A software and hardware bidirectional adaptive linkage global private data isolation sandbox system and method

By constructing a full-domain private data isolation sandbox system that is both software and hardware adapted and linked, the problems of fragmented software and hardware adaptation and weak linkage in existing technologies are solved, achieving efficient and reliable data security protection, adapting to multi-terminal scenarios and efficient resource utilization.

CN122339836APending Publication Date: 2026-07-03薛梁

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
薛梁
Filing Date
2026-05-24
Publication Date
2026-07-03

AI Technical Summary

Technical Problem

Existing data isolation technologies suffer from problems such as fragmented software and hardware adaptation, weak interoperability, and susceptibility to unilateral modification and circumvention, making them unable to effectively resist advanced persistent threats and adapt to heterogeneous multi-terminal environments.

Method used

Construct a full-domain private data isolation sandbox system that is both hardware and software adapted and linked. The hardware provides immutable underlying constraints, and the software adaptively matches the hardware capabilities, forming a joint protection system with mutual locking between hardware and software. This system includes a hardware constraint layer, a software adaptation layer, and a joint effectiveness layer, enabling flexible and universal deployment and refined management.

Benefits of technology

It achieves a revolutionary improvement in security level, with protection strength increased by 3 orders of magnitude compared to pure software solutions and 1 order of magnitude compared to pure hardware solutions. It supports all types of hardware platforms and multiple terminal scenarios, covers existing technology forms in various industries, eliminates the risk of data leakage, and reduces resource consumption by more than 60%.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure FT_1
    Figure FT_1
  • Figure FT_2
    Figure FT_2
  • Figure FT_3
    Figure FT_3
Patent Text Reader

Abstract

This invention discloses a comprehensive private data isolation sandbox system and method with bidirectional hardware and software adaptation, belonging to the field of terminal data security isolation technology. Addressing the shortcomings of traditional isolation solutions—such as hardware-software separation, susceptibility to tampering and circumvention, and lack of closed-loop protection—this invention constructs a bidirectional linkage architecture where hardware constrains software and software adapts to hardware: the hardware provides physical isolation boundaries, a local independent encryption system, and a unique identity trust root; the software adaptively matches hardware characteristics, constructs a closed-loop private network domain based on a unified user identity, automatically distinguishes between internal and external networks, and executes unidirectional flow control over the external network. Time-limited, targeted external transmission is achieved through joint hardware and software authentication, with automatic isolation restoration upon transmission completion. It supports offline operation and unmanned maintenance, privatizes all domain permissions, and blocks third-party control channels. It is compatible with integrated hardware and software and lightweight pure software architectures, offering superior security and versatility compared to existing technologies, and is suitable for data security protection of AI computing clusters, distributed terminals, and classified devices.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of smart terminal data security technology, specifically to technologies such as two-way software and hardware adaptation and linkage isolation, hardware-level encryption, cross-domain data flow control, multi-terminal private networking, and AI computing power device security protection, covering all technical implementation forms such as pure software adaptation operation, joint software and hardware deployment, and embedded hardware integration. Background Technology

[0002] With the rapid development of AI large-scale models, distributed computing power, and multi-terminal collaborative technologies, data security isolation has become a core bottleneck restricting industry development. Existing data isolation and protection technologies generally suffer from a fatal flaw of fragmented software and hardware compatibility, mainly falling into three categories: Pure software isolation solutions rely entirely on code execution for protection logic, without any underlying hardware constraints. They can be easily circumvented by modifying software logic, reverse engineering, deleting functional modules, or rewriting system interfaces. As a result, the protection stability is extremely poor and cannot resist advanced persistent threat (APT) attacks. Pure hardware isolation solutions employ physical partitioning, dedicated encryption chips, and other fixed technologies, resulting in extremely weak versatility and a lack of flexible software adaptation mechanisms. They cannot adapt to heterogeneous environments with multiple terminals, dynamic networking requirements, or AI computing power elastic scheduling scenarios. Existing hybrid isolation solutions are merely simple combinations of hardware and software, lacking a two-way constraint and linkage mechanism. Major manufacturers can bypass protection by replacing hardware separately, modifying software separately, or canceling the hardware-software compatibility relationship, resulting in weak patent protection and easy replication and replacement of technology. The industry urgently needs a fully isolated architecture that enables two-way adaptation, deep linkage, and joint management of software and hardware. This architecture will fundamentally eliminate the technical chaos of unilateral tampering, simplification, and splitting to circumvent restrictions, providing reliable underlying support for data security in the AI ​​era. Summary of the Invention

[0003] Purpose of the invention To address the shortcomings of existing isolation technologies, such as hardware-software disconnect, poor adaptability, weak linkage, susceptibility to unilateral modification and circumvention, and the proliferation of derivative solutions, this invention aims to provide a comprehensive private data isolation sandbox system and method with bidirectional hardware-software adaptation and linkage. By providing immutable underlying constraints through hardware, and adaptively matching hardware capabilities with software to perform fine-grained control, a joint protection system of "mutual locking and indispensable integration of hardware and software" is formed. This completely blocks all circumvention paths such as individual software modifications, hardware replacements, and functional module splitting, comprehensively covering various simplified, downgraded, and equivalent replacement technologies. Overall hardware and software two-way adaptation and linkage architecture The core innovation of this invention lies in constructing a three-layer closed-loop architecture of hardware constraints, software adaptation, and joint effectiveness, rather than the traditional simple superposition of "hardware + software": The underlying hardware constraint layer provides a fixed physical isolation boundary, a local independent hardware key system, and a unique hardware identity for the terminal, forming an insurmountable underlying security boundary for all software logic. Mid-layer software adaptation layer: Dynamically matches different hardware carriers, single / multi-terminal architectures, and online / offline states through adaptive algorithms to achieve flexible and universal deployment. Top-level joint effective layer: All core security functions must be completed through bidirectional adaptation and linkage between software and hardware. Neither software nor hardware alone can achieve complete isolation and protection. 1 Hardware adaptation unit (general upper-level architecture) (1) Hardware physical isolation adapter unit: As the physical carrier of software isolation logic, it defines a fixed safe memory area and I / O boundary through hardware circuit. All data read and write operations of the software are restricted within this boundary, thus eliminating the possibility of software expanding its capacity or reading data beyond the boundary from a physical perspective. (2) Local hardware encryption adapter unit: integrates an independent hardware encryption engine and key storage module. The key is generated and permanently fixed inside the hardware and cannot be read from the outside. It only responds to the encryption / decryption scheduling instructions of the software and does not rely on any cloud management services. (3) Hardware terminal identity adaptation unit: Generates an unforgeable unique identity identifier based on the inherent characteristics of the terminal hardware, providing a hardware-level root of trust for multi-terminal network authentication, device access and permission verification. 2. Software Adaptive Control Module (1) Hardware feature adaptive networking module: Automatically reads and verifies local hardware identity identifiers, and binds multiple terminal hardware devices into a logical whole based on unified user identity, automatically building a closed-loop private networking domain; supports seamless switching between single terminal simplified mode and multi-terminal cluster mode. (2) Dual-domain environment adaptive discrimination module: Real-time monitoring of hardware network interface status, automatic differentiation between private network domains and external public heterogeneous network domains, and dynamic loading of corresponding software and hardware bidirectional adaptation linkage data flow control strategies without manual intervention. (3) Private domain software and hardware co-operation adaptation module: The software data interaction rules are strictly adapted to the physical isolation boundary of the hardware. Within the security zone defined by the hardware, the full domain data read and write, synchronization and resource collaborative scheduling permissions are opened. The hardware is responsible for intercepting out-of-bounds operations, and the software is responsible for fine-grained traffic scheduling. The two-way linkage of software and hardware realizes efficient and free collaboration in the intranet. (4) External network one-way flow control linkage adaptation module: When accessing the external network, the software one-way data flow control logic and the hardware physical isolation unit are linked and locked in a two-way adaptation; the hardware blocks all underlying outbound network links, and the software controls the upper layer business data flow, allowing only outbound requests without confidential instructions and inbound operations of compliant data; at the same time, through the software and hardware dual-layer interception mechanism, it prevents hidden data theft behaviors such as memory reading, interface grabbing, clipboard transfer, and process injection. (5) Multi-layer authentication time-limited transmission adaptation module: Construct a software and hardware joint authentication system, deeply bind software authentication rules with hardware identity information and local hardware environment status; only when both software and hardware verification are valid, adaptively open a temporary directional transmission channel with time, range and data type constraints; when the channel expires or the transmission is completed, automatically close and restore the full-domain isolation state. (6) Cross-scenario adaptive operation and maintenance module: The software autonomous operation and maintenance logic adaptively adapts to various hardware configurations, terminal models and operating scenarios to achieve unattended silent installation, automatic updates and fault self-healing. (7) Offline software and hardware self-supporting adaptation module: In the offline state, the software management logic runs entirely within the local hardware isolation unit. All encryption, authentication and isolation operations do not rely on external network connection, maintaining complete software and hardware two-way linkage security protection capability. (8) Full-domain permission closed adaptation module: The software permission system is deeply bound to the unique user identity of the hardware, the hardware solidifies the device ownership, and the software locks the access permissions; completely blocking all third-party backend management entry points and remote debugging channels. Core technology mechanism 1. Hardware constraints and software mechanisms All software isolation scope, data access permissions, network access rules, and data transmission policies must not exceed the limits of hardware physical isolation boundaries and hardware security parameters; software cannot independently expand permissions, break through isolation boundaries, or modify security rules without the hardware. 2. Software adapts to hardware mechanism The software automatically identifies the capability differences of different hardware platforms through the Hardware Abstraction Layer (HAL) and dynamically adjusts its own functional modules and management strategies; it supports mainstream architectures such as x86, ARM, and RISC-V, as well as all types of hardware carriers from embedded devices to large servers. 3. Hardware and software combined mechanism The following core functions must be completed through two-way adaptation and linkage between software and hardware; neither software nor hardware alone can achieve the full technical effect: Dual-domain partitioning and isolation: Hardware provides physical boundaries, while software execution logic is partitioned and controlled. Encrypted data storage: Hardware performs encryption operations, and software schedules the encryption process and key usage. Multi-terminal network authentication: Hardware provides identity verification, and software executes network logic and access control. External network one-way flow control: hardware blocks the underlying link, software manages the upper layer service traffic. Temporary transmission authentication: Hardware provides identity verification, while software handles execution permission checks and channel management. 4. Adaptation, fault tolerance, and compatibility mechanisms This architecture is backward compatible with all low-end hardware, simplifies software, allows for single-end deployment, and offers streamlined online / offline configurations. All solutions that reduce or eliminate compatible modules, weaken bidirectional linkage, or replace technical means to achieve the same functionality fall within the protection scope of this invention. Technology application boundaries This invention cannot prevent users from actively detaching themselves from the software and hardware bidirectional adaptation and linkage system for purely manual offline transcription and physical media copying, which is a general technical boundary in the field of data security. Any technical solution that falls under any of the following circumstances shall be deemed to fall within the scope of equivalent infringement of this invention: Eliminate the two-way compatibility between software and hardware, and retain only single software or hardware isolation functions. By separating the software and hardware functional modules, the software adaptation logic or hardware adaptation unit of this invention can be reused separately. The two-way linkage mechanism has been weakened, and the combined effect of software and hardware has been changed to the independent effect of a single module. Simplify the adaptation process and use equivalent technical means to achieve the same isolation and protection effect. Beneficial effects Revolutionary improvement in security level: Through a two-way locking mechanism of software and hardware, the fatal flaw of traditional technology being unilaterally tampered with and circumvented is completely solved; the protection strength is improved by 3 orders of magnitude compared to pure software solutions and by 1 order of magnitude compared to pure hardware solutions. Significantly enhanced versatility: Supports all types of hardware platforms, single / multi-terminal scenarios, and online / offline states, perfectly adapting to emerging needs such as AI distributed computing power and multi-terminal collaborative office work. Comprehensive protection: Covering all existing technologies across industries, from full-fledged integrated hardware and software to pure software simulation, simplified single-terminal systems, and downgraded low-configuration systems, ensuring no blind spots in rights protection. Complete privacy protection: Local hardware keys + private permission system completely eliminate the risk of third-party backend control and cloud data leakage. Flexible and efficient deployment: Lightweight hardware and software are adapted and linked in both directions, reducing resource consumption by more than 60% compared to traditional solutions; supports multiple methods such as embedded integration, modular deployment and cloud deployment. Attached Figure Description Figure 1. Schematic diagram of the overall architecture of the present invention, which features bidirectional hardware and software adaptation and linkage with full-domain isolation. Figure 2. Schematic diagram of multi-terminal hardware and software adaptive networking process Figure 3. Schematic diagram of the time-sensitive transmission process for joint hardware and software authentication. Detailed Implementation The present invention will now be described in further detail with reference to the accompanying drawings and specific embodiments. Example 1: Standard Hardware and Software Integration Example (Optimal Implementation) This embodiment represents the complete functional form and is applicable to high-security classified terminals and AI computing nodes. Hardware configuration: Integrated hardware physical isolation unit (using memory partition isolation technology), local hardware encryption unit (using AES-256 hardware encryption engine), and hardware terminal identity adaptation unit (generating a unique identifier based on CPU serial number + motherboard BIOS information). Software deployment: Install a complete adaptive management module, including hardware feature adaptive networking, dual-domain environment identification, private domain collaboration, external network one-way flow control, multi-layer authentication transmission, autonomous operation and maintenance, offline self-sufficiency and permission closure modules. Workflow: (1) When the system starts, the software automatically reads the hardware identity and completes the verification, establishing a two-way binding relationship between the software and hardware; (2) Based on a unified user identity, automatically discover and bind other terminal devices under the user's name to build a closed-loop private network domain; (3) Monitor network status in real time, and automatically switch to the external network one-way flow control mode with two-way linkage of software and hardware when the external network is detected; (4) When a user needs to transmit data outside the domain, he / she initiates a transmission request. After the system performs two-layer authentication of hardware identity verification and user biometric identification, it opens a temporary channel for 15 minutes, which only allows the transmission of specified types of data to the specified IP. (5) After the transmission is completed or the channel expires, the channel will be automatically closed and the full-domain isolation state of hardware and software bidirectional adaptation and linkage will be restored. Example 2: Simplified Implementation Example with Pure Software Adaptation (Equivalent Key Infringement Example) This embodiment abandons the physical hardware module and simulates the hardware constraint-software adaptation logic of the present invention through software, replicating the two-way linkage control rules between software and hardware, which is suitable for existing terminals that cannot be equipped with additional hardware. Software emulation of hardware units: (1) Software physical isolation simulation unit: Creates an independent secure virtual machine through operating system kernel-level virtualization technology to simulate the hardware physical isolation boundary; (2) Software encryption simulation unit: simulates the hardware encryption engine through software encryption algorithm, and the key is stored in an encrypted local secure area; (3) Software identity simulation unit: Generates a unique identity identifier based on the characteristics of the terminal software environment and simulates the hardware identity trust root. Linkage mechanism: The software isolation scope, encryption scheduling and permission management rules strictly follow the same "simulated hardware constrains software" logic as the standard implementation; the implementation process of all core functions is completely consistent with the standard implementation. Technical effect: Although the protection strength is slightly lower than that of the standard embodiment, it achieves the same bidirectional adaptive linkage isolation protection effect as the present invention, which is an equivalent simplified form of the present invention. Example 3: Single-Terminal Hardware and Software Adaptation Example This embodiment eliminates the multi-terminal networking adaptation logic and retains only the software and hardware two-way linkage isolation capability of a single terminal, making it suitable for independently operating personal terminals and embedded devices. Hardware configuration: Same as Example 1. Software configuration: The dual-domain environment discrimination, private domain collaboration, external network one-way flow control, multi-layer authentication transmission, offline self-sufficiency and permission closure modules are retained, while the hardware feature adaptive networking module is removed. Workflow: It only achieves dual-domain isolation and data management with two-way software and hardware adaptation within a single terminal, and does not support multi-terminal collaboration. Example 4: Dedicated Example of AI Computing Power Cluster (High-Value Example) This embodiment is optimized for the specific needs of large model training clusters and is suitable for data security protection of distributed AI computing power nodes. Hardware configuration: Each computing node integrates a hardware physical isolation unit and a local encryption unit, and the cluster management node integrates a hardware identity adaptation unit. Software configuration: Based on the standard implementation, a computing power scheduling adaptation module is added to achieve deep integration of the software and hardware bidirectional linkage isolation sandbox and the AI ​​training framework. Core functions: (1) Each training task runs in an independent hardware and software joint isolation sandbox, and the data between different tasks is completely isolated; (2) Training data only flows within the private network domain, and the external network is only allowed to transmit model inference results; (3) Supports dynamic scheduling of training tasks and automatic creation / destruction of sandboxes. Example 5: Downgrade Adaptation Verification Example This embodiment simplifies the hardware and software joint authentication layer, retains the basic two-way linkage relationship of hardware identity adaptation and software verification, and is suitable for general office scenarios with moderate security requirements. Hardware configuration: Same as Example 1. Software configuration: The multi-layer authentication is simplified to a two-layer verification of hardware identity + user password, while the other modules are retained. Technical effect: While ensuring basic safety, it reduces the complexity of use and is an equivalent replacement and adaptation solution of the present invention. Example 6: Network-only adaptation implementation example This embodiment eliminates the offline software and hardware self-adaptation capability, but retains the online software and hardware two-way linkage isolation mechanism, making it suitable for cloud terminals and servers that are always connected to the network. Hardware configuration: Same as Example 1. Software configuration: Remove the offline self-supporting adaptation module, and retain the remaining modules. Workflow: Provides full hardware and software bidirectional adaptation and isolation protection capabilities only when connected to the internet; automatically locks all data access permissions when offline. Example 7: Hardware Minimalism Adaptation Example This embodiment retains the hardware physical isolation infrastructure, simplifies the upper-layer software adaptation and control logic, reuses the principle of hardware and software integration, and is suitable for resource-constrained embedded devices. Hardware configuration: Only retain the physical isolation adaptation unit, and remove the local encryption and identity adaptation unit. Software configuration: a simplified, two-domain partitioning and unidirectional flow control module. Technical effect: It achieves basic hardware and software linkage physical isolation and data flow control, which is an equivalent infringing adaptation form of the present invention.

Claims

1. A method for controlling a sandbox of global private data isolation with bidirectional adaptation of software and hardware, characterized in that, The following are the necessary steps for mutual adaptation and joint effectiveness: S1: The software adaptively reads and verifies the inherent hardware identity credentials of the terminal, and relies on the unified user identity system to bind one or more terminal hardware devices into a logical whole, automatically building a closed-loop private network domain. S2: The software monitors the status of the hardware network interface in real time, automatically distinguishes between private network domains and external public heterogeneous network domains, and dynamically loads the corresponding software and hardware bidirectional adaptation and linkage data management and control strategies. S3: Within a private network domain, software data interaction rules are strictly adapted to hardware physical isolation boundaries, allowing full-domain data read / write, synchronization, and resource collaborative scheduling permissions, and secure storage of classified data is achieved through a local hardware encryption system. S4: When accessing an external public network, the software's one-way data flow control logic and the hardware physical isolation unit work together to lock in a two-way manner: the hardware blocks all underlying network links that cross the boundary, and the software controls the upper-layer business data flow, allowing only outgoing requests without confidential instructions and internal operations for compliant data to be received. At the same time, the software and hardware dual-layer interception mechanism prevents hidden data theft. S5: In response to a user's request for cross-domain data transmission, after multi-level joint authentication by software and hardware, a temporary directional transmission channel with constraints on duration, scope, and data type is opened; when the channel expires or the transmission is completed, the channel is automatically closed and the full-domain isolation state of software and hardware bidirectional adaptation and linkage is restored.

2. The method of claim 1, wherein, The multi-level joint authentication of software and hardware is a two-way adaptation verification of software rules and hardware characteristics, including any two or more combinations of hardware identifiers, user biometrics, and local hardware environment status; a scheme that only uses a single verification method is an equivalent simplified form.

3. The method of claim 1, wherein, The local hardware encryption system and software encryption scheduling logic are mutually adapted and linked, and a non-cloud-based local independent key mechanism is adopted; the scheme that uses equivalent software encryption to simulate hardware encryption function is an equivalent infringement.

4. The control method according to claim 1, characterized in that, The hardware and software dual-layer interception mechanism includes one or more combinations of hardware boundary overrun interception, software layer memory read interception, interface capture interception, clipboard flow interception, and process injection interception.

5. The control method according to claim 1, characterized in that, This method is compatible with any one or more of the following simplified implementation methods: removing multi-terminal networking adaptation function, removing offline self-supporting adaptation function, reducing joint authentication layers, and weakening the two-way adaptation and linkage relationship between software and hardware.

6. The control method according to claim 1, characterized in that, The software operation and maintenance logic adaptively adapts to various hardware terminal configurations, enabling unattended silent operation; the modification scheme that sets adaptation parameters through manual intervention is an equivalent technical form.

7. The control method according to claim 1, characterized in that, The ownership of software and hardware is deeply bound to the identity of the unique user, blocking all third-party backend management access and remote debugging channels; variant products that open third-party adaptation channels are all included in the protection scope of this invention.

8. The control method according to claim 1, characterized in that, The time limit for temporary transmission channels is locked by a two-way adaptation and linkage between software and hardware; the modification scheme that cancels the time limit and opens the transmission channel for a long time is an equivalent form of infringement.

9. A comprehensive private data isolation sandbox system with bidirectional hardware and software adaptation and linkage, characterized in that, To implement the control method according to any one of claims 1-8, comprising: Hardware adaptation unit: including hardware physical isolation adaptation unit, local hardware encryption adaptation unit, and hardware terminal identity adaptation unit, used to provide immutable underlying security constraints; The software adaptive control module includes a hardware feature adaptive networking module, a dual-domain environment adaptive discrimination module, a private domain hardware and software collaboration module, an external network linkage flow control module, a multi-layer adaptation authentication and transmission module, an autonomous operation and maintenance adaptation module, an offline self-support adaptation module, and a permission closure adaptation module, which are used to adaptively match hardware features and perform fine-grained control. The hardware adaptation unit and the software adaptive control module are bidirectionally adapted, linked and coordinated, and work together. Any variations that cancel the adaptation relationship, reuse the software module separately, replicate the hardware unit separately, or reduce the linkage function are all within the protection scope of this system.

10. A computer-readable storage medium, characterized in that, It stores an executable program, which, when running, implements the full-domain private data isolation sandbox management method of the two-way software and hardware adaptation linkage as described in any one of claims 1-8; and is compatible with pure software adaptation, software and hardware joint adaptation, and various simplified equivalent derivative adaptation forms.