Soft and hard collaborative multi-level password service method and system supporting universal/trusted dual-computing system

Abstract

The invention discloses a soft and hard collaborative multi-level password service method and system supporting a universal / trusted dual-computing system. The method comprises the following steps: initializing an instance of a password service framework; establishing a password service route, calling a password service route module to obtain the position of a password resource for specifically providing the required password service, and establishing a communication path for accessing the corresponding password resource; establishing a password service session, taking information related to password resources as parameters, and calling a session function to open the session; executing password operation, and carrying out corresponding password service operation; and after the password service is completed, closing the password service session, releasing password resources, and closing the password service framework. According to the invention, flexible cryptographic services can be provided for applications at different privilege levels supporting a universal / trusted dual-computing system according to application requirements, so that an operating system can flexibly provide cryptographic services for different types of applications at different privilege levels, and supports unified cryptographic services of a universal computing domain and a trusted computing domain.

Description

technical field [0001] The invention relates to a cryptographic service framework technology in the field of computer operating systems, in particular to a method and system for a multi-level cryptographic service with software and hardware collaboration supporting a general / trusted dual computing system. Background technique [0002] Cryptography is widely used in various information systems and is crucial to information security. Many security applications directly integrate cryptographic algorithms, the general operating system environment can also provide a variety of cryptographic algorithm libraries, and many hardware manufacturers have introduced a variety of cryptographic hardware acceleration devices, spanning PCI card level, chipset level, CPU level and Devices that integrate cryptographic processing. This fragmented situation is not convenient for security application development, but also increases the workload of security risks and security operation and mainte...

AI Technical Summary

Problems solved by technology

[0006] The technical problem to be solved by the present invention: Aiming at the problem that the traditional password service method cannot effectively utilize the soft-hardware synergy feature to provide safe and reliable cryptographic services, provide a multi-level cryptographic service method and system that supports a universal / trusted dual computing system, The present invention can provide flexible cryptographic services for applications at different privilege levels supporting the general / trusted dual computing system according to application requirements, so that the operating system can flexibly provide cryptographic services for different types of applications at different privilege levels, and support general computing domains and Unified Cryptographic Service for Trusted Computing Domain

Images