Unlock instant, AI-driven research and patent intelligence for your innovation.

Data protecting method and device

A data protection and key data technology, applied in the field of data security, can solve problems such as inability to guarantee the security of key data

Active Publication Date: 2017-01-04
HUAWEI TECH CO LTD
View PDF4 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The embodiment of the present invention provides a data protection method and device to solve the problem in the prior art that the security of key data cannot be guaranteed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data protecting method and device
  • Data protecting method and device
  • Data protecting method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0074] Among many technologies for protecting key data, encrypted storage of key data is the most widely used technology. By encrypting and storing key data, data security can be greatly improved and it is difficult for attackers to obtain private data. However, this method has limitations: purely encrypted storage cannot fundamentally solve the security problem of key data. Since key data also needs to be used in the program, the key for encrypting key data will also be stored in memory, exposing In front of the attacker, at the same time, if there are many accesses to key data, the encryption and decryption operations will also cause a large performance loss. In addition, the threat model of the above methods does not consider the malicious operating system. How to prevent the theft of key data in the application under the threat model of the malicious operating system is also a problem worth exploring.

[0075] In the cloud computing platform, the services provided by many...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a data protecting method and a data protecting device, aiming at solving the problem in the prior art that the safety of key data cannot be ensured. The method comprises the following steps: monitoring whether a key code used for accessing key data in an application program is called or not; when monitoring that an operation system calls the key code via a pre-allocated first expansion page table EPT, and switching from the first EPT to a pre-allocated second EPT according to a preset springboard code corresponding to the key code, wherein the memory mapping relationship between the key data and the key code is not allocated in the first EPT, the memory mapping relationship between the key data and the key code is allocated in the second EPT, and the key data and the key code are respectively stored in an independent memory area; and switching back to the first EPT from the second EPT according to the springboard code after the key code is called and executed by the second EPT.

Description

technical field [0001] The invention relates to the technical field of data security, in particular to a data protection method and device. Background technique [0002] In April 2014, a very serious security hole was discovered in Open Secure Sockets Layer (OpenSSL), which is widely used in public key authentication and data encryption on the Internet, called "Heartbleed" ( heartbleed). This vulnerability is identified as CVE-2014-0160. The reason for this vulnerability is that the heartbeat (heartbeat) extension of the Transport Layer Security (TLS) protocol it supports does not perform boundary detection, allowing attackers to Arbitrary reading of up to 64KB of data in memory leaks in client-server connections. That is to say, without any privileged information or authentication, an attacker may read key data including the private key of the X.509 certificate, user name and password, etc. from the server. Among them, the leakage of the server private key is not simply ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06F21/52
CPCG06F21/52G06F21/629G06F2221/2149G06F2221/033G06F21/62G06F12/1009G06F12/145G06F21/51G06F21/74G06F21/78G06F12/08G06F2212/151G06F2212/657G06F2212/1052G06F21/54G06F21/563G06F21/566G06F21/577G06F21/6218G06F2221/034
Inventor 刘宇涛夏虞斌陈海波
Owner HUAWEI TECH CO LTD