Unlock instant, AI-driven research and patent intelligence for your innovation.

A Kernel Sensitive Data Protection Method Based on Customized Hardware Security Attributes

A sensitive data and hardware security technology, applied in digital data protection, electrical digital data processing, platform integrity maintenance, etc., can solve the problem of no sensitive data confidentiality protection, etc., to improve kernel security, improve performance, and achieve micro performance effect of overhead

Active Publication Date: 2022-02-11
ZHEJIANG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the confidentiality of these sensitive data is not protected in the current modern operating system kernel, and attackers can use the loopholes to obtain these data from memory without hindrance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Kernel Sensitive Data Protection Method Based on Customized Hardware Security Attributes
  • A Kernel Sensitive Data Protection Method Based on Customized Hardware Security Attributes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments, and the purpose and effect of the present invention will become clearer. It should be understood that the specific embodiments described here are only used to explain the present invention and are not intended to limit the present invention.

[0019] Such as figure 1 As shown, the kernel sensitive data protection method based on customized hardware security attributes of the present invention, before the user mode process switches to the kernel mode to request the kernel service, the kernel pre-generates the key required for the operation of the cryptographic algorithm, and executes the process in the kernel mode , when the kernel state process involves relevant kernel sensitive data operations, the kernel sensitive data is encrypted or decrypted using the extended cryptographic operation instructions, and a random variable is input when encrypti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for protecting kernel sensitive data based on customized hardware security attributes. The method uses extended instructions to encrypt the sensitive data when the kernel stores the sensitive data in the memory, and then decrypts it when it is retrieved from the memory, so as to ensure that the sensitive data will not be stored in memory. leaked into memory in plaintext. This method greatly improves the performance of the overall solution by using custom hardware, and only brings very small performance overhead while improving kernel security.

Description

technical field [0001] The invention relates to the field of computer kernel security reinforcement, in particular to a method for protecting kernel sensitive data based on customized hardware security attributes. Background technique [0002] According to Microsoft's statistics, 70% of vulnerabilities are caused by memory safety issues. The kernel is the core part of the operating system, and the security of the operating system kernel is related to the security of the entire computer system. When the operating system kernel is running, it will store many sensitive data and intermediate variables including kernel-related information in the memory. Attackers can use kernel vulnerabilities to collect or use these sensitive information to launch attacks on the kernel. However, the confidentiality of these sensitive data is not protected in the current modern operating system kernel, and attackers can use the loopholes to obtain these data from the memory without any obstacle...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/60G06F21/57
CPCG06F21/602G06F21/577
Inventor 徐金焱孙家栋申文博周亚金任奎
Owner ZHEJIANG UNIV