[go: up one dir, main page]

CN105787376A - Data security access method and apparatus - Google Patents

Data security access method and apparatus Download PDF

Info

Publication number
CN105787376A
CN105787376A CN201410834664.8A CN201410834664A CN105787376A CN 105787376 A CN105787376 A CN 105787376A CN 201410834664 A CN201410834664 A CN 201410834664A CN 105787376 A CN105787376 A CN 105787376A
Authority
CN
China
Prior art keywords
data
secure
data security
access request
security access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410834664.8A
Other languages
Chinese (zh)
Inventor
邓宁堃
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sanechips Technology Co Ltd
Original Assignee
Shenzhen ZTE Microelectronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen ZTE Microelectronics Technology Co Ltd filed Critical Shenzhen ZTE Microelectronics Technology Co Ltd
Priority to CN201410834664.8A priority Critical patent/CN105787376A/en
Priority to PCT/CN2015/081962 priority patent/WO2016101559A1/en
Publication of CN105787376A publication Critical patent/CN105787376A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种数据安全存取方法,其中,该方法包括:非安全操作系统接收第一数据安全存取请求;非安全操作系统根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统;安全操作系统对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。本发明同时还公开了一种数据安全存取装置。

The invention discloses a data security access method, wherein the method includes: a non-safety operating system receiving a first data security access request; a non-safety operating system generating a second data security access request according to the first data security access request; After the access request, send the second data security access request to the security operating system; the security operating system performs legality authentication on the second data security access request, and when the legality authentication is successful, according to the first Two data security access requests perform data security access operations. The invention also discloses a data security access device at the same time.

Description

一种数据安全存取方法和装置A data security access method and device

技术领域technical field

本发明涉及智能终端安全存储领域,更具体的说,是一种数据安全存取方法和装置。The invention relates to the field of safe storage of intelligent terminals, more specifically, a method and device for safe data access.

背景技术Background technique

随着现代通信技术的飞速发展,终端,尤其是智能终端,如手机、平板电脑、智能手表等越来越深入到人们的学习、工作和生活中并发挥着至关重要的作用。随着用户对智能终端的依赖,一些重要的数据,例如,个人资料、通讯录、私密照片、机密文件等通常也被存储在智能终端中。确保这些数据的安全十分重要。With the rapid development of modern communication technology, terminals, especially smart terminals, such as mobile phones, tablet computers, smart watches, etc., have become more and more deeply involved in people's study, work and life and play a vital role. As users rely on smart terminals, some important data, such as personal data, address books, private photos, confidential documents, etc., are usually stored in smart terminals. It is important to keep this data secure.

市场上主流的智能终端操作系统有三种:安卓(Android)操作系统、苹果操作系统(iOS,iPhoneOperatingSystem)、Windows操作系统。但是,每一种操作系统都不能完全保证终端的安全性,尤其是Android操作系统终端,由于Android操作系统自身的开放性,使得Android操作系统终端很有可能感染病毒或者木马,从而导致重要信息的泄露或者破坏。再者,由于智能终端的便捷性,用户很有可能丢失智能终端,有价值的数据也会随之丢失,比如个人隐私信息或者商业机密信息等。若被他人得到,这些信息可能被泄漏,这样会带来严重的损失。There are three mainstream smart terminal operating systems on the market: Android (Android) operating system, Apple operating system (iOS, iPhone Operating System), and Windows operating system. However, each operating system cannot fully guarantee the security of the terminal, especially the Android operating system terminal. Due to the openness of the Android operating system itself, the Android operating system terminal is likely to be infected with viruses or Trojan horses, resulting in the loss of important information. leakage or destruction. Furthermore, due to the convenience of the smart terminal, the user is likely to lose the smart terminal, and valuable data will also be lost, such as personal privacy information or commercial confidential information. If obtained by others, this information may be leaked, which will cause serious losses.

然而,针对智能终端的本地数据安全存取,特别是用户能够快速、便捷的存储、提取重要的安全数据,同时保证用户安全数据不会被泄露或破坏,目前还没有可靠的方案来实现。However, there is currently no reliable solution for the secure access of local data on smart terminals, especially the ability for users to quickly and conveniently store and retrieve important security data while ensuring that user security data will not be leaked or destroyed.

发明内容Contents of the invention

为了解决现有存在的技术问题,本发明实施例期望提供一种数据安全存取方法和装置方法和装置。In order to solve the existing technical problems, the embodiment of the present invention expects to provide a data security access method and device method and device.

本发明实施例提供了一种数据安全存取方法,所述方法包括:An embodiment of the present invention provides a data security access method, the method comprising:

非安全操作系统接收第一数据安全存取请求;The non-secure operating system receives a first data security access request;

非安全操作系统根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统;After the non-secure operating system generates a second data secure access request according to the first data secure access request, it sends the second data secure access request to a secure operating system;

安全操作系统对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。The security operating system performs legality authentication on the second data security access request, and executes a data security access operation according to the second data security access request when the legality authentication is successful.

上述方案中,当所述第一数据安全存取请求为数据安全存储请求时,所述第一数据安全存取请求中包括以下数据存取信息:待存储数据的文件名、及其存储路径,In the above solution, when the first data security access request is a data security storage request, the first data security access request includes the following data access information: the file name of the data to be stored and its storage path,

当所述第一数据安全存取请求为数据安全提取请求时,所述第一数据安全存取请求中包括以下数据存取信息:待提取数据的文件名及其提取路径。When the first data security access request is a data security extraction request, the first data security access request includes the following data access information: the file name of the data to be extracted and its extraction path.

上述方案中,当所述第一数据安全存取请求为:数据安全存储请求时,所述方法还包括:所述非安全存取任务将待存储的数据从非安全存储器中读到非安全内存中。In the above solution, when the first data security access request is: a data security storage request, the method further includes: the non-secure access task reads the data to be stored from the non-secure memory to the non-secure memory middle.

上述方案中,所述非安全操作系统根据所述第一数据安全存取请求生成第二数据安全存取请求,包括:In the above solution, the non-secure operating system generates a second data security access request according to the first data security access request, including:

非安全操作系统中的非安全存取任务将以下参数一和参数二携带在所述第一数据安全存取请求中,生成第二数据安全存取请求:The non-secure access task in the non-secure operating system carries the following parameter 1 and parameter 2 in the first data security access request to generate a second data security access request:

其中,参数一包括任务标识、操作标识、数据存取信息,参数二包括验证码MAGIC_NS。Among them, parameter one includes task identifier, operation identifier, and data access information, and parameter two includes verification code MAGIC_NS.

上述方案中,所述合法性认证包括:第一次合法性认证和第二次合法性认证;其中,所述第一次合法性认证,包括:In the above solution, the legality certification includes: the first legality certification and the second legality certification; wherein, the first legality certification includes:

安全操作系统中的安全监控任务判断所述第二数据安全存取请求中是否携带验证码MAGIC_NS,如果是,则确定所述第二数据安全存取请求第一次合法性认证成功;如果否,则确定所述第二数据安全存取请求第一次合法性失败;The security monitoring task in the secure operating system judges whether the second data security access request carries a verification code MAGIC_NS, if yes, then determines that the first legitimacy authentication of the second data security access request is successful; if not, Then determine that the first legitimacy of the second data security access request fails;

所述第二次合法性认证包括:所述安全操作系统中的主控任务判断所述参数一中的各个参数是否合法,当所述参数一中各个参数均合法时,第二次合法性认证成功,否则,第二次合法性认证失败。The second legitimacy authentication includes: the main control task in the secure operating system judges whether each parameter in the parameter one is legal, and when each parameter in the parameter one is legal, the second legitimacy Validity authentication succeeds, otherwise, the second legitimacy authentication fails.

上述方案中,所述安全操作系统根据所述第二数据安全存取请求执行数据安全存取操作,包括:In the above solution, the secure operating system executes a data secure access operation according to the second data secure access request, including:

当所述第二数据安全存取请求为数据安全存储请求时,安全存取任务执行以下操作:将已经存储在非安全内存中的待存储数据复制到安全内存,在安全内存中对待存储数据进行加密操作,将加密后的待存储数据写入安全存储器;When the second data security access request is a data security storage request, the security access task performs the following operations: copy the data to be stored that has been stored in the non-secure memory to the security memory, and store the data to be stored in the security memory Encryption operation, writing the encrypted data to be stored into the safe memory;

当所述第二数据安全存取请求为数据安全提取请求时,安全存取任务执行以下操作:将待提取数据从安全存储器读到安全内存;在安全内存中对待提取数据进行解密操作;将解密后的待提取数据复制到非安全内存。When the second data security access request is a data security extraction request, the security access task performs the following operations: read the data to be extracted from the security storage to the security memory; perform a decryption operation on the data to be extracted in the security memory; The final data to be extracted is copied to non-secure memory.

上述方案中,所述安全操作系统根据所述第二数据安全存取请求执行数据安全存取操作之后,所述方法还包括:In the above solution, after the secure operating system executes the data secure access operation according to the second data secure access request, the method further includes:

安全操作系统中的安全存取任务生成数据安全存取结果并发送给安全操作系统中的安全监控任务,所述数据安全存取结果包括:参数三和参数四;其中参数三包括数据安全存取是否成功的指示消息,参数四为验证码MAGIC_SECURE;The security access task in the security operating system generates a data security access result and sends it to the security monitoring task in the security operating system. The data security access result includes: parameter three and parameter four; wherein parameter three includes data An indication message indicating whether the secure access is successful, parameter four is the verification code MAGIC_SECURE;

所述安全监控任务判断数据安全存取结果中的参数四的值是否是MAGIC_SECURE,如果是,则安全监控任务对安全存取任务所发送的数据安全存取结果的合法性验证成功,数据安全存取流程结束;如果否,安全监控任务对安全存取任务所发送的数据安全存取结果的合法性验证不成功,安全监控任务向非安全操作系统返回处理失败的结果,数据安全存取流程结束。Described security monitoring task judges whether the value of parameter four in the data security access result is MAGIC_SECURE, if yes, then the security monitoring task is successful in verifying the legitimacy of the data security access result sent by the security access task, and data security The access process ends; if not, the security monitoring task fails to verify the validity of the data security access result sent by the security access task, and the security monitoring task returns the result of processing failure to the non-secure operating system, and the data security access process Finish.

本发明实施例提供了一种数据安全存取装置,所述装置包括:非安全操作系统和安全操作系统;其中,An embodiment of the present invention provides a data security access device, the device includes: a non-secure operating system and a secure operating system; wherein,

所述非安全操作系统,用于接收第一数据安全存取请求;并根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统;The non-secure operating system is configured to receive a first data security access request; and after generating a second data security access request according to the first data security access request, send the second data security access request to a secure operating system;

所述安全操作系统,用于对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。The secure operating system is configured to perform legality authentication on the second data security access request, and execute a data security access operation according to the second data security access request when the legality authentication succeeds.

上述方案中,当所述第一数据安全存取请求为数据安全存储请求时,所述第一数据安全存取请求中包括以下数据存取信息:待存储数据的文件名、及其存储路径,In the above solution, when the first data security access request is a data security storage request, the first data security access request includes the following data access information: the file name of the data to be stored and its storage path,

当所述第一数据安全存取请求为数据安全提取请求时,所述第一数据安全存取请求中包括以下数据存取信息:待提取数据的文件名及其提取路径。When the first data security access request is a data security extraction request, the first data security access request includes the following data access information: the file name of the data to be extracted and its extraction path.

上述方案中,所述非安全操作系统包括非安全存取任务模块用于将待存储的数据从非安全存储器中读到非安全内存中。In the above solution, the non-secure operating system includes a non-secure access task module for reading the data to be stored from the non-secure memory into the non-secure memory.

上述方案中,所述非安全存取任务模块,还用于将以下参数一和参数二携带在所述第一数据安全存取请求中,生成第二数据安全存取请求:In the above solution, the non-secure access task module is further configured to carry the following parameter 1 and parameter 2 in the first data security access request to generate a second data security access request:

其中,参数一包括任务标识、操作标识、数据存取信息,参数二包括验证码MAGIC_NS。Among them, parameter one includes task identifier, operation identifier, and data access information, and parameter two includes verification code MAGIC_NS.

上述方案中,所述合法性认证包括:第一次合法性认证和第二次合法性认证;In the above scheme, the legality certification includes: the first legality certification and the second legality certification;

所述安全操作系统,包括安全监控任务模块和主控任务模块;其中,The safety operating system includes a safety monitoring task module and a main control task module; wherein,

所述安全监控任务模块,用于接收非安全操作系统发送的第二数据安全存取请求,并通过以下方式对所述数据安全存取请求进行第一次合法性认证:The security monitoring task module is configured to receive a second data security access request sent by a non-secure operating system, and perform the first legitimacy authentication on the data security access request in the following manner:

安全监控任务模块判断所述第二数据安全存取请求中是否携带验证码MAGIC_NS,如果是,则确定所述第二数据安全存取请求第一次合法性认证成功;如果否,则确定所述第二数据安全存取请求第一次合法性失败;The security monitoring task module judges whether the verification code MAGIC_NS is carried in the second data security access request, if yes, then determines that the first legitimacy authentication of the second data security access request is successful; if not, then determines that the The first legitimacy of the second data security access request fails;

所述主控任务模块,用于通过以下方式对所述第二数据安全存取请求进行第二次合法性认证:The main control task module is configured to perform a second legitimacy authentication on the second data security access request in the following manner:

主控任务模块判断第二数据安全存取请求中参数一中的各个参数是否合法,当所述参数一中各个参数均合法时,第二次合法性认证成功,否则,第二次合法性认证失败。The main control task module judges whether each parameter in parameter one in the second data security access request is legal, and when each parameter in said parameter one is legal, the second legitimacy authentication is successful; Sex authentication failed.

上述方案中,安全操作系统还包括:安全存取任务模块,用于通过以下方式执行数据安全存取操作:In the above solution, the secure operating system also includes: a secure access task module, which is used to perform data secure access operations in the following ways:

当所述第二数据安全存取请求为数据安全存储请求时,安全存取任务模块执行以下操作:将已经存储在非安全内存中的待存储数据复制到安全内存,在安全内存中对待存储数据进行加密操作,将加密后的待存储数据写入安全存储器;When the second data security access request is a data security storage request, the security access task module performs the following operations: copy the data to be stored that has been stored in the non-secure memory to the security memory, and store the data to be stored in the security memory Perform an encryption operation, and write the encrypted data to be stored into the safe memory;

当所述第二数据安全存取请求为数据安全提取请求时,安全存取任务模块执行以下操作:将待提取数据从安全存储器读到安全内存;在安全内存中对待提取数据进行解密操作;将解密后的待提取数据复制到非安全内存。When the second data security access request is a data security extraction request, the security access task module performs the following operations: read the data to be extracted from the security storage to the security memory; decrypt the data to be extracted in the security memory; The decrypted data to be extracted is copied to non-secure memory.

上述方案中,所述安全存取任务模块,还用于生成数据安全存取结果并发送给安全监控任务模块,所述数据安全存取结果包括:参数三和参数四;其中参数三包括数据安全存取是否成功的指示消息,参数四为验证码MAGIC_SECURE;In the above solution, the secure access task module is also used to generate data security access results and send them to the security monitoring task module. The data security access results include: parameter three and parameter four; where parameter three Including the indication message whether the data security access is successful, parameter four is the verification code MAGIC_SECURE;

所述安全监控任务模块,还用于通过以下方式对数据安全存取结果的合法性进行验证:The security monitoring task module is also used to verify the legitimacy of the data security access results in the following manner:

安全监控任务模块判断数据安全存取结果中的参数四的值是否是MAGIC_SECURE,如果是,则安全监控任务模块对安全存取任务模块所发送的数据安全存取结果的合法性验证成功;如果否,安全监控任务模块对安全存取任务模块所发送的数据安全存取结果的合法性验证不成功。The security monitoring task module judges whether the value of parameter four in the data security access result is MAGIC_SECURE, if so, then the security monitoring task module successfully verifies the legality of the data security access result sent by the security access task module; if No, the security monitoring task module fails to verify the legality of the data security access result sent by the security access task module.

本发明实施例所提供的一种数据安全存取方法和装置,非安全操作系统接收第一数据安全存取请求;非安全操作系统根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统;安全操作系统对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。如此,用户能够快速、便捷的存储活提取重要的安全数据,同时保证用户安全数据不会被泄露或破坏。In the method and device for secure data access provided by the embodiments of the present invention, the non-secure operating system receives a first data secure access request; the non-secure operating system generates a second data secure access request according to the first data secure access request. After obtaining the request, the second data security access request is sent to the security operating system; the security operating system performs legality authentication on the second data security access request, and when the legality authentication is successful, according to the second The data security access request performs a data security access operation. In this way, users can quickly and conveniently store and retrieve important security data, while ensuring that user security data will not be leaked or destroyed.

附图说明Description of drawings

图1为本发明实施例提供的数据安全存取方法流程图;FIG. 1 is a flowchart of a data security access method provided by an embodiment of the present invention;

图2为本发明实施例提供的数据安全存取装置的基本结构图;2 is a basic structural diagram of a data security access device provided by an embodiment of the present invention;

图3为本发明实施例提供的数据安全存储方法流程图;FIG. 3 is a flow chart of a data security storage method provided by an embodiment of the present invention;

图4为本发明实施例提供的数据安全提取方法流程图。FIG. 4 is a flow chart of a data security extraction method provided by an embodiment of the present invention.

具体实施方式detailed description

本发明实施例中,非安全操作系统接收第一数据安全存取请求;非安全操作系统根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统;安全操作系统对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。In the embodiment of the present invention, the non-secure operating system receives the first data security access request; after the non-secure operating system generates the second data security access request according to the first data security access request, the second data security The access request is sent to a secure operating system; the secure operating system performs legality authentication on the second data security access request, and when the legality authentication succeeds, executes a data security access operation according to the second data security access request .

下面通过附图及具体实施例对本发明做进一步的详细说明。The present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.

实施例一Embodiment one

本发明实施例一提供了一种数据安全存取方法,如图1所示,该方法包括以下步骤:Embodiment 1 of the present invention provides a method for secure data access, as shown in Figure 1, the method includes the following steps:

步骤101:非安全操作系统接收第一数据安全存取请求;Step 101: the non-secure operating system receives a first data security access request;

非安全操作系统通常运行在处理器的非安全状态(例如,支持信任区域(TrustZone)安全方法的进阶精简指令集(ARM,AdvancedRISCMachine)处理器包括两种状态:安全状态和非安全状态),非安全操作系统只能访问非安全硬件(即,非安全存储器、非安全内存)。非安全存储器是指,只在处理器的非安全状态下才能访问的存储器,由存储器控制器控制实现;非安全内存是指,在处理器的安全状态或非安全状态下都能访问的内存,由内存控制器控制实现。The non-secure operating system usually runs in the non-secure state of the processor (for example, the advanced reduced instruction set (ARM, AdvancedRISCMachine) processor that supports the Trust Zone (TrustZone) security method includes two states: a secure state and a non-secure state), A non-secure operating system can only access non-secure hardware (ie, non-secure memory, non-secure memory). Non-secure memory refers to the memory that can only be accessed in the non-secure state of the processor, and is controlled by the memory controller; non-secure memory refers to the memory that can be accessed in the secure state of the processor or in the non-secure state. Controlled by the memory controller.

在该步骤中,由非安全操作系统的非安全存取任务接收用户发送的第一数据安全存取请求。In this step, the first data security access request sent by the user is received by the non-secure access task of the non-secure operating system.

用户发送的第一数据安全存取请求通常可以包括:数据安全存储请求或数据安全提取请求。The first data security access request sent by the user may generally include: a data security storage request or a data security retrieval request.

当所述第一数据安全存取请求为:数据安全存储请求时,所述非安全存取任务需要将待存储的数据从非安全存储器中读到非安全内存中,用于后续安全操作系统使用。When the first data security access request is: a data security storage request, the non-secure access task needs to read the data to be stored from the non-secure memory into the non-secure memory for use by the subsequent secure operating system .

当第一数据安全存取请求为数据安全存储请求时,所述第一数据安全存取请求中包括以下数据存取信息:待存储数据的文件名、及其存储路径;When the first data security access request is a data security storage request, the first data security access request includes the following data access information: the file name of the data to be stored, and its storage path;

当第一数据安全存取请求为数据安全提取请求时,所述第一数据安全存取请求中包括以下数据存取信息:待提取数据的文件名及其提取路径(也即,待提取数据的存储路径)。When the first data security access request is a data security extraction request, the first data security access request includes the following data access information: the file name of the data to be extracted and its extraction path (that is, the Storage path).

步骤102:非安全操作系统根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统;Step 102: After the non-secure operating system generates a second data secure access request according to the first data secure access request, send the second data secure access request to the secure operating system;

具体的,在这一步骤中,是由非安全操作系统中的非安全存取任务根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统的安全监控任务。Specifically, in this step, after the non-secure access task in the non-secure operating system generates the second data secure access request according to the first data secure access request, the second data securely stores The fetch request is sent to the security monitoring task of the security operating system.

非安全操作系统中的非安全存取任务根据所述第一数据安全存取请求生成第二数据安全存取请求,包括:The non-secure access task in the non-secure operating system generates a second data secure access request according to the first data secure access request, including:

非安全存取任务将以下参数一和参数二携带在所述第一数据安全存取请求中,生成第二数据安全存取请求:The non-secure access task carries the following parameters 1 and 2 in the first data security access request to generate a second data security access request:

其中,参数一包括任务标识、操作标识及数据存取信息,用于后续操作中安全操作系统执行数据安全存取操作时使用;Among them, parameter one includes task identification, operation identification and data access information, which is used when the security operating system performs data security access operations in subsequent operations;

具体的,这里的参数一是根据第一数据安全存取请求生成的,所述任务标识的取值为SECURE_SOURCE或UNSECURE_SOURCE,用于指示资源类型,即安全类型资源(SECURE_SOURCE)、或非安全类型资源(UNSECURE_SOURCE);由于本发明实施例涉及的是一种数据安全存取方法,因此,所生成的参数一中任务标识的取值均为SECURE_SOURCE;所述操作标识的取值为安全存储(SECURE_SAVE)、或安全提取(SECURE_LOAD),用于指示对任务标识所标识的资源类型的数据所进行的操作;所述参数一中的数据存取信息即为第一数据安全存取请求中的数据存取信息;Specifically, parameter one here is generated according to the first data security access request, and the value of the task identifier is SECURE_SOURCE or UNSECURE_SOURCE, which is used to indicate the resource type, that is, a security type resource (SECURE_SOURCE) or a non-security type resource (UNSECURE_SOURCE); since the embodiment of the present invention relates to a data security access method, therefore, the values of the task identification in the generated parameter one are all SECURE_SOURCE; the values of the operation identification are safe storage ( SECURE_SAVE), or security extraction (SECURE_LOAD), used to indicate the operation performed on the data of the resource type identified by the task identifier; the data access information in the first parameter is the first data security access request data access information;

参数二包括验证码MAGIC_NS,用于后续步骤中安全操作系统对第二数据安全存取请求的合法性进行认证;具体的,所述验证码MAGIC_NS是由非安全操作系统与安全操作系统事先约定的验证码。Parameter two includes a verification code MAGIC_NS, which is used by the secure operating system to authenticate the legitimacy of the second data security access request in subsequent steps; specifically, the verification code MAGIC_NS is agreed in advance by the non-secure operating system and the secure operating system verification code.

步骤103:安全操作系统对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。Step 103: The secure operating system performs legality authentication on the second data security access request, and executes a data security access operation according to the second data security access request when the legality authentication is successful.

安全操作系统运行在处理器的安全状态,可以访问安全硬件(即,安全存储器、安全内存),也可以访问非安全硬件中的非安全内存,安全操作系统专门用来处理安全级别高的任务,如存储与提取安全数据、安全数据的加解密、数字版权管理、虚拟专用网络(VPN,VirtualPrivateNetwork)管理等。它是精简、稳定的操作系统,安全操作系统中运行的安全任务是串行执行的,调度策略是非抢占式的,提高了系统内部的安全性和稳定性。安全存储器是指,只在处理器的安全状态下才能访问的存储器,由存储器控制器控制实现;安全内存是指,只在处理器的安全状态下才能访问的内存,由内存控制器控制实现。The secure operating system runs in the secure state of the processor, and can access secure hardware (that is, secure memory, secure memory), and can also access non-secure memory in non-secure hardware. The secure operating system is specially used to process tasks with high security levels. Such as storage and extraction of security data, encryption and decryption of security data, digital rights management, virtual private network (VPN, Virtual Private Network) management, etc. It is a streamlined and stable operating system. The security tasks running in the secure operating system are executed serially, and the scheduling policy is non-preemptive, which improves the security and stability of the system. The secure memory refers to the memory that can only be accessed in the secure state of the processor, and is controlled and implemented by the memory controller; the secure memory refers to the memory that can be accessed only in the secure state of the processor, and is controlled and implemented by the memory controller.

这一步骤中,所述合法性认证包括:第一次合法性认证和第二次合法性认证;其中,第一次合法性认证在安全操作系统中的安全监控任务中执行,第二次合法性认证在安全操作系统中的主控任务中执行;其中,安全操作系统中主控任务处于就绪或执行状态,该任务通过安全监控任务传递的参数,创建相应的安全任务,完成用户需要的安全操作。安全监控任务还负责安全操作系统和非安全操作系统之间的通信和切换,非安全操作系统和安全操作系统都可以通过执行一条特殊的指令,如ARM的安全监控调用(SMC,SecureMonitorCall)指令跳转到安全监控任务,所述SMC指令的参数一和参数二用来保存非安全操作系统向安全操作系统传递的参数。In this step, the legitimacy authentication includes: the first legitimacy authentication and the second legitimacy authentication; wherein, the first legitimacy authentication is performed in the safety monitoring task in the security operating system, and the second legitimacy authentication Security authentication is performed in the main control task in the security operating system; among them, the main control task in the security operating system is in the ready or execution state, and this task creates a corresponding security task through the parameters passed by the security monitoring task to complete the security required by the user. operate. The security monitoring task is also responsible for the communication and switching between the secure operating system and the non-secure operating system. Both the non-secure operating system and the secure operating system can execute a special instruction, such as ARM's security monitoring call (SMC, SecureMonitorCall) instruction jump Turning to the safety monitoring task, parameter 1 and parameter 2 of the SMC instruction are used to save the parameters transmitted from the non-safety operating system to the safe operating system.

具体的,接收到所述携带了参数一和参数二的第二数据安全存取请求的安全监控任务对所述第二数据安全存取请求进行第一次合法性认证,所述第一次合法性认证,包括:Specifically, the security monitoring task that receives the second data security access request carrying parameter 1 and parameter 2 performs the first legitimacy authentication on the second data security access request, and the first Secondary legality verification, including:

安全监控任务判断所述第二数据安全存取请求中是否携带验证码MAGIC_NS(即参数二),如果是,则确定所述第二数据安全存取请求第一次合法性认证成功;如果否,则确定所述第二数据安全存取请求第一次合法性失败。The security monitoring task judges whether the verification code MAGIC_NS (i.e. parameter 2) is carried in the second data security access request, and if yes, then determines that the first legitimacy authentication of the second data security access request is successful; if not , it is determined that the second data security access request fails legally for the first time.

当第一次合法性认证失败,向非安全操作系统返回错误信息,不再执行后续操作;When the first legitimacy authentication fails, an error message is returned to the non-secure operating system, and no subsequent operations are performed;

当第一次合法性认证成功时,所述安全操作系统中的安全监控任务将所述第二数据安全存取请求中的参数一发送给安全操作系统中的主控任务;之后,进行第二次合法性认证,所述第二次合法性认证,包括:所述主控任务对所述参数一中的各个参数的合法性进行认证(也即,判断参数一中各个参数包括任务标识、操作标识的取值是否为合法取值,判断数据存取信息中的文件名及存储或提取路径是否正确),当所述参数一中各个参数均合法时,第二次合法性认证成功,否则,第二次合法性认证失败。When the first legitimacy authentication is successful, the security monitoring task in the secure operating system sends the parameter one in the second data security access request to the master control task in the secure operating system; after that, perform the second The second legitimacy authentication, the second legitimacy authentication includes: the main control task authenticates the legitimacy of each parameter in the parameter one (that is, it is judged that each parameter in the parameter one includes a task Whether the value of the identification and the operation identification is a legal value, judge whether the file name and the storage or extraction path in the data access information are correct), when each parameter in the parameter one is legal, the second legitimacy authentication Success, otherwise, the second legitimacy verification fails.

当第二次合法性认证失败时,主控任务向非安全操作系统返回错误信息,不再进行后续操作;When the second legitimacy authentication fails, the main control task returns an error message to the non-secure operating system, and no subsequent operations are performed;

当第二次合法性认证成功时,主控任务指示安全操作系统中的安全存取任务根据所述第二数据安全存取请求执行数据安全存取操作。When the second legitimacy authentication succeeds, the main control task instructs the security access task in the security operating system to perform a data security access operation according to the second data security access request.

具体的,安全存取任务根据所述第二数据安全存取请求执行数据安全存取操作,包括:Specifically, the security access task performs a data security access operation according to the second data security access request, including:

当所述第二数据安全存取请求为数据安全存储请求时,安全存取任务执行以下操作:将已经存储在非安全内存中的待存储数据复制到安全内存,在安全内存中对待存储数据进行加密操作,将加密后的待存储数据写入安全存储器;When the second data security access request is a data security storage request, the security access task performs the following operations: copy the data to be stored that has been stored in the non-secure memory to the security memory, and store the data to be stored in the security memory Encryption operation, writing the encrypted data to be stored into the safe memory;

当所述第二数据安全存取请求为数据安全提取请求时,安全存取任务执行以下操作:将待提取数据从安全存储器读到安全内存;在安全内存中对待提取数据进行解密操作;将解密后的待提取数据复制到非安全内存。When the second data security access request is a data security extraction request, the security access task performs the following operations: read the data to be extracted from the security storage to the security memory; perform a decryption operation on the data to be extracted in the security memory; The final data to be extracted is copied to non-secure memory.

对待存储数据进行加密的算法以及对待提取数据进行解密的算法可以根据实际需要进行选择,这里不作限制。The algorithm for encrypting the data to be stored and the algorithm for decrypting the data to be extracted can be selected according to actual needs, and there is no limitation here.

当数据安全存储或数据安全提取操作执行完毕后,还需要进行以下操作,确保数据安全存取流程的安全性:After the data security storage or data security extraction operation is completed, the following operations need to be performed to ensure the security of the data security access process:

安全存取任务生成数据安全存取结果并发送给安全监控任务,所述数据安全存取结果包括:参数三和参数四;其中参数三包括数据安全存取是否成功的指示消息,参数四为验证码MAGIC_SECURE,该验证码是安全存取任务与安全监控任务事先约定的用于安全存取任务向安全监控任务进行合法性认证的验证码。The security access task generates a data security access result and sends it to the security monitoring task. The data security access result includes: parameter 3 and parameter 4; where parameter 3 includes an indication message whether the data security access is successful, see Number four is the verification code MAGIC_SECURE, which is a verification code agreed in advance between the security access task and the security monitoring task, and is used for the security access task to verify the validity of the security monitoring task.

接收到数据安全存取结果之后,安全监控任务判断数据安全存取结果中的参数四的值是否是MAGIC_SECURE,如果是,则安全监控任务对安全存取任务所发送的数据安全存取结果的合法性验证成功,此时,保存安全操作系统上下文,恢复非安全系统上下文,数据安全存取流程结束;如果否,安全监控任务对安全存取任务所发送的数据安全存取结果的合法性验证不成功,此时,安全监控任务本地保存错误信息,并向非安全操作系统返回处理失败的结果,数据安全存取流程结束。After receiving the data security access result, the security monitoring task judges whether the value of parameter 4 in the data security access result is MAGIC_SECURE. The legality verification is successful. At this time, save the secure operating system context, restore the non-secure system context, and the data security access process ends; if not, the security monitoring task verifies the legality of the data security access result sent by the security access task Unsuccessful, at this time, the security monitoring task saves the error information locally, and returns the result of processing failure to the non-secure operating system, and the data security access process ends.

实施例二Embodiment two

本发明实施例二提供了一种数据安全存取装置,位于终端上,如图2所示,所述装置包括:非安全操作系统21和安全操作系统22;其中,Embodiment 2 of the present invention provides a data security access device located on a terminal, as shown in FIG. 2 , the device includes: a non-secure operating system 21 and a secure operating system 22; wherein,

所述非安全操作系统21,用于接收第一数据安全存取请求;并根据所述第一数据安全存取请求生成第二数据安全存取请求之后,将所述第二数据安全存取请求发送给安全操作系统22;The non-secure operating system 21 is configured to receive a first data security access request; and after generating a second data security access request according to the first data security access request, send the second data security access request to Send to the security operating system 22;

所述安全操作系统22,用于对所述第二数据安全存取请求进行合法性认证,当合法性认证成功时,根据所述第二数据安全存取请求执行数据安全存取操作。The secure operating system 22 is configured to perform legality authentication on the second data security access request, and execute a data security access operation according to the second data security access request when the legality authentication is successful.

其中,非安全操作系统21,运行在处理器的非安全状态(例如,支持TrustZone安全方法的ARM处理器包括两种状态:安全状态和非安全状态),只能访问非安全硬件(即,非安全存储器、非安全内存)。例如:运行在当前智能终端上的主流操作系统Android,它用来满足用户在智能终端上多样的应用需求,由于该系统是开源、免费的,用户可以浏览网页、安装各种应用程序,所以系统的安全性不高,可能受到病毒或木马的攻击,导致安全数据的泄露或破坏。Wherein, the non-secure operating system 21 runs in the non-secure state of the processor (for example, the ARM processor supporting the TrustZone security method includes two states: a secure state and a non-secure state), and can only access non-secure hardware (that is, non-secure secure memory, non-secure memory). For example: Android, the mainstream operating system running on current smart terminals, is used to meet the various application needs of users on smart terminals. Since the system is open source and free, users can browse the web and install various applications, so the system The security is not high, and may be attacked by viruses or Trojan horses, resulting in the disclosure or destruction of security data.

安全操作系统22运行在处理器的安全状态,可以访问安全硬件(即,安全存储器26、安全内存25),也可以访问非安全硬件中的非安全内存23,专门用来处理安全级别高的任务,如存储与提取安全数据、安全数据的加解密、数字版权管理、VPN管理等。它是精简、稳定的操作系统,安全操作系统中运行的安全任务是串行执行的,调度策略是非抢占式的,提高了系统内部的安全性和稳定性。主控任务模块2203中运行的主控任务处于就绪或执行状态,该任务通过安全监控任务模块2202中安全监控任务2202传递的参数,创建相应的安全任务,完成用户需要的安全操作。安全应用需经过安全认证才能安装到该系统中,保证了安全操作系统的外部安全性。安全存取任务模块中运行着安全侧存取任务。安全监控任务模块,还负责安全操作系统22和非安全操作系统21之间的通信和切换,非安全操作系统21和安全操作系统22都可以通过执行一条特殊的指令,如ARM的SMC指令跳转到安全监控任务,SMC指令的参数一和参数二用来保存非安全操作系统向安全操作系统传递的参数。The secure operating system 22 runs in the secure state of the processor, can access secure hardware (i.e., secure memory 26, secure memory 25), and can also access non-secure memory 23 in non-secure hardware, and is specially used to process tasks with high security levels , such as storage and extraction of security data, encryption and decryption of security data, digital rights management, VPN management, etc. It is a streamlined and stable operating system. The security tasks running in the secure operating system are executed serially, and the scheduling policy is non-preemptive, which improves the security and stability of the system. The main control task running in the main control task module 2203 is in the ready or execution state. This task creates a corresponding security task through the parameters passed by the security monitoring task 2202 in the security monitoring task module 2202 to complete the security operation required by the user. Safety applications can only be installed in the system after safety certification, which ensures the external safety of the safety operating system. The security side access task is running in the security access task module. The safety monitoring task module is also responsible for communication and switching between the safety operating system 22 and the non-safety operating system 21. Both the non-safety operating system 21 and the safety operating system 22 can jump by executing a special instruction, such as the SMC instruction of ARM For the security monitoring task, parameter 1 and parameter 2 of the SMC command are used to save the parameters transmitted from the non-secure operating system to the secure operating system.

具体的,当第一数据安全存取请求为数据安全存储请求时,所述第一数据安全存取请求中包括以下数据存取信息:待存储数据的文件名、及其存储路径,Specifically, when the first data security access request is a data security storage request, the first data security access request includes the following data access information: the file name of the data to be stored and its storage path,

当第一数据安全存取请求为数据安全提取请求时,所述第一数据安全存取请求中包括以下数据存取信息:待提取数据的文件名及其提取路径。When the first data security access request is a data security extraction request, the first data security access request includes the following data access information: the file name of the data to be extracted and its extraction path.

进一步的,所述装置还包括:非安全内存23、非安全存储器24、安全内存25及安全存储器26,分别用于存储数据,包括安全数据和非安全数据;其中,安全存储器和非安全存储器均由存储器控制器控制实现;安全内存和非安全内存均由内存控制器控制实现。Further, the device also includes: a non-secure memory 23, a non-secure memory 24, a secure memory 25, and a secure memory 26, which are respectively used to store data, including secure data and non-secure data; wherein, both the secure memory and the non-secure memory It is realized by the control of the memory controller; both the secure memory and the non-secure memory are controlled and realized by the memory controller.

具体的,所述非安全操作系统21包括非安全存取任务模块2101用于将待存储的数据从非安全存储器24中读到非安全内存23中。Specifically, the non-secure operating system 21 includes a non-secure access task module 2101 for reading data to be stored from the non-secure memory 24 into the non-secure memory 23 .

所述非安全存取任务模块2101,还用于将以下参数一和参数二携带在所述第一数据安全存取请求中,生成第二数据安全存取请求:The non-secure access task module 2101 is further configured to include the following parameter 1 and parameter 2 in the first data security access request to generate a second data security access request:

其中,参数一包括任务标识、操作标识、数据存取信息,参数二包括验证码MAGIC_NS。Among them, parameter one includes task identifier, operation identifier, and data access information, and parameter two includes verification code MAGIC_NS.

具体的,所述合法性认证包括:第一次合法性认证和第二次合法性认证。Specifically, the legality certification includes: the first legality certification and the second legality certification.

所述安全操作系统22,包括安全监控任务模块2202和主控任务模块2203;其中,The safety operating system 22 includes a safety monitoring task module 2202 and a main control task module 2203; wherein,

所述安全监控任务模块2202,用于接收非安全操作系统发送的第二数据安全存取请求,并通过以下方式对所述数据安全存取请求进行第一次合法性认证:安全监控任务模块2202判断所述第二数据安全存取请求中是否携带验证码MAGIC_NS,如果是,则确定所述第二数据安全存取请求第一次合法性认证成功;如果否,则确定所述第二数据安全存取请求第一次合法性失败;The security monitoring task module 2202 is configured to receive the second data security access request sent by the non-secure operating system, and perform the first legitimacy authentication on the data security access request in the following manner: security monitoring task module 2202 Judging whether the second data security access request carries a verification code MAGIC_NS, if yes, then determining that the second data security access request is successfully authenticated for the first time; if not, then determining that the second data security access request is successful; The first legitimacy of the access request fails;

所述主控任务模块2203,用于通过以下方式对所述第二数据安全存取请求进行第二次合法性认证:主控任务模块2203判断第二数据安全存取请求中参数一的各个参数是否合法,当所述参数一中各个参数均合法时,第二次合法性认证成功,否则,第二次合法性认证失败。The main control task module 2203 is configured to perform a second legitimacy authentication on the second data security access request in the following manner: the main control task module 2203 judges whether each parameter 1 in the second data security access request Whether the parameters are legal, when all the parameters in the first parameter are legal, the second legitimacy verification succeeds, otherwise, the second legitimacy verification fails.

进一步的,安全操作系统还包括:安全存取任务模块2201,Further, the secure operating system also includes: a secure access task module 2201,

其中,用于通过以下方式执行数据安全存取操作:Among them, it is used to perform data security access operations in the following ways:

当所述第二数据安全存取请求为数据安全存储请求时,安全存取任务模块2201执行以下操作:将已经存储在非安全内存23中的待存储数据复制到安全内存25,在安全内存25中对待存储数据进行加密操作,将加密后的待存储数据写入安全存储器26;When the second data security access request is a data security storage request, the security access task module 2201 performs the following operations: copy the data to be stored that has been stored in the non-secure memory 23 to the secure memory 25, and store the data in the secure memory 25 The data to be stored is encrypted, and the encrypted data to be stored is written into the safety memory 26;

当所述第二数据安全存取请求为数据安全提取请求时,安全存取任务模块2201执行以下操作:将待提取数据从安全存储器26读到安全内存25;在安全内存25中对待提取数据进行解密操作;将解密后的待提取数据复制到非安全内存23。When the second data security access request is a data security extraction request, the security access task module 2201 performs the following operations: read the data to be extracted from the security storage 26 to the security memory 25; Decryption operation: copy the decrypted data to be extracted to the non-secure memory 23 .

进一步的,所述非安全操作系统21还包括非安全侧文件系统2102和非安全侧底层驱动2103,用于实现非安全操作系统中的数据存取操作;Further, the non-safe operating system 21 also includes a non-safe side file system 2102 and a non-safe side underlying driver 2103, which are used to implement data access operations in the non-safe operating system;

所述安全操作系统22还包括安全侧文件系统2204及安全侧底层驱动2205,用于实现安全操作系统中的数据存取操作。The secure operating system 22 also includes a secure-side file system 2204 and a secure-side underlying driver 2205 for implementing data access operations in the secure operating system.

进一步的,所述安全存取任务模块2201还用于生成数据安全存取结果并发送给安全监控任务模块2202,所述数据安全存取结果包括:参数三和参数四;其中,参数三包括数据安全存取是否成功的指示消息,参数四为验证码MAGIC_SECURE;Further, the secure access task module 2201 is also used to generate a data security access result and send it to the security monitoring task module 2202, the data security access result includes: parameter three and parameter four; wherein, parameter The third includes the indication message whether the data security access is successful, and the fourth parameter is the verification code MAGIC_SECURE;

所述安全监控任务模块2202,还用于通过以下方式对数据安全存取结果的合法性进行验证:The security monitoring task module 2202 is also used to verify the legitimacy of data security access results in the following manner:

安全监控任务模块2202判断数据安全存取结果中的参数四的值是否是MAGIC_SECURE,如果是,则安全监控任务模块2202对安全存取任务模块2201所发送的数据安全存取结果的合法性验证成功;如果否,安全监控任务模块2202对安全存取任务模块2201所发送的数据安全存取结果的合法性验证不成功。The security monitoring task module 2202 judges whether the value of parameter 4 in the data security access result is MAGIC_SECURE, if yes, then the security monitoring task module 2202 verifies the legitimacy of the data security access result sent by the security access task module 2201 If not, the security monitoring task module 2202 fails to verify the legality of the data security access result sent by the security access task module 2201.

下面通过具体示例,对本发明实施例所述方法作以下详细介绍。The method described in the embodiment of the present invention will be described in detail below through specific examples.

本发明实施例提供的数据安全存储方法,在实际实现中,从整体上看,如图3所示,主要包括以下几个步骤:The data security storage method provided by the embodiment of the present invention, in actual implementation, on the whole, as shown in Figure 3, mainly includes the following steps:

301:非安全侧数据存储任务启动;301: The non-safe side data storage task starts;

302:选择需存储的数据;302: Select the data to be stored;

303:将需存储的数据从非安全存储器读到非安全内存;303: Read the data to be stored from the non-secure memory to the non-secure memory;

304:准备好存储任务相关参数并切换到安全操作系统;304: Prepare to store task-related parameters and switch to a safe operating system;

305:安全侧判断存储任务相关参数是否合法;合法时,转至步骤307继续执行;当不合法时,转至步骤306继续执行;305: The security side judges whether the parameters related to the storage task are legal; if legal, go to step 307 to continue execution; if not legal, go to step 306 to continue execution;

306:向非安全侧返回错误信息,并跳出当前流程;306: Return an error message to the non-secure side and jump out of the current process;

307:安全侧存储任务启动;307: The security side storage task starts;

308:指示用户输入密码,并接收用户发送的密码;308: Instruct the user to enter a password, and receive the password sent by the user;

309:判断密码是否合法;当不合法时,转至步骤310;当合法时,转至步骤311;309: Determine whether the password is legal; if not, go to step 310; if legal, go to step 311;

310:向非安全侧返回错误信息,并跳出当前流程;310: return an error message to the non-secure side, and jump out of the current process;

311:执行数据安全存储流程;311: Execute the data security storage process;

具体的,该流程包括:将非安全内存中的文件复制到安全内存、将安全内存中的文件加密、将文件写到安全存储器、存储成功并返回非安全系统。Specifically, the process includes: copying the files in the non-secure memory to the secure memory, encrypting the files in the secure memory, writing the files to the secure memory, storing them successfully and returning to the non-secure system.

本发明实施例提供的数据安全提取方法,在实际实现中,从整体上看,如图4所示,主要包括以下几个步骤:The data security extraction method provided by the embodiment of the present invention, in actual implementation, on the whole, as shown in Figure 4, mainly includes the following steps:

401:非安全侧数据提取任务启动;401: The non-safe side data extraction task starts;

402:准备好数据提取任务相关参数并切换到安全操作系统;402: Prepare relevant parameters of the data extraction task and switch to a safe operating system;

403:判断所述数据提取任务相关参数是否合法;当不合法时,转至步骤304继续执行;合法时,转至步骤405继续执行;403: Judging whether the relevant parameters of the data extraction task are legal; if not legal, go to step 304 to continue execution; if legal, go to step 405 to continue execution;

404:向非安全侧返回错误信息,并跳出当前流程;404: Return an error message to the non-secure side and jump out of the current process;

405:安全侧安全数据提取任务启动;405: The security side security data extraction task starts;

406:指示用户输入密码;并接收用户发送的密码;406: Instruct the user to enter a password; and receive the password sent by the user;

407:判断密码是否合法;当不合法时,转至步骤408;当合法时,转至步骤409;407: Judging whether the password is legal; when not legal, go to step 408; when legal, go to step 409;

408:向非安全侧返回错误信息,并跳出当前流程;408: Return an error message to the non-secure side and jump out of the current process;

409:执行数据安全提取流程;409: Execute the data security extraction process;

具体的,所述数据安全提取流程包括:将文件从安全存储器读到安全内存、将安全内存中的文件解密、将安全内存中的文件复制到非安全内存、准备参数并返回非安全操作系统、非安全侧存储任务启动、选择存储路径、将文件从非安全内存写入非安全存储器;Specifically, the data security extraction process includes: reading files from the secure memory to the secure memory, decrypting the files in the secure memory, copying the files in the secure memory to the non-secure memory, preparing parameters and returning to the non-secure operating system, Start the storage task on the non-secure side, select the storage path, and write files from the non-secure memory to the non-secure memory;

执行完以上流程后,数据安全提取流程成功。After the above process is executed, the data security extraction process is successful.

下面以数据安全存储流程为例,对本发明实施例提供的数据安全存取方法作以下详细介绍;Taking the data security storage process as an example, the data security access method provided by the embodiment of the present invention is introduced in detail below;

该示例包括以下步骤:This example includes the following steps:

步骤501:处理器启动安全操作系统和非安全操作系统;Step 501: the processor starts a secure operating system and a non-secure operating system;

具体的,终端上电时,处理器处于安全状态,首先启动安全操作系统;安全操作系统初始化,创建主控任务并执行;初始化非安全操作系统上下文,并切换到安全监控任务;安全监控保存安全操作系统上下文,恢复非安全操作系统上下文,启动非安全操作系统;非安全操作系统初始化,之后,系统正常运行;Specifically, when the terminal is powered on, the processor is in a secure state, and the secure operating system is first started; the secure operating system is initialized, the main control task is created and executed; the non-secure operating system context is initialized, and switched to the security monitoring task; the security monitoring saves the security The operating system context restores the non-secure operating system context and starts the non-secure operating system; the non-secure operating system is initialized, and then the system runs normally;

步骤502:用户发起安全存储请求;Step 502: The user initiates a secure storage request;

具体的,用户打开终端中的安全存储应用程序,选择待存储的文件,并选择存储路径,点击相应用于发起存储请求按钮;Specifically, the user opens the secure storage application program in the terminal, selects the file to be stored, selects the storage path, and clicks the corresponding button for initiating a storage request;

步骤503:非安全存储器中的非安全存取任务响应用户的存储请求;Step 503: the non-secure access task in the non-secure memory responds to the storage request of the user;

具体的,非安全存取任务从用户发起的存储请求中获取存储信息:待存储的文件的文件名及存储路径;Specifically, the non-secure access task obtains storage information from the storage request initiated by the user: the file name and storage path of the file to be stored;

步骤504:非安全存取任务如果是存储请求,将非安全存储器中待存储的文件读到非安全内存中,然后,非安全存取任务准备好SMC指令参数,切换到安全监控;具体的,将安全存储命令(包含任务标识:SECURE_SOURCE、操作标识:SECURE_SAVE、文件参数)的地址存放到SMC指令的参数1中,用于后续步骤中,安全操作系统中安全存取任务执行数据存取操作时使用;将验证码MAGIC_NS存放到SMC指令的参数2中,用于安全监控验证SMC指令的合法性;之后,切换到安全监控任务;Step 504: If the non-secure access task is a storage request, read the file to be stored in the non-secure memory into the non-secure memory, and then, the non-secure access task prepares the SMC instruction parameters and switches to safety monitoring; specifically, Store the address of the secure storage command (including task ID: SECURE_SOURCE, operation ID: SECURE_SAVE, file parameters) in parameter 1 of the SMC command, for subsequent steps, when the security access task in the security operating system performs data access operations Use; store the verification code MAGIC_NS in the parameter 2 of the SMC command for security monitoring to verify the legitimacy of the SMC command; after that, switch to the security monitoring task;

步骤505:安全监控任务验证SMC指令中参数的合法性;Step 505: the security monitoring task verifies the legitimacy of the parameters in the SMC command;

具体的,安全监控任务首先检查SMC指令中参数2的值是否是MAGIC_NS,若不是,SMC参数验证失败,将错误信息保存到CMD中,返回到非安全操作系统处理失败的结果,此步骤结束;若是,SMC参数验证成功,保存SMC指令的参数1的值到指定的全局变量para_cmd中,发送给安全操作系统的主控任务,并保存非安全上下文,恢复安全上下文,此步骤结束;Specifically, the safety monitoring task first checks whether the value of parameter 2 in the SMC command is MAGIC_NS, if not, the SMC parameter verification fails, the error information is saved in the CMD, and the result of the non-safe operating system processing failure is returned, and this step ends; If so, the SMC parameter verification is successful, save the value of parameter 1 of the SMC command to the specified global variable para_cmd, send it to the main control task of the security operating system, and save the non-security context, restore the security context, and this step ends;

步骤506:主控任务获取安全监控任务传递的para_cmd参数,验证参数的合法性;Step 506: the main control task obtains the para_cmd parameter passed by the security monitoring task, and verifies the legitimacy of the parameter;

具体的,主控任务验证para_cmd参数的合法性,具体为验证任务标识、操作标识和文件参数的取值是否符合要求,即,确定para_cmd参数是否为合法的取值,若各参数均合法,根据CMD中的任务标识SECURE_SOURCE创建安全存取任务,此步骤结束;否则,para_cmd参数验证失败,将错误信息保存到CMD中,切换到安全监控,返回非安全操作系统处理失败的结果,此步骤结束;Specifically, the main control task verifies the validity of the para_cmd parameter, specifically to verify whether the values of the task ID, operation ID, and file parameters meet the requirements, that is, to determine whether the para_cmd parameter is a legal value, if all parameters are legal, according to The task identifier SECURE_SOURCE in the CMD creates a secure access task, and this step ends; otherwise, the verification of the para_cmd parameter fails, and the error information is saved in the CMD, switching to security monitoring, returning the result of the non-secure operating system processing failure, and this step ends;

步骤507:安全存取任务运行;Step 507: safe access task running;

步骤508:对用户进行身份认证;Step 508: Authenticate the identity of the user;

具体的,指示用户需输入密码(初次使用数据安全存取功能时,需设置初始密码),验证密码合法性;用于安全文件的存储或提取;Specifically, instruct the user to enter a password (the initial password needs to be set when using the data security access function for the first time) to verify the legitimacy of the password; it is used for storing or extracting secure files;

即,确定用户输入的密码是否为本地保存的密码;如果是,则用户身份认证成功,如果否,则用户身份认证失败;That is, determine whether the password entered by the user is a locally saved password; if yes, the user authentication is successful; if not, the user authentication fails;

首次使用时,用户设置初始密码后,直接登录系统执行数据安全存取操作;安全存取任务加密用户设置的初始密码并保存于本地,用于用户下次发起数据存储或提取请求时,验证用户身份。When using it for the first time, after setting the initial password, the user directly logs in to the system to perform data security access operations; the security access task encrypts the initial password set by the user and saves it locally, which is used to verify the user when the user initiates a data storage or retrieval request next time identity.

步骤509:用户选择待存储文件的存储路径,并点击确认;Step 509: the user selects the storage path of the file to be stored, and clicks OK;

步骤510:安全存取任务从非安全内存中将待存储文件的加密存储到安全存储器中;Step 510: the secure access task stores the encryption of the file to be stored in the secure memory from the non-secure memory;

安全存取任务将非安全内存中的待存储文件的复制到安全内存,在安全内存中对待存储文件的进行加密操作,并将加密后的文件写入安全存储器;The safe access task copies the files to be stored in the non-safe memory to the safe memory, encrypts the files to be stored in the safe memory, and writes the encrypted files into the safe memory;

步骤511:安全存取任务将数据安全存储结果保存到SMC指令中,设置SMC参数,并切换到安全监控;Step 511: the safe access task saves the data safe storage result to the SMC instruction, sets the SMC parameter, and switches to safety monitoring;

所述数据安全存储结果包括参数3和参数4:The data security storage result includes parameter 3 and parameter 4:

其中,参数3包括指示数据安全存储任务是否成功的信息,参数4包括验证码MAGIC_SECURE;Among them, parameter 3 includes information indicating whether the data security storage task is successful, and parameter 4 includes the verification code MAGIC_SECURE;

步骤512:安全监控验证SMC指令中参数的合法性;Step 512: Security monitoring verifies the legitimacy of the parameters in the SMC command;

检查SMC指令的参数2的值是否是MAGIC_SECURE,若不是,SMC参数验证失败,将错误信息保存到CMD中,回到安全操作系统处理失败的结果,此步骤结束;若是,SMC参数验证成功,保存安全操作系统上下文,恢复非安全系统上下文,此步骤结束;Check whether the value of parameter 2 of the SMC command is MAGIC_SECURE, if not, the SMC parameter verification fails, save the error information in CMD, and return to the result of the security operating system processing failure, this step is over; if it is, the SMC parameter verification is successful, save The safe operating system context restores the non-safe system context, and this step ends;

步骤513:非安全存取任务处理传回的参数,针对待存储文件的安全存储流程完成;Step 513: The parameters returned by the non-secure access task processing are completed for the secure storage process of the file to be stored;

存储任务完成后,非安全存取任务还可以切换到其他应用执行其它处理。After the storage task is completed, the non-secure access task can also be switched to other applications to perform other processing.

在具体实施过程中,上述非安全操作系统21和安全操作系统22、非安全存取任务模块2101、安全监控任务模块2202、主控任务模块2203、安全存取任务模块2201、非安全侧文件系统2102、非安全侧底层驱动2103安全侧文件系统2204及安全侧底层驱动2205可以由终端内的中央处理器(CPU,CentralProcessingUnit)、微处理器(MPU,MicroProcessingUnit)、数字信号处理器(DSP,DigitalSignalProcessor)或可编程逻辑阵列(FPGA,Field-ProgrammableGateArray)来实现。In the specific implementation process, the above-mentioned non-secure operating system 21 and secure operating system 22, non-secure access task module 2101, security monitoring task module 2202, main control task module 2203, secure access task module 2201, non-secure side file system 2102, non-safety side underlying driver 2103 security side file system 2204 and security side underlying driver 2205 can be controlled by a central processing unit (CPU, Central Processing Unit), a microprocessor (MPU, MicroProcessingUnit), a digital signal processor (DSP, DigitalSignalProcessor) in the terminal ) or programmable logic array (FPGA, Field-ProgrammableGateArray) to achieve.

本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用硬件实施例、软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器和光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) having computer-usable program code embodied therein.

本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.

以上所述,仅为本发明的较佳实施例而已,并非用于限定本发明的保护范围。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the protection scope of the present invention.

Claims (14)

1. A method for securing access to data, the method comprising:
the non-secure operating system receives a first data secure access request;
after the non-secure operating system generates a second data secure access request according to the first data secure access request, sending the second data secure access request to a secure operating system;
and the security operating system carries out validity authentication on the second data security access request, and executes data security access operation according to the second data security access request when the validity authentication is successful.
2. The method according to claim 1, wherein when the first data security access request is a data security storage request, the following data access information is included in the first data security access request: the file name of the data to be stored, and its storage path,
when the first data security access request is a data security extraction request, the first data security access request comprises the following data access information: and the file name and the extraction path of the data to be extracted.
3. The method of claim 2, wherein when the first data security access request is: when the data is requested to be stored safely, the method further comprises the following steps: and reading the data to be stored from the non-secure storage into the non-secure memory by a non-secure access task in the non-secure operating system.
4. The method of claim 3, wherein generating, by the non-secure operating system, a second data security access request based on the first data security access request comprises:
the non-secure access task in the non-secure operating system carries the following parameters I and II in the first data secure access request to generate a second data secure access request:
the first parameter includes task identifier, operation identifier and data access information, and the second parameter includes verification code MAGIC _ NS.
5. The method of claim 4, wherein the legitimacy authentication comprises: first legality authentication and second legality authentication; wherein the first validity authentication includes:
a security monitoring task in a security operating system judges whether the second data security access request carries a verification code MAGIC _ NS, if so, the first time of validity authentication of the second data security access request is determined to be successful; if not, determining that the first validity of the second data security access request fails;
the second legality authentication includes: and the master control task in the safe operating system judges whether each parameter in the first parameter is legal or not, when each parameter in the first parameter is legal, the second legality authentication is successful, and otherwise, the second legality authentication is failed.
6. The method of any of claims 1 to 5, wherein the secure operating system performs a data security access operation according to the second data security access request, comprising:
when the second data security access request is a data security storage request, the security access task executes the following operations: copying the data to be stored which is stored in the non-secure memory to the secure memory, carrying out encryption operation on the data to be stored in the secure memory, and writing the encrypted data to be stored into the secure memory;
when the second data security access request is a data security extraction request, the security access task executes the following operations: reading the data to be extracted from the secure memory to the secure memory; carrying out decryption operation on data to be extracted in a secure memory; and copying the decrypted data to be extracted to the non-secure memory.
7. The method of claim 6, wherein after the secure operating system performs the data security access operation according to the second data security access request, the method further comprises:
the safety access task in the safety operating system generates a data safety access result and sends the data safety access result to the safety monitoring task in the safety operating system, wherein the data safety access result comprises the following steps: a third parameter and a fourth parameter; wherein the third parameter includes an indication message indicating whether the data security access is successful, and the fourth parameter is an authentication code MAGIC _ SECURE;
the security monitoring task judges whether the value of the parameter four in the data security access result is MAGIC _ SECURE, if yes, the security monitoring task successfully verifies the validity of the data security access result sent by the security access task, and the data security access process is finished; if not, the safety monitoring task fails to verify the validity of the data safety access result sent by the safety access task, the safety monitoring task returns a processing failure result to the non-safety operating system, and the data safety access process is finished.
8. A data security access apparatus, the apparatus comprising: a non-secure operating system and a secure operating system; wherein,
the non-secure operating system is used for receiving a first data secure access request; after a second data security access request is generated according to the first data security access request, the second data security access request is sent to a security operating system;
and the safety operating system is used for carrying out validity authentication on the second data safety access request, and when the validity authentication is successful, executing data safety access operation according to the second data safety access request.
9. The apparatus of claim 8, wherein when the first data security access request is a data security storage request, the following data access information is included in the first data security access request: the file name of the data to be stored, and its storage path,
when the first data security access request is a data security extraction request, the first data security access request comprises the following data access information: and the file name and the extraction path of the data to be extracted.
10. The apparatus of claim 9, wherein the non-secure operating system comprises a non-secure access task module for reading data to be stored from the non-secure storage into the non-secure memory.
11. The apparatus according to claim 10, wherein the unsecure access task module is further configured to carry the following parameters one and two in the first data security access request, and generate a second data security access request:
the first parameter includes task identifier, operation identifier and data access information, and the second parameter includes verification code MAGIC _ NS.
12. The apparatus of claim 11, wherein the legitimacy authentication comprises: first legality authentication and second legality authentication;
the safety operating system comprises a safety monitoring task module and a main control task module; wherein,
the security monitoring task module is used for receiving a second data security access request sent by a non-security operating system and carrying out first validity authentication on the data security access request in the following way:
the security monitoring task module judges whether the second data security access request carries a verification code MAGIC _ NS or not, and if so, the first time of validity authentication of the second data security access request is determined to be successful; if not, determining that the first validity of the second data security access request fails;
the main control task module is used for performing second validity authentication on the second data security access request in the following way:
and the main control task module judges whether each parameter in the first parameter in the second data security access request is legal or not, when each parameter in the first parameter is legal, the second legality authentication is successful, and otherwise, the second legality authentication is failed.
13. The method of claim 12, wherein the secure operating system further comprises: the secure access task module is used for executing the data secure access operation in the following way:
when the second data security access request is a data security storage request, the security access task module executes the following operations: copying the data to be stored which is stored in the non-secure memory to the secure memory, carrying out encryption operation on the data to be stored in the secure memory, and writing the encrypted data to be stored into the secure memory;
when the second data security access request is a data security extraction request, the security access task module executes the following operations: reading the data to be extracted from the secure memory to the secure memory; carrying out decryption operation on data to be extracted in a secure memory; and copying the decrypted data to be extracted to the non-secure memory.
14. The apparatus according to claim 13, wherein the security access task module is further configured to generate a data security access result and send the data security access result to the security monitoring task module, and the data security access result includes: a third parameter and a fourth parameter; wherein the third parameter includes an indication message indicating whether the data security access is successful, and the fourth parameter is an authentication code MAGIC _ SECURE;
the security monitoring task module is also used for verifying the validity of the data security access result in the following way:
the safety monitoring task module judges whether the value of the parameter four in the data safety access result is MAGIC _ SECURE, if yes, the safety monitoring task module successfully verifies the validity of the data safety access result sent by the safety access task module; if not, the security monitoring task module fails to verify the validity of the data security access result sent by the security access task module.
CN201410834664.8A 2014-12-26 2014-12-26 Data security access method and apparatus Pending CN105787376A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201410834664.8A CN105787376A (en) 2014-12-26 2014-12-26 Data security access method and apparatus
PCT/CN2015/081962 WO2016101559A1 (en) 2014-12-26 2015-06-19 Secure data access method and device, and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410834664.8A CN105787376A (en) 2014-12-26 2014-12-26 Data security access method and apparatus

Publications (1)

Publication Number Publication Date
CN105787376A true CN105787376A (en) 2016-07-20

Family

ID=56149121

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410834664.8A Pending CN105787376A (en) 2014-12-26 2014-12-26 Data security access method and apparatus

Country Status (2)

Country Link
CN (1) CN105787376A (en)
WO (1) WO2016101559A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106897639A (en) * 2017-01-06 2017-06-27 奇酷互联网络科技(深圳)有限公司 The method and apparatus of mobile terminal and its safety verification
CN107168747A (en) * 2017-05-27 2017-09-15 努比亚技术有限公司 Differentiating method, device and the computer-readable recording medium of mobile terminal configuration
CN110933057A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110941835B (en) * 2018-09-25 2024-03-26 联想(上海)信息技术有限公司 Data processing method and electronic equipment
CN116361755A (en) * 2020-06-28 2023-06-30 支付宝(杭州)信息技术有限公司 App login verification method, device, equipment and storage medium
CN114611098A (en) * 2022-03-24 2022-06-10 联想(北京)有限公司 Information processing method and device and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010007128A1 (en) * 1999-12-22 2001-07-05 International Business Machines Corporation Security mechanism providing access control for locally-held data
CN101140605A (en) * 2007-10-24 2008-03-12 北京飞天诚信科技有限公司 Data safe reading method and safe storage device thereof
CN104077284A (en) * 2013-03-26 2014-10-01 中国移动通信集团湖北有限公司 Data security access method and data security access system
CN104091135A (en) * 2014-02-24 2014-10-08 电子科技大学 Intelligent terminal safety system and safety storage method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2448151B (en) * 2007-04-03 2011-05-04 Advanced Risc Mach Ltd Memory domain based security control within data processing systems
KR20130143263A (en) * 2012-06-21 2013-12-31 에스케이플래닛 주식회사 Method for authentication users using open id based on trusted platform, apparatus and system for the same
CN103714459A (en) * 2013-12-26 2014-04-09 电子科技大学 Secure payment system and method of intelligent terminal
CN104102876A (en) * 2014-07-17 2014-10-15 北京握奇智能科技有限公司 Device for safeguarding operational security of client side

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010007128A1 (en) * 1999-12-22 2001-07-05 International Business Machines Corporation Security mechanism providing access control for locally-held data
CN101140605A (en) * 2007-10-24 2008-03-12 北京飞天诚信科技有限公司 Data safe reading method and safe storage device thereof
CN104077284A (en) * 2013-03-26 2014-10-01 中国移动通信集团湖北有限公司 Data security access method and data security access system
CN104091135A (en) * 2014-02-24 2014-10-08 电子科技大学 Intelligent terminal safety system and safety storage method

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106897639A (en) * 2017-01-06 2017-06-27 奇酷互联网络科技(深圳)有限公司 The method and apparatus of mobile terminal and its safety verification
CN106897639B (en) * 2017-01-06 2020-12-22 奇酷互联网络科技(深圳)有限公司 Mobile terminal and security verification method and device thereof
CN107168747A (en) * 2017-05-27 2017-09-15 努比亚技术有限公司 Differentiating method, device and the computer-readable recording medium of mobile terminal configuration
CN107168747B (en) * 2017-05-27 2020-12-29 努比亚技术有限公司 Method and device for distinguishing mobile terminal configuration and computer readable storage medium
CN110933057A (en) * 2019-11-21 2020-03-27 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof
CN110933057B (en) * 2019-11-21 2021-11-23 深圳渊联技术有限公司 Internet of things security terminal and security control method thereof

Also Published As

Publication number Publication date
WO2016101559A1 (en) 2016-06-30

Similar Documents

Publication Publication Date Title
US9805210B2 (en) Encryption-based data access management
US11228421B1 (en) Secure secrets to mitigate against attacks on cryptographic systems
WO2020192406A1 (en) Method and apparatus for data storage and verification
CN102722670B (en) Mobile storage equipment-based file protection method, equipment and system
WO2019104988A1 (en) Plc security processing unit and bus arbitration method thereof
CN104794388B (en) application program access protection method and application program access protection device
KR100792287B1 (en) Security method using self-generated encryption key and applied security device
CN105787376A (en) Data security access method and apparatus
WO2017041603A1 (en) Data encryption method and apparatus, mobile terminal, and computer storage medium
CN102970139A (en) Data security validation method and device
KR20180013854A (en) System and method for verifying the integrity of electronic devices
US10771249B2 (en) Apparatus and method for providing secure execution environment for mobile cloud
WO2012174726A1 (en) Chip and safety protection method for chip
CN110390201A (en) Computer system and method for initializing computer system
CN114296873B (en) Virtual machine image protection method, related device, chip and electronic equipment
CN104794394B (en) A kind of virtual machine starts the method and device of verification
CN112148314B (en) Mirror image verification method, device and equipment of embedded system and storage medium
EP3338214B1 (en) Secure computation environment
US20170201528A1 (en) Method for providing trusted service based on secure area and apparatus using the same
WO2025246556A1 (en) Method and apparatus for booting server, and storage medium and electronic device
CN106656457A (en) Method, device and system for safe access of data based on VPN
CN104715208A (en) Platform integrity checking method based on TPM chip
CN109150811B (en) A method and device for realizing a trusted session, and a computing device
US20170262640A1 (en) Database operation method and device
CN115756515A (en) Method, device and equipment for verifying container software deployment permission and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160720