Method for safe improvement of TLS protocol processing based on CPU space-time isolation mechanism

Abstract

The invention discloses a method for the safe improvement of TLS protocol processing based on a CPU space-time isolation mechanism. The method includes, at first, constructing a trusted execution environment for a TLS protocol security agent assembly, that is, a security kernel; secondly, constructing a common running environment for the running of a TLS protocol processing module, that is, a general operating system kernel; and at the end, constructing a security monitor being responsible for the context switching between two running environments and running in the CPU security kernel. The method is advantageous in that the processing flow of a TLS handshake protocol is safely improved, the deficiency of the TLS in the communication platform integrity authentication aspect is expanded, so that the security hidden troubles caused by the high realization level, insufficient independence, and missed platform authentication of the TLS protocol are effectively solved, and the security of data encryption transmission and platform identity authentication of the two parties of the computer communication is improved.

Description

technical field [0001] The invention relates to a safety improvement of the TLS protocol, in particular to a method for improving the safety of the TLS protocol processing based on a CPU space-time isolation mechanism, and belongs to the field of safety improvement of the TLS protocol. Background technique [0002] With the continuous development of information technology and the popularization of the application of national economy and national defense military information technology, more and more users use the network for data communication, especially in the field of e-commerce, which needs to transmit a large amount of sensitive information in the transaction process . Under such circumstances, how to ensure the integrity and confidentiality of data transmission, as well as the authenticity and authenticity of platform interaction, are crucial to software providers and users involved in computer security communication services. At present, secure communication software...

AI Technical Summary

Problems solved by technology

[0005] In order to solve the above problems, the present invention designs a method for improving the security of TLS protocol processing based on the CPU space-time isolation mechanism. By safely improving the processing flow of the TLS handshake protocol, the lack of TLS in the integrity authentication of the communication platform is expanded, and the solution is effectively solved. Eliminate the potential safety hazards caused by the high level of TLS protocol implementation, insufficient independence, lack of platform authentication, etc., and improve the security of both computer communication parties in terms of data encryption transmission and platform identity authentication

Images