Unlock instant, AI-driven research and patent intelligence for your innovation.

System configuration attribute proving method and system based on trusted execution environment

An execution environment and system configuration technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve the problems of being unable to interfere with the fingerprint identification process and results, and unable to obtain any fingerprint information, achieving a high degree of realizability and security The effect of ensuring reliability, ensuring privacy, and protecting privacy

Inactive Publication Date: 2018-06-15
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF7 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, in a mobile payment scenario, the fingerprint processing program can be placed in a trusted execution environment, and other programs on the mobile platform cannot obtain any information about fingerprints, nor can they interfere with the process and results of fingerprint identification

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System configuration attribute proving method and system based on trusted execution environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The specific implementation of the present invention will be described below by taking the trusted execution environment technology based on ARM TrustZone technology (ARM processor and bus security extension technology) to realize the distribution and use of data configured with privacy protection on the smart mobile terminal as an example.

[0051] 1. The smart mobile terminal divides security areas and non-security areas based on ARM TrustZone technology.

[0052] By configuring TZASC (TrustZone Address Space Controller) and other controllers in the TrustZone technology, the memory and peripherals of the smart mobile terminal are divided into a safe world (a safe world is a technical term for TrustZone, corresponding to the above-mentioned safe area) and a normal world ( The normal world is the technical term of TrustZone, which corresponds to the non-secure zone above); among them, the secure world only needs a small amount of memory to mainly deploy the cryptography ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a system configuration attribute proving method based on a trusted execution environment. The method includes: 1) when a computer system of a proving side is started, utilizingtrusted-execution-environment technology to divide a memory and peripheral configurations into a security area and a non-secure area; 2) deploying a cryptography service program, a driver program ofnon-volatile storage equipment and a security-area integrity proving program in the secure area; 3) deploying a main-body program, which realizes a configuration attribute proving protocol, in the non-secure area; 4) before the configuration attribute proving protocol is run, firstly running the integrity proving program in the security area by the proving side to demonstrate integrity of the security area thereof to a verification side; and 5) executing an initialization process, a certificate issuing process, a proving process and a verification process of the configuration attribute provingprotocol in sequence. By adopting the method, the proving side can prove that configurations of the computer system thereof meet specific security attributes, and can protect privacy of the configurations at the same time.

Description

technical field [0001] The invention belongs to the technical field of computer operating system security protocol and security enhancement, and specifically relates to a method and system for realizing attribute certification based on a trusted execution environment, which can verify the credibility of computer system configuration to a remote verification party while protecting specific configuration privacy . Background technique [0002] In common scenarios in computer network application fields such as data copyright protection and enterprise mobile office, data providers often hope that the configuration of data users' computer systems meets specific security requirements. For example, in the field of digital copyright protection, digital media manufacturers hope that videos can only be played on specific devices. For another example, in the field of enterprise remote office, enterprises hope that enterprise data can only be downloaded to specific types of computers f...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/44G06F21/62H04L9/32
CPCG06F21/44G06F21/6209H04L9/3218H04L9/3247H04L9/3263
Inventor 初晓博冯伟秦宇赵世军
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI