Software automatic segmentation method, system, storage medium, computer equipment, terminal

An automatic segmentation and software technology, applied in computer security devices, computing, instruments, etc., can solve problems such as large performance overhead, and achieve the effect of ensuring performance overhead, small performance gap, and high security level

Active Publication Date: 2021-08-06
XIDIAN UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] When using the SGX function to protect the application, the application needs to be modified and refactored, which has strict requirements on the developer and requires a complex trade-off between performance and security. Currently, there is no suitable theory to Support developers how to divide applications in multiple security zones
[0010] The segmentation problem of multi-security zone applications first needs to solve the problem of segmentation method, that is, how to reasonably divide the application program into multiple modules, and reduce the coupling between modules as much as possible, because the mutual calls between modules Will introduce a large performance overhead

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software automatic segmentation method, system, storage medium, computer equipment, terminal
  • Software automatic segmentation method, system, storage medium, computer equipment, terminal
  • Software automatic segmentation method, system, storage medium, computer equipment, terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0071] Aiming at the problems existing in the prior art, the present invention provides a software automatic segmentation method, system, storage medium, computer equipment, and terminal. The present invention will be described in detail below in conjunction with the accompanying drawings.

[0072] Such as figure 1 As shown, the software automatic segmentation method provided by the invention comprises the following steps:

[0073] S101: The preprocessor converts the input source code files into LLVM assembly codes and links them into a single file; marks the list of security-sensitive variables that need to be protected a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of application program security area division, and discloses a software automatic division method, system, storage medium, computer equipment, and terminal, that is, the MulTEE partition framework. Users need to first annotate security-sensitive application program data; MulTEE will automatically Divide the application program into untrusted modules and multiple secure modules, each security module is the smallest program slice of the sensitive data, use backward data flow analysis to identify code that may affect the confidentiality of sensitive data, use the previous Slices are used to identify code that may affect the integrity of sensitive data; security-sensitive modules are deployed in security zones to protect them from attacks. The present invention evaluates MulTEE on Memcached database, LibreSSL cryptography library and Digital Bitbox bitcoin wallet, and the results show that it achieves smaller TCB size with acceptable performance overhead.

Description

technical field [0001] The invention belongs to the technical field of application security zone division, and in particular relates to a software automatic division method, system, storage medium, computer equipment and terminal. Background technique [0002] Currently, applications are increasingly deployed in third-party data centers and public cloud environments that are not fully trusted, such as Amazon AWS and Microsoft Azure. This places very high demands on cloud data centers, which must protect sensitive data from attackers with the highest privileges, such as system administrators. The use of encryption technology to protect sensitive data has relatively large restrictions on the operations that can be performed. Although fully homomorphic encryption technology allows users to perform arbitrary operations, it will generate large computational overhead. A new direction in protecting applications in untrusted environments is to use the trusted execution mechanisms p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06F21/57G06F21/60G06F21/64
CPCG06F21/563G06F21/57G06F21/602G06F21/64
Inventor 李兴华张晓涵石志远杨超杨力柯海娟智一方潘晓波马建峰
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap