Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A dual-system trusted computing system and method

A trusted computing and trusted technology, applied in the field of information security, can solve problems such as inability to adapt, violation of security principles, and damage to enterprise production systems

Active Publication Date: 2020-02-18
北京自主可信科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Adopting the traditional mode of emphasizing computing and ignoring defense will lead to the intrusion of personal computers, the destruction of enterprise production systems, the failure of urban and rural infrastructure, and the destruction of important national information systems. The impact will be everywhere.
With the advent of the 5G network era and the rise of new computing and new applications such as mobile Internet, Internet of Things, cloud computing, big data, and fog computing, the network security situation has become more severe. Traditional systems based on firewalls, intrusion detection, and virus prevention , Vulnerability upgrades represented by repairing security protection methods can no longer adapt to the current new situation
[0003] Traditional security protection methods such as firewalls, intrusion detection, and virus prevention are compared and killed based on the content of the signature database that has occurred. Faced with an endless stream of new vulnerabilities and attack methods, they are hard to guard against; Basic security principles may directly lead to leaks by insiders; in addition, traditional security protection methods can be controlled by attackers and become new attack platforms, such as "Prism Gate" which uses firewalls to steal information

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dual-system trusted computing system and method
  • A dual-system trusted computing system and method
  • A dual-system trusted computing system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0071] Such as figure 1 As shown, a dual-system trusted computing system, the system includes: a trusted management center and at least one dual-system trusted computing node connected to the trusted management center, the dual-system trusted computing node includes: parallel computing subsystems and The protection subsystem has a security isolation mechanism between the computing subsystem and the protection subsystem, and interacts through a dedicated access channel; wherein, the trusted management center is an independent management center or implemented inside a dual-architecture trusted computing node.

[0072] The computing subsystem is used to perform computing tasks, the protection subsystem is used to measure and control the computing subsystem according to the trusted policy in the trusted management center, and send the measurement records to the trusted management center, and the trusted management center uses For statistical analysis of measurement records.

[00...

Embodiment 2

[0159] An embodiment of the present invention also provides a dual-system trusted computing method, which is applied to the dual-system trusted computing system in Embodiment 1. The system includes: a trusted management center and at least one dual-system trusted computing system connected to the trusted management center. Trust computing nodes, dual-system trusted computing nodes include: parallel computing subsystems and protection subsystems, with a security isolation mechanism between the computing subsystems and protection subsystems, which interact through dedicated access channels;

[0160] Such as figure 2 As shown, the methods include:

[0161] S1. The protection subsystem obtains the trusted strategy of the trusted management center;

[0162] S2. When the computing subsystem performs computing tasks, the protection subsystem is used to measure and control the computing subsystem according to trusted policies;

[0163] S3. The protection subsystem sends the measure...

Embodiment 3

[0166] Based on a dual-system trusted computing method in Embodiment 2, the protection subsystem includes: a trusted software base, a TPCM operating system, and a TPCM hardware platform, and the computing subsystem includes: an application program, an operating system, and a hardware platform, such as image 3 As shown, step S2 includes:

[0167] S21. The trusted software base in the protection subsystem receives the relevant information of the computing subsystem sent by the TSB agent program, wherein the TSB agent program is an agent program implanted into the computing subsystem by the protection subsystem, and the TSB agent program is used to obtain Calculate the relevant information of the subsystem and send it to the trusted software base;

[0168] S22. The trusted software base measures the computing subsystem according to the trusted policy, obtains a measurement result, and determines a control and processing method for the computing subsystem according to the measure...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a dual-system trusted computing system and method. The system includes: a trusted management center and at least one dual-system trusted computing node connected to the trusted management center. The dual-system trusted computing node includes: a parallel The computing subsystem and the protection subsystem have a security isolation mechanism between the computing subsystem and the protection subsystem, and interact through a dedicated access channel; the computing subsystem is used to perform computing tasks, and the protection subsystem is used to The trusted policy measures and controls the computing subsystem, and sends the measurement records to the trusted management center, which is used for statistical analysis of the measurement records. The system and method provided by the present invention realize active security protection while computing through parallel computing subsystems and protection subsystems, ensuring that computing tasks are not disturbed and destroyed, and can resist various known and unknown attacks.

Description

technical field [0001] The invention relates to the field of information security, in particular to a dual-system trusted computing system and method. Background technique [0002] China is the largest network market in the world. With the popularization of the Internet, network security incidents have skyrocketed. Adopting the traditional mode of emphasizing computing and ignoring defense will lead to the intrusion of personal computers, the destruction of enterprise production systems, the failure of urban and rural infrastructure, and the destruction of important national information systems, and the impact will be everywhere. With the advent of the 5G network era and the rise of new computing and new applications such as mobile Internet, Internet of Things, cloud computing, big data, and fog computing, the network security situation has become more severe. Traditional systems based on firewalls, intrusion detection, and virus prevention , Vulnerability upgrades represen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
Inventor 沈昌祥孙瑜杨秩洪宇
Owner 北京自主可信科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products