A cryptographic machine system

By using an application cryptographic machine system, combined with the host system, the cryptographic machine system, and the virtual application server, resource savings and enhanced security are achieved. This solves the problems of wasted equipment resources and insufficient security in existing technologies and improves the security protection capabilities of the application server.

CN115455403BActive Publication Date: 2026-06-09BEIJING JN TASS TECH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
BEIJING JN TASS TECH
Filing Date
2022-10-08
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

The existing connection model between the cryptographic machine and the application server requires two devices, resulting in wasted resources and insufficient stability and security. The application server software lacks specific security protection and cannot meet the core module requirements of important systems.

Method used

A single application cryptographic machine system is adopted, including a host system, a cryptographic machine system, and a virtual application server. Through the separation of management interface and business interface, independent management and security protection of the cryptographic machine and the virtual application server are achieved. Management can only be performed through administrator authentication, and the virtual application server accesses the business interface of the cryptographic machine to perform cryptographic operations.

Benefits of technology

It saves costs, improves security, prevents viruses and illegal programs from intruding, enhances the reliability and security of the connection between the application and the cryptographic machine, and makes the overall system more secure.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115455403B_ABST
    Figure CN115455403B_ABST
Patent Text Reader

Abstract

The application provides an application cryptomachine architecture and system, which comprises an application cryptomachine, the application cryptomachine comprising a host computer system, a cryptomachine system and a virtual application server; the host computer system comprising a host computer and an operating system and a management program installed on the host computer, and being used for managing the cryptomachine system and the virtual application server; the cryptomachine system being a cryptomachine installed on the host computer or installed on a virtual machine, and comprising a corresponding cryptomachine operation module, a security protection module, an operating system, a cryptomachine service and a key management program; and the virtual application server being a virtual server serving as an application server, and being used for subsequently installing an operating system and an application service program on the virtual server under controlled conditions. The application cryptomachine combines the cryptomachine and the application server together organically, saves equipment, is convenient for user application, and improves the overall security.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the fields of information security and cryptographic security, and in particular to an application cryptographic machine system. Background Technology

[0002] Cryptographic machines are passive devices that provide cryptographic services and cannot authenticate application servers using cryptographic technology. Therefore, application servers are generally required to be directly connected to the cryptographic machine's business network card (back-to-back connection) via a dedicated network card. In actual deployments, to improve scalability and availability, multiple dedicated network cards or dedicated switches can also be used.

[0003] The common connection model between existing cryptographic machines and application servers is as follows: Figure 1 As shown:

[0004] General architecture: Application server + cryptographic machine architecture. For example:

[0005] a. Server cryptographic machine, which connects to the application server via a network.

[0006] b. Financial data encryption machine, which connects to application servers or business servers via a network.

[0007] In this setup, the application server and the cryptographic machine are connected back-to-back via a network. The application server connects to the cryptographic machine's network card 1 via network card 2. Network card 1 of the application server accesses the application network, providing services to other business systems or applications. The primary purpose of this physically dedicated connection is to ensure that the cryptographic machine is invisible to the application network.

[0008] The disadvantages of the above-mentioned traditional architecture:

[0009] (1) It requires two devices, which wastes resources and has poor stability and security.

[0010] (2) The software on the application server is not specifically protected and cannot meet the additional security protection requirements of some important systems or core modules of important systems. Summary of the Invention

[0011] Therefore, the purpose of this invention is to provide an application cryptographic machine system that is cost-effective and offers higher security. To achieve the above objective, the technical solution of this invention is as follows:

[0012] An application cryptographic machine system includes an application cryptographic machine, which comprises a host system, a cryptographic machine system, and a virtual application server;

[0013] The host system includes a host machine and an operating system and management programs installed on the host machine, used to manage the cryptographic machine system and the virtual application server;

[0014] The cryptographic machine system is a cryptographic machine installed on a host machine or a virtual machine, including a corresponding cryptographic operation module, a security protection module, an operating system, cryptographic machine services, and a key management program;

[0015] The virtual application server is a virtual server that acts as an application server, used to install operating systems and application service programs on the virtual server under controlled conditions.

[0016] Furthermore, the host system has one or more management interfaces and corresponding application cryptographic machine management programs, so that only those who have management privileges through the management interface can manage the application cryptographic machine;

[0017] The management port is the external management port of the application cryptographic machine; only through this management port can the cryptographic machine and the virtual application server be managed.

[0018] Accessing the application cryptographic machine through this management network port requires administrator privileges. Only those who have passed administrator authentication can manage the application cryptographic machine. The administrator authentication is consistent with the cryptographic machine's hierarchical requirements, that is, its authentication level is the same as the permission level for key management and cryptographic machine management.

[0019] Furthermore, the management of the cryptographic machine includes: device management, key management, and access control; the management of the virtual application server includes: initialization, application installation, modification, and deletion of the virtual application server.

[0020] Furthermore, the virtual application server has one or more business interfaces, which are interfaces for providing business services to the outside world, but only provide external business services and do not have management functions;

[0021] The cryptographic machine does not provide services directly to the outside world. Only the virtual application server can access the business interface of the cryptographic machine and access the cryptographic machine system through the service program on the virtual application server to complete the cryptographic calculations of external applications.

[0022] Furthermore, both the virtual application server and the cryptographic machine system have independent management interfaces and business interfaces.

[0023] The management interface of the virtual application server is connected to the virtual network card on the host system through an internal virtual network card, enabling administrators who have passed management authentication to manage the virtual server through the management interface on the host machine.

[0024] If the cryptographic machine system is installed on a host machine, then the management interface of the cryptographic machine (cryptographic machine management network interface) is the host machine management interface. If the cryptographic machine system is installed on a virtual machine, then the management interface of the cryptographic machine is connected to the virtual network card on the host machine system through the internal virtual network card, so that the administrator who has passed the management authentication can manage the cryptographic machine through the management interface on the host machine.

[0025] The business interface of the virtual application server serves as the business interface of the application cryptographic machine. The business interface of the application cryptographic machine provides business services to the outside world, but only provides external business services and does not have management functions. The business interface of the cryptographic machine does not directly provide services to the outside world. Only the virtual application server can access the business interface of the cryptographic machine and access the cryptographic machine system through the service program on the virtual application server to complete the cryptographic calculations of the external application.

[0026] Furthermore, the virtual application server is connected to the virtual network card of the cryptographic machine through an internal virtual network card, enabling access to the cryptographic machine's business interface through the application cryptographic machine's business interface and the application service program on the virtual cryptographic machine, in order to complete the cryptographic operations required by the business.

[0027] Furthermore, the operating systems and programs on the host machine and the cryptographic machine cannot be changed. The operating system and applications on the virtual application server can be installed and modified by the user, but they need to be digitally signed and authenticated by an administrator with management privileges. Only operating systems and applications with administrator signatures and verified by the host machine can be installed on the virtual application server.

[0028] Furthermore, the application cryptographic machine includes a chassis, a host, and cryptographic components. The chassis is a chassis that meets the physical security requirements of the corresponding level of cryptographic machine and has functions such as anti-detection, electromagnetic isolation, and key destruction upon opening the cover.

[0029] The host includes a CPU, memory, hard disk, and necessary peripherals and external interfaces;

[0030] The cryptographic components include a cryptographic module and a physical security protection module.

[0031] The beneficial effects of this invention are:

[0032] The cryptographic machine system of the present invention has the following beneficial effects:

[0033] 1. One physical machine / cryptographic device can accomplish the tasks that usually require two devices, saving costs;

[0034] 2. Applications on the application server are also protected against intrusion by viruses, worms, and illegal programs;

[0035] 3. The entire system uses the physical protection mechanism of the cryptographic machine, resulting in higher security;

[0036] 4. Improve the reliability and security of the connection between the application and the cryptographic machine. Attached Figure Description

[0037] Figure 1 A schematic diagram of the structure of a cryptographic machine using existing technology;

[0038] Figure 2 This is a schematic diagram of the cryptographic machine system used in this invention;

[0039] Figure 3 This is a schematic diagram of the structure of an embodiment of the cryptographic machine system of the present invention;

[0040] Figure 4 This is a schematic diagram of the structure of a second embodiment of the cryptographic machine system of the present invention. Detailed Implementation

[0041] To make the objectives, technical solutions, and advantages of this invention clearer, the application cryptographic machine system of this invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be noted that, unless otherwise specified, the following embodiments and features can be combined with each other. It should be understood that the specific embodiments described herein are for illustrative purposes only and are not intended to limit the invention.

[0042] Reference Figures 2 to 4 An embodiment of the present invention provides an application cryptographic machine system, which includes an application cryptographic machine, a host system, a cryptographic machine system, and a virtual application server.

[0043] The host system includes the host machine and the operating system and management programs installed on the host machine, which are used to manage the cryptographic machine system and virtual application servers;

[0044] A cryptographic machine system is a cryptographic machine installed on a host machine or a virtual machine, including the corresponding cryptographic operation module, security protection module, operating system, cryptographic machine service and key management program;

[0045] A virtual application server is a virtual server that acts as an application server, used to install operating systems and application service programs under controlled conditions.

[0046] As a preferred implementation, the host system has one or more management interfaces and corresponding application cryptographic machine management programs, so that only those with management privileges through the management interface can manage the application cryptographic machine;

[0047] The application cryptographic machine's management port is its external management port. Only through this management port can the cryptographic machine and the virtual application server be managed. The management of the cryptographic machine includes: device management, key management, and permission management. The management of the virtual application server includes: initialization, application installation, modification, and deletion.

[0048] Accessing the application cryptographic machine through this management network port requires administrator privileges. Only those who have passed administrator authentication can manage the application cryptographic machine. Administrator authentication is consistent with the cryptographic machine's hierarchical requirements and includes, but is not limited to, methods such as: passwords, administrator U-keys, and administrator IC cards.

[0049] Preferably, the virtual application server has one or more business interfaces, which are both the business interfaces of the application cryptographic machine and the interfaces for providing business services to the outside world, but only provide external business services and do not have management functions;

[0050] The cryptographic machine does not provide services directly to the outside world. Only the virtual application server, which acts as an application server, can access the business interface of the cryptographic machine and access the cryptographic machine system through the service program on the virtual application server to complete the cryptographic calculations of external applications.

[0051] As a preferred implementation method, both the virtual application server and the cryptographic machine system have independent management interfaces and business interfaces.

[0052] The management interface of the virtual application server is connected to the virtual network card on the host system through the internal virtual network card, which enables the administrator who has been authenticated to manage the virtual server through the management interface on the host machine.

[0053] If the cryptographic machine system is installed on a host machine, then the cryptographic machine's management network interface card (NIC) is the host machine's management interface; that is, the cryptographic machine's management interface is the host machine's management interface. If the cryptographic machine system is installed on a virtual machine, then the cryptographic machine's management interface is connected to the virtual NIC on the host machine system through an internal virtual NIC, allowing an authenticated administrator to manage the cryptographic machine through the host machine's management interface.

[0054] The business interface of the virtual application server serves as the business interface of the application cryptographic machine. The business interface of the application cryptographic machine provides business services to the outside world, but it only provides external business services and does not have management functions. The business interface of the cryptographic machine does not directly provide services to the outside world, and only the virtual application server can access the business interface of the cryptographic machine and access the cryptographic machine system through the service program on the virtual application server to complete the cryptographic calculations of the external application.

[0055] Furthermore, the virtual application server connects to the virtual network card of the cryptographic machine through its internal virtual network card, enabling access to the cryptographic machine's business interface through the application cryptographic machine's business interface and the application service program on the virtual cryptographic machine, in order to complete the cryptographic operations required by the business.

[0056] As a preferred implementation, the operating systems and programs on the host machine and cryptographic machine cannot be changed without authorization. The operating system and applications on the virtual application server can be installed and modified by the user, but require digital signature authentication by an administrator with management privileges. Only operating systems and applications with administrator signatures and verified by the host machine can be installed on the virtual application server.

[0057] In the above embodiments, the virtual cryptographic machine includes a cryptographic machine operating system and a cryptographic application program for the cryptographic machine; the virtual application server includes an operating system, device drivers, and basic service programs required for the operation of the cryptographic application system, wherein the basic service programs are used to cooperate with the host machine to manage the application programs of the virtual application server; the host machine system includes an operating system and a management program for the virtual application server.

[0058] The host system has one or more management interfaces and corresponding application cryptographic machine management software, ensuring that only those with administrative privileges can manage the application cryptographic machine through these interfaces. The virtual application server has one or more business interfaces, which provide external business services but lack management functionality. The cryptographic machine does not directly provide services; only the virtual application server can access its business interfaces and perform cryptographic operations through its service programs. The operating systems and programs on the host machine and cryptographic machine cannot be modified, but the operating system and applications on the virtual application server can be installed and modified by the user, requiring digital signature authentication by an administrator with administrative privileges. The application cryptographic machine organically combines the cryptographic machine and the application server, saving equipment, facilitating user application, and improving overall security.

[0059] This embodiment proposes an application cryptographic machine, comprising a physical device (or host machine) and three systems running within the device: a host machine system, a cryptographic machine system, and a cryptographic application virtual machine (or virtual application server). The cryptographic machine system can reuse the operating system of the host machine system.

[0060] The physical device (or physical machine, host machine) includes the chassis, host, and cryptographic components. The chassis is a chassis that meets the physical security requirements of the corresponding level of cryptographic machine, including functions such as anti-detection, electromagnetic isolation, and destruction of sensitive information (such as keys) upon opening the case.

[0061] The cryptographic components include key parts such as cryptographic modules and protection modules. The cryptographic module is a dedicated circuit or chip that implements various cryptographic algorithms, including symmetric, asymmetric, stream cipher, and identity cipher algorithms; it is the core component of the cryptographic machine. The protection module is a dedicated circuit, device, and chip that protects the cryptographic equipment, providing full lifecycle security protection for sensitive information such as keys to prevent leakage and illegal theft.

[0062] The host system includes the operating system and the management program for the virtual application server (or cryptographic application virtual machine);

[0063] A cryptographic machine system may include key components such as the operating system, cryptographic operation program, key management program, cryptographic service program, cryptographic module, and protection module required by the cryptographic machine.

[0064] A virtual application server includes the operating system, application service programs, and other components required for the application system to run.

[0065] As a preferred implementation, the cryptographic machine system further includes a first physical network interface card (NIC), a second physical NIC, and a third physical NIC.

[0066] The first and second physical network interface cards (NICs) are assigned to the virtual application server. The virtual application server provides external application services through these two NICs. These application services may include payment services, authentication services, and / or encryption / decryption services. The application program of the virtual application server may be a financial IC card issuance program, a financial transaction program, or an electronic money transaction program.

[0067] The third physical network interface card and password peripherals such as password cards are assigned to the host machine.

[0068] In the above embodiments, the cryptographic machine system can reuse the host system's operating system, but the cryptographic application system can only run in a virtual machine. Furthermore, the application permissions of this virtual machine are limited; it cannot independently perform system upgrades, software updates, or loading operations. It can only provide application services through the network to improve the security of the application system. The cryptographic application of the application system is application software installed on the virtual machine. Its main function is to provide business services externally through business interfaces, and simultaneously, according to business needs, access the cryptographic machine through the internal virtual network to complete the cryptographic calculations required for the business.

[0069] Programs within the cryptographic application virtual machine can access the cryptographic machine system through the internal network provided by the host system. The cryptographic machine system only provides cryptographic computation services to the cryptographic application virtual machine.

[0070] The aforementioned host system, cryptographic machine system, and cryptographic application virtual machine system together constitute a new type of cryptographic machine: the application cryptographic machine.

[0071] The characteristics of the application cryptographic machine system are as follows:

[0072] 1. One physical machine / cryptographic device can accomplish the tasks that usually require two devices, saving costs.

[0073] 2. The applications and operating systems on the application server are also protected against intrusion by viruses, worms, and illegal programs;

[0074] 3. The entire system uses the physical protection mechanism of the cryptographic machine, resulting in higher security;

[0075] 4. Improve the reliability and security of the connection between the application and the cryptographic machine.

[0076] The application installation process on the virtual application server is as follows:

[0077] 1. Package the application and sign it using the application's private key;

[0078] 2. The host administrator logs in (password, UKEU, IC card) and begins the application installation process;

[0079] 3. Use management commands to import the application package:

[0080] a) Verification using the application's public key: including but not limited to HASH + Verify.

[0081] b) Load the application package into the virtual machine hard drive of the application server;

[0082] c) Unpack the application package and install the application;

[0083] 4. Installation complete;

[0084] In other words, an application service virtual machine cannot install any service programs on its own; it can only install them through the host machine. Its advantages are:

[0085] 1) Only the host administrator has the authority to install applications; ordinary virtual machine users cannot install any uncertified programs.

[0086] 2) The installation process requires password authentication, including but not limited to HASH and signature / verification, to ensure the legitimacy of the application;

[0087] 3) The uninstallation, deletion, and upgrade of applications on the application server are similar to the installation process, meaning that only the host administrator can complete them, and they also require security authentication and must be done through the host machine, rather than being arbitrarily modified as on a regular application server, in order to improve the security of the application server system.

[0088] Virtual application servers may come with only an operating system (OS) and no application services at the factory. Users can install applications according to their own application content; application installation can only be performed, deleted, or modified under controlled conditions on the host machine; the application installation process can be protected by password.

[0089] Example 1

[0090] Reference Figure 3 The application cryptographic machine system includes a host machine, virtual machine 1, and virtual machine 2, wherein:

[0091] 1. The host machine is used for device management and application management;

[0092] 2. Virtual machine 1 is a virtual cryptographic machine;

[0093] 3. Virtual machine 2 is a virtual application server;

[0094] A cryptographic device consists of a host machine and two virtual machines, with the host machine used for management, as detailed below:

[0095] (1) Device Management: Resource allocation, namely: resource allocation between the two virtual machines, including allocation and specification of CPU resources, memory resources, hard disk resources, peripheral resources, etc.; initial configuration is selected through initialization selection mode; the allocation also includes: two network interfaces on the host are fixedly allocated to virtual machine 2 (virtual application server), and the password card is fixedly allocated to virtual machine 1 (virtual cryptography machine). At the same time, the virtual network cards inside the two virtual machines are connected to each other to facilitate communication between the two virtual machines; the virtual network card of the host machine is connected to the virtual network cards of the two virtual machines so that the host machine can access the two virtual machines through the virtual network.

[0096] (2) Application loading management of the application server: This mainly includes the following:

[0097] a) Only the host machine has root service permissions for virtual machine 2, and only the host machine administrator has program installation / modification permissions for virtual machine 2;

[0098] b) Hash value comparison authentication (HSAH comparison) of the loaded package;

[0099] c) Verify the signature value of the loaded package;

[0100] d) Loading and deleting programs within the application server;

[0101] e) Management and validity period management of certificates or device key pairs.

[0102] The two virtual machines are a virtual cryptographic machine and a virtual application server, respectively. Figure 3 In this context, Virtual Machine 1 is a virtual cryptographic machine, and Virtual Machine 2 is a virtual application server. Specifically:

[0103] Virtual cryptographic machine: This includes the cryptographic machine's operating system (OS) and all cryptographic applications, including key management programs, cryptographic service programs, security service programs (EFP, EFT, etc.). The result is that Virtual Machine 1 is a complete cryptographic machine, including the cryptographic card.

[0104] The virtual cipher machine operates through two virtual network cards:

[0105] Virtual NIC 1: Connects to the host machine and is used by users to manage the cryptographic machine through the management interface of the host machine's NIC 3, including cryptographic machine initialization, key management, service management and other cryptographic machine management content.

[0106] Virtual NIC 2: Communicates with Virtual Machine 2. That is, the virtual application server can access the virtual cryptographic machine through this NIC to complete the required cryptographic services and calculations.

[0107] A virtual application server consists only of a server operating system (OS) and necessary device drivers and basic service programs. These basic service programs are used to work with the host machine to load and delete application services.

[0108] The virtual application server operates through two virtual network interface cards (NICs):

[0109] Virtual NIC 1: Connects to the host machine and is used by users to manage applications of the virtual application server through the host machine's external network interface, including: application service program loading, program package unpacking, application deletion and other management functions.

[0110] Virtual NIC 2: Communicates with Virtual Machine 1. That is, the virtual application server can access the virtual cryptographic machine through this NIC to complete the required cryptographic services and calculations.

[0111] The virtual application server uses two physical network interface cards (NICs), which serve as the business network interfaces for the application cryptography machine, to provide application services to the outside world.

[0112] Example 2

[0113] like Figure 4 As shown, the application cryptographic machine system includes a host machine and a virtual machine 2.

[0114] The host machine is used for device management and application management; it also serves as a cryptographic machine. Virtual machine 2 is a virtual application server.

[0115] A cryptographic device includes a host machine and a virtual machine, where the host machine is used for management and cryptographic device management: management includes device management and application loading management of the application server.

[0116] Equipment management includes resource allocation.

[0117] This includes resource allocation between the host machine and the virtual machine, and fixedly allocating two physical network interfaces (NIC1 and NIC2) to the virtual machine, while allocating another physical network interface (NIC3) and password peripherals such as password cards to the host machine.

[0118] Application loading management on the application server mainly includes the following:

[0119] a) Only the host machine has root service privileges for virtual machine 2, and only the host machine administrator has the right to install / modify programs on virtual machine 2;

[0120] b) Hash value comparison authentication (HSAH comparison) of the loaded package;

[0121] c) Verify the signature value of the loaded package;

[0122] d) Loading and deleting programs within the application server;

[0123] e) Management and validity period management of certificates or device key pairs.

[0124] A cryptographic machine includes all its applications, primarily key management programs, cryptographic service programs, and security service programs (EFP, EFT, etc.).

[0125] The cryptographic machine communicates with the virtual application server through a virtual network interface card (NIC). In other words, the virtual application server can access the host cryptographic machine through this NIC to perform the necessary cryptographic services and calculations.

[0126] A virtual machine (virtual machine 2) is a virtual application server: it only includes the server operating system (OS) and necessary device drivers and basic service programs. These basic service programs are used to complete the loading, deletion and other services of application service programs with the host machine.

[0127] The virtual application server operates through a single virtual network interface card (NIC): it connects to the host machine / cryptographic machine, allowing users to manage applications on the virtual application server via the host machine's external network interface. This management includes loading application service management programs, unpacking application packages, and deleting applications. The virtual application server can also access the cryptographic machine through this NIC to perform necessary cryptographic services and calculations.

[0128] The virtual application server provides application services to the outside world through two physical network cards.

[0129] The cryptographic machine systems described in the above embodiments have the following beneficial effects:

[0130] 1) A single cryptographic machine device can function as both a cryptographic machine and an application server, reducing the number of devices required.

[0131] 2) Ordinary application servers have poor security protection measures. Using the architecture of this invention, the server also has most of the security functions of a cryptographic machine, including: physical security (chassis) and firmware security (software cannot be installed without authorization), which prevents the installation of illegal programs and improves the security of the application system.

[0132] 3) From an application perspective, it is the same as the traditional application model; that is:

[0133] Application services (such as payment, authentication, encryption and decryption services) are provided through the network interface of the application server.

[0134] The cryptographic machine is connected to the application server through an independent network and indirectly provides cryptographic services; the cryptographic machine is invisible to the outside world.

[0135] 4) The application is installed by the user in a controlled manner, which effectively solves various application scenarios and has the ability to adapt to continuous application service updates.

[0136] 5) By configuring resources on the host machine, including CPU, memory, hard disk, etc., the application requirements and cryptographic machine requirements can be adjusted effectively according to different application scenarios through the initial resource allocation.

[0137] 6) One application cryptographic machine of this invention can adapt to different application requirements by installing different application interface programs on a virtual application server. For example, if the cryptographic machine is a financial data cryptographic machine, the server can achieve this by installing different applications.

[0138] The installation of the financial IC card issuance program transforms the application cryptographic machine into a dedicated financial IC card issuance cryptographic machine.

[0139] Install financial transaction programs to make the application cryptographic machine a dedicated cryptographic machine for financial transactions.

[0140] Installing electronic currency transaction software transforms the application cryptographic machine into a dedicated electronic currency cryptographic machine.

[0141] The aforementioned dedicated cryptographic machines can also be continuously adapted to new business needs by updating and replacing application service programs, saving a significant amount of money and extending their lifespan.

[0142] The above-described embodiments are merely examples of several implementations of the present invention, and while the descriptions are relatively specific and detailed, they should not be construed as limiting the scope of the present invention. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of the present invention, and all equivalent implementations or changes made without departing from the spirit of the present invention should be included within the protection scope of the present invention.

Claims

1. A cryptographic machine system, characterized in that, It includes an application cryptographic machine, which comprises a host system, a cryptographic machine system, and a virtual application server; The host system includes a host machine and an operating system and management programs installed on the host machine, used to manage the cryptographic machine system and the virtual application server; The cryptographic machine system is a cryptographic machine installed on a host machine or a virtual machine, including a corresponding cryptographic operation module, a security protection module, an operating system, cryptographic machine services, and a key management program; The virtual application server is a virtual server that serves as an application server, used to install the operating system and application service programs on the virtual server under controlled conditions. The application server has one or more business interfaces, which are interfaces that provide business services to the outside world, but only provide external business services and do not have management functions. The cryptographic machine does not provide services directly to the outside world. Only the virtual application server, which acts as an application server, can access the business interface of the cryptographic machine and access the cryptographic machine system through the service program on the virtual application server to complete the cryptographic calculations of external applications.

2. The application cryptographic machine system according to claim 1, characterized in that: The host system has one or more management interfaces and corresponding application cryptographic machine management programs, so that only those who have management privileges through the management interface can manage the application cryptographic machine; The management interface is the external management network port of the application cryptographic machine. Only through this management network port can the cryptographic machine and the virtual application server be managed. Accessing the application cryptographic machine through this management network port requires administrator privileges. Only after passing administrator authentication can the application cryptographic machine be managed. The administrator authentication is consistent with the cryptographic machine's hierarchical requirements.

3. The application cryptographic machine system according to claim 2, characterized in that: The management of cryptographic machines includes: device management, key management, and access control; the management of virtual application servers includes: initialization, application installation, modification, and deletion.

4. The application cryptographic machine system according to claim 1, characterized in that: The virtual application server and the cryptographic machine system each have independent management interfaces and business interfaces; The management interface of the virtual application server is connected to the virtual network card on the host system through an internal virtual network card, enabling administrators who have passed management authentication to manage the virtual server through the management interface on the host machine. If the cryptographic machine system is installed on a host machine, then the management interface of the cryptographic machine is the management interface of the host machine. If the cryptographic machine system is installed on a virtual machine, then the management interface of the cryptographic machine is connected to the virtual network card on the host machine system through the internal virtual network card, so that the administrator who has passed the management authentication can manage the cryptographic machine through the management interface on the host machine. The business interface of the virtual application server serves as the business interface of the application cryptographic machine. The business interface of the application cryptographic machine provides business services to the outside world, but only provides external business services and does not have management functions. The business interface of the cryptographic machine does not directly provide services to the outside world. Only the virtual application server can access the business interface of the cryptographic machine and access the cryptographic machine system through the service program on the virtual application server to complete the cryptographic calculations of the external application.

5. The application cryptographic machine system according to any one of claims 1-4, characterized in that: The operating systems and programs on the host machine and cryptographic machine cannot be modified. The operating system and applications on the virtual application server can be installed and modified by the user, but they need to be digitally signed and authenticated by an administrator with management privileges. Only operating systems and applications with administrator signatures and verified by the host machine can be installed on the virtual application server.