A trusted access evidence method and system based on confidential computing
By performing data storage and retrieval within a confidential computing environment, generating signature key pairs and conducting multi-layered verification, the technology solves the problems of high hardware resource consumption, high cost, and low security in existing technologies. It achieves efficient and secure data storage and retrieval, reduces hardware and management costs, and provides a reliable infringement probability report.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- NANHU LAB
- Filing Date
- 2026-06-12
- Publication Date
- 2026-07-14
AI Technical Summary
Existing data storage and retrieval methods suffer from problems such as high hardware resource consumption, high storage costs, low security, susceptibility to tampering, and difficulty in supervision. In particular, the combination of centralized storage and retrieval methods and blockchain methods is difficult to balance security and cost.
A trusted storage and retrieval method is adopted in a confidential computing environment. By generating signature key pairs and performing data analysis and signing in a confidential computing environment, a data information report is generated. Only hash values and mapping relationships are stored. Multi-layer verification is performed during forensics to ensure data consistency and security.
It enables low-cost and high-efficiency data storage and retrieval, ensures data remains confidential throughout its entire lifecycle, reduces hardware and management costs, improves security, reliably identifies compliant behavior involving multiple parties, and provides reports on potential infringements.
Smart Images

Figure CN122389085A_ABST
Abstract
Description
Technical Field
[0001] This invention belongs to the field of trusted access authentication technology, and in particular relates to a method and system for trusted access authentication of data intellectual property based on confidential computing. Background Technology
[0002] With the development of data intellectual property rights and the trusted data space ecosystem, data itself has acquired intellectual property attributes, leading to a growing demand for evidence preservation and collection. For example, intellectual property data such as software code needs to be preserved as early as possible so that when suspected infringing code or data is discovered, the preserved information can be compared for analysis and evidence collection, thereby identifying infringement.
[0003] Currently, common data storage and retrieval methods include centralized storage and retrieval methods and storage and retrieval methods combined with blockchain.
[0004] Centralized evidence storage and retrieval methods, which deploy centralized systems for data storage and retrieval, can meet the needs of evidence storage and retrieval, but still have a series of drawbacks: this method requires data to be uploaded and stored in a centralized system, which consumes a lot of hardware resources; moreover, the evidence storage process, static data storage, and evidence retrieval are all at risk of being tampered with (including various attacks from platform administrators); at the same time, the platform can directly read the plaintext content of the evidence storage data, and if sensitive or confidential data is involved, the party storing the evidence is often unwilling to submit the plaintext to the platform, making evidence storage difficult to implement.
[0005] Blockchain-based evidence storage methods typically store the hash value of data on-chain while keeping the original data off-chain. However, this method also suffers from several inherent drawbacks. For example, it requires multi-node distributed storage, resulting in significant investment in hardware, deployment, and maintenance, leading to high costs. Furthermore, it struggles to balance security, performance, and regulatory compliance. Current applications are mostly consortium blockchains, which, due to regulatory constraints, cannot achieve complete decentralization, thus reducing security. The consensus mechanism design, in pursuit of the former two (security and regulatory compliance), often compromises security, making it difficult to simultaneously achieve high efficiency, regulatory compliance, and high security. Summary of the Invention
[0006] The purpose of this invention is to propose a trusted access and retrieval method based on confidential computing to address the problems existing in the prior art;
[0007] Another objective of this invention is to propose a trusted access authentication system based on confidential computing.
[0008] To achieve the above objectives, the present invention adopts the following technical solutions:
[0009] A trusted evidence storage and retrieval method based on confidential computing includes an evidence storage process and an evidence retrieval process, both of which are executed within a confidential computing environment.
[0010] The evidence preservation process includes:
[0011] A signature key pair is generated and securely stored in a confidential computing environment. The signature key pair includes a private key S and a public key P, and the public key P is publicly available.
[0012] Receive the evidence storage data PD uploaded by the evidence storage party, analyze the evidence storage data PD, extract data features, and generate a data information report DIR;
[0013] Calculate the hash value H-DIR of the data information report DIR, and digitally sign the hash value H-DIR using the private key S to obtain the signature report S-DIR;
[0014] Establish the mapping relationship between H-DIR and DIR and store it in the shared database;
[0015] The S-DIR is returned to the evidence custodian, and the evidence custodian data PD is deleted;
[0016] The evidence collection process includes:
[0017] Receive the signature report S-DIR' and data PD' uploaded by the evidence collection party;
[0018] Use the public key P to verify the signature validity of the S-DIR';
[0019] If the verification passes, the H-DIR is parsed from the S-DIR' and the corresponding DIR is found based on the mapping relationship in the database;
[0020] The data to be verified, PD', is subjected to the same analysis as in the evidence storage process to generate a data information report, DIR', and the DIR' is compared with the found DIR to verify the consistency between the data to be verified, PD', and the evidence storage data, PD.
[0021] In the aforementioned trusted storage and retrieval method based on confidential computing, the Data Information Report (DIR) includes the following data characteristics: the data type of the stored data (PD), the directory structure, the data characteristic value of the data hash value or at least one sub-file, the storage time, and the identity information of the storage party.
[0022] The data information report DIR' includes the following data feature information: the data type, directory structure, and data feature values of at least one sub-file of the data to be verified PD';
[0023] When the data information report DIR' matches DIR, the comparison passes, and it is determined that the data to be verified PD' matches the evidence storage data PD, thus the evidence collection is successful.
[0024] In the aforementioned trusted storage and retrieval method based on confidential computing, if the signature validity verification of S-DIR' fails during the retrieval process, it is determined that the storage party or the retrieval party has tampered with or forged S-DIR'.
[0025] In the aforementioned trusted storage and retrieval method based on confidential computing, during the retrieval process, if the signature validity verification of S-DIR' passes, but no mapping record corresponding to H-DIR is found in the database, it is determined that the platform has maliciously tampered with or deleted the corresponding record.
[0026] In the aforementioned trusted access and retrieval method based on confidential computation, the generation and secure storage of signature key pairs includes:
[0027] The signature key pair is generated by the confidential computing environment, and the private key S is securely stored in any of the following ways:
[0028] The private key S is encrypted and stored using the security key of the transparent encryption / decryption component associated with the confidential computing environment;
[0029] Based on the hardware-level trusted storage technology of the confidential computing environment, the private key S is encrypted and stored using a hardware-level storage key.
[0030] In the aforementioned trusted storage and retrieval method based on confidential computing, the retrieval process further includes an infringement analysis step:
[0031] After verifying the consistency between the data to be verified (PD') and the evidence storage data (PD), the suspected infringement data (UD) uploaded by the evidence collection party is received.
[0032] Within the confidential computing environment, the verified evidence data PD' is compared and analyzed with the suspected infringing data UD to calculate the similarity probability value;
[0033] Based on the comparison between the similarity probability value and the preset threshold, a conclusion on the likelihood of infringement is output.
[0034] A trusted evidence storage and retrieval system based on confidential computing includes a confidential computing environment, and evidence storage service module and evidence retrieval service module deployed in the confidential computing environment.
[0035] The evidence storage service module is configured to:
[0036] A signature key pair is generated and securely stored in a confidential computing environment. The signature key pair includes a private key S and a public key P, and the public key P is publicly available.
[0037] Receive the evidence storage data PD uploaded by the evidence storage party, analyze the evidence storage data PD, and generate a data information report DIR;
[0038] Calculate the hash value H-DIR of the data information report DIR, and digitally sign the hash value H-DIR using the private key S to obtain the signature report S-DIR;
[0039] Establish the mapping relationship between H-DIR and DIR and store it in the shared database;
[0040] The S-DIR is returned to the evidence custodian, and the evidence custodian data PD is deleted;
[0041] The evidence collection service module is configured to:
[0042] Receive the signature report S-DIR' and data PD' uploaded by the evidence collection party;
[0043] Use the public key P to verify the signature validity of the S-DIR';
[0044] After successful verification, the H-DIR is parsed from the S-DIR' and the corresponding DIR is found based on the mapping relationship in the database;
[0045] The data to be verified, PD', is subjected to the same analysis as in the evidence storage process to generate a data information report, DIR', and the DIR' is compared with the found DIR to verify the consistency between the data to be verified, PD', and the evidence storage data, PD.
[0046] In the aforementioned trusted storage and retrieval system based on confidential computing, the evidence storage service module or the evidence retrieval service module is deployed on the same confidential computing node.
[0047] Alternatively, they can be deployed on different confidential computing nodes and connected via secure channels.
[0048] In the aforementioned trusted access and retrieval system based on confidential computing, the system further includes a transparent encryption and decryption component for transparently encrypting and decrypting data stored outside the confidential computing environment.
[0049] In the aforementioned trusted storage and retrieval system based on confidential computing, the evidence retrieval service module further includes a similarity analysis module, which is used to perform similarity comparison analysis between the verified evidence data PD' and the suspected infringing data UD within the confidential computing environment, and output a conclusion on the probability of infringement.
[0050] The advantages of this invention are:
[0051] The evidence storage and retrieval process implemented based on this solution does not require distributed node deployment. Compared with blockchain-based evidence storage solutions, the single-node deployment method can significantly reduce hardware deployment and management costs. At the same time, compared with the relatively inefficient consensus mechanism of blockchain, this solution has higher evidence storage and retrieval efficiency and security. In summary, compared with blockchain, this solution can reduce deployment and management costs and improve evidence storage and retrieval efficiency while ensuring high reliability and security.
[0052] In this solution, the original evidence data remains confidential throughout its entire lifecycle of uploading, analysis, and evidence collection. The data is only decrypted within a trusted execution environment, meaning the platform cannot obtain any plaintext information. This effectively addresses privacy concerns regarding the storage of sensitive or confidential data on third-party platforms.
[0053] The evidence storage and retrieval method implemented in this solution does not require saving the entire evidence storage data, but only the data element information of the evidence storage data, which can greatly reduce storage pressure and save hardware and data management costs.
[0054] More importantly, this solution addresses the credibility and responsibility definition of processes involving multiple parties by having the evidence holder hold the signature certificate, the platform maintain the mapping relationship, and a three-tiered progressive verification process during evidence collection. This not only provides highly reliable authentication of the data validity claimed by the evidence holder but also avoids platform tampering. Even if the evidence holder and the platform collude to conduct false registration or the platform maliciously tampers with or deletes data, these non-compliant behaviors can be reliably authenticated and avoided.
[0055] Based on the verified authenticity of the data, suspected infringing data can be automatically compared and a reliable report on the likelihood of infringement can be provided, thereby improving the intelligence and efficiency of evidence collection. Attached Figure Description
[0056] Figure 1 This is a system architecture diagram of the trusted access and retrieval system based on confidential computing, according to Embodiment 1 of the present invention.
[0057] Figure 2 This is a flowchart of the evidence storage method of the trusted evidence storage and retrieval method based on confidential computing in Embodiment 1 of the present invention;
[0058] Figure 3 This is a flowchart of the forensic method of the trusted storage and retrieval method based on confidential computing in Embodiment 1 of the present invention;
[0059] Figure 4 This is a flowchart of the forensic method of the trusted storage and retrieval method based on confidential computing in Embodiment 2 of the present invention. Detailed Implementation
[0060] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
[0061] Example 1
[0062] like Figure 1 As shown, this embodiment provides a trusted access and retrieval system based on confidential computing. Confidential computing is a technology that protects the security of data in use by creating a Trusted Execution Environment (TEE) through hardware technologies such as hardware roots of trust and encrypted memory. It ensures that code and data are executed in a hardware-encrypted environment isolated from external operating systems, system administrators, and even cloud service providers, thereby guaranteeing their confidentiality (not being spied on) and integrity (not being tampered with).
[0063] The roles involved in this system include the evidence storage party, the evidence collection party, and the system deployment and operation entity (AU). The AU is typically a government agency or a third-party authoritative institution that manages data storage. Depending on the scenario, the evidence storage party and the evidence collection party can be the same entity or different entities.
[0064] The core components of this system are a confidential computing environment deployed by the AU, and an evidence storage service module and an evidence retrieval service module running within this confidential computing environment. Depending on actual needs, these two service modules can be deployed on the same confidential computing node or on separate nodes, communicating through a secure channel. This embodiment uses the former as an example.
[0065] Furthermore, this system also deploys a transparent encryption / decryption component, also deployed by the AU. Transparent encryption / decryption refers to the ability of upper-layer users to automatically encrypt and decrypt data when storing and retrieving disk data, without requiring additional encryption / decryption operations, based on the transparent encryption / decryption component and the keys within the confidential computing environment. For example, transparent disk mounting encryption can be implemented based on the keys within the confidential computing environment and the kernel's dm-crypt subsystem. This part of the technology is not within the scope of protection of this invention; this invention merely uses this technology.
[0066] The confidential computing system can be validated for its validity and legitimacy at any time by a third party (such as the deployer's parent organization or a notary public, etc.) through a remote authentication process. The third party can send a random number to the confidential computing system and request the generation of a confidential computing chip-level hardware report containing this random number, confidential computing metrics, and metrics of application services within the confidential computing system (such as notary and evidence retrieval services). The hardware report is sent to the third party, who verifies its legitimacy and validity based on the confidential computing chip-level certificate chain, thereby proving the legitimacy of the confidential computing environment and the notary and evidence retrieval services running within it.
[0067] After deploying a trusted evidence storage and retrieval system using the above methods, evidence storage and retrieval operations can be performed.
[0068] like Figure 2 As shown, the evidence preservation process is executed by the evidence preservation service module within the confidential computing environment. The specific steps are as follows:
[0069] S101: Upon initial startup of the evidence storage service module, an asymmetric signature key pair, including a private key S and a public key P, is automatically generated within the confidential computing environment. The public key P is publicly available, while the private key S is securely stored using one of the following two methods:
[0070] Encryption using a secure key from a transparent encryption / decryption component based on confidential computing is performed and then stored on an external encrypted disk, as described in this embodiment. Figure 1 Take this method as an example.
[0071] Based on the trusted sealing technology provided by confidential computing hardware, the private key S is encrypted and stored using a hardware-level sealing key (SealingKey).
[0072] The private key S is securely stored in the above way. Even an administrator with the highest privileges on the host cannot intrude into the confidential computing environment to directly steal the private key S, nor can they steal the security key of the confidential computing encryption and decryption component or the trusted sealed key of the confidential computing hardware, and thus crack the private key S.
[0073] S102: The evidence storage party uploads the original data PD to be stored and its related descriptive information (such as the submitter's identity, data description, etc.) to the evidence storage service module running in a confidential computing environment through the network or other means.
[0074] S103: The evidence preservation service module automatically analyzes Product Descriptions (PDs) and their related descriptive information within a confidential computing environment. Its goal is to extract the data's characteristic information and generate a structured Data Information Report (DIR). The DIR may include, but is not limited to: data type, number of data directories, data hash value or data characteristic value (for data packet formats, this includes data characteristic values of different sub-files within the packet), evidence preservation time, and evidence preservation party information. For example, typical software evidence preservation analysis includes data type, software package directory tree, hash value of each code file, evidence preservation time, and developer information.
[0075] This entire process takes place in a confidential computing environment. Even if the product design involves sensitive privacy, its plaintext content will never be exposed to any external entity, including the platform administrator. Simultaneously, the process involves automated forensic analysis within the confidential computing environment, independent of the platform's control. This ensures the objective recording of the data's true characteristics and enables the verification of the validity of the data claimed by the evidence provider. For example, it can identify and prevent collusion between the evidence provider and the platform, and address non-compliant behaviors such as discrepancies between the platform's registration of the evidence provider's claimed data description and the actual evidence data.
[0076] S104: The evidence storage service module calculates the hash value of DIR to obtain H-DIR, and then uses the securely stored private key S to digitally sign H-DIR to generate a signature report S-DIR.
[0077] Because digital signatures are completed in a confidential computing environment, no party can obtain the private key S, including the highest-authority user of the system platform and the party storing the evidence. Therefore, no party can forge a valid S-DIR.
[0078] S105: The evidence storage service module establishes a mapping relationship H-DIR↔DIR with the corresponding DIR and stores it in a shared database, which can be accessed by both the evidence storage service module and the evidence retrieval service module.
[0079] Crucially, after completing the above operations, the evidence storage service module can permanently delete the original data PD uploaded by the evidence storage party. Therefore, this system only needs to save the data's feature information report DIR, without needing to save the massive amount of original data, greatly saving storage costs.
[0080] S106: The evidence storage service module sends the generated S-DIR (which encapsulates the H-DIR) to the evidence storage party. The evidence storage party downloads and saves the S-DIR for use in verifying data validity during subsequent evidence retrieval services.
[0081] It can be sent in various forms such as email and SMS.
[0082] At this point, the evidence preservation process is complete. The party preserving the evidence obtains the signature report S-DIR related to the data characteristics, while the platform only saves the data information report DIR to enable it to grasp the evidence preservation data information without having to touch the original data. This can greatly reduce storage pressure and save hardware and data management costs. At the same time, the platform cannot access the original plaintext data and cannot tamper with the evidence-preserved records.
[0083] When evidence of suspected infringement needs to be collected, the party collecting the evidence (usually the original evidence holder) initiates the evidence collection process, which is executed by the evidence collection service module within a confidential computing environment. The purpose of the evidence collection process is to verify whether the currently submitted data is consistent with the data originally stored, and to identify whether the storage / collection party or the platform has engaged in malicious behavior during the process. Figure 3 As shown, the specific steps are as follows:
[0084] F201: The evidence-gathering party uploads the signature report to be verified (S-DIR) and the data to be verified (PD) along with their related descriptive information to the evidence-gathering service module. The signature report to be verified (S-DIR) is usually the S-DIR obtained from the above-mentioned evidence preservation service process, while the data to be verified (PD) is the original evidence preservation data (PD) claimed by the evidence-gathering party and its related description, which may include the evidence preservation time of the original evidence preservation data and the identity information of the evidence preservation party.
[0085] At this point, the evidence collection process needs to consider two threats:
[0086] a) The party storing / collecting evidence maliciously tampered with the stored evidence data PD and the corresponding S-DIR'.
[0087] b) The platform (including platform administrators, etc.) maliciously tampered with or deleted the original S-DIR and corresponding DIR of the evidence custodian in the platform database.
[0088] One of the advantages of this invention is that it can identify all of the above threats at low cost and high efficiency, which is achieved through subsequent verification methods.
[0089] F202: The forensic service module first verifies the digital signature of S-DIR' using the public key P within a confidential computing environment. Because the public key is stored and the verification computation is performed in a confidential computing environment, the trustworthiness of the public key P and related computations is guaranteed. If the verification fails, it proves that S-DIR' has been tampered with or forged, and it can be directly determined that the forensic party maliciously tampered with the credential, and the process terminates. If the verification passes, it means that S-DIR' is an original credential issued by a legitimate forensic service module, at least eliminating the threat of the forensic party forging the credential.
[0090] F203: After S-DIR' is verified, the forensic service module parses H-DIR from it and queries the shared database to see if a matching mapping record H-DIR↔DIR exists. If no matching record is found, it indicates that the corresponding record in the platform database has been maliciously deleted or tampered with by the platform. Because S-DIR' has been verified as true, and both the evidence storage module and the forensic module operate in a confidential computing environment, neither the storage / retrieval module nor any party on the platform can obtain the private key S and forge S-DIR'. Therefore, a verified true S-DIR' must correspond to an original record in the database, and the missing record directly points to the platform's responsibility.
[0091] F204: After the first two layers of verification pass, the evidence collection service module, within a confidential computing environment, uses the same automated analysis method as the evidence storage process S103 to analyze the data PD' submitted by the evidence collection party, generating a new data information report DIR'. This report also includes the data type, number of data directories, and data characteristic values of the data PD' to be verified, and may also include the identity information of the evidence storage party and the storage time. Subsequently, the DIR' is compared with the original DIR retrieved from the database.
[0092] If DIR' is inconsistent with DIR, it proves that the data PD' uploaded by the evidence-gathering party this time is not the original data PD, and there is suspicion that the evidence-gathering party / evidence-preserving party maliciously tampered with the data.
[0093] If DIR' is consistent with DIR, that is, the data type, number of data directories, and data feature values are completely consistent, then it proves that PD' is the original data PD that was originally stored, and the party storing the evidence, the party collecting the evidence, and the platform are all honest parties. There was no malicious tampering with the uploaded data during the evidence collection. The evidence collection is successful, and the evidence data is confirmed to be consistent with the stored data PD'. It can be compared and analyzed with the suspected infringing data UD to determine whether there is infringement. The storage time and the party storing the evidence are the storage time and the party storing the evidence carried in the data information report DIR.
[0094] In another embodiment, DIR' is not required to be completely identical to DIR. A custom algorithm can be used to calculate the similarity between DIR' and DIR. When the similarity is higher than a set threshold, the two are considered to be identical.
[0095] This concludes the evidence collection phase.
[0096] Through the above three-layered progressive verification mechanism, this invention can clearly identify any malicious behavior under threat models such as the evidence storage / collection party tampering with data or credentials, or the platform party tampering with or deleting records, thus establishing a strong trust mechanism involving multiple parties.
[0097] Example 2
[0098] This embodiment is similar to Embodiment 1, except that, as Figure 4 As shown, this embodiment further integrates a similarity analysis module for analyzing the similarity between two datasets into the evidence collection service module, such as AI-based code clone detection and text similarity analysis, etc., but is not limited to this.
[0099] After verifying the authenticity of the data, if an infringement determination is required, the evidence-gathering party can further upload the suspected infringing data UD to the evidence-gathering service module. Within the confidential computing environment, the similarity analysis module compares the verified PD' with the UD, calculates a similarity probability value, and provides a suspected infringement conclusion based on this probability value, serving as a reference for regulatory agencies or judicial departments to initiate further investigations. If the similarity probability value is higher than a first preset threshold, a highly suspected infringement conclusion is output; if it is between the first and second preset thresholds, a possible infringement conclusion is output; and if it is lower than a third preset threshold, a no-infringement conclusion is output.
[0100] The specific embodiments described herein are merely illustrative of the spirit of the invention. Those skilled in the art to which this invention pertains may make various modifications or additions to the described specific embodiments or use similar methods to substitute them, without departing from the spirit of the invention or exceeding the scope defined by the appended claims.
Claims
1. A trusted access authentication method based on confidential computing, characterized in that, It includes a process for storing evidence and a process for obtaining evidence, both of which are executed within a confidential computing environment. The evidence preservation process includes: A signature key pair is generated and securely stored in a confidential computing environment. The signature key pair includes a private key S and a public key P, and the public key P is publicly available. Receive the evidence storage data PD uploaded by the evidence storage party, analyze the evidence storage data PD, extract data features, and generate a data information report DIR; Calculate the hash value H-DIR of the data information report DIR, and digitally sign the hash value H-DIR using the private key S to obtain the signature report S-DIR; Establish the mapping relationship between H-DIR and DIR and store it in the shared database; The S-DIR is returned to the evidence custodian, and the evidence custodian data PD is deleted; The evidence collection process includes: Receive the signature report S-DIR' and data PD' uploaded by the evidence collection party; Use the public key P to verify the signature validity of the S-DIR'; If the verification passes, the H-DIR is parsed from the S-DIR' and the corresponding DIR is found based on the mapping relationship in the database; The data to be verified, PD', is subjected to the same analysis as in the evidence storage process to generate a data information report, DIR', and the DIR' is compared with the found DIR to verify the consistency between the data to be verified, PD', and the evidence storage data, PD.
2. The trusted access authentication method based on confidential computing according to claim 1, characterized in that, The Data Information Report (DIR) includes the following data characteristics: the data type, directory structure, data characteristic value of the stored data (PD), the existence of a data hash value or at least one sub-file, the storage time, and the identity information of the storage party. The data information report DIR' includes the following data feature information: the data type, directory structure, and data feature values of at least one sub-file of the data to be verified PD'; When the data information report DIR' matches DIR, the comparison passes, and it is determined that the data to be verified PD' matches the evidence storage data PD, thus the evidence collection is successful.
3. The trusted access authentication method based on confidential computing according to claim 2, characterized in that, In the evidence collection process, if the signature validity verification of the S-DIR' fails, it is determined that the evidence storage party or the evidence collection party has tampered with or forged the S-DIR'.
4. The trusted access authentication method based on confidential computing according to claim 3, characterized in that, In the evidence collection process, if the signature validity of S-DIR' passes the verification, but no mapping record corresponding to H-DIR is found in the database, it is determined that the platform has maliciously tampered with or deleted the corresponding record.
5. The trusted access authentication method based on confidential computing according to claim 1, characterized in that, The generation and secure storage of the signature key pair includes: The signature key pair is generated by the confidential computing environment, and the private key S is securely stored in any of the following ways: The private key S is encrypted and stored using the security key of the transparent encryption / decryption component associated with the confidential computing environment; Based on the hardware-level trusted storage technology of the confidential computing environment, the private key S is encrypted and stored using a hardware-level storage key.
6. The trusted access authentication method based on confidential computing according to claim 1, characterized in that, The evidence collection process also includes an infringement analysis step: After verifying the consistency between the data to be verified (PD') and the evidence storage data (PD), the suspected infringement data (UD) uploaded by the evidence collection party is received. Within the confidential computing environment, the verified evidence data PD' is compared and analyzed with the suspected infringing data UD to calculate the similarity probability value; Based on the comparison between the similarity probability value and the preset threshold, a conclusion on the likelihood of infringement is output.
7. A trusted access authentication system based on confidential computing, characterized in that, This includes a confidential computing environment, as well as evidence storage and evidence retrieval modules deployed within the confidential computing environment; The evidence storage service module is configured to: A signature key pair is generated and securely stored in a confidential computing environment. The signature key pair includes a private key S and a public key P, and the public key P is publicly available. Receive the evidence storage data PD uploaded by the evidence storage party, analyze the evidence storage data PD, and generate a data information report DIR; Calculate the hash value H-DIR of the data information report DIR, and digitally sign the hash value H-DIR using the private key S to obtain the signature report S-DIR; Establish the mapping relationship between H-DIR and DIR and store it in the shared database; The S-DIR is returned to the evidence custodian, and the evidence custodian data PD is deleted; The evidence collection service module is configured to: Receive the signature report S-DIR' and data PD' uploaded by the evidence collection party; Use the public key P to verify the signature validity of the S-DIR'; After successful verification, the H-DIR is parsed from the S-DIR' and the corresponding DIR is found based on the mapping relationship in the database; The data to be verified, PD', is subjected to the same analysis as in the evidence storage process to generate a data information report, DIR', and the DIR' is compared with the found DIR to verify the consistency between the data to be verified, PD', and the evidence storage data, PD.
8. The trusted access authentication system based on confidential computing according to claim 7, characterized in that, The evidence storage service module or evidence retrieval service module is deployed on the same confidential computing node. Alternatively, they can be deployed on different confidential computing nodes and connected via secure channels.
9. The trusted access authentication system based on confidential computing according to claim 7, characterized in that, The system also includes a transparent encryption / decryption component for transparently encrypting and decrypting data stored outside the confidential computing environment.
10. The trusted access authentication system based on confidential computing according to claim 7, characterized in that, The evidence collection service module also includes a similarity analysis module, which is used to perform similarity comparison analysis between the verified evidence data PD' and the suspected infringing data UD within the confidential computing environment, and output a conclusion on the probability of infringement.