Method for realizing delegation of cipher function of TCM (trusted cryptographic module) under cloud computing environment

A cloud computing environment and cryptographic module technology, applied in user identity/authority verification, electrical components, transmission systems, etc., can solve the problems of TCM inability, virtual TCM function and implementation complexity, cumbersome and time-consuming process of establishment and use, etc. Achieve the effect of improving data processing efficiency and ensuring data confidentiality

Inactive Publication Date: 2013-04-17
NO 709 RES INST OF CHINA SHIPBUILDING IND CORP
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, since TCM is a SOC chip, its data processing process is single-threaded. In the face of frequent data transmission and multi-user connections in the cloud computing environment, TCM is often unable to efficiently encrypt, decrypt and sign data in a multi-threaded manner. , which leads to TCM not being well suited for cloud comput

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing delegation of cipher function of TCM (trusted cryptographic module) under cloud computing environment
  • Method for realizing delegation of cipher function of TCM (trusted cryptographic module) under cloud computing environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0014] The present invention proposes a method for realizing the TCM cryptographic function authorization agent under the cloud computing environment, such as figure 1 Shown: On a virtual computing platform based on the VMM architecture, the password-related functions of the TCM are authorized by the TCM password proxy manager located in the VMM and the TCM password proxy module located in the VM. The TCM and each level of proxy need to generate corresponding The encryption / decryption key and signature key are used for authorization authentication and encryption to protect the key of the lower-level agent.

[0015] combine figure 1 with figure 2 , the specific implementation method that the TCM cryptographic function agent system of the present invention sets up is:

[0016] ①. The ownership of hardware TCM is established by VMM and SMK is generated.

[0017] In this step, the specific implementation can be divided into the following details:

[0018] 1. In the process of...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for realizing delegation of a cipher function of a TCM (trusted cryptographic module) under a cloud computing environment. The method comprises the following steps that a cipher function of the hardware TCM is sequentially delegated by a TCM cipher delegation manager arranged in a VMM (virtual machine monitor) and a TCM cipher delegation module arranged in a VM (virtual machine), the TCM and each level of agency need to generate corresponding encryption and decryption keys and signing keys, and the delegation of the cipher function of the TCM is realized by a manner of gradual key delegation and encryption protection. The method for realizing the delegation of the cipher function of the TCM (trusted cryptographic module) under the cloud computing environment, disclosed by the invention, has the advantages that each VM owns one light-weight TCM cipher delegation module and finishes the cipher function compared with a hardware TCM chip and a virtual TCM; and a plurality of TCM cipher delegation modules can quickly construct and concurrently and efficiently process data, so that the data processing efficiency of a whole platform is improved while the confidentiality, the completeness and the authentication of platform data are ensured, and the concurrent and efficient data process requirements under the cloud computing environment are better met.

Description

technical field [0001] The present invention relates to the technical field of computer information security, and mainly relates to a method for realizing authorized proxy of a trusted cryptographic module (Trusted Cryptographic Module, TCM) cryptographic function in a cloud computing environment. authenticity. Background technique [0002] With the development of information technology and people's increasing requirements for computer storage and computing power, cloud computing has become a hot spot in current computer technology. In the era of cloud computing, "cloud" will replace us to complete the work of storage and computing. Cloud computing refers to the supercomputing model based on the Internet, that is, a large amount of information, storage resources and processor resources scattered on personal computers, mobile phones and other devices are concentrated on the server side, and the "cloud" composed of server groups is managed in a unified manner. And provide d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L29/08
Inventor 徐士伟高毅伍华凤戴新发
Owner NO 709 RES INST OF CHINA SHIPBUILDING IND CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap