CN114936373A - Trusted security chip, trusted data processing system and method - Google Patents

Trusted security chip, trusted data processing system and method Download PDF

Info

Publication number
CN114936373A
CN114936373A CN202210439683.5A CN202210439683A CN114936373A CN 114936373 A CN114936373 A CN 114936373A CN 202210439683 A CN202210439683 A CN 202210439683A CN 114936373 A CN114936373 A CN 114936373A
Authority
CN
China
Prior art keywords
data
trusted
measurement
interface
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210439683.5A
Other languages
Chinese (zh)
Inventor
沈健
张敏
罗华峰
窦仁晖
阮黎翔
王德辉
竹之涵
侯明国
汪鹤
罗凌璐
左欢欢
李超
相蓉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GUANGZHOU PTSWITCH COMPUTER TECHNOLOGY CO LTD
State Grid Zhejiang Electric Power Co Ltd
Nari Technology Co Ltd
NARI Nanjing Control System Co Ltd
State Grid Electric Power Research Institute
Original Assignee
GUANGZHOU PTSWITCH COMPUTER TECHNOLOGY CO LTD
State Grid Zhejiang Electric Power Co Ltd
Nari Technology Co Ltd
NARI Nanjing Control System Co Ltd
State Grid Electric Power Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GUANGZHOU PTSWITCH COMPUTER TECHNOLOGY CO LTD, State Grid Zhejiang Electric Power Co Ltd, Nari Technology Co Ltd, NARI Nanjing Control System Co Ltd, State Grid Electric Power Research Institute filed Critical GUANGZHOU PTSWITCH COMPUTER TECHNOLOGY CO LTD
Priority to CN202210439683.5A priority Critical patent/CN114936373A/en
Publication of CN114936373A publication Critical patent/CN114936373A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • G06F13/38Information transfer, e.g. on bus
    • G06F13/42Bus transfer protocol, e.g. handshake; Synchronisation
    • G06F13/4282Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a trusted security chip, a trusted data processing system and a trusted data processing method, wherein the trusted data processing method comprises the following steps: when the trusted security chip is powered on, reading a system boot program stored in the storage device through the peripheral interface to perform trusted measurement, and controlling other devices in the system to be powered on if the measurement is passed; performing read-write operation on the external storage device according to a data access request sent by an external processor: for the data reading operation, reading corresponding data in corresponding storage equipment, performing credibility measurement on the read data, and forwarding the data passing the credibility measurement to an external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment. The trusted chip has the functions of active data measurement and interface agent of the storage device, can avoid bus bypass attack, and improves the endogenous safety protection level of a trusted product.

Description

Trusted security chip, trusted data processing system and method
Technical Field
The invention relates to the technical field of automatic control and safety of a power system, in particular to a trusted safety chip with active data measurement and storage device interface proxy functions, a trusted data processing system and a trusted data processing method.
Background
The trusted computing work in China is mainly developed around the important information system safety requirements in China, the idea of implementing active trusted monitoring based on a dual-system structure is creatively provided, the first trusted computing platform in China was developed in 2004, and thereafter, the trusted computer and the TPM chip are successively developed. Through long-term attack and customs, a complete credible network protection system of active immunity is formed, the fusion problem, credible management problem and simplification problem of credible development of a credible system and the existing system are solved, revolutionary development of credible computation is realized, and a credible computation technology based on the active immunity system is credible 3.0.
The key basic chip in the trusted computing 3.0 system is a TPCM chip, when the system is powered on, the TPCM chip and a peripheral circuit are powered on firstly, the TPCM initiates the trusted measurement of a system boot program, and after the measurement result passes, a CPU is controlled to be powered on to start the trusted start operation of the main control system. After the TPCM finishes measuring the bootstrap program, the CPU directly accesses the external memory through a memory bus, the transmission of sensitive information between the processor and the memory is involved in the process, the hidden danger of bypassing a TPCM control port and the bus exists, the processor is directly powered on, the non-trusted bootstrap program is loaded, and the trusted execution environment is damaged. There is a need to provide a more secure trusted hardware environment to essentially safeguard the endogenous trusted security of a system.
Noun interpretation
TPCM, Trusted Platform Control Module), a Trusted Platform Control Module, which is a hardware core Module integrated in a Trusted Platform and used for establishing and guaranteeing a Trusted source point, adopts an encryption algorithm and an active measurement idea, can ensure that a boot code is Trusted when read by a Platform controller, and then constructs a trust chain to ensure the credibility of each level.
Disclosure of Invention
The invention aims to provide a trusted security chip, a trusted data processing system and a trusted data processing method, wherein the trusted chip has the functions of active data measurement and interface agent of storage equipment, bus bypass attack can be avoided, and the endogenous security protection level of a trusted product is improved. The technical scheme adopted by the invention is as follows.
In one aspect, the present invention provides a trusted security chip, including an interface agent module, an access control module, a trusted measurement module, and an encryption processing module, wherein:
the interface agent module is used for performing communication connection between the trusted security chip and the external storage device, is driven by the access control module, and performs read-write operation on the external storage device, wherein the read data comprises a system bootstrap program and data corresponding to a data access request of an external processor;
the credibility measurement module is used for reading the system boot program read by the interface agent module and the data to be transmitted to the external processor;
the encryption processing module is used for encrypting the data to be written into the external storage equipment according to the access request of the external processor;
the access control module is used for responding to the electrification of the trusted security chip, driving the interface agent module to read the system bootstrap program and acquiring a system bootstrap degree measurement result of the trusted measurement module, so that the trusted security chip can control the electrification of other equipment after the measurement of the system bootstrap program is passed; and the interface agent module is used for receiving a data read-write request of the external processor after the system boot program measurement passes, and driving the interface agent module to perform data read-write operation on the corresponding external storage device according to the data read-write request: for the data read by the interface agent module, obtaining the result of the credibility measurement performed by the credibility measurement module, if the credibility measurement passes, forwarding the data to the external processor, and if the credibility measurement fails, sending measurement failure information to the external processor; and for the data to be written into the external storage equipment, acquiring the data encrypted by the encryption processing module, and writing the data into the corresponding external storage equipment through the interface agent module.
Optionally, the trusted security chip includes an external memory communication interface, a processor interface, and a control IO interface, where the external memory communication interface includes an SPI bus interface, an ebbc interface, an SDIO interface, and/or a USB interface; the processor interface comprises a PCIE interface and an SPI interface.
Optionally, the access control module is further configured to receive a trusted computing service request sent by the external processor through the SPI bus, and in response to receiving the request, provide the trusted computing service to the external processor through the trusted measurement module.
Optionally, the encryption processing module is further configured to decrypt encrypted data read from an external storage device;
and the access control module acquires the data decrypted by the encryption processing module for the encrypted data read by the interface agent module and forwards the data to the external processor.
In a second aspect, the present invention provides a trusted data processing method, including:
when the trusted security chip is powered on, reading a system boot program stored in the external storage device through the peripheral interface;
performing credibility measurement on the system boot program, and controlling other equipment in the system to be powered on if the measurement is passed;
receiving a data access request sent by an external processor, and performing read-write operation on external storage equipment according to the data access request: for the data reading operation, reading corresponding data in corresponding external storage equipment, performing credibility measurement on the read data, and forwarding the data passing the credibility measurement to an external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment.
Optionally, in the trusted data processing method, a decryption operation is performed on the read encrypted data, then a trusted measurement is performed on the data after the decryption operation, and the data that passes the trusted measurement is forwarded to the external processor.
Optionally, the trusted data processing method further includes receiving a trusted computing service request sent by the external processor, and providing the trusted computing service to the external processor in response to receiving the request.
Optionally, in the trusted data processing method, if a result of performing the trusted measurement on the read data is that the read data does not pass, the measurement failure information is returned to the external processor.
In a third aspect, the present invention further provides a trusted data processing system, including a trusted security chip, a storage device, and a processor;
the trusted security chip executes the trusted data processing method of the second aspect to be in communication connection with the storage device and the processor.
Advantageous effects
The invention can realize the active data measurement of the trusted security chip in the trusted communication, provides the memory device interface proxy function for the processor, and can avoid the bypass attack in the bus type access process by actively measuring, reading and writing the data stored in the memory by a bootstrap program, a system program, an application program, key data and the like under the trusted hardware architecture, thereby improving the endogenous security level of the trusted product and the operation security reliability of the trusted hardware architecture.
Drawings
Fig. 1 is a schematic diagram illustrating an embodiment of a trusted hardware architecture of a substation automation device according to the present invention;
fig. 2 is a flowchart illustrating an embodiment of a trusted control method for a trusted hardware architecture of a substation automation device according to the present invention.
Detailed Description
The following further description is made in conjunction with the accompanying drawings and the specific embodiments.
This embodiment introduces a trusted security chip, which is shown in fig. 1 and includes an interface agent module, an access control module, a trusted metric module, and an encryption processing module, where:
the interface agent module is used for performing communication connection between the trusted security chip and the external storage device, is driven by the access control module, and performs read-write operation on the external storage device, wherein the read data comprises a system bootstrap program and data corresponding to a data access request of an external processor;
the credibility measurement module is used for reading the system boot program read by the interface agent module and the data to be transmitted to the external processor;
the encryption processing module is used for encrypting the data to be written into the external storage equipment according to the access request of the external processor;
the access control module can realize interface drive management and adaptation of an external memory, and is used for responding to the electrification of the trusted security chip, driving the interface agent module to read the system bootstrap program and acquiring a system bootstrap degree measurement result of the trusted measurement module, so that the trusted security chip can control the electrification of other equipment after the measurement of the system bootstrap program is passed; and after the system boot program measurement passes, receiving a data read-write request of an external processor, and driving an interface proxy module to perform data read-write operation on corresponding external storage equipment according to the data read-write request: for the data read by the interface agent module, obtaining the result of the credibility measurement performed by the credibility measurement module, if the credibility measurement passes, forwarding the data to the external processor, and if the credibility measurement fails, sending measurement failure information to the external processor; and for the data to be written into the external storage equipment, acquiring the data encrypted by the encryption processing module, and writing the data into the corresponding external storage equipment through the interface agent module.
As shown in fig. 1, the trusted security chip of this embodiment may implement a storage device interface proxy function, that is, the processor does not directly access the storage device, but the trusted security chip connects the processor and all the storage devices. In order to implement the storage device interface proxy function of the processor, in this embodiment, the external interface of the trusted chip includes: the memory interface comprises an SPI bus interface, an eLBC interface, an SDIO interface and a USB interface which are connected with a memory device, wherein each memory interface type has at least one or more channels; the PCIE interface and the SPI interface are connected with the processor and used for receiving read-write instructions, read-write data, trusted computing instructions, data and the like of the processor; and the external control input/output I/O interface of other control circuits.
In this embodiment, the active measurement function of the trusted security chip is embodied in two aspects, on one hand, after the trusted security chip is powered on, it first reads a system boot program to perform trusted measurement, so as to control the power-on process of other circuits in the system according to a result of the trusted measurement, if the trusted measurement of the boot program passes, the trusted security chip provides an external storage device interface proxy function to the processor, and at this time, the trusted security chip is an external storage to the processor, and the processor can perform data access read-write operations on the connected storage device through the trusted security chip, including the boot program, the application program, and the application data information. Meanwhile, on the other hand, for the read data, the trusted security chip also performs active trusted measurement, forwards corresponding data to the processor only after the trusted measurement is passed, and for the case that the read data is encrypted data, the trusted security chip also performs decryption operation on the data through a national cryptographic algorithm, a hardware random number algorithm and the like. And for the data to be written into the storage equipment, the trusted security chip encrypts the data through a state encryption algorithm, a hardware random number algorithm and the like through the processor and then writes the data into the corresponding external storage equipment. For control instructions sent by other control circuits through the control IO port, if encryption processing or trusted measurement is required, the embodiment can also correspondingly implement corresponding functions through the trusted measurement module and the encryption processing module.
In this embodiment, the access control module is further configured to receive a trusted computing service request sent by the external processor through the SPI bus, and in response to receiving the request, provide trusted computing service to the external processor through the trusted measurement module.
Example 2
Based on the same inventive concept as embodiment 1, this embodiment introduces a trusted data processing method, including:
when the trusted security chip is powered on, reading a system boot program stored in the external storage device through the peripheral interface;
performing credibility measurement on the system boot program, and controlling other equipment in the system to be powered on if the measurement is passed;
receiving a data access request sent by an external processor, and performing read-write operation on external storage equipment according to the data access request: for the data reading operation, reading corresponding data in corresponding external storage equipment, performing credibility measurement on the read data, forwarding the data passing the credibility measurement to an external processor, and if the result of the credibility measurement is that the data does not pass, returning measurement failure information to the external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment.
In the trusted data processing method of this embodiment, for the read encrypted data, decryption operation is performed by using a cryptographic algorithm, a hardware random number, and the like, and then trusted measurement is performed on the decrypted data, and the data that passes the trusted measurement is forwarded to an external processor.
For a trusted computing service request issued by an external processor, the trusted security chip provides trusted computing service to the external processor through the trusted metrics module in response to receiving the request.
Referring to fig. 2, a program function module architecture corresponding to the method of the present embodiment includes an external interface access control module, a processor data instruction processing module, a trusted measurement and control module, and a trusted chip function service module;
the interface access control module realizes interface drive management and adaptation of the external memory and carries out corresponding read-write operation according to an external memory access instruction;
the processor data instruction processing module receives and processes a memory read-write instruction sent by an external processor through a PCIE interface and an SPI interface; when the processor reads data, the processor data instruction processing module reads the memory data through the interface access control module, calls the credibility measurement for the read data, controls the module to decrypt and measure the data and transmits the data and the credibility measurement result to the processor; when the processor writes data, the processor data instruction processing module calls the credibility measurement and control module to perform security operations such as encryption, abstract calculation, marking and the like on the data, and then the data is written into the external memory through the external interface access control module;
the credibility measurement and control module actively reads a bootstrap program in the memory and starts the credibility measurement when the system is powered on, and after the measurement is passed, the measurement is transmitted to the processor through the processor data instruction processing module; according to the instruction of the processor data instruction processing module, carrying out safety operations such as measurement, encryption, decryption, abstract calculation and the like on data;
and the trusted chip function service module provides trusted computing related function service for the processor through the SPI bus according to a trusted computing instruction received by the SPI interface of the processor data instruction processing module.
Example 3
This embodiment introduces a trusted data processing system, and still referring to fig. 1, the system includes a trusted security chip, a storage device, and a processor;
the trusted security chip executes the trusted data processing method described in embodiment 2 to be in communication connection with the storage device and the processor.
The embodiment can realize active data measurement of the trusted security chip in trusted communication, provides a storage device interface agent function for the processor, can avoid bypass attack in a bus type access process, and improves the endogenous security level of a trusted product and the running security reliability of a trusted hardware architecture.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.

Claims (9)

1. The utility model provides a credible security chip, characterized by, includes interface agent module, access control module, credible measurement module and encryption processing module, wherein:
the interface agent module is used for performing communication connection between the trusted security chip and the external storage device, is driven by the access control module, and performs read-write operation on the external storage device, wherein the read data comprises a system bootstrap program and data corresponding to a data access request of an external processor;
the credibility measurement module is used for reading the system boot program read by the interface agent module and the data to be transmitted to the external processor;
the encryption processing module is used for encrypting the data to be written into the external storage equipment according to the access request of the external processor;
the access control module is used for responding to the electrification of the trusted security chip, driving the interface agent module to read the system bootstrap program and acquiring a system bootstrap degree measurement result of the trusted measurement module so that the trusted security chip can control the electrification of other equipment after the measurement of the system bootstrap program is passed; and the interface agent module is used for receiving a data read-write request of the external processor after the system boot program measurement passes, and driving the interface agent module to perform data read-write operation on the corresponding external storage device according to the data read-write request: for the data read by the interface agent module, obtaining the result of the credibility measurement performed by the credibility measurement module, if the credibility measurement passes, forwarding the data to an external processor, and if the credibility measurement fails, sending measurement failure information to the external processor; and for the data to be written into the external storage equipment, acquiring the data encrypted by the encryption processing module, and writing the data into the corresponding external storage equipment through the interface agent module.
2. The trusted security chip of claim 1, further comprising an external memory communication interface, a processor interface, and a control IO interface, wherein the external memory communication interface comprises an SPI bus interface, an ebbc interface, an SDIO interface, and/or a USB interface; the processor interface comprises a PCIE interface and an SPI interface.
3. The trusted security chip of claim 1, wherein the access control module is further configured to receive a request for trusted computing services from the external processor via the SPI bus, and to provide the trusted computing services to the external processor via the trusted metrics module in response to receiving the request.
4. The trusted security chip of claim 1, wherein the encryption processing module is further configured to decrypt encrypted data read from an external storage device;
and the access control module acquires the data decrypted by the encryption processing module for the encrypted data read by the interface agent module and forwards the data to the external processor.
5. A trusted data processing method is characterized by comprising the following steps:
when the trusted security chip is powered on, reading a system boot program stored in the external storage device through the peripheral interface;
performing credibility measurement on the system boot program, and controlling other equipment in the system to be powered on if the measurement is passed;
receiving a data access request sent by an external processor, and performing read-write operation on the external storage device according to the data access request: for the data reading operation, reading corresponding data in corresponding external storage equipment, performing credibility measurement on the read data, and forwarding the data passing the credibility measurement to an external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment.
6. The method according to claim 5, wherein a decryption operation is performed on the read encrypted data, and then a confidence measure is performed on the decrypted data, and the data passing the confidence measure is forwarded to the external processor.
7. The trusted data processing method of claim 5, further comprising receiving a request for trusted computing services from an external processor, and in response to receiving the request, providing the trusted computing services to the external processor.
8. The method according to claim 5, wherein if the result of performing the confidence measurement on the read data is failed, a measurement failure message is returned to the external processor.
9. A trusted data processing system is characterized by comprising a trusted security chip, a storage device and a processor;
the trusted security chip executes the trusted data processing method of any one of claims 5 to 8 to communicatively couple the storage device and the processor.
CN202210439683.5A 2022-04-25 2022-04-25 Trusted security chip, trusted data processing system and method Pending CN114936373A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210439683.5A CN114936373A (en) 2022-04-25 2022-04-25 Trusted security chip, trusted data processing system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210439683.5A CN114936373A (en) 2022-04-25 2022-04-25 Trusted security chip, trusted data processing system and method

Publications (1)

Publication Number Publication Date
CN114936373A true CN114936373A (en) 2022-08-23

Family

ID=82862665

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210439683.5A Pending CN114936373A (en) 2022-04-25 2022-04-25 Trusted security chip, trusted data processing system and method

Country Status (1)

Country Link
CN (1) CN114936373A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115630377A (en) * 2022-10-10 2023-01-20 广州市金其利信息科技有限公司 External device access method and device, computer device and external device
CN115994106A (en) * 2023-02-17 2023-04-21 广州万协通信息技术有限公司 Mass data encryption and decryption method, data security device and electronic equipment
CN116226870A (en) * 2023-05-06 2023-06-06 北京清智龙马科技有限公司 Security enhancement system and method
CN116302490A (en) * 2023-02-02 2023-06-23 广州万协通信息技术有限公司 Multi-channel security chip scheduling method and security chip device

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115630377A (en) * 2022-10-10 2023-01-20 广州市金其利信息科技有限公司 External device access method and device, computer device and external device
CN116302490A (en) * 2023-02-02 2023-06-23 广州万协通信息技术有限公司 Multi-channel security chip scheduling method and security chip device
CN116302490B (en) * 2023-02-02 2024-05-31 广州万协通信息技术有限公司 Multi-channel security chip scheduling method and security chip device
CN115994106A (en) * 2023-02-17 2023-04-21 广州万协通信息技术有限公司 Mass data encryption and decryption method, data security device and electronic equipment
CN115994106B (en) * 2023-02-17 2023-09-05 广州万协通信息技术有限公司 Mass data encryption and decryption method, data security device and electronic equipment
CN116226870A (en) * 2023-05-06 2023-06-06 北京清智龙马科技有限公司 Security enhancement system and method
CN116226870B (en) * 2023-05-06 2023-09-26 北京清智龙马科技有限公司 Security enhancement system and method

Similar Documents

Publication Publication Date Title
CN114936373A (en) Trusted security chip, trusted data processing system and method
CN107667347B (en) Techniques for virtualized access to security services provided by a converged manageability and security engine
US7577852B2 (en) Microprocessor, a node terminal, a computer system and a program execution proving method
KR102013841B1 (en) Method of managing key for secure storage of data, and and apparatus there-of
EP2367129A1 (en) Method for checking data consistency in a system on chip
CN117112474B (en) Universal trusted substrate management method and system
JP4791250B2 (en) Microcomputer and its software falsification prevention method
CN115408707B (en) Data transmission method, device and system, electronic equipment and storage medium
EP4116851A1 (en) Trusted measurement method and related apparatus
CN100334519C (en) Method for establishing credible input-output channels
CN109583214B (en) Safety control method
CN112016090A (en) Secure computing card, and measurement method and system based on secure computing card
CN201917912U (en) Monitoring and management system of USB (Universal Serial Bus) storage device
CN117370296A (en) Method and system for acquiring log file of vehicle-mounted device and vehicle-mounted terminal
US8332658B2 (en) Computer system, management terminal, storage system and encryption management method
CN113127896B (en) Data processing method and device based on independent encryption chip
CN115348363A (en) Encryption/decryption chip, method, equipment and medium based on state cryptographic algorithm
CN109583196B (en) Key generation method
US11277388B2 (en) Communication system, communication method, and information storage medium
JP2002244757A (en) Semiconductor circuit
CN112688953B (en) Data processing method and device, electronic equipment and computer readable storage medium
CN112579255B (en) Compression protection method for virtual machine migration, migration-in migration-out accelerator module and SOC chip
CN117194284A (en) Memory access method, initialization method and related devices thereof
CN110990120B (en) Inter-partition communication method and device for virtual machine monitor, storage medium and terminal
CN117093979B (en) Method, system and medium for trusted switching of DCS controller in non-network environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination