CN105718804B - A kind of hardware instruction calling control system - Google Patents
A kind of hardware instruction calling control system Download PDFInfo
- Publication number
- CN105718804B CN105718804B CN201511034044.7A CN201511034044A CN105718804B CN 105718804 B CN105718804 B CN 105718804B CN 201511034044 A CN201511034044 A CN 201511034044A CN 105718804 B CN105718804 B CN 105718804B
- Authority
- CN
- China
- Prior art keywords
- module
- instruction
- individual
- expert
- preview
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/951—Indexing; Web crawling techniques
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of hardware instructions to call control system, including command reception module, inside sets the instruction preview module of encrypting module, retrieves contrast module, risk operations property data base, expert's evaluation module, command output module and central processing unit.The present invention generates different passwords to different hardware instructions at random, different decryption programs is generated simultaneously, to be previewed to different hardware instructions using different preview modes, then risk assessment is carried out to the whole process of preview, finally by expert module, secondary audit is carried out, improves safety when self-service device carries out hardware instruction calling, risk operations property data base and the included more new function of expert's evaluation module simultaneously, it is further provided the safety used.
Description
Technical field
The present invention relates to hardware instructions to call field, and in particular to a kind of hardware instruction calling control system.
Background technique
Self-service device refers to that user passes through computer terminal, one kind of the contact of entirely autonomous progress various businesses
Terminal device.Self-service device is made of multiple components such as keyboard, card reader, background terminal, and each component all can serve as one
Hardware, and have itself instruction set and instruction sequence.Hardware is in the instruction set or instruction for receiving upper layer software (applications) transmission
After sequence, the instruction in collection or instruction sequence is executed instruction, so that each hardware can be by executing instruction in self-service device
Information exchange is carried out to complete the various functions of autonomous device.
At present the instruction set in self-service device and instruction sequence include operate normally instruction set, operate normally instruction sequence,
Test maintaining instruction set and test maintaining instruction sequence.And the permission that each hardware executes instruction is open permission, i.e. hardware
The instruction in any instruction set or instruction sequence of upper layer software (applications) transmission can be executed.
But hardware is executing certain instructions, such as Encryption Keyboard hardware command-destruct, can directly damage Encryption Keyboard, reduce
The safety of self-service device.
Summary of the invention
To solve the above problems, the present invention provides a kind of hardware instructions to call control system, by multiple audit, solve
When self-service device carries out hardware instruction calling, existing safety low problem.
To achieve the above object, the technical scheme adopted by the invention is as follows:
A kind of hardware instruction calling control system, including
Command reception module configures different decryption programs for receiving hardware instruction, and according to different instructions;
Instruction preview module, inside sets encrypting module, the hardware instruction data reconciliation sent for receiving instruction receiving module
Close program, and use the preview that is instructed of different instruction preview modes for different decryption programs, and by the mistake of preview
Journey is sent to retrieval contrast module;
Retrieve contrast module, for by the data in the process of received preview and risk operations property data base into
Row comparison, and the calculating assessment of similarity is carried out, assessment result will be calculated and be sent to expert's evaluation module;
Risk operations property data base, for storing the feature of various risk operations;
Expert's evaluation module, for passing through the auditing rule in expert's evaluation module to by retrieval contrast module audit
Instruction carries out secondary audit, if sending command output module by audit for the instruction, if not passing through, referring to this
Order is sent to risk operations property data base, and will audit unacceptable notice and be sent to and send the terminal of instruction and show;
Command output module, for sending instructions to corresponding hardware device;
Central processing unit, using single-chip microcontroller, for cooperateing with above-mentioned module to work.
Wherein, the risk operations property data base is connected with a update module, is used for through web crawlers timing in net
Webpage relevant to formula or document are searched in network, and are sent risk operations property data base for these related datas and stored up
It deposits.
Wherein, a variety of preview models for different hardware instruction are equipped in described instruction preview module.
Wherein, it is communicated between described instruction receiving module and instruction preview module using binary channels link block,
When any one channel is communicated, another alternate channel carries out key updating.
Wherein, the encrypting module encrypt the step of include:
The parameter run in S1, initialization evolution, initializes population in evolution using self feed back mapping function, with
Machine generates the initial population containing certain amount individual;
S2, the frequency adaptive value for being used to examine each individual frequency in current population is calculated and for examining each individual sequence
The sequence adaptive value of column;
S3, each individual of comparison and other individual adaptive values of population where it, calculate each individual in current population
Order;
S4, each individual Hamming distance corresponding with each individual chromosome length of other in current population is calculated, according to
Hamming distance obtains the crowding distance of each individual;
S5, elder generation carry out descending arrangement to the individual in population according to rank value, then on the basis of above-mentioned sequence, according still further to
Crowding distance value carries out ascending order arrangement to the individual in population;
S6, random sampling is carried out to the current population after sequence, extracts a random number, plaintext is carried out using random number
Segmentation, obtains final ciphertext.
Wherein, the legal operating instruction under normal mode of operation is stored in expert's evaluation module, legal operation refers to
Enable the legal test maintaining instruction set and legal test maintaining instruction sequence under sequence, test maintaining mode.
Wherein, after every progress once accesses, that is, a key updating is carried out.
Wherein, expert's evaluation module is connected with a human expert module, for passing through 3G network, Wi-Fi network side
Formula, bluetooth approach update the auditing rule in expert's evaluation module.
The invention has the following advantages:
The present invention generates different passwords to different hardware instructions at random, while generating different decryption programs, thus
Different hardware instructions is previewed using different preview modes, risk assessment then is carried out to the whole process of preview,
Finally by expert module, secondary audit is carried out, improves safety when self-service device carries out hardware instruction calling, while wind
Dangerous operating characteristics database and the included more new function of expert's evaluation module, it is further provided the safety used.
Detailed description of the invention
Fig. 1 is the system block diagram that control system is called in a kind of hardware instruction of the embodiment of the present invention.
Specific embodiment
In order to which objects and advantages of the present invention are more clearly understood, the present invention is carried out with reference to embodiments further
It is described in detail.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to limit this hair
It is bright.
As shown in Figure 1, the embodiment of the invention provides a kind of hardware instructions to call control system, including
Command reception module configures different decryption programs for receiving hardware instruction, and according to different instructions;
Instruction preview module, inside sets encrypting module, the hardware instruction data reconciliation sent for receiving instruction receiving module
Close program, and use the preview that is instructed of different instruction preview modes for different decryption programs, and by the mistake of preview
Journey is sent to retrieval contrast module;
Retrieve contrast module, for by the data in the process of received preview and risk operations property data base into
Row comparison, and the calculating assessment of similarity is carried out, assessment result will be calculated and be sent to expert's evaluation module;
Risk operations property data base, for storing the feature of various risk operations;
Expert's evaluation module, for passing through the auditing rule in expert's evaluation module to by retrieval contrast module audit
Instruction carries out secondary audit, if sending command output module by audit for the instruction, if not passing through, referring to this
Order is sent to risk operations property data base, and will audit unacceptable notice and be sent to and send the terminal of instruction and show;
Command output module, for sending instructions to corresponding hardware device;
Central processing unit, using single-chip microcontroller, for cooperateing with above-mentioned module to work.
The risk operations property data base is connected with a update module, for being looked into a network by web crawlers timing
Webpage relevant to formula or document are looked for, and sends risk operations property data base for these related datas and stores.
Described instruction previews a variety of preview models being equipped in module for different hardware instruction.
It is communicated between described instruction receiving module and instruction preview module using binary channels link block, any one
When a channel is communicated, another alternate channel carries out key updating.
The encrypting module encrypt the step of include:
The parameter run in S1, initialization evolution, initializes population in evolution using self feed back mapping function, with
Machine generates the initial population containing certain amount individual;
S2, the frequency adaptive value for being used to examine each individual frequency in current population is calculated and for examining each individual sequence
The sequence adaptive value of column;
S3, each individual of comparison and other individual adaptive values of population where it, calculate each individual in current population
Order;
S4, each individual Hamming distance corresponding with each individual chromosome length of other in current population is calculated, according to
Hamming distance obtains the crowding distance of each individual;
S5, elder generation carry out descending arrangement to the individual in population according to rank value, then on the basis of above-mentioned sequence, according still further to
Crowding distance value carries out ascending order arrangement to the individual in population;
S6, random sampling is carried out to the current population after sequence, extracts a random number, plaintext is carried out using random number
Segmentation, obtains final ciphertext.
Legal operating instruction under normal mode of operation, legal operating instruction sequence are stored in expert's evaluation module
Column, legal test maintaining instruction set and legal test maintaining instruction sequence under test maintaining mode.
After every progress once accesses, that is, carry out a key updating.
Expert's evaluation module is connected with a human expert module, for passing through 3G network, Wi-Fi network mode, indigo plant
Tooth method updates the auditing rule in expert's evaluation module.
This specific implementation generates different passwords to different hardware instructions at random, while generating different decryption programs,
To be previewed to different hardware instructions using different preview modes, risk then is carried out to the whole process of preview and is commented
Estimate, finally by expert module, carry out secondary audit, improves safety when self-service device carries out hardware instruction calling, together
When the risk operations property data base and included more new function of expert's evaluation module, it is further provided the safety used.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, without departing from the principle of the present invention, it can also make several improvements and retouch, these improvements and modifications are also answered
It is considered as protection scope of the present invention.
Claims (8)
1. control system is called in a kind of hardware instruction, which is characterized in that including
Command reception module configures different decryption programs for receiving hardware instruction, and according to different instructions;
Instruction preview module, inside sets encrypting module, for receiving the hardware instruction data and decryption journey of command reception module transmission
Sequence, and sent out for the preview that different decryption programs uses different instruction preview modes to be instructed, and by the process of preview
It is sent to retrieval contrast module;
Contrast module is retrieved, for carrying out the data in the process of received preview and risk operations property data base pair
Than, and the calculating assessment of similarity is carried out, assessment result will be calculated and be sent to expert's evaluation module;
Risk operations property data base, for storing the feature of various risk operations;
Expert's evaluation module, for the instruction by the auditing rule in expert's evaluation module to being audited by retrieval contrast module
Secondary audit is carried out, if sending command output module by audit for the instruction, if not passing through, which being sent
To risk operations property data base, and will audit it is unacceptable notice be sent to send instruction terminal show;
Command output module, for sending instructions to corresponding hardware device;
Central processing unit, using single-chip microcontroller, for cooperateing with above-mentioned module to work.
2. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that the risk operations feature
Database is connected with a update module, for searching relevant webpage or document in a network by web crawlers timing, and will
These related datas are sent to risk operations property data base and are stored.
3. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that described instruction previews module
The interior a variety of preview models being equipped with for different hardware instruction.
4. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that described instruction receiving module
It is communicated between instruction preview module using binary channels link block, when any one channel is communicated, another
Alternate channel carries out key updating.
5. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that the encrypting module encryption
The step of include:
The parameter run in S1, initialization evolution, initializes population in evolution using self feed back mapping function, random raw
At the initial population containing certain amount individual;
S2, the frequency adaptive value for being used to examine each individual frequency in current population is calculated and for examining each individual sequence
Sequence adaptive value;
S3, each individual of comparison and other individual adaptive values of population where it, calculate the order of each individual in current population;
S4, each individual Hamming distance corresponding with each individual chromosome length of other in current population is calculated, according to Hamming
Distance obtains the crowding distance of each individual;
S5, elder generation carry out descending arrangement to the individual in population according to rank value, then on the basis of above-mentioned arrangement, according still further to crowded
Distance value carries out ascending order arrangement to the individual in population;
S6, random sampling is carried out to the current population after sequence, extracts a random number, using random number to dividing in plain text
It cuts, obtains final ciphertext.
6. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that expert's evaluation module
Inside store the legal survey under legal operating instruction under normal mode of operation, legal operating instruction sequence, test maintaining mode
Try maintenance instruction collection and legal test maintaining instruction sequence.
7. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that every once to be accessed
Afterwards, that is, a key updating is carried out.
8. control system is called in a kind of hardware instruction according to claim 1, which is characterized in that expert's evaluation module
It is connected with a human expert module, for updating in expert's evaluation module by 3G network, Wi-Fi network mode, bluetooth approach
Auditing rule.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511034044.7A CN105718804B (en) | 2015-12-25 | 2015-12-25 | A kind of hardware instruction calling control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511034044.7A CN105718804B (en) | 2015-12-25 | 2015-12-25 | A kind of hardware instruction calling control system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105718804A CN105718804A (en) | 2016-06-29 |
| CN105718804B true CN105718804B (en) | 2019-03-19 |
Family
ID=56147070
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201511034044.7A Expired - Fee Related CN105718804B (en) | 2015-12-25 | 2015-12-25 | A kind of hardware instruction calling control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105718804B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107608891B (en) * | 2017-09-21 | 2020-12-15 | 中国航空无线电电子研究所 | Data processing application detection method based on instruction |
| CN110309644B (en) * | 2019-06-28 | 2021-03-19 | 兆讯恒达科技股份有限公司 | Instruction information processing method |
| CN114157463B (en) * | 2021-11-23 | 2024-10-08 | 四川邮电职业技术学院 | Network information safety early warning platform based on big data analysis |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003010951A1 (en) * | 2001-07-24 | 2003-02-06 | Citibank, N.A. | Method and system for data management in electronic payments transactions |
| CN101493793A (en) * | 2009-02-19 | 2009-07-29 | 深圳市紫金支点技术股份有限公司 | ATM test method and device |
| CN103064678A (en) * | 2012-12-24 | 2013-04-24 | 广州广电运通金融电子股份有限公司 | Method and device for call control of hardware instruction |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7594111B2 (en) * | 2002-12-19 | 2009-09-22 | Massachusetts Institute Of Technology | Secure execution of a computer program |
-
2015
- 2015-12-25 CN CN201511034044.7A patent/CN105718804B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003010951A1 (en) * | 2001-07-24 | 2003-02-06 | Citibank, N.A. | Method and system for data management in electronic payments transactions |
| CN101493793A (en) * | 2009-02-19 | 2009-07-29 | 深圳市紫金支点技术股份有限公司 | ATM test method and device |
| CN103064678A (en) * | 2012-12-24 | 2013-04-24 | 广州广电运通金融电子股份有限公司 | Method and device for call control of hardware instruction |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105718804A (en) | 2016-06-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108984733B (en) | Cross-domain data fusion method, system and storage medium | |
| Papalexakis et al. | Network anomaly detection using co-clustering | |
| DiMarzio et al. | Chain stiffness and the lattice theory of polymer phases | |
| CN106411506B (en) | Key derivation method and device suitable for digital cash | |
| EP2778951A1 (en) | Database encryption system, method and program | |
| US20130179684A1 (en) | Encrypted database system, client terminal, encrypted database server, natural joining method, and program | |
| CN110378781A (en) | Data monitoring method, device, computer equipment and storage medium | |
| CN105718804B (en) | A kind of hardware instruction calling control system | |
| EP2992478B1 (en) | Disrupting password attack using compression | |
| CN111783124A (en) | Data processing method and device based on privacy protection and server | |
| CN110163008B (en) | Security audit method and system for deployed encryption model | |
| CN111539009A (en) | Supervised feature binning method and device for protecting private data | |
| CN107704768A (en) | A kind of multiple key classification safety search method of ciphertext | |
| CN114611008B (en) | User service strategy determination method and device based on federal learning and electronic equipment | |
| US20150270958A1 (en) | Decryptable index generation method for range search, search method, and decryption method | |
| Zaeem et al. | Predicting and explaining identity risk, exposure and cost using the ecosystem of identity attributes | |
| CN109597949A (en) | Third party based on data normalization buries point identification generation method and equipment | |
| CN109714157A (en) | SDN cross-domain access control method for resisting encryption of key exposure attribute | |
| CN105306200B (en) | The encryption method and device of network account password | |
| CN106257449A (en) | A kind of information determines method and apparatus | |
| CN110489992A (en) | Desensitization method and system based on big data platform | |
| CN103761469B (en) | The method and apparatus executing Password Management in input method application | |
| Aruchamy et al. | Enhancing security of medical images using code-based intermittent encryption and convolutional neural network | |
| CN103593592B (en) | User data encryption and decryption method | |
| CN105553982B (en) | Router safety detection method and system and router |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190319 Termination date: 20191225 |