is used for packaging the application program, the operation component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package;
And the measurement module is used for importing the trusted application software package into the trusted cloud platform so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file.
The trusted application trusted measurement device based on self measurement is arranged at a trusted cloud platform end and comprises:
the receiving module is used for receiving a trusted application software package, wherein the trusted application software package comprises an application program, an operating component, a signed trusted application measurement reference file and a development owned application certificate;
The verification module is used for verifying the security of the trusted measurement reference file according to the signature after the developed self-certificate is marked as the trusted certificate;
And the measurement module is used for measuring the application programs and the operation components one by one according to the trusted application measurement reference file, comparing the measurement result with the measurement value in the trusted application measurement reference file, and obtaining the trusted state of the application program according to the comparison result.
A trusted application trusted measurement system based on self measurement comprises an originating terminal and a trusted cloud platform terminal;
The development end comprises a trusted application trusted measurement device based on self measurement, and a trusted application software package is generated by adopting the method implemented at the development end and sent to the trusted cloud platform end according to the embodiment 1;
The trusted cloud platform terminal comprises a trusted application trusted measurement device based on self measurement, and the method implemented at the trusted cloud platform terminal according to embodiment 1 is adopted to obtain the trusted state of the application program according to the received trusted application software package.
It should be noted that the above modules correspond to the steps described in embodiment 1, and the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to those disclosed in embodiment 1. It should be noted that the modules described above may be implemented as part of a system in a computer system, such as a set of computer-executable instructions.
In further embodiments, there is also provided:
An electronic device comprising a memory and a processor and computer instructions stored on the memory and running on the processor, which when executed by the processor, perform the method described in embodiment 1. For brevity, the description is omitted here.
It should be understood that in this embodiment, the processor may be a central processing unit CPU, and the processor may also be other general purpose processors, digital signal processors DSP, application specific integrated circuits ASIC, off-the-shelf programmable gate array FPGA or other programmable logic device, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may include read only memory and random access memory and provide instructions and data to the processor, and a portion of the memory may also include non-volatile random access memory. For example, the memory may also store information of the device type.
A computer readable storage medium storing computer instructions which, when executed by a processor, perform the method described in embodiment 1.
The method in embodiment 1 may be directly embodied as a hardware processor executing or executed with a combination of hardware and software modules in the processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method. To avoid repetition, a detailed description is not provided herein.
Those of ordinary skill in the art will appreciate that the elements of the various examples described in connection with the present embodiments, i.e., the algorithm steps, can be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, but various modifications and variations can be made to the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
While the foregoing description of the embodiments of the present invention has been presented in conjunction with the drawings, it should be understood that it is not intended to limit the scope of the invention, but rather, it is intended to cover all modifications or variations within the scope of the invention as defined by the claims of the present invention.
Claims (9)
1. The self-measurement-based trusted application trusted measurement method is characterized by being implemented at a development end and comprising the following steps of:
creating an application program and an operating component and a trusted application measurement reference file thereof according to a specified text format;
private key signature is carried out on the trusted application measurement reference file;
Packaging the application program, the running component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package;
importing the trusted application software package into a trusted cloud platform, so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file;
After the trusted application measurement reference file is created, measuring the application programs and the running components one by one, and writing the measurement reference into the measurement reference file;
When the trusted application is upgraded or updated, a measurement standard is generated for the changed or newly added operation component, the measurement standard is updated into a trusted application measurement standard file, the trusted application measurement standard file is subjected to private key signature again, a new version of trusted application software package or a trusted application software package upgrading package is generated, and the original operation component and the trusted application measurement standard file are replaced in a trusted cloud environment.
2. The trusted application trusted measurement method based on self-measurement is characterized by being implemented at a trusted cloud platform end and comprising the following steps:
Receiving a trusted application software package, wherein the trusted application software package comprises an application program, an operating component, a signed trusted application measurement reference file and a development owned application certificate;
Marking the developed self application certificate as a trusted certificate, and verifying the security of the trusted measurement reference file according to the signature;
measuring the application programs and the running components one by one according to the trusted application measurement reference file, comparing the measurement result with the measurement value in the trusted application measurement reference file, and obtaining the trusted state of the application program according to the comparison result;
After the trusted application measurement reference file is created, measuring the application programs and the running components one by one, and writing the measurement reference into the measurement reference file;
When the trusted application is upgraded or updated, a measurement standard is generated for the changed or newly added operation component, the measurement standard is updated into a trusted application measurement standard file, the trusted application measurement standard file is subjected to private key signature again, a new version of trusted application software package or a trusted application software package upgrading package is generated, and the original operation component and the trusted application measurement standard file are replaced in a trusted cloud environment.
3. A trusted application trusted metrics method based on self-metrics as claimed in claim 1 or 2, characterized in that the application certificate corresponds to a trusted application or to a developer of the application, supporting that multiple trusted applications share the same application certificate.
4. A trusted application trusted measurement method as claimed in claim 1 or claim 2, wherein in the case of a trusted application measurement reference file being secure, the application and the running component are measured one by one, the measurement result is compared with the measurement value recorded in the measurement reference file, and if the measurement result and the measurement value are consistent, the running component is trusted and the application is trusted, so that the application is run.
5. A trusted application trusted measurement device based on self-measurement, which is characterized in that the device is arranged at a development end and comprises:
the file creation module is used for creating an application program, an operating component thereof and a trusted application measurement reference file according to a specified text format;
The signature module is used for carrying out private key signature on the trusted application measurement reference file;
the packaging module is used for packaging the application program, the operation component, the signed trusted application measurement reference file and the self-owned application certificate to obtain a trusted application software package;
The measurement module is used for importing the trusted application software package into the trusted cloud platform so that the trusted cloud platform measures the application programs and the running components one by one according to the own application certificate and the signed trusted application measurement reference file;
After the trusted application measurement reference file is created, measuring the application programs and the running components one by one, and writing the measurement reference into the measurement reference file;
When the trusted application is upgraded or updated, a measurement standard is generated for the changed or newly added operation component, the measurement standard is updated into a trusted application measurement standard file, the trusted application measurement standard file is subjected to private key signature again, a new version of trusted application software package or a trusted application software package upgrading package is generated, and the original operation component and the trusted application measurement standard file are replaced in a trusted cloud environment.
6. The trusted application trusted measurement device based on self measurement is characterized by being arranged at a trusted cloud platform end and comprising:
the receiving module is used for receiving a trusted application software package, wherein the trusted application software package comprises an application program, an operating component, a signed trusted application measurement reference file and a development owned application certificate;
The verification module is used for verifying the security of the trusted measurement reference file according to the signature after the developed self-certificate is marked as the trusted certificate;
The measurement module is used for measuring the application programs and the operation components one by one according to the trusted application measurement reference file, comparing the measurement result with the measurement value in the trusted application measurement reference file, and obtaining the trusted state of the application program according to the comparison result;
After the trusted application measurement reference file is created, measuring the application programs and the running components one by one, and writing the measurement reference into the measurement reference file;
When the trusted application is upgraded or updated, a measurement standard is generated for the changed or newly added operation component, the measurement standard is updated into a trusted application measurement standard file, the trusted application measurement standard file is subjected to private key signature again, a new version of trusted application software package or a trusted application software package upgrading package is generated, and the original operation component and the trusted application measurement standard file are replaced in a trusted cloud environment.
7. The trusted application trusted measurement system based on self measurement is characterized by comprising a development end and a trusted cloud platform end;
the development end comprises the device of claim 5, and adopts the method of claim 1 to generate a trusted application software package and send the trusted application software package to the trusted cloud platform end;
The trusted cloud platform end comprises the device of claim 6, and obtains the trusted state of the application program according to the received trusted application software package by adopting the method of claim 2.
8. An electronic device comprising a memory and a processor and computer instructions stored on the memory and running on the processor, which when executed by the processor, perform the method of claim 1 and/or the method of claim 2.
9. A computer readable storage medium storing computer instructions which, when executed by a processor, perform the method of claim 1 and/or the method of claim 2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011485939.3A CN112527358B (en) | 2020-12-16 | 2020-12-16 | Self-measurement-based trusted application trusted measurement method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011485939.3A CN112527358B (en) | 2020-12-16 | 2020-12-16 | Self-measurement-based trusted application trusted measurement method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112527358A CN112527358A (en) | 2021-03-19 |
| CN112527358B true CN112527358B (en) | 2024-07-09 |
Family
ID=75000673
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011485939.3A Active CN112527358B (en) | 2020-12-16 | 2020-12-16 | Self-measurement-based trusted application trusted measurement method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112527358B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110188547A (en) * | 2019-05-14 | 2019-08-30 | 北京可信华泰信息技术有限公司 | A kind of credible encryption system and method |
| CN110737897A (en) * | 2018-07-19 | 2020-01-31 | 阿里巴巴集团控股有限公司 | Trusted card based boot metrics |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102236752B (en) * | 2010-05-04 | 2014-10-22 | 航天信息股份有限公司 | Trustiness measuring method for installing and upgrading software |
| CN103093150B (en) * | 2013-02-18 | 2016-01-20 | 中国科学院软件研究所 | A kind of dynamic integrity protection method based on credible chip |
| CN104268461B (en) * | 2014-09-16 | 2018-03-06 | 华为技术有限公司 | A kind of credible measurement method and device |
| CN105205401B (en) * | 2015-09-30 | 2017-10-24 | 中国人民解放军信息工程大学 | Trusted computer system and its trusted bootstrap method based on security password chip |
| CN105447390B (en) * | 2015-11-16 | 2019-09-06 | 全球能源互联网研究院 | Management method that a kind of software version based on digital certificate system is credible |
| CN109213572B (en) * | 2018-09-10 | 2021-10-22 | 郑州云海信息技术有限公司 | Credibility determination method based on virtual machine and server |
| CN110334515B (en) * | 2019-07-05 | 2021-05-14 | 北京可信华泰信息技术有限公司 | Method and device for generating measurement report based on trusted computing platform |
| CN110311917A (en) * | 2019-07-08 | 2019-10-08 | 北京可信华泰信息技术有限公司 | Host measure and device |
| CN110889114B (en) * | 2019-11-06 | 2023-09-26 | 深圳力维智联技术有限公司 | Software credibility measurement method and device based on concept lattice |
| CN111814138B (en) * | 2020-06-30 | 2023-05-02 | 郑州信大先进技术研究院 | Cloud platform-based software security management system |
-
2020
- 2020-12-16 CN CN202011485939.3A patent/CN112527358B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110737897A (en) * | 2018-07-19 | 2020-01-31 | 阿里巴巴集团控股有限公司 | Trusted card based boot metrics |
| CN110188547A (en) * | 2019-05-14 | 2019-08-30 | 北京可信华泰信息技术有限公司 | A kind of credible encryption system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112527358A (en) | 2021-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109214168B (en) | Firmware upgrading method and device | |
| US11829479B2 (en) | Firmware security verification method and device | |
| US11861372B2 (en) | Integrity manifest certificate | |
| CN108845812B (en) | Plug-in updating method, device, computer equipment and storage medium | |
| US8560823B1 (en) | Trusted modular firmware update using digital certificate | |
| US9792440B1 (en) | Secure boot for vehicular systems | |
| WO2009107349A1 (en) | Information processing device | |
| WO2017166561A1 (en) | Method of downloading android apk and system thereof | |
| CN101226569A (en) | Method and device for checking code module in virtual machine | |
| CN103329093A (en) | Updating software | |
| CA3056013C (en) | Application management method for terminal, application server and terminal | |
| Langiu et al. | Upkit: An open-source, portable, and lightweight update framework for constrained iot devices | |
| US20160275291A1 (en) | Unified extensible firmware interface (uefi) database for secure bootstrap of a computer | |
| KR102557005B1 (en) | Generating checksums on trusted storage devices for accelerated authentication | |
| CN111066016A (en) | Application certificate | |
| CN110874467B (en) | Information processing method, device, system, processor and storage medium | |
| US20170116427A1 (en) | Token-based control of software installation and operation | |
| JP2023525576A (en) | Scope of control of authentication keys for software updates | |
| CN115220796A (en) | Secure boot device | |
| WO2022108713A1 (en) | Firmware runtime patch secure release process | |
| CN112527358B (en) | Self-measurement-based trusted application trusted measurement method, device and system | |
| US20210334380A1 (en) | Trusted firmware verification | |
| CN112965731A (en) | Method, device, equipment and storage medium for Flutter hot update based on Tinker | |
| US10691805B2 (en) | Resident manufacturing test software based system for mitigating risks associated with vehicle control modules | |
| KR20230081988A (en) | Vehicle security starting method, device, electronic control unit and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |