Method and device for realizing integrity protection of operating system
An integrity protection and operating system technology, applied in the field of operating system integrity protection, can solve problems such as failure, failure to guarantee the correctness of inspection results, hijacking of functional modules, etc.
Active Publication Date: 2017-10-27
NANJING ZHONGXING SOFTWARE
View PDF5 Cites 9 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0004] In the related art, all functional modules of the integrity check of the protected operating system are parasitic in the protected operating system, that is, implemented in the kernel of the protected operating system. When the protected operating system has a security hole and is attacked , the function module of the integrity check of the protected operating system may be hijacked and invalidated, resulting in the inability to guarantee the correctness of the check result
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0086] In order to facilitate the understanding of those skilled in the art, the present invention will be further described below in conjunction with the accompanying drawings, which cannot be used to limit the protection scope of the present invention. It should be noted that, in the case of no conflict, the embodiments in the present application and various manners in the embodiments can be combined with each other.
[0087] see figure 1 , the embodiment of the present invention proposes a method for implementing integrity protection of the operating system, including:
[0088] Step 100, the trusted control core module acquires the metric values corresponding to one or more metric parameters of the monitored operating behavior in the protected operating system and / or virtual machine monitoring module, and sends the metric values of all the metric parameters obtained to the Faith measurement module.
[0089] In this step, the measurement parameters include one or more ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a method and a device for realizing the integrity protection of an operating system. The method comprises the following steps that: a trusted control kernel module obtains a measurement value corresponding to one or more than one measurement parameter of a monitored operation behavior in a protected operating system and / or a virtual machine monitoring module, and the obtained measurement values of all measurement parameters are sent to a trusted measurement module; the trusted measurement module obtains the standard measurement values of all measurement parameters from a trusted standard library module, judges that the measurement value of one or more than one measurement parameter is different from the corresponding standard measurement value, and sends information for showing to avoid monitored operation behaviors to the trusted control kernel module; and the trusted control kernel module avoids the monitored operation behaviors and / or records the monitored operation behaviors, wherein the trusted control kernel module is arranged in the virtual machine monitoring module, and the virtual machine monitoring module, the trusted measurement module and the trusted standard library module are arranged out of the protected operating system.
Description
technical field [0001] This article relates to but not limited to the field of information technology, especially a method and device for implementing integrity protection of an operating system. Background technique [0002] With the continuous deepening and development of trusted computing technology, certain breakthroughs have been made in many aspects. In terms of the scope of security protection, it develops from the credible confirmation of the initial state of the operating system when the operating system is started to the credible confirmation of the operating system when the operating system is running. The integrity protection of the operating system when the operating system is running is a key technology to ensure the credibility of the operating system when it is running. This technology can be used to identify behaviors such as illegal tampering or code injection, thereby ensuring the security and reliability of the operating system when it is running. [000...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F21/57
CPCG06F9/45558G06F21/57G06F2009/45587G06F2221/034G06F9/455
Inventor 崔云峰钟卫东刘东王继刚
Owner NANJING ZHONGXING SOFTWARE