CN114936373A - Trusted security chip, trusted data processing system and method - Google Patents
Trusted security chip, trusted data processing system and method Download PDFInfo
- Publication number
- CN114936373A CN114936373A CN202210439683.5A CN202210439683A CN114936373A CN 114936373 A CN114936373 A CN 114936373A CN 202210439683 A CN202210439683 A CN 202210439683A CN 114936373 A CN114936373 A CN 114936373A
- Authority
- CN
- China
- Prior art keywords
- data
- trusted
- measurement
- interface
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a trusted security chip, a trusted data processing system and a trusted data processing method, wherein the trusted data processing method comprises the following steps: when the trusted security chip is powered on, reading a system boot program stored in the storage device through the peripheral interface to perform trusted measurement, and controlling other devices in the system to be powered on if the measurement is passed; performing read-write operation on the external storage device according to a data access request sent by an external processor: for the data reading operation, reading corresponding data in corresponding storage equipment, performing credibility measurement on the read data, and forwarding the data passing the credibility measurement to an external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment. The trusted chip has the functions of active data measurement and interface agent of the storage device, can avoid bus bypass attack, and improves the endogenous safety protection level of a trusted product.
Description
Technical Field
The invention relates to the technical field of automatic control and safety of a power system, in particular to a trusted safety chip with active data measurement and storage device interface proxy functions, a trusted data processing system and a trusted data processing method.
Background
The trusted computing work in China is mainly developed around the important information system safety requirements in China, the idea of implementing active trusted monitoring based on a dual-system structure is creatively provided, the first trusted computing platform in China was developed in 2004, and thereafter, the trusted computer and the TPM chip are successively developed. Through long-term attack and customs, a complete credible network protection system of active immunity is formed, the fusion problem, credible management problem and simplification problem of credible development of a credible system and the existing system are solved, revolutionary development of credible computation is realized, and a credible computation technology based on the active immunity system is credible 3.0.
The key basic chip in the trusted computing 3.0 system is a TPCM chip, when the system is powered on, the TPCM chip and a peripheral circuit are powered on firstly, the TPCM initiates the trusted measurement of a system boot program, and after the measurement result passes, a CPU is controlled to be powered on to start the trusted start operation of the main control system. After the TPCM finishes measuring the bootstrap program, the CPU directly accesses the external memory through a memory bus, the transmission of sensitive information between the processor and the memory is involved in the process, the hidden danger of bypassing a TPCM control port and the bus exists, the processor is directly powered on, the non-trusted bootstrap program is loaded, and the trusted execution environment is damaged. There is a need to provide a more secure trusted hardware environment to essentially safeguard the endogenous trusted security of a system.
Noun interpretation
TPCM, Trusted Platform Control Module), a Trusted Platform Control Module, which is a hardware core Module integrated in a Trusted Platform and used for establishing and guaranteeing a Trusted source point, adopts an encryption algorithm and an active measurement idea, can ensure that a boot code is Trusted when read by a Platform controller, and then constructs a trust chain to ensure the credibility of each level.
Disclosure of Invention
The invention aims to provide a trusted security chip, a trusted data processing system and a trusted data processing method, wherein the trusted chip has the functions of active data measurement and interface agent of storage equipment, bus bypass attack can be avoided, and the endogenous security protection level of a trusted product is improved. The technical scheme adopted by the invention is as follows.
In one aspect, the present invention provides a trusted security chip, including an interface agent module, an access control module, a trusted measurement module, and an encryption processing module, wherein:
the interface agent module is used for performing communication connection between the trusted security chip and the external storage device, is driven by the access control module, and performs read-write operation on the external storage device, wherein the read data comprises a system bootstrap program and data corresponding to a data access request of an external processor;
the credibility measurement module is used for reading the system boot program read by the interface agent module and the data to be transmitted to the external processor;
the encryption processing module is used for encrypting the data to be written into the external storage equipment according to the access request of the external processor;
the access control module is used for responding to the electrification of the trusted security chip, driving the interface agent module to read the system bootstrap program and acquiring a system bootstrap degree measurement result of the trusted measurement module, so that the trusted security chip can control the electrification of other equipment after the measurement of the system bootstrap program is passed; and the interface agent module is used for receiving a data read-write request of the external processor after the system boot program measurement passes, and driving the interface agent module to perform data read-write operation on the corresponding external storage device according to the data read-write request: for the data read by the interface agent module, obtaining the result of the credibility measurement performed by the credibility measurement module, if the credibility measurement passes, forwarding the data to the external processor, and if the credibility measurement fails, sending measurement failure information to the external processor; and for the data to be written into the external storage equipment, acquiring the data encrypted by the encryption processing module, and writing the data into the corresponding external storage equipment through the interface agent module.
Optionally, the trusted security chip includes an external memory communication interface, a processor interface, and a control IO interface, where the external memory communication interface includes an SPI bus interface, an ebbc interface, an SDIO interface, and/or a USB interface; the processor interface comprises a PCIE interface and an SPI interface.
Optionally, the access control module is further configured to receive a trusted computing service request sent by the external processor through the SPI bus, and in response to receiving the request, provide the trusted computing service to the external processor through the trusted measurement module.
Optionally, the encryption processing module is further configured to decrypt encrypted data read from an external storage device;
and the access control module acquires the data decrypted by the encryption processing module for the encrypted data read by the interface agent module and forwards the data to the external processor.
In a second aspect, the present invention provides a trusted data processing method, including:
when the trusted security chip is powered on, reading a system boot program stored in the external storage device through the peripheral interface;
performing credibility measurement on the system boot program, and controlling other equipment in the system to be powered on if the measurement is passed;
receiving a data access request sent by an external processor, and performing read-write operation on external storage equipment according to the data access request: for the data reading operation, reading corresponding data in corresponding external storage equipment, performing credibility measurement on the read data, and forwarding the data passing the credibility measurement to an external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment.
Optionally, in the trusted data processing method, a decryption operation is performed on the read encrypted data, then a trusted measurement is performed on the data after the decryption operation, and the data that passes the trusted measurement is forwarded to the external processor.
Optionally, the trusted data processing method further includes receiving a trusted computing service request sent by the external processor, and providing the trusted computing service to the external processor in response to receiving the request.
Optionally, in the trusted data processing method, if a result of performing the trusted measurement on the read data is that the read data does not pass, the measurement failure information is returned to the external processor.
In a third aspect, the present invention further provides a trusted data processing system, including a trusted security chip, a storage device, and a processor;
the trusted security chip executes the trusted data processing method of the second aspect to be in communication connection with the storage device and the processor.
Advantageous effects
The invention can realize the active data measurement of the trusted security chip in the trusted communication, provides the memory device interface proxy function for the processor, and can avoid the bypass attack in the bus type access process by actively measuring, reading and writing the data stored in the memory by a bootstrap program, a system program, an application program, key data and the like under the trusted hardware architecture, thereby improving the endogenous security level of the trusted product and the operation security reliability of the trusted hardware architecture.
Drawings
Fig. 1 is a schematic diagram illustrating an embodiment of a trusted hardware architecture of a substation automation device according to the present invention;
fig. 2 is a flowchart illustrating an embodiment of a trusted control method for a trusted hardware architecture of a substation automation device according to the present invention.
Detailed Description
The following further description is made in conjunction with the accompanying drawings and the specific embodiments.
This embodiment introduces a trusted security chip, which is shown in fig. 1 and includes an interface agent module, an access control module, a trusted metric module, and an encryption processing module, where:
the interface agent module is used for performing communication connection between the trusted security chip and the external storage device, is driven by the access control module, and performs read-write operation on the external storage device, wherein the read data comprises a system bootstrap program and data corresponding to a data access request of an external processor;
the credibility measurement module is used for reading the system boot program read by the interface agent module and the data to be transmitted to the external processor;
the encryption processing module is used for encrypting the data to be written into the external storage equipment according to the access request of the external processor;
the access control module can realize interface drive management and adaptation of an external memory, and is used for responding to the electrification of the trusted security chip, driving the interface agent module to read the system bootstrap program and acquiring a system bootstrap degree measurement result of the trusted measurement module, so that the trusted security chip can control the electrification of other equipment after the measurement of the system bootstrap program is passed; and after the system boot program measurement passes, receiving a data read-write request of an external processor, and driving an interface proxy module to perform data read-write operation on corresponding external storage equipment according to the data read-write request: for the data read by the interface agent module, obtaining the result of the credibility measurement performed by the credibility measurement module, if the credibility measurement passes, forwarding the data to the external processor, and if the credibility measurement fails, sending measurement failure information to the external processor; and for the data to be written into the external storage equipment, acquiring the data encrypted by the encryption processing module, and writing the data into the corresponding external storage equipment through the interface agent module.
As shown in fig. 1, the trusted security chip of this embodiment may implement a storage device interface proxy function, that is, the processor does not directly access the storage device, but the trusted security chip connects the processor and all the storage devices. In order to implement the storage device interface proxy function of the processor, in this embodiment, the external interface of the trusted chip includes: the memory interface comprises an SPI bus interface, an eLBC interface, an SDIO interface and a USB interface which are connected with a memory device, wherein each memory interface type has at least one or more channels; the PCIE interface and the SPI interface are connected with the processor and used for receiving read-write instructions, read-write data, trusted computing instructions, data and the like of the processor; and the external control input/output I/O interface of other control circuits.
In this embodiment, the active measurement function of the trusted security chip is embodied in two aspects, on one hand, after the trusted security chip is powered on, it first reads a system boot program to perform trusted measurement, so as to control the power-on process of other circuits in the system according to a result of the trusted measurement, if the trusted measurement of the boot program passes, the trusted security chip provides an external storage device interface proxy function to the processor, and at this time, the trusted security chip is an external storage to the processor, and the processor can perform data access read-write operations on the connected storage device through the trusted security chip, including the boot program, the application program, and the application data information. Meanwhile, on the other hand, for the read data, the trusted security chip also performs active trusted measurement, forwards corresponding data to the processor only after the trusted measurement is passed, and for the case that the read data is encrypted data, the trusted security chip also performs decryption operation on the data through a national cryptographic algorithm, a hardware random number algorithm and the like. And for the data to be written into the storage equipment, the trusted security chip encrypts the data through a state encryption algorithm, a hardware random number algorithm and the like through the processor and then writes the data into the corresponding external storage equipment. For control instructions sent by other control circuits through the control IO port, if encryption processing or trusted measurement is required, the embodiment can also correspondingly implement corresponding functions through the trusted measurement module and the encryption processing module.
In this embodiment, the access control module is further configured to receive a trusted computing service request sent by the external processor through the SPI bus, and in response to receiving the request, provide trusted computing service to the external processor through the trusted measurement module.
Example 2
Based on the same inventive concept as embodiment 1, this embodiment introduces a trusted data processing method, including:
when the trusted security chip is powered on, reading a system boot program stored in the external storage device through the peripheral interface;
performing credibility measurement on the system boot program, and controlling other equipment in the system to be powered on if the measurement is passed;
receiving a data access request sent by an external processor, and performing read-write operation on external storage equipment according to the data access request: for the data reading operation, reading corresponding data in corresponding external storage equipment, performing credibility measurement on the read data, forwarding the data passing the credibility measurement to an external processor, and if the result of the credibility measurement is that the data does not pass, returning measurement failure information to the external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment.
In the trusted data processing method of this embodiment, for the read encrypted data, decryption operation is performed by using a cryptographic algorithm, a hardware random number, and the like, and then trusted measurement is performed on the decrypted data, and the data that passes the trusted measurement is forwarded to an external processor.
For a trusted computing service request issued by an external processor, the trusted security chip provides trusted computing service to the external processor through the trusted metrics module in response to receiving the request.
Referring to fig. 2, a program function module architecture corresponding to the method of the present embodiment includes an external interface access control module, a processor data instruction processing module, a trusted measurement and control module, and a trusted chip function service module;
the interface access control module realizes interface drive management and adaptation of the external memory and carries out corresponding read-write operation according to an external memory access instruction;
the processor data instruction processing module receives and processes a memory read-write instruction sent by an external processor through a PCIE interface and an SPI interface; when the processor reads data, the processor data instruction processing module reads the memory data through the interface access control module, calls the credibility measurement for the read data, controls the module to decrypt and measure the data and transmits the data and the credibility measurement result to the processor; when the processor writes data, the processor data instruction processing module calls the credibility measurement and control module to perform security operations such as encryption, abstract calculation, marking and the like on the data, and then the data is written into the external memory through the external interface access control module;
the credibility measurement and control module actively reads a bootstrap program in the memory and starts the credibility measurement when the system is powered on, and after the measurement is passed, the measurement is transmitted to the processor through the processor data instruction processing module; according to the instruction of the processor data instruction processing module, carrying out safety operations such as measurement, encryption, decryption, abstract calculation and the like on data;
and the trusted chip function service module provides trusted computing related function service for the processor through the SPI bus according to a trusted computing instruction received by the SPI interface of the processor data instruction processing module.
Example 3
This embodiment introduces a trusted data processing system, and still referring to fig. 1, the system includes a trusted security chip, a storage device, and a processor;
the trusted security chip executes the trusted data processing method described in embodiment 2 to be in communication connection with the storage device and the processor.
The embodiment can realize active data measurement of the trusted security chip in trusted communication, provides a storage device interface agent function for the processor, can avoid bypass attack in a bus type access process, and improves the endogenous security level of a trusted product and the running security reliability of a trusted hardware architecture.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the present invention has been described with reference to the embodiments shown in the drawings, the present invention is not limited to the embodiments, which are illustrative and not restrictive, and it will be apparent to those skilled in the art that various changes and modifications can be made therein without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (9)
1. The utility model provides a credible security chip, characterized by, includes interface agent module, access control module, credible measurement module and encryption processing module, wherein:
the interface agent module is used for performing communication connection between the trusted security chip and the external storage device, is driven by the access control module, and performs read-write operation on the external storage device, wherein the read data comprises a system bootstrap program and data corresponding to a data access request of an external processor;
the credibility measurement module is used for reading the system boot program read by the interface agent module and the data to be transmitted to the external processor;
the encryption processing module is used for encrypting the data to be written into the external storage equipment according to the access request of the external processor;
the access control module is used for responding to the electrification of the trusted security chip, driving the interface agent module to read the system bootstrap program and acquiring a system bootstrap degree measurement result of the trusted measurement module so that the trusted security chip can control the electrification of other equipment after the measurement of the system bootstrap program is passed; and the interface agent module is used for receiving a data read-write request of the external processor after the system boot program measurement passes, and driving the interface agent module to perform data read-write operation on the corresponding external storage device according to the data read-write request: for the data read by the interface agent module, obtaining the result of the credibility measurement performed by the credibility measurement module, if the credibility measurement passes, forwarding the data to an external processor, and if the credibility measurement fails, sending measurement failure information to the external processor; and for the data to be written into the external storage equipment, acquiring the data encrypted by the encryption processing module, and writing the data into the corresponding external storage equipment through the interface agent module.
2. The trusted security chip of claim 1, further comprising an external memory communication interface, a processor interface, and a control IO interface, wherein the external memory communication interface comprises an SPI bus interface, an ebbc interface, an SDIO interface, and/or a USB interface; the processor interface comprises a PCIE interface and an SPI interface.
3. The trusted security chip of claim 1, wherein the access control module is further configured to receive a request for trusted computing services from the external processor via the SPI bus, and to provide the trusted computing services to the external processor via the trusted metrics module in response to receiving the request.
4. The trusted security chip of claim 1, wherein the encryption processing module is further configured to decrypt encrypted data read from an external storage device;
and the access control module acquires the data decrypted by the encryption processing module for the encrypted data read by the interface agent module and forwards the data to the external processor.
5. A trusted data processing method is characterized by comprising the following steps:
when the trusted security chip is powered on, reading a system boot program stored in the external storage device through the peripheral interface;
performing credibility measurement on the system boot program, and controlling other equipment in the system to be powered on if the measurement is passed;
receiving a data access request sent by an external processor, and performing read-write operation on the external storage device according to the data access request: for the data reading operation, reading corresponding data in corresponding external storage equipment, performing credibility measurement on the read data, and forwarding the data passing the credibility measurement to an external processor; and for the data writing operation, encrypting the data to be written, and writing the encrypted data into the corresponding external storage equipment.
6. The method according to claim 5, wherein a decryption operation is performed on the read encrypted data, and then a confidence measure is performed on the decrypted data, and the data passing the confidence measure is forwarded to the external processor.
7. The trusted data processing method of claim 5, further comprising receiving a request for trusted computing services from an external processor, and in response to receiving the request, providing the trusted computing services to the external processor.
8. The method according to claim 5, wherein if the result of performing the confidence measurement on the read data is failed, a measurement failure message is returned to the external processor.
9. A trusted data processing system is characterized by comprising a trusted security chip, a storage device and a processor;
the trusted security chip executes the trusted data processing method of any one of claims 5 to 8 to communicatively couple the storage device and the processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210439683.5A CN114936373A (en) | 2022-04-25 | 2022-04-25 | Trusted security chip, trusted data processing system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210439683.5A CN114936373A (en) | 2022-04-25 | 2022-04-25 | Trusted security chip, trusted data processing system and method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114936373A true CN114936373A (en) | 2022-08-23 |
Family
ID=82862665
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210439683.5A Pending CN114936373A (en) | 2022-04-25 | 2022-04-25 | Trusted security chip, trusted data processing system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114936373A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115630377A (en) * | 2022-10-10 | 2023-01-20 | 广州市金其利信息科技有限公司 | External device access method and device, computer device and external device |
CN115994106A (en) * | 2023-02-17 | 2023-04-21 | 广州万协通信息技术有限公司 | Mass data encryption and decryption method, data security device and electronic equipment |
CN116226870A (en) * | 2023-05-06 | 2023-06-06 | 北京清智龙马科技有限公司 | Security enhancement system and method |
CN116302490A (en) * | 2023-02-02 | 2023-06-23 | 广州万协通信息技术有限公司 | Multi-channel security chip scheduling method and security chip device |
-
2022
- 2022-04-25 CN CN202210439683.5A patent/CN114936373A/en active Pending
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115630377A (en) * | 2022-10-10 | 2023-01-20 | 广州市金其利信息科技有限公司 | External device access method and device, computer device and external device |
CN116302490A (en) * | 2023-02-02 | 2023-06-23 | 广州万协通信息技术有限公司 | Multi-channel security chip scheduling method and security chip device |
CN116302490B (en) * | 2023-02-02 | 2024-05-31 | 广州万协通信息技术有限公司 | Multi-channel security chip scheduling method and security chip device |
CN115994106A (en) * | 2023-02-17 | 2023-04-21 | 广州万协通信息技术有限公司 | Mass data encryption and decryption method, data security device and electronic equipment |
CN115994106B (en) * | 2023-02-17 | 2023-09-05 | 广州万协通信息技术有限公司 | Mass data encryption and decryption method, data security device and electronic equipment |
CN116226870A (en) * | 2023-05-06 | 2023-06-06 | 北京清智龙马科技有限公司 | Security enhancement system and method |
CN116226870B (en) * | 2023-05-06 | 2023-09-26 | 北京清智龙马科技有限公司 | Security enhancement system and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN114936373A (en) | Trusted security chip, trusted data processing system and method | |
CN107667347B (en) | Techniques for virtualized access to security services provided by a converged manageability and security engine | |
US7577852B2 (en) | Microprocessor, a node terminal, a computer system and a program execution proving method | |
KR102013841B1 (en) | Method of managing key for secure storage of data, and and apparatus there-of | |
EP2367129A1 (en) | Method for checking data consistency in a system on chip | |
CN117112474B (en) | Universal trusted substrate management method and system | |
JP4791250B2 (en) | Microcomputer and its software falsification prevention method | |
CN115408707B (en) | Data transmission method, device and system, electronic equipment and storage medium | |
EP4116851A1 (en) | Trusted measurement method and related apparatus | |
CN100334519C (en) | Method for establishing credible input-output channels | |
CN109583214B (en) | Safety control method | |
CN112016090A (en) | Secure computing card, and measurement method and system based on secure computing card | |
CN201917912U (en) | Monitoring and management system of USB (Universal Serial Bus) storage device | |
CN117370296A (en) | Method and system for acquiring log file of vehicle-mounted device and vehicle-mounted terminal | |
US8332658B2 (en) | Computer system, management terminal, storage system and encryption management method | |
CN113127896B (en) | Data processing method and device based on independent encryption chip | |
CN115348363A (en) | Encryption/decryption chip, method, equipment and medium based on state cryptographic algorithm | |
CN109583196B (en) | Key generation method | |
US11277388B2 (en) | Communication system, communication method, and information storage medium | |
JP2002244757A (en) | Semiconductor circuit | |
CN112688953B (en) | Data processing method and device, electronic equipment and computer readable storage medium | |
CN112579255B (en) | Compression protection method for virtual machine migration, migration-in migration-out accelerator module and SOC chip | |
CN117194284A (en) | Memory access method, initialization method and related devices thereof | |
CN110990120B (en) | Inter-partition communication method and device for virtual machine monitor, storage medium and terminal | |
CN117093979B (en) | Method, system and medium for trusted switching of DCS controller in non-network environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |