CN101226577A - Method for protecting microkernel OS integrality based on reliable hardware and virtual machine - Google Patents
Method for protecting microkernel OS integrality based on reliable hardware and virtual machine Download PDFInfo
- Publication number
- CN101226577A CN101226577A CNA2008100188566A CN200810018856A CN101226577A CN 101226577 A CN101226577 A CN 101226577A CN A2008100188566 A CNA2008100188566 A CN A2008100188566A CN 200810018856 A CN200810018856 A CN 200810018856A CN 101226577 A CN101226577 A CN 101226577A
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- kernel
- integrality
- operating system
- microkernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a completeness protecting method of microkernel operation system based on trusted hardware and virtual machine, which employs a trusted hardware platform and a virtual machine as the safety foundation of a microkernel trusted operation system, uses a double-layer protecting mechanism to ensure completeness of the operation system itself and upper service and application by a virtual machine and a microkernel, and utilizes the trusted platform to realize dynamic metrics in operation system operating process. The invention has the advantages that by virtual machine technique, the resource access operation of the operation system kernel, service and application is effectively monitored, by operation of acquiring and monitoring key resource access operation with the virtual machine, completeness of the system kernel is protected. The system kernel monitored and protected by the virtual machine can also monitor the resource assess right operation of the upper service and application, thereby self-completeness and execution validity of service and application are guaranteed. Dynamic metrics and identification to system kernel, key service and applied behavior are realized in system executing process, and trust chain can be further extended.
Description
Technical field
The method for protecting microkernel OS integrality that is based on reliable hardware platform and virtual machine that the present invention relates to belongs to the Computer Applied Technology field.
Technical background
In system's operational process, operating system is difficult to the safety of assurance self service and application software, though Mach can be by increasing the behavior that monitor comes monitor service and application of quoting in micro-kernel, but it still can't be to the behavior of part resource access, and especially in-process internal storage access is monitored.Except the security of micro-kernel self do not have effective measures protection.System resource static full tolerance when present credible tolerance is system boot, the system resource static full in the time of can only guaranteeing system boot still can not be guaranteed the dynamic credible after the system works.The measure that lacks the dynamic credible of software.
Purpose of the present invention aims to provide the method for the system integrity protection in a kind of micro-kernel trusted operating system; catch and monitor crucial resource access operations by virtual machine; with the integrality of protection system kernel, guarantee service and use execution security strategy specialized range with interior internal storage access.
Technical solution of the present invention: the guard method based on the microkernel OS integrality of reliable hardware platform and virtual machine is to adopt two-layer protection mechanism to guarantee the integrality of operating system self and top service and application by virtual machine and micro-kernel.Utilize the dynamic measurement in the credible platform hardware realization operating system process, realize the data and the sequence of operation of the key modules in system's operational process are carried out integrity verification.
Described reliable hardware platform, virtual machine are as the foundation for security of micro-kernel trusted operating system, and reliable hardware platform wherein is to be made of trusted root CTRM, credible platform module TPM, credible BIOS/EFI.
Described two-layer protection mechanism, its ground floor utilizes the hardware virtualization technology, the micro-kernel that makes the virtual machine be in the root pattern to catch to be in the non-root pattern or the crucial internal storage access of other service processes and consumer process guarantee that they can not be subjected to any distorting; The integrality that the second layer utilizes the controlling mechanism of the isolation mech isolation test of micro-kernel and security monitoring module to come safeguards system program and user program.
The described dynamic measurement that utilizes in the credible platform realization operating system process, in TPM, set " executable expressions ", utilize the hardware security characteristic of TPM to guarantee that " executable expressions " can not be modified, compare the dynamically safe condition of gauging system by " executable expressions " of calculating the actual motion track and in TPM, set.
Advantage of the present invention: by virtual machine technique, the resource access operations of operating system nucleus, service and application is able to effective monitoring.Catch and monitor crucial resource access operations by virtual machine,, guarantee service and use execution security strategy specialized range with interior internal storage access with the integrality of protection system kernel.Be subjected to the system kernel of virtual machine monitoring and protection can monitor the resource access operations of top service and application again, to guarantee service and to use the integrality of self and the legitimacy of execution.The trusted operating system chain-of-trust is set up and is perfect, and especially the dynamic measurement process in the operational process is achieved.Under the support of TPM, except the preceding credible chain of system start-up that can realize that other trusted operating systems have been realized by trusted root (CRTM), BIOS, operating system loader (OS loader) formation, more can realize operating system loader in the system starting process to operating system nucleus (kernel), and operating system nucleus to top service and application integrity verification.The more important thing is that this method can be implemented in system's implementation, dynamic measurement and checking to system kernel and key service, application behavior make chain-of-trust further to continue.
Description of drawings
Accompanying drawing 1 is the structural representation of trusted operating system and hardware platform.
Accompanying drawing 2 is structural representations of trusted operating system.
Accompanying drawing 3 is processor system structural representations of not introducing virtual level.
Accompanying drawing 4 is the processor system structure synoptic diagram behind the introducing virtual level.
Accompanying drawing 5 is structured flowcharts of realizing hardware virtualization.
Embodiment
Contrast accompanying drawing 1, its structure comprises: reliable hardware platform (trusted root CTRM, credible platform module TPM, BIOS), credible virtual machine (TVMM), trusted operating system (NUTOS).Integrality in the time of can guaranteeing that by the reliable hardware platform virtual machine loads; Safety virtual machine can guarantee the integrality of the trusted operating system that loads again thereon, and the behavior of monitoring micro-kernel in operational process, and by the dynamic integrality and the security of TPM tolerance and verification operation system.
Expanded the chain-of-trust of trusted operating system, the foundation of credible chain comprises following link: mainboard has a unique CRTM (Core Root of Trust Measurement), and except that manufacturer, any main body can't be changed CRTM.When system starts at every turn, with CRTM is starting point, under the support of TPM, integrality by CRTM tolerance BIOS/EFI (Extended Firmware Interface), and the integrality of measuring OS Loader by BIOS/EFI, afterwards by the integrality of OS Loader tolerance OS Kernel, again by the integrality of OS Kernel static tolerance local application or remote application, gauging system operational process dynamically more at last.Thereby set up a trust chain, comprise static tolerance and dynamic measurement.Existing document of part before the OS Loader and part metrics process or patent were discussed, so focal point of the present invention mainly concentrates on the later part of OS Loader in the trust chain, particularly dynamic measurement part.OS Loader at first measures the integrality of TVMM, OS Loader calls the interface of TPM again, calculate cryptographic hash code, configuration file, environmental data of each module of TVMM that will load successively, and the cryptographic hash of calculating start-up course, and make comparisons with expectation value, if do not conform to, then refusal continues to load next module.Finish when all modules of TVMM all load and start, think that then TVMM is believable.OS Loader transfers to TVMM with control and the tolerance power of OS kernel, TVMM then can be by calling TPM the integrality of code integrity, data integrity and start-up course of each module of interface tolerance OS kernel, meanwhile load and start kernel module.
At virtual level tectonic system watch-dog, be independent of upper strata operating system, avoid the influence of upper strata operating system behavior to it, utilize it to monitor the zone isolation state of upper strata operating system, assurance upper strata operating system nucleus and operating system are quoted the integrality of monitor.
Contrast accompanying drawing 2, its structure comprises: micro-kernel, device drives, security server, service processes (management of process, storage administration etc.), upper layer application.Security server is a key component of quoting monitor (ReferenceMonitor), has frequent mutual with other process.Our system is based on microkernel designs, and safe micro-kernel runs on the kernel privileged mode, and basic functions and security mechanism are provided, and most of function of system realizes by the systemic-function service processes that operates in user model.The systemic-function service processes comprises management of process, resource management and security server and independent driver.This system can realize the integrity protection of operating system self effectively, and can provide the fine-grained access control framework of forcing flexibly for upper layer application, for application layer provides integrality and confidentiality guarantee service.Processes such as the loading, scheduling, operation of the process in the system, mutual, end mainly are in charge of in management of process.Resource in the explorer management system such as file, equipment, Netz ocket etc. and to the visit controlled.Security server then is responsible for the security decision of total system and the maintenance of security policy information.Driver process and equipment are mutual.Each module has realized the division on the authority, and each module only has finishes those authorities of oneself working.Effectively realize responsibility separation and principle of least privilege between each functional module of operating system.Micro-kernel and virtual machine are co-located on carries out 0 grade of safe level, and the integrality that is in the micro-kernel of non-root pattern is in the virtual machine protection and the monitoring of root pattern; Micro-kernel monitoring simultaneously is in the behavior of the device drives of carrying out 3 grades of safe level, security server, service processes (management of process, storage administration etc.), and utilizes TPM to verify its integrality; Service processes is the upper layer application service, and upper layer application is subjected to the management and the monitoring of micro-kernel and security server equally.
Can adopt two-layer protection mechanism to guarantee the integrality of operating system self and top service and application according to said structure, ground floor utilizes the hardware virtualization technology, the micro-kernel that makes the virtual machine be in the root pattern to catch to be in the non-root pattern or the crucial internal storage access of other service processes and consumer process guarantee that they can not be subjected to any distorting; The integrality that the second layer utilizes the controlling mechanism of the isolation mech isolation test of micro-kernel and security monitoring module to come safeguards system program and user program.
Contrast accompanying drawing 3, for the client machine system of not introducing virtual level, application services is the access hardware resource directly, only operates in 0 grade operating system nucleus and device driver and can realize dereference to physical hardware by calling hardware abstraction layer.
Contrast accompanying drawing 4, the processor system for introducing virtual level does not allow client to walk around virtual level, directly visits physical hardware resources.We wish that again the introducing of virtual machine is transparent to operating system, and promptly operating system still operates in 0 grade but must carry out privileged instruction by virtual level.Utilize the support of the hardware virtual technology of Intel and AMD, introduce VMX-root and two kinds of operational modes of VMX-non-root.And making virtual machine operate under the VMX-root pattern, the client kernel operates under the VMX-non-root pattern.The program that operates under the VMX-non-root pattern is carried out privileged instruction, even level of privilege is 0 also can be arrived by virtual machine trap, thereby realizes virtual to the instruction of client.And concerning client, just as it directly carries out privileged instruction.
Contrast Fig. 5, under the support of the hardware virtual technology of Intel and AMD, realize that hardware virtualization comprises the substance of following three aspects: memory management, CPU is virtual and equipment I/O is virtual.
①CPU
The Vanderpool technology of Intel has defined the VMentry operation from VMX-root to VMX-non-root and has returned the operation of the VMexit of VMX-root from VMX-non-root.Client operating system is carried out the CPU access instruction all can trigger the VMexit operation, and turns to and carry out the virtual machine interrupt handling routine, thereby provides condition for the virtual machine monitoring client operating system.VMentry and VMexit operation have realized that also the necessary virtual address space of mode switch reloads, preserves and recover functions such as the context of virtual machine, the corresponding handling procedure of activating virtual machine.
2. memory management
The Client OS of paging is only supported in the virutal machine memory management that the present invention describes.The Intel-Vanderpool technology is given the MOV from CR3 of x86 CPU, MOV to CR3, and the execution of associated privileges such as INLVPG instruction has increased the mechanism that can trigger the VMexit operation.The in store page directory of CR3 address, virtual machine provides virtual CR3 for each client operating system, and by the visit of control client operating system to the CR3 of reality, controls the map addresses process of client computer, realization provides the mechanism of zone isolation key to the management of client internal memory.
3. equipment I/O
Virtual machine be each client all virtual a set of equipment I/O.As shown below, after virtual machine captures the I/O operational order that the hardware abstraction layer of client computer kernel or client computer carries out, just can call the device drives or the hardware abstraction layer visit actual physical equipment of virtual machine, for the upper strata Client OS provides I/O service.Virtual machine is transparent to client, and each client is all thought and oneself run directly on the physical platform.
Utilize the dynamic measurement in the credible platform realization operating system process, be in TPM, to set " executable expressions ", utilize the hardware security characteristic of TPM to guarantee that " executable expressions " can not be modified, compare the dynamically safe condition of gauging system by " executable expressions " of calculating the actual motion track and in TPM, set.
Dynamic measurement in system's operational process comprises to the integrity measurement of static data with to the tolerance of key modules complete.
The tolerance of static data is mainly comprised the code of TVMM, OS Kernel and top service and application program, and the integrality that code is carried out the dynamic library file that relied on, environment configurations file, data input file etc. is measured.Because system resource is quoted in two-stage under the control of supervision, therefore, the frequency of tolerance does not need very high, and concrete frequency is decided according to the level of security of module.
Virtual machine, micro-kernel, system service, and application program all is made up of a lot of processes.If the requirement of security strategy has been run counter in the execution of process, then destroy the execution of self module probably, even disturb the execution of other interactive module indirectly, produce safety problem.Therefore, to complete dynamic measurement refer to mainly that the tolerance process is carried out and whether meet predetermined design; Whether key modules is by bypass; Whether there is situation about interfering with each other etc. during a plurality of module executed in parallel.
Because the restriction of storage space and to the consideration of time overhead, the execution route that we can not be correct with all is all enumerated and is preserved whether to investigate actual execution route in this huge set the inside.But our method by process algebra is described as expression formula with the middle behavior track of each module, and by acting on the algebra operator between expression formula, and the expression formula of a plurality of modules is coupled together the expression formula that can describe a process.For operating system and the software that we design voluntarily and realize, description is feasible and easily.And for other system or software, then need by analyze its design documentation or
Understand and describe its behavior track by the mode of following the tracks of study.
The expression formula of module is as code, after it loads is can not change, consider the restriction of the memory capacity of PCR among the TPM, we are kept at the form of these expression formulas with file on the disk, and utilize the signature private key of operating system that it is signed, before operating system loading, measure and verify its integrality.After system start-up, the modular expression formula can be read in the internal memory, and this page is made as read-only, protected by OS kernel, and its check code can be expanded after reading in internal memory among the PCR of TPM.
In system's operational process; when a process is created; the dynamic measurement module of operating system can be according to the code of process execution; read corresponding modular expression formula; thereby the process of establishment expression formula; the process expression formula also can be stored in the shielded memory headroom, except the dynamic measurement module all cannot read this piece zone (this can be guaranteed by virtual machine technique mentioned above and many protected fields mechanism).Simultaneously the process expression formula is expanded among the PCR, before the process of establishment expression formula, the dynamic measurement module is the integrality and the signature of authentication module expression formula at first.When process is carried out, the execution journal of dynamic measurement module meeting record the process is in daily record, and regular this process is measured of meeting, measure is: the Actual path of tolerance and process expression formula were not done successor operation (promptly calculate and carried out this path process expression formula afterwards) about Actual path during the method by process algebra will write down, if operation result is still an executable expression formula, then pass through local verification, and new expression formula replaced original process expression formula, otherwise forward the fault processing module to.When the process expression formula that calculating makes new advances,, also need to deposit the check code of expression formula in storage metrics logs SML simultaneously, and expand among the PCR for the ease of tolerance.With process algebra CSP is example:
Process expression formula: T=op1 → op2 → op3 → T
Actual path 1:op1 → op2
The checking in path 1: T '=T/ (op1 → op2)=op3 → T
Actual path 2:op1 → op3
The checking in path 2: T " and=T/ (op1 → op3)=ε
Obviously T ' is an executable sequence, and T " be not, so execution route 2 can not and continue by checking to carry out.
Report and authentication mechanism to the report of dynamic measurement value and proof procedure and static metric are similar.Before the report, metric module will at first be measured current executing state, the relevant PCR value of expansion SML record and TPM.Then, with SML, the signature of the signature of PCR, modular expression formula and process expression formula reports to authentication.Authentication is certifying signature at first, utilizes modular expression formula and process expression formula, SML and the current executing state of PCR value checking not to deviate from the behavior track definition of modular expression formula again, thereby thinks that the current executing state in the side of being verified is believable.
Two key issues that guarantee complete tolerance availability are how to select to constitute the incident of tolerance expression formula and the frequency of tolerance.The present invention mainly considers complete tolerance is used in integrality exigent behaviour's group system kernel module or service module, because operating system also is by this group design and realizes that therefore description and the analysis to the module behavior is feasible.And for complicated operations system service module, and thereon extensive application software of operation, we also can attempt analyzing the integrity feature of its behavior track by taking beta pruning, method such as abstract.Except, we also can select and reduce according to demand for security for the tolerance incident of composition module expression formula, to reduce the room and time complexity of tolerance, and mainly with system call, read-write operation, jump instructions etc. are main.The tolerance frequency is then investigated respectively and is defined according to the difference of module level of security.
Claims (4)
1. based on the method for protecting microkernel OS integrality of reliable hardware and virtual machine, it is characterized in that adopting reliable hardware platform, virtual machine foundation for security as the micro-kernel trusted operating system; Adopt two-layer protection mechanism to guarantee the integrality of operating system self and top service and application by virtual machine and micro-kernel; Utilize the dynamic measurement in the credible platform realization operating system process.
2. the method for protecting microkernel OS integrality based on reliable hardware and virtual machine according to claim 1; it is characterized in that described reliable hardware platform, the virtual machine foundation for security as the micro-kernel trusted operating system, reliable hardware platform wherein is to be made of trusted root CTRM, credible platform module TPM, credible BIOS/EFI.
3. the method for protecting microkernel OS integrality based on reliable hardware and virtual machine according to claim 1, it is characterized in that described two-layer protection mechanism, its ground floor utilizes the hardware virtualization technology, the micro-kernel that makes the virtual machine be in the root pattern to catch to be in the non-root pattern or the crucial internal storage access of other service processes and consumer process guarantee that they can not be subjected to any distorting; The integrality that the second layer utilizes the controlling mechanism of the isolation mech isolation test of micro-kernel and security monitoring module to come safeguards system program and user program.
4. the method for protecting microkernel OS integrality based on reliable hardware and virtual machine according to claim 1; it is characterized in that the described dynamic measurement that utilizes in the credible platform realization operating system process; in TPM, set " executable expressions "; utilize the hardware security characteristic of TPM to guarantee that " executable expressions " can not be modified, compare the dynamically safe condition of gauging system by " executable expressions " of calculating the actual motion track and in TPM, set.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100188566A CN101226577A (en) | 2008-01-28 | 2008-01-28 | Method for protecting microkernel OS integrality based on reliable hardware and virtual machine |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100188566A CN101226577A (en) | 2008-01-28 | 2008-01-28 | Method for protecting microkernel OS integrality based on reliable hardware and virtual machine |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101226577A true CN101226577A (en) | 2008-07-23 |
Family
ID=39858565
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008100188566A Pending CN101226577A (en) | 2008-01-28 | 2008-01-28 | Method for protecting microkernel OS integrality based on reliable hardware and virtual machine |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101226577A (en) |
Cited By (39)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101957900A (en) * | 2010-10-26 | 2011-01-26 | 中国航天科工集团第二研究院七○六所 | Credible virtual machine platform |
| CN102184373A (en) * | 2011-05-30 | 2011-09-14 | 南京大学 | Method for designing safety core of operation system based on protection mode and virtualization mechanism |
| CN102200925A (en) * | 2010-03-22 | 2011-09-28 | 联想(北京)有限公司 | Data access method of application virtual domains, virtual machine manager and computer |
| CN102289621A (en) * | 2011-08-12 | 2011-12-21 | 鲲鹏通讯(昆山)有限公司 | Safety intelligent mobile phone based on fission core virtual machine and control method |
| CN102436566A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
| CN102750471A (en) * | 2012-05-22 | 2012-10-24 | 中国科学院计算技术研究所 | Local verification type starting method based on trusted platform module (TPM) |
| CN103051963A (en) * | 2012-11-30 | 2013-04-17 | 北京视博数字电视科技有限公司 | Safety control method of digital television terminal equipment |
| CN103065098A (en) * | 2011-10-24 | 2013-04-24 | 联想(北京)有限公司 | Access method and electronic device |
| CN103268440A (en) * | 2013-05-17 | 2013-08-28 | 广东电网公司电力科学研究院 | Reliable core dynamic integrity measuring method |
| CN103294956A (en) * | 2013-06-25 | 2013-09-11 | 北京奇虎科技有限公司 | Method and device for processing behaviors on Windows platform |
| CN103795717A (en) * | 2014-01-23 | 2014-05-14 | 中国科学院计算技术研究所 | Method and system for proving integrity of cloud computing platform |
| CN103970601A (en) * | 2013-02-06 | 2014-08-06 | 北京壹人壹本信息科技有限公司 | Operational order execution method and operational order execution device |
| CN104268486A (en) * | 2014-09-22 | 2015-01-07 | 中国船舶重工集团公司第七0九研究所 | Multilevel security trust chain construction method and structure |
| CN104809401A (en) * | 2015-05-08 | 2015-07-29 | 南京大学 | Method for protecting integrity of kernel of operating system |
| CN105095768A (en) * | 2015-08-20 | 2015-11-25 | 浪潮电子信息产业股份有限公司 | Virtualization-based credible server trust chain construction method |
| CN103955438B (en) * | 2014-05-21 | 2016-11-23 | 南京大学 | Proceeding internal memory guard method based on hardware auxiliary Intel Virtualization Technology |
| CN106203082A (en) * | 2016-06-29 | 2016-12-07 | 上海交通大学 | The system and method efficiently isolating kernel module based on virtualization hardware characteristic |
| CN104022700B (en) * | 2014-05-22 | 2017-04-12 | 浙江吉利控股集团有限公司 | Automotive motor controller and controlling method thereof |
| CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
| CN106775941A (en) * | 2016-12-08 | 2017-05-31 | 北京国电通网络技术有限公司 | A kind of virtual machine kernel completeness protection method and device |
| CN107087003A (en) * | 2017-05-16 | 2017-08-22 | 成都鼎智汇科技有限公司 | Network system anti-attack method |
| CN107657170A (en) * | 2016-07-25 | 2018-02-02 | 北京计算机技术及应用研究所 | The Trusted Loading for supporting intelligently to repair starts control system and method |
| CN108369558A (en) * | 2015-11-25 | 2018-08-03 | 罗伯特·博世有限公司 | Method for running microcontroller |
| CN108763935A (en) * | 2018-05-30 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of operating system OS virtual machine kernels integrality monitoring system and method |
| CN108804203A (en) * | 2018-06-15 | 2018-11-13 | 四川大学 | VTPM private information guard methods based on label |
| CN109445847A (en) * | 2018-07-09 | 2019-03-08 | 北京东土科技股份有限公司 | Industrial service device microkernel architecture implementation method |
| CN109522720A (en) * | 2018-11-29 | 2019-03-26 | 北京元心科技有限公司 | Method, apparatus, electronic equipment and the computer readable storage medium of dynamic measurement |
| CN109766165A (en) * | 2018-11-22 | 2019-05-17 | 海光信息技术有限公司 | A kind of memory access control method, device, Memory Controller Hub and computer system |
| CN109933441A (en) * | 2019-02-28 | 2019-06-25 | 上海交通大学 | Micro-kernel Inter-Process Communication method and system |
| CN109992973A (en) * | 2019-04-10 | 2019-07-09 | 北京可信华泰信息技术有限公司 | A kind of starting measure and device using OPROM mechanism |
| CN110059453A (en) * | 2019-03-13 | 2019-07-26 | 中国科学院计算技术研究所 | A kind of container virtualization safety reinforced device and method |
| CN110188530A (en) * | 2019-05-30 | 2019-08-30 | 苏州浪潮智能科技有限公司 | A kind of safety certifying method, device, equipment and readable storage medium storing program for executing |
| CN111125711A (en) * | 2019-12-03 | 2020-05-08 | 支付宝(杭州)信息技术有限公司 | Security task processing method and device, electronic equipment and storage medium |
| CN111382445A (en) * | 2020-03-03 | 2020-07-07 | 首都师范大学 | Method for providing trusted service by using trusted execution environment system |
| CN111967010A (en) * | 2019-05-20 | 2020-11-20 | 阿里巴巴集团控股有限公司 | Trusted service method, device, equipment and storage medium |
| CN112099909A (en) * | 2020-08-27 | 2020-12-18 | 海光信息技术有限公司 | Virtual machine memory measurement method, device, processor chip and system |
| CN112269997A (en) * | 2020-08-11 | 2021-01-26 | 北京本形物语科技有限公司 | Active immune trusted computing platform for block chain main node |
| CN112511306A (en) * | 2020-11-03 | 2021-03-16 | 中国航空工业集团公司西安航空计算技术研究所 | Safe operation environment construction method based on mixed trust model |
| CN113791898A (en) * | 2021-08-24 | 2021-12-14 | 电子科技大学 | TrustZone-based trusted microkernel operating system |
-
2008
- 2008-01-28 CN CNA2008100188566A patent/CN101226577A/en active Pending
Cited By (56)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102200925A (en) * | 2010-03-22 | 2011-09-28 | 联想(北京)有限公司 | Data access method of application virtual domains, virtual machine manager and computer |
| CN102200925B (en) * | 2010-03-22 | 2015-04-29 | 联想(北京)有限公司 | Data access method of application virtual domains, virtual machine manager and computer |
| CN101957900A (en) * | 2010-10-26 | 2011-01-26 | 中国航天科工集团第二研究院七○六所 | Credible virtual machine platform |
| CN102184373A (en) * | 2011-05-30 | 2011-09-14 | 南京大学 | Method for designing safety core of operation system based on protection mode and virtualization mechanism |
| CN102184373B (en) * | 2011-05-30 | 2013-01-23 | 南京大学 | Method for designing safety core of operation system based on protection mode and virtualization mechanism |
| CN102289621A (en) * | 2011-08-12 | 2011-12-21 | 鲲鹏通讯(昆山)有限公司 | Safety intelligent mobile phone based on fission core virtual machine and control method |
| CN103065098A (en) * | 2011-10-24 | 2013-04-24 | 联想(北京)有限公司 | Access method and electronic device |
| CN102436566B (en) * | 2012-01-12 | 2014-07-09 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
| CN102436566A (en) * | 2012-01-12 | 2012-05-02 | 冶金自动化研究设计院 | Dynamic trusted measurement method and safe embedded system |
| CN102750471B (en) * | 2012-05-22 | 2015-02-11 | 中国科学院计算技术研究所 | Local verification type starting method based on trusted platform module (TPM) |
| CN102750471A (en) * | 2012-05-22 | 2012-10-24 | 中国科学院计算技术研究所 | Local verification type starting method based on trusted platform module (TPM) |
| CN103051963A (en) * | 2012-11-30 | 2013-04-17 | 北京视博数字电视科技有限公司 | Safety control method of digital television terminal equipment |
| CN103051963B (en) * | 2012-11-30 | 2018-02-13 | 北京视博数字电视科技有限公司 | A kind of method of controlling security of digital-television terminal equipment |
| CN103970601A (en) * | 2013-02-06 | 2014-08-06 | 北京壹人壹本信息科技有限公司 | Operational order execution method and operational order execution device |
| CN103970601B (en) * | 2013-02-06 | 2019-03-05 | 北京壹人壹本信息科技有限公司 | Execute operational order method and apparatus |
| CN103268440A (en) * | 2013-05-17 | 2013-08-28 | 广东电网公司电力科学研究院 | Reliable core dynamic integrity measuring method |
| CN103294956B (en) * | 2013-06-25 | 2016-08-24 | 北京奇虎科技有限公司 | It it is the method and device processed in the enterprising every trade of windows platform |
| WO2014206268A1 (en) * | 2013-06-25 | 2014-12-31 | 北京奇虎科技有限公司 | Action processing method and device on windows platform |
| CN103294956A (en) * | 2013-06-25 | 2013-09-11 | 北京奇虎科技有限公司 | Method and device for processing behaviors on Windows platform |
| CN103795717A (en) * | 2014-01-23 | 2014-05-14 | 中国科学院计算技术研究所 | Method and system for proving integrity of cloud computing platform |
| CN103795717B (en) * | 2014-01-23 | 2017-01-25 | 中国科学院计算技术研究所 | Method and system for proving integrity of cloud computing platform |
| CN103955438B (en) * | 2014-05-21 | 2016-11-23 | 南京大学 | Proceeding internal memory guard method based on hardware auxiliary Intel Virtualization Technology |
| CN104022700B (en) * | 2014-05-22 | 2017-04-12 | 浙江吉利控股集团有限公司 | Automotive motor controller and controlling method thereof |
| CN104268486A (en) * | 2014-09-22 | 2015-01-07 | 中国船舶重工集团公司第七0九研究所 | Multilevel security trust chain construction method and structure |
| CN104268486B (en) * | 2014-09-22 | 2017-06-23 | 中国船舶重工集团公司第七0九研究所 | Multilevel security trust chain building method and system |
| CN104809401B (en) * | 2015-05-08 | 2017-12-19 | 南京大学 | A kind of operating system nucleus completeness protection method |
| CN104809401A (en) * | 2015-05-08 | 2015-07-29 | 南京大学 | Method for protecting integrity of kernel of operating system |
| CN105095768A (en) * | 2015-08-20 | 2015-11-25 | 浪潮电子信息产业股份有限公司 | Virtualization-based credible server trust chain construction method |
| CN105095768B (en) * | 2015-08-20 | 2018-03-02 | 浪潮电子信息产业股份有限公司 | A kind of construction method of the trusted servers trust chain based on virtualization |
| CN108369558A (en) * | 2015-11-25 | 2018-08-03 | 罗伯特·博世有限公司 | Method for running microcontroller |
| CN106203082A (en) * | 2016-06-29 | 2016-12-07 | 上海交通大学 | The system and method efficiently isolating kernel module based on virtualization hardware characteristic |
| CN107657170A (en) * | 2016-07-25 | 2018-02-02 | 北京计算机技术及应用研究所 | The Trusted Loading for supporting intelligently to repair starts control system and method |
| CN106775941A (en) * | 2016-12-08 | 2017-05-31 | 北京国电通网络技术有限公司 | A kind of virtual machine kernel completeness protection method and device |
| CN106599676A (en) * | 2016-12-22 | 2017-04-26 | 北京元心科技有限公司 | Trusted process identification method and device |
| CN107087003B (en) * | 2017-05-16 | 2020-10-02 | 上海共创信息技术有限公司 | System anti-attack method based on network |
| CN107087003A (en) * | 2017-05-16 | 2017-08-22 | 成都鼎智汇科技有限公司 | Network system anti-attack method |
| CN108763935A (en) * | 2018-05-30 | 2018-11-06 | 郑州云海信息技术有限公司 | A kind of operating system OS virtual machine kernels integrality monitoring system and method |
| CN108804203A (en) * | 2018-06-15 | 2018-11-13 | 四川大学 | VTPM private information guard methods based on label |
| CN109445847A (en) * | 2018-07-09 | 2019-03-08 | 北京东土科技股份有限公司 | Industrial service device microkernel architecture implementation method |
| CN109766165A (en) * | 2018-11-22 | 2019-05-17 | 海光信息技术有限公司 | A kind of memory access control method, device, Memory Controller Hub and computer system |
| CN109522720A (en) * | 2018-11-29 | 2019-03-26 | 北京元心科技有限公司 | Method, apparatus, electronic equipment and the computer readable storage medium of dynamic measurement |
| CN109933441A (en) * | 2019-02-28 | 2019-06-25 | 上海交通大学 | Micro-kernel Inter-Process Communication method and system |
| CN109933441B (en) * | 2019-02-28 | 2020-11-17 | 上海交通大学 | Method and system for communication between microkernel processes |
| CN110059453B (en) * | 2019-03-13 | 2021-02-05 | 中国科学院计算技术研究所 | Container virtualization security reinforcing device and method |
| CN110059453A (en) * | 2019-03-13 | 2019-07-26 | 中国科学院计算技术研究所 | A kind of container virtualization safety reinforced device and method |
| CN109992973A (en) * | 2019-04-10 | 2019-07-09 | 北京可信华泰信息技术有限公司 | A kind of starting measure and device using OPROM mechanism |
| CN111967010A (en) * | 2019-05-20 | 2020-11-20 | 阿里巴巴集团控股有限公司 | Trusted service method, device, equipment and storage medium |
| CN110188530A (en) * | 2019-05-30 | 2019-08-30 | 苏州浪潮智能科技有限公司 | A kind of safety certifying method, device, equipment and readable storage medium storing program for executing |
| CN111125711A (en) * | 2019-12-03 | 2020-05-08 | 支付宝(杭州)信息技术有限公司 | Security task processing method and device, electronic equipment and storage medium |
| CN111125711B (en) * | 2019-12-03 | 2021-05-07 | 支付宝(杭州)信息技术有限公司 | Security task processing method and device, electronic equipment and storage medium |
| CN111382445A (en) * | 2020-03-03 | 2020-07-07 | 首都师范大学 | Method for providing trusted service by using trusted execution environment system |
| CN112269997A (en) * | 2020-08-11 | 2021-01-26 | 北京本形物语科技有限公司 | Active immune trusted computing platform for block chain main node |
| CN112099909A (en) * | 2020-08-27 | 2020-12-18 | 海光信息技术有限公司 | Virtual machine memory measurement method, device, processor chip and system |
| CN112511306A (en) * | 2020-11-03 | 2021-03-16 | 中国航空工业集团公司西安航空计算技术研究所 | Safe operation environment construction method based on mixed trust model |
| CN113791898A (en) * | 2021-08-24 | 2021-12-14 | 电子科技大学 | TrustZone-based trusted microkernel operating system |
| CN113791898B (en) * | 2021-08-24 | 2022-07-26 | 电子科技大学 | TrustZone-based trusted microkernel operating system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101226577A (en) | Method for protecting microkernel OS integrality based on reliable hardware and virtual machine | |
| CN101515316B (en) | Trusted computing terminal and trusted computing method | |
| Cheng et al. | ROPecker: A generic and practical approach for defending against ROP attack | |
| CN101436237B (en) | Method and system for whitelisting software components | |
| CN102436566B (en) | Dynamic trusted measurement method and safe embedded system | |
| Gu et al. | Remote attestation on program execution | |
| CN105009135B (en) | For executing the method, apparatus and system of Binary Conversion | |
| Li et al. | Fine-cfi: fine-grained control-flow integrity for operating system kernels | |
| CN107301082B (en) | Method and device for realizing integrity protection of operating system | |
| Gu et al. | Face-change: Application-driven dynamic kernel view switching in a virtual machine | |
| Wilding et al. | Formal verification of partition management for the AAMP7G microprocessor | |
| US20170220795A1 (en) | Information-processing device, information-processing monitoring method, and recording medium | |
| CN103345604A (en) | Sandbox system based on light-weight virtual machine monitor and method for monitoring OS with sandbox system | |
| CN103886259A (en) | Kernel-level rootkit detecting and processing method based on Xen virtualization environment | |
| Coppolino et al. | A comparative analysis of emerging approaches for securing java software with Intel SGX | |
| Li et al. | A VMM-based system call interposition framework for program monitoring | |
| Cheng et al. | Building dynamic and transparent integrity measurement and protection for virtualized platform in cloud computing | |
| Isohara et al. | Lsm-based secure system monitoring using kernel protection schemes | |
| Peng et al. | μSwitch: Fast Kernel Context Isolation with Implicit Context Switches | |
| Zhan et al. | Checking virtual machine kernel control-flow integrity using a page-level dynamic tracing approach | |
| Schwahn et al. | How to fillet a penguin: Runtime data driven partitioning of linux code | |
| Mao et al. | HVSM: An In-Out-VM security monitoring architecture in IAAS cloud | |
| Ba et al. | jMonAtt: Integrity monitoring and attestation of jvm-based applications in cloud computing | |
| Procopio | Safety and security in GNU/Linux real time operating system domain | |
| Yu et al. | A container-oriented virtual-machine-introspection-based security monitor to secure containers in cloud computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20080723 |