Method for protecting linux operation system on loongson hardware platform

A hardware platform and operating system technology, applied in the field of information security, can solve problems such as piracy, copying, and file system encryption being cracked, and achieve the effect of protecting intellectual property rights

Inactive Publication Date: 2015-05-20
SHANDONG CHAOYUE DATA CONTROL ELECTRONICS CO LTD
View PDF3 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] 2. The file system is exposed, facing the threat of being copied and pirated;
[0009] 4. Program files are exposed and can be used to analyze vulnerabilities, facing the threat of being attacked by vulnerabilities;
[0011] 2. File system encryption protection. In terms of security, since the kernel is not encrypted, this technology still faces a relatively large security threat:
[0012] 1. The kernel is exposed and can be used to analyze vulnerabilities, facing the threat of being attacked by vulnerabilities;
[0013] 2. The kernel is not encrypted and can be used to implant malicious programs, facing the threat of file system encryption being cracked;
[0014] 3. Disk encryption protection, high security, using this technology, can obtain higher security protection, but this technology is more complicated to implement, requires special encryption disk hardware, and transforms Loongson firmware to support encrypted disks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for protecting linux operation system on loongson hardware platform
  • Method for protecting linux operation system on loongson hardware platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] A method for protecting a Linux operating system on a Loongson hardware platform. The protection method adopts two methods of kernel encryption and file system encryption to comprehensively protect the data security of the operating system.

[0040] Among them, the kernel encryption is realized by encrypting the Linux initial RAM disk (initrd); during the kernel generation phase, the Linux initial RAM disk is encrypted, such as figure 1 As shown; at system startup, the Linux initial RAM disk is decrypted, such as figure 2 shown;

[0041] File system encryption is realized by Linux device mapping technology. Therefore, after the file system is encrypted, it cannot be mounted directly. It is necessary to map the encrypted file system and mount the mapped file system to read and write data on the file system.

[0042] The process of Linux initial RAM disk is a temporary file system mounted during the system boot process. The Linux boot process can be divided into two sta...

Embodiment 2

[0046] On the basis of embodiment 1, the implementation steps of kernel encryption described in this embodiment are as follows:

[0047] (1) Modify the kernel generation process, add the encryption process at the end of the Linux initial RAM disk generation script, and call the encryption program to encrypt the Linux initial RAM disk;

[0048] (2) Modify the initrd part of the Linux source code, embed the decryption function in it, modify the initrd processing code, and call the decryption function at the beginning to decrypt the Linux initial RAM disk;

[0049] (3) After the modification is completed, compile the Linux source code, and embed the generated kernel file into the Loongson hardware device.

Embodiment 3

[0051]On the basis of embodiment 1 or 2, the file system encryption implementation steps described in this embodiment are as follows:

[0052] (1) First add a new Linux device mapping driver, and embed the cryptographic algorithm in the driver;

[0053] (2) Compile the cryptographic algorithm driver module and load the driver module;

[0054] (3) Make a mapping for the disk of the Loongson hardware device, and specify the use of a cryptographic algorithm to drive the module when mapping;

[0055] (4) Mount the mapped virtual disk to a temporary directory, and copy the file system of the Loongson hardware device to this temporary directory to complete the encrypted storage of the file system;

[0056] (5) Modify the file system mounting process in the initial RAM disk of Linux, change the direct mounting to disk device mapping first, and then mount the mapped virtual disk device.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for protecting a linux operation system on a loongson hardware platform. According to the method for protecting linux operation system on the loongson hardware platform, a core encryption method and a file system encryption method are used. Core encryption is implemented by encrypting a Linux initial RAM (random-access memory) magnetic disk. The core encryption method comprises the following steps of encrypting the Linux initial RAM magnetic disk at a core generation stage; and decoding the Linux initial RAM magnetic disk when the system is started. File system encryption is implemented by using a linux equipment mapping technology, after file system encryption is implemented, file system mounting cannot be carried out directly, an encrypted file system requires to be mapped, and data of the file system can be read or written after mounting the mapped file system. By the method for protecting the linux operation system on the loongson hardware platform, a Linux core process is improved, and the inner operation mechanism, the procedure principle and key data of the Linux core process are protected fundamentally. The method not only can be used for preventing software copyright infringement and protecting intellectual property rights in a business environment, but also can be used for an environment requiring encryption such as defense and military, and has an anti-cracking function and an information leakage preventing function.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method for protecting a Linux operating system on a Loongson hardware platform. Background technique [0002] In recent years, around the development of independent, controllable, safe and reliable domestic software and hardware, some domestic enterprises have actively explored, and a number of independent CPU chips represented by Godson have emerged. For the Linux operating system supporting the Loongson hardware platform, the Linux operating system is open source software and is very popular, so it is very easy to analyze its internal operating mechanism, and it is also easy to find its defects and loopholes. If the Godson hardware device running the Linux operating system is not protected, it is easy to crack, vulnerable to attack, and faces great security risks. [0003] With the maturity of Loongson CPU and the promotion of domestic substitution plan, Loongson is more ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/71
CPCG06F21/71
Inventor 李若寒刘强曹刚李婷
Owner SHANDONG CHAOYUE DATA CONTROL ELECTRONICS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap