CN114048502B - Lightweight trusted channel and communication control method thereof - Google Patents
Lightweight trusted channel and communication control method thereof Download PDFInfo
- Publication number
- CN114048502B CN114048502B CN202111202062.7A CN202111202062A CN114048502B CN 114048502 B CN114048502 B CN 114048502B CN 202111202062 A CN202111202062 A CN 202111202062A CN 114048502 B CN114048502 B CN 114048502B
- Authority
- CN
- China
- Prior art keywords
- shared memory
- domain
- mode
- domain shared
- control system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/544—Buffers; Shared memory; Pipes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/545—Interprogram communication where tasks reside in different layers, e.g. user- and kernel-space
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111202062.7A CN114048502B (en) | 2021-10-15 | 2021-10-15 | Lightweight trusted channel and communication control method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111202062.7A CN114048502B (en) | 2021-10-15 | 2021-10-15 | Lightweight trusted channel and communication control method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114048502A CN114048502A (en) | 2022-02-15 |
CN114048502B true CN114048502B (en) | 2023-08-15 |
Family
ID=80205067
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111202062.7A Active CN114048502B (en) | 2021-10-15 | 2021-10-15 | Lightweight trusted channel and communication control method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114048502B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103034544A (en) * | 2012-12-04 | 2013-04-10 | 杭州迪普科技有限公司 | Management method and device for user mode and kernel mode to share memory |
CN103093150A (en) * | 2013-02-18 | 2013-05-08 | 中国科学院软件研究所 | Dynamic integrity protection method based on credible chip |
CN107194284A (en) * | 2017-06-22 | 2017-09-22 | 济南浪潮高新科技投资发展有限公司 | A kind of method and system based on the user-isolated data of TrustZone |
CN107729159A (en) * | 2017-09-29 | 2018-02-23 | 华为技术有限公司 | The address mapping method and device of a kind of shared drive |
CN108062253A (en) * | 2017-12-11 | 2018-05-22 | 北京奇虎科技有限公司 | The communication means of a kind of kernel state and User space, device and terminal |
CN108733455A (en) * | 2018-05-31 | 2018-11-02 | 上海交通大学 | Vessel isolation based on ARM TrustZone enhances system |
CN109697140A (en) * | 2018-11-19 | 2019-04-30 | 深圳市腾讯信息技术有限公司 | Data back up method and device, data reconstruction method and device, storage medium |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108647513B (en) * | 2018-03-22 | 2020-04-28 | 华中科技大学 | TrustZone-based shared library security isolation method and system |
US11194639B2 (en) * | 2019-05-19 | 2021-12-07 | International Business Machines Corporation | Executing system calls in isolated address space in operating system kernel |
-
2021
- 2021-10-15 CN CN202111202062.7A patent/CN114048502B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103034544A (en) * | 2012-12-04 | 2013-04-10 | 杭州迪普科技有限公司 | Management method and device for user mode and kernel mode to share memory |
CN103093150A (en) * | 2013-02-18 | 2013-05-08 | 中国科学院软件研究所 | Dynamic integrity protection method based on credible chip |
CN107194284A (en) * | 2017-06-22 | 2017-09-22 | 济南浪潮高新科技投资发展有限公司 | A kind of method and system based on the user-isolated data of TrustZone |
CN107729159A (en) * | 2017-09-29 | 2018-02-23 | 华为技术有限公司 | The address mapping method and device of a kind of shared drive |
CN108062253A (en) * | 2017-12-11 | 2018-05-22 | 北京奇虎科技有限公司 | The communication means of a kind of kernel state and User space, device and terminal |
CN108733455A (en) * | 2018-05-31 | 2018-11-02 | 上海交通大学 | Vessel isolation based on ARM TrustZone enhances system |
CN109697140A (en) * | 2018-11-19 | 2019-04-30 | 深圳市腾讯信息技术有限公司 | Data back up method and device, data reconstruction method and device, storage medium |
Non-Patent Citations (1)
Title |
---|
牛德姣等.APMSS:一种具有非对称接口的固态存储***.计算机研究与发展.2018,第55卷(第55期),全文. * |
Also Published As
Publication number | Publication date |
---|---|
CN114048502A (en) | 2022-02-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109766165B (en) | Memory access control method and device, memory controller and computer system | |
EP1761837B1 (en) | System and method for secure inter-platform and intra-platform communications | |
CN105447406B (en) | A kind of method and apparatus for accessing memory space | |
EP3314808B1 (en) | Binding a trusted input session to a trusted output session | |
CN104392188B (en) | A kind of secure data store method and system | |
CN108055133B (en) | Key security signature method based on block chain technology | |
JP4392241B2 (en) | Method and system for promoting safety protection in a computer system employing an attached storage device | |
JP4089171B2 (en) | Computer system | |
JP5114617B2 (en) | Secure terminal, program, and method for protecting private key | |
WO2019192344A1 (en) | Trust zone-based operating system and method | |
CN108595982B (en) | Secure computing architecture method and device based on multi-container separation processing | |
CN104335549A (en) | Secure data processing | |
US20120137372A1 (en) | Apparatus and method for protecting confidential information of mobile terminal | |
CN101084504A (en) | Integrated circuit with improved device security | |
CN110750791A (en) | Method and system for guaranteeing physical attack resistance of trusted execution environment based on memory encryption | |
US20160335433A1 (en) | Intrusion detection system in a device comprising a first operating system and a second operating system | |
US20060005015A1 (en) | System and method for secure inter-platform and intra-platform communications | |
JP6951375B2 (en) | Information processing equipment, information processing methods and programs | |
CN105809043A (en) | Data security protection method of computer | |
CN114048502B (en) | Lightweight trusted channel and communication control method thereof | |
CN115374483B (en) | Data security storage method and device, electronic equipment, medium and chip | |
JP4375980B2 (en) | Multitask execution system and multitask execution method | |
CN107169375B (en) | System data security enhancement method | |
CN107087003B (en) | System anti-attack method based on network | |
CN116226870B (en) | Security enhancement system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Lei Lingguang Inventor after: Wang Yuewu Inventor after: Zhou Chuo Inventor after: Shi Haotian Inventor after: Wang Jie Inventor after: Kou Chunjing Inventor before: Wang Yuewu Inventor before: Lei Lingguang Inventor before: Zhou Chuo Inventor before: Shi Haotian Inventor before: Wang Jie Inventor before: Kou Chunjing |
|
GR01 | Patent grant | ||
GR01 | Patent grant |