CN110263532B - Trusted computing method, device and system - Google Patents
Trusted computing method, device and system Download PDFInfo
- Publication number
- CN110263532B CN110263532B CN201910371685.3A CN201910371685A CN110263532B CN 110263532 B CN110263532 B CN 110263532B CN 201910371685 A CN201910371685 A CN 201910371685A CN 110263532 B CN110263532 B CN 110263532B
- Authority
- CN
- China
- Prior art keywords
- trusted computing
- computing application
- trusted
- application
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Business, Economics & Management (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- General Business, Economics & Management (AREA)
- Stored Programmes (AREA)
Abstract
The present disclosure provides a trusted computing device comprising: the input/output interface is configured to perform data/information interaction with the external device, wherein the data/information interaction comprises receiving a trusted computing application program starting instruction from the external device, receiving data to be subjected to trusted computing from the external device, or sending a trusted computing result to the external device; a trusted computing application storage area in which at least one trusted computing application is installed; an operating system comprising a library of secure computing algorithms configured to store at least one secure computing algorithm; and the Python virtual machine executes a target trusted computing application program in the Python virtual machine so as to call a corresponding secure computing algorithm to perform trusted computing on the data to be subjected to trusted computing, wherein each trusted computing application program is a Python byte code trusted computing application program generated by using a Python compiler.
Description
Technical Field
The present disclosure relates generally to the field of computer technology, and more particularly, to methods, devices, and systems for performing trusted computing.
Background
In the field of computers, it is very important to ensure information security. The information security mainly comprises equipment security, data security, content security and behavior security. Behavioral security includes behavioral confidentiality, behavioral integrity, behavioral authenticity, and the like. Trusted Computing (TC) is behavioral safe. Trusted Computing is a technology that is driven and developed by the Trusted Computing group (TCPA). Trusted computing is a trusted computing platform widely used in computing and communication systems and supported by a hardware security module, so as to improve the security of the whole system.
The early Trusted Computing research is mainly based on Trusted Computing Group (TCG international), and the idea of developing Trusted Computing research in China is basically following the TCG. The most core of Trusted computing is a Trusted Platform Module (TPM) security chip. Currently, the TPM security element typically uses Javacard. The use of Javacard requires a higher License fee. In addition, the Javacard is written by using a Java programming language, an 8-bit MCU needs to be adapted, and the expansibility of the Javacard is limited when the internet of things is applied.
Disclosure of Invention
In view of the foregoing, the present disclosure provides a trusted computing method and device implemented based on a Python virtual machine. By using the trusted computing method and the device, a trusted computing framework capable of being deeply customized can be realized, and the method and the device are suitable for expansibility when the Internet of things is applied.
According to an aspect of the present disclosure, there is provided a trusted computing device comprising: an input/output interface configured to perform data/information interaction with an external device, the data/information exchange including receiving a trusted computing application launch instruction from the external device, receiving at least one trusted computing application from the external device, receiving data to be subjected to trusted computing from the external device, or sending a trusted computing result to the external device; a processor chip configured to execute a target trusted computing application enabled based on the trusted computing application launch instruction; a trusted computing application storage area in which at least one trusted computing application is installed; an operating system comprising a secure computing algorithm library configured to store at least one secure computing algorithm; and a Python virtual machine, wherein the target trusted computing application is executed within the Python virtual machine to invoke a corresponding secure computing algorithm to perform trusted computing on the data to be subjected to trusted computing, wherein each trusted computing application of the at least one trusted computing application is a Python bytecode trusted computing application generated by using a Python compiler.
Optionally, in an example of the above aspect, the operating system may further include: an access service module configured to perform access processing for the at least one trusted computing application.
Optionally, in one example of the above aspect, the access service module is configured to: installing the at least one trusted computing application into the trusted computing application storage area; uninstalling the at least one trusted computing application from the trusted computing application storage area; and/or performing key/value access operations to the key/value database while performing trusted computations.
Optionally, in an example of the above aspect, the at least one trusted computing application is installed in the trusted computing application storage area in a manner of remote release by TSM or offline burning.
Optionally, in an example of the above aspect, the operating system may further include: and the memory isolation protection module is configured to execute memory isolation protection processing on the data accessed by the at least one trusted computing application program.
Optionally, in an example of the above aspect, wherein the operating system may further include: an input/output interface driving module configured to drive the input/output interface to enable the input/output interface to perform an input/output operation.
Optionally, in one example of the above aspect, the input/output interface comprises at least one of: a USB interface; an I2C interface; a UART interface; an ISP interface; NFC;7816 interface; and a bluetooth module.
Optionally, in an example of the above aspect, the trusted computing device may further include: a trusted computing application management platform configured to manage the at least one trusted computing application.
Optionally, in one example of the above aspect, the at least one trusted computing application comprises at least one of the following trusted computing applications: a blockchain trusted computing application, a smart card trusted computing application, a bus trusted computing application, and an identity trusted computing application.
According to another aspect of the present disclosure, there is provided a trusted computing system comprising: a trusted computing device as described above; and a trusted service management platform.
According to another aspect of the present disclosure, there is provided a trusted computing method, comprising: receiving, via the input/output interface, a trusted computing application launch instruction from the external device to launch a target trusted computing application in the trusted computing application storage area; receiving data to be trusted computed from the external device via an input/output interface for provision to the target trusted computing application; executing the target trusted computing application program in a Python virtual machine so as to call a corresponding secure computing algorithm from a secure computing algorithm library to perform trusted computing on the data to be subjected to trusted computing; and providing trusted computing results to the external device via the input/output interface, wherein the trusted computing application storage area is configured to store at least one trusted computing application that has been installed, and each of the at least one trusted computing application is a Python bytecode trusted computing application generated with a Python compiler.
Optionally, in one example of the above aspect, the trusted computing application is installed into the trusted computing application storage area with an access service module.
Optionally, in an example of the above aspect, when the target trusted computing application is executed in the Python virtual machine, data accessed by the target trusted computing application is memory isolation protected via the memory isolation protection module.
Drawings
A further understanding of the nature and advantages of the present disclosure may be realized by reference to the following drawings. In the drawings, similar components or features may have the same reference numerals.
FIG. 1 illustrates a block diagram of a trusted computing system, in accordance with embodiments of the present disclosure;
FIG. 2 shows a block diagram of a trusted computing device, in accordance with embodiments of the present disclosure;
FIG. 3 shows a schematic diagram of a process of a trusted computing system, according to an embodiment of the present disclosure;
FIG. 4 illustrates a flow diagram of a trusted computing method, according to an embodiment of the present disclosure;
fig. 5 shows a schematic diagram of a block chain application example of trusted computing according to an embodiment of the present disclosure.
Detailed Description
The subject matter described herein will now be discussed with reference to example embodiments. It should be understood that these embodiments are discussed only to enable those skilled in the art to better understand the subject matter described herein and are not intended to limit the scope, applicability, or examples set forth in the claims. Changes may be made in the function and arrangement of elements discussed without departing from the scope of the disclosure. Various examples may omit, substitute, or add various procedures or components as needed. For example, the described methods may be performed in an order different from that described, and various steps may be added, omitted, or combined. In addition, features described with respect to some examples may also be combined in other examples.
As used herein, the term "include" and its variants mean open-ended terms in the sense of "including, but not limited to. The term "based on" means "based at least in part on". The terms "one embodiment" and "an embodiment" mean "at least one embodiment". The term "another embodiment" means "at least one other embodiment". The terms "first," "second," and the like may refer to different or the same objects. Other definitions, whether explicit or implicit, may be included below. The definition of a term is consistent throughout the specification unless the context clearly dictates otherwise.
In this disclosure, the term "trusted computing application" refers to an application installed in a trusted computing device that is used to manage trusted computing for business applications, such as, but not limited to, key storage, private key signatures, and the like.
Trusted computing methods, devices, and systems according to embodiments of the present disclosure are described in detail below with reference to the accompanying drawings.
FIG. 1 illustrates a block diagram of a trusted computing system 10, in accordance with embodiments of the present disclosure.
As shown in FIG. 1, the Trusted computing system 10 includes a Trusted computing device 100 and a Trusted Service Manager (TSM) platform 200. The trusted computing device 100 is configured to execute a target trusted computing application in a Python virtual machine to perform trusted computing on data to be performed with trusted computing. TSM platform 200 is configured to provide trusted computing application issuance management and security module management, among other things. For example, TSM platform 200 may be configured to remotely release trusted computing applications to trusted computing device 100. The external device 30 refers to an external device that needs a service application, for example, when the service application is a bus application or a smart card application (for example, a bank card application), the external device 30 may be a terminal device that needs to install the bus application or the smart card application, such as a mobile terminal. When the service application is a blockchain application or an identity application, the external device 30 may be a terminal device or a server that needs to install the blockchain application or the identity application. In another example of the present disclosure, business applications may also be installed through the TSM platform 200. In the present disclosure, the TSM platform 200 may also be configured for user identity management.
Fig. 2 illustrates a block diagram of a trusted computing device 100, according to an embodiment of the disclosure. As shown in fig. 2, the trusted computing device 100 includes a hardware architecture 110, an operating system 120, a Python virtual machine 130, and a trusted computing application storage area 140. In the present disclosure, the hardware architecture 110 includes an Input/Output (I/O) interface and a processor chip.
The I/O interface is configured for data/information interaction with the external device 30. The data/information interaction includes receiving a trusted computing application start instruction from the external device 30, receiving data to be trusted computed from the external device 30, or sending a trusted computing result to the external device 30. In the present disclosure, the I/O interface may include at least one of the following I/O interfaces: a USB interface; an I2C interface; a UART interface; an ISP interface; an NFC module; 7816 interface; and a bluetooth module. The processor chip is configured to execute a trusted computing application enabled based on the trusted computing application launch instruction based on the instructions/data received by the I/O interface.
The operating system 120 is configured to implement secure computations for trusted computing applications in the trusted computing application storage area 140. In the trusted computing application storage area 140, at least one trusted computing application is installed, one of which is enabled to perform trusted computing in response to a trusted computing application launch instruction. In the present disclosure, each of the at least one trusted computing application installed in the trusted computing device 100 is a Python bytecode trusted computing application generated with a Python compiler. In the present disclosure, the at least one trusted computing application may be installed in the trusted computing application storage area 140 by way of remote release of the TSM or offline burning. In the present disclosure, the at least one trusted computing application comprises at least one of the following trusted computing applications: a blockchain trusted computing application, a smart card trusted computing application, a bus trusted computing application, and an identity trusted computing application.
In one example of the present disclosure, the operating system 120 may include an access service module 121, a secure computing algorithm library 123, an I/O interface driver module 125, and a memory isolation protection module 127.
The access service module 121 is configured to perform an access process for the at least one trusted computing application. For example, the access service module 121 may be configured to: installing at least one trusted computing application into the trusted computing application storage area 140, uninstalling the at least one trusted computing application from the trusted computing application storage area 140; and/or performing key/value access operations against a key/value (KV) database while performing trusted computations. The secure computing algorithm bank 123 is configured to store at least one secure computing algorithm. When the trusted computing is carried out, the target trusted computing application program calls the corresponding security computing algorithm to carry out trusted computing on the data to be trusted computing. Examples of the secure computing algorithm include, but are not limited to, advanced Encryption Standard (AES) algorithm, elliptic Curve Cryptography (ECC) algorithm, RSA algorithm, SM2 algorithm, and the like.
The I/O interface driver module 125 is configured to drive the I/O interface to enable the I/O interface for input/output operations.
The memory isolation protection module 127 is configured to perform memory isolation protection processing on data accessed by at least one trusted computing application. That is, the memory isolation protection module 127 performs memory isolation processing on data of different Python trusted computing applications. In the present disclosure, memory isolation protection may be implemented with an MPU. In particular, different Python trusted computing applications aaaa and bbbb may be prefixed to the data files they access. For example, the data files datafile1, datafile2, and datafile3 to be accessed by the trusted computing application aaaa may be treated as aaaa _ datafile1, aaaa _ datafile2, and aaaa _ datafile3. Data files datafile1, datafile2 and datafile3 to be accessed by the trusted computing application bbbb may be treated as bbbb _ datafile1, bbbb _ datafile2 and bbbb _ datafile3. At the same time, each trusted computing application is restricted to accessing only data files having respective prefixes. Similar processing is also employed for KV accesses, with prefix processing for key values in the KV database, e.g., aaaa _ key1, aaaa _ key2, bbbb _ key1, and bbbb _ key2. Thus, trusted computing application aaaa can only access key values, aaaa _ key1 and aaaa _ key2, and trusted computing application bbbb can only access key values, bbbb _ key1 and bbbb _ key2.
In the present disclosure, the Python virtual machine 130 is a virtual machine created based on the Python programming language. When performing trusted computing, a target trusted computing application enabled based on the trusted computing application start instruction is executed in the Python virtual machine 130 to call a corresponding secure computing algorithm to perform trusted computing on data to be subjected to trusted computing. Specifically, the target trusted computing application is parsed in an interpreter in the Python virtual machine 130 to invoke a corresponding secure computing algorithm to perform trusted computing on the data to be subjected to trusted computing. Upon completion of the trusted computing, the target trusted computing application returns the trusted computing result to the external device 30.
Further, in another example of the present disclosure, the trusted computing device 100 may also include a trusted computing application management platform 150. The trusted computing application management platform 150 is configured to manage at least one trusted computing application. For example, the trusted computing application management platform 150 may manage the installation/uninstallation of at least one trusted computing application. In addition, the trusted computing application management platform 150 may also perform other management functions for trusted computing applications.
FIG. 3 shows a schematic diagram of a process of a trusted computing system, according to an embodiment of the present disclosure.
As shown in fig. 3, first, a trusted computing application provider (e.g., mobile payer, bank, public transportation company, telecommunication company, etc.) installs a trusted computing application into the trusted computing device 100 and a corresponding business application into the external device 30 through the TSM platform 200. Then, the trusted computing device 100 receives the to-be-trusted computing data from the external device 30, performs trusted computing on the to-be-trusted computing data based on the target trusted computing application, and then returns the trusted computing result to the external device 30.
FIG. 4 illustrates a flow diagram of a trusted computing method, according to an embodiment of the present disclosure. The method is performed by a trusted computing device.
As shown in fig. 4, at block 410, a trusted computing application launch instruction is received from the external device 30 via the I/O interface to launch a target trusted computing application in the trusted computing application storage area 140. Here, at least one trusted computing application is installed in the trusted computing application storage area 140, and one of the at least one trusted computing application is enabled to perform trusted computing in response to a trusted computing application launch instruction. Each of the installed at least one trusted computing application is a Python bytecode trusted computing application generated with a Python compiler.
Next, upon launching of the target trusted computing application, at block 420, data to be trusted computed is received from the external device 30 via the I/O interface and provided to the launched target trusted computing application.
Next, at block 430, the target trusted computing application is executed in the Python virtual machine to invoke the corresponding secure computing algorithm from the secure computing algorithm library 123 for trusted computing of the data to be trusted computed.
After the trusted computing is completed, at block 440, the trusted computing results are provided to external device 30 via the I/O interface for subsequent processing by external device 30.
Furthermore, in another example of the present disclosure, when the target trusted computing application is executed in the Python virtual machine for trusted computing, the data accessed by the target trusted computing application is memory isolation protected by the memory isolation protection module 127.
Fig. 5 shows a schematic diagram of a block chain application example of trusted computing according to an embodiment of the present disclosure.
As shown in fig. 5, first, at block S510, the TSM platform 200 installs a blockchain application into the trusted computing device 100. The blockchain application pre-generates the asymmetric public-private key pair required for ECDSA signatures and sends the public key to a remote service device, such as TSM platform 200 or a remote traffic server.
After completing the blockchain trusted computing application installation, the client device (i.e., external device Host) sends a trusted computing application start instruction to the trusted computing device 100 via the USB/I2C/UART/SPI/Bluetooth or like interface to start the blockchain application at block S520.
After the blockchain application is started, in block S530, the client device generates data to be signed and sends the generated data to the blockchain application in the trusted computing device 100 via an interface such as USB/I2C/UART/SPI/Bluetooth, or sends locally stored data to be signed to the blockchain application in the trusted computing device 100 via an interface such as USB/I2C/UART/SPI/Bluetooth. In an example of the present disclosure, the computing data to be signed may be data subjected to encryption processing, such as a hash value of big data (SM 3 cryptographic hash algorithm, etc.), and the like.
After receiving the data to be signed, in block S40, executing a run block chain application in an interpreter in the Python virtual machine to perform Elliptic Curve Digital Signature Algorithm (ECDSA) Signature calculation on the data to be signed, and then returning the Signature calculation result to the client device Host.
After receiving the signature calculation result, the ue Host sends the data and the signature result to the blockchain server 40 for uplink operation as needed in block S550.
It will be understood by those skilled in the art that various changes and modifications may be made to the various embodiments disclosed above without departing from the spirit of the invention. Accordingly, the scope of the invention should be determined from the following claims.
It should be noted that not all steps and units in the above flows and system structure diagrams are necessary, and some steps or units may be omitted according to actual needs. The execution order of the steps is not fixed, and can be determined as required. The apparatus structures described in the above embodiments may be physical structures or logical structures, that is, some units may be implemented by the same physical entity, or some units may be implemented by a plurality of physical entities, or some units may be implemented by some components in a plurality of independent devices.
In the above embodiments, the hardware units or modules may be implemented mechanically or electrically. For example, a hardware unit, module or processor may comprise permanently dedicated circuitry or logic (such as a dedicated processor, FPGA or ASIC) to perform the corresponding operations. The hardware units or processors may also include programmable logic or circuitry (e.g., a general purpose processor or other programmable processor) that may be temporarily configured by software to perform the corresponding operations. The specific implementation (mechanical, or dedicated permanent, or temporarily set) may be determined based on cost and time considerations.
The detailed description set forth above in connection with the appended drawings describes exemplary embodiments but does not represent all embodiments that may be practiced or fall within the scope of the claims. The term "exemplary" used throughout this specification means "serving as an example, instance, or illustration," and does not mean "preferred" or "advantageous" over other embodiments. The detailed description includes specific details for the purpose of providing an understanding of the described technology. However, the techniques may be practiced without these specific details. In some instances, well-known structures and devices are shown in block diagram form in order to avoid obscuring the concepts of the described embodiments.
The previous description of the disclosure is provided to enable any person skilled in the art to make or use the disclosure. Various modifications to the disclosure will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other variations without departing from the scope of the disclosure. Thus, the disclosure is not intended to be limited to the examples and designs described herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (13)
1. A trusted computing device, comprising:
an input/output interface configured to perform data/information interaction with an external device, the data/information interaction including receiving a trusted computing application launch instruction from the external device, receiving data to be trusted computed from the external device, and sending a trusted computing result to the external device;
a processor chip configured to execute a target trusted computing application enabled based on the trusted computing application launch instruction;
a trusted computing application storage area in which at least one trusted computing application is installed;
an operating system comprising a secure computing algorithm library configured to store at least one secure computing algorithm; and
a Python Virtual Machine (VM) is provided,
wherein the target trusted computing application is executed within the Python virtual machine to invoke a corresponding secure computing algorithm to perform trusted computing on data to be subjected to trusted computing,
wherein each of the at least one trusted computing application is a Python bytecode trusted computing application generated using a Python compiler.
2. The trusted computing device of claim 1, wherein the operating system further comprises:
an access service module configured to perform access processing for the at least one trusted computing application.
3. The trusted computing device of claim 2, wherein the access service module is configured to:
installing the at least one trusted computing application into the trusted computing application storage area;
uninstalling the at least one trusted computing application from the trusted computing application storage area; and/or
In performing trusted computations, key/value access operations to the key/value database are performed.
4. The trusted computing device of claim 1, wherein the at least one trusted computing application is installed into the trusted computing application storage area in a manner that is either remotely issued by a trusted service management platform or burned offline.
5. The trusted computing device of claim 2, wherein the operating system further comprises:
and the memory isolation protection module is configured to execute memory isolation protection processing on the data accessed by the at least one trusted computing application program.
6. The trusted computing device of claim 5, the operating system further comprising:
an input/output interface driving module configured to drive the input/output interface to enable the input/output interface to perform an input/output operation.
7. The trusted computing device of claim 1, wherein the input/output interface comprises at least one of:
a USB interface;
an I2C interface;
a UART interface;
an ISP interface;
an NFC module;
7816 interface; and
and a Bluetooth module.
8. The trusted computing device of any of claims 1 to 7, further comprising:
a trusted computing application management platform configured to manage the at least one trusted computing application.
9. The trusted computing device of claim 1, wherein the at least one trusted computing application comprises at least one of:
a blockchain trusted computing application, a smart card trusted computing application, a bus trusted computing application, and an identity trusted computing application.
10. A trusted computing system, comprising:
a trusted computing device as claimed in any one of claims 1 to 9; and
and a trusted service management platform.
11. A trusted computing method, comprising:
receiving, via the input/output interface, a trusted computing application launch instruction from the external device to launch a target trusted computing application in the trusted computing application storage area;
receiving data to be trusted computed from the external device via an input/output interface for provision to the target trusted computing application;
executing the target trusted computing application program in a Python virtual machine so as to call a corresponding secure computing algorithm from a secure computing algorithm library to perform trusted computing on the data to be subjected to trusted computing; and
providing trusted computing results to the external device via the input/output interface,
wherein at least one trusted computing application is installed in the trusted computing application storage area, and each of the at least one trusted computing application is a Python bytecode trusted computing application generated using a Python compiler.
12. The trusted computing method of claim 11, wherein the trusted computing application is installed into the trusted computing application storage area with an access service module.
13. The trusted computing method of claim 11, wherein data accessed by the target trusted computing application is memory isolation protected via a memory isolation protection module when the target trusted computing application is executed in a Python virtual machine.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910371685.3A CN110263532B (en) | 2019-05-06 | 2019-05-06 | Trusted computing method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910371685.3A CN110263532B (en) | 2019-05-06 | 2019-05-06 | Trusted computing method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110263532A CN110263532A (en) | 2019-09-20 |
| CN110263532B true CN110263532B (en) | 2023-03-10 |
Family
ID=67914317
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910371685.3A Active CN110263532B (en) | 2019-05-06 | 2019-05-06 | Trusted computing method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110263532B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110888674B (en) * | 2019-11-28 | 2022-08-09 | 支付宝(杭州)信息技术有限公司 | Method and device for executing security calculation in Python virtual machine |
| CN112906068B (en) * | 2021-03-18 | 2024-03-12 | 上海零数众合信息科技有限公司 | Block chain external agent technology calculation control method |
| CN113886022A (en) * | 2021-10-21 | 2022-01-04 | 深圳三基同创电子有限公司 | Data processing method, data processing apparatus, computer equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009051471A2 (en) * | 2007-09-20 | 2009-04-23 | Mimos Berhad | Trusted computer platform method and system without trust credential |
| CN202003361U (en) * | 2010-01-22 | 2011-10-05 | 中国长城计算机深圳股份有限公司 | Credible computer system |
| CN102271124A (en) * | 2010-06-01 | 2011-12-07 | 富士通株式会社 | Data processing device and data processing method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8619971B2 (en) * | 2005-04-01 | 2013-12-31 | Microsoft Corporation | Local secure service partitions for operating system security |
| WO2017005276A1 (en) * | 2015-07-03 | 2017-01-12 | Telefonaktiebolaget Lm Ericsson (Publ) | Virtual machine integrity |
-
2019
- 2019-05-06 CN CN201910371685.3A patent/CN110263532B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009051471A2 (en) * | 2007-09-20 | 2009-04-23 | Mimos Berhad | Trusted computer platform method and system without trust credential |
| CN202003361U (en) * | 2010-01-22 | 2011-10-05 | 中国长城计算机深圳股份有限公司 | Credible computer system |
| CN102271124A (en) * | 2010-06-01 | 2011-12-07 | 富士通株式会社 | Data processing device and data processing method |
Non-Patent Citations (2)
| Title |
|---|
| 基于可信计算的可信应用研究;石元兵;《信息安全与通信保密》;20101231;第92-94页 * |
| 基于虚拟机的可信计算;韩春林 等;《信息安全与通信保密》;20100731;第81-83页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110263532A (en) | 2019-09-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3674954B1 (en) | Security control method and computer system | |
| US9087188B2 (en) | Providing authenticated anti-virus agents a direct access to scan memory | |
| CN106250124B (en) | Method and device for realizing cross-platform operation of functional modules | |
| US9575790B2 (en) | Secure communication using a trusted virtual machine | |
| CN103795717B (en) | Method and system for proving integrity of cloud computing platform | |
| KR101359841B1 (en) | Methods and apparatus for trusted boot optimization | |
| CN105683990B (en) | Method and apparatus for protecting dynamic base | |
| KR101504857B1 (en) | System and method for supporting jit in a secure system with randomly allocated memory ranges | |
| CN105122260B (en) | Context-based switching to a secure operating system environment | |
| US20050289646A1 (en) | Virtual firmware smart card | |
| CN102244684B (en) | EFI (Extensible Firmware Interface) trusted Cloud chain guiding method based on USBKey | |
| US20140047427A1 (en) | Concurrent embedded application update and migration | |
| CN110263532B (en) | Trusted computing method, device and system | |
| CN104573490A (en) | Method for protecting installed software on Android platform | |
| US20190042756A1 (en) | Technologies for pre-boot biometric authentication | |
| CN109523261B (en) | Transaction verification method of block chain terminal, related device and readable storage medium | |
| CN1954288A (en) | Firmware interface runtime environment protection field | |
| CN112052446B (en) | Cryptographic unit creation method, data processing method, device and electronic device | |
| US11409653B2 (en) | Method for AI model transferring with address randomization | |
| US10771462B2 (en) | User terminal using cloud service, integrated security management server for user terminal, and integrated security management method for user terminal | |
| US11657332B2 (en) | Method for AI model transferring with layer randomization | |
| Lai | Amd security and server innovation | |
| CN119377944A (en) | Data processing method and related equipment | |
| CN111625846A (en) | Mobile terminal equipment and system state recording method | |
| Eletriby et al. | High performance Java Card operating system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20200930 Address after: English genus Applicant after: Innovative advanced technology Co.,Ltd. Address before: English genus Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20200930 Address after: English genus Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240920 Address after: Guohao Times City # 20-01, 128 Meizhi Road, Singapore Patentee after: Ant Chain Technology Co.,Ltd. Country or region after: Singapore Address before: English genus Patentee before: Innovative advanced technology Co.,Ltd. Country or region before: Britain |
|
| TR01 | Transfer of patent right |