Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method for realizing application program safety certification based on CPU space-time isolating mechanism

An application and security authentication technology, applied in computer security devices, program/content distribution protection, instruments, etc., can solve problems such as poor timeliness, tampering, etc., to ensure validity, high isolation, and reduce key leakage problems. Effect

Active Publication Date: 2017-06-09
中软信息系统工程有限公司
View PDF7 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the above problems, the present invention designs a method for realizing application security authentication based on the CPU space-time isolation mechanism, and provides hardware-level root of trust and strong security authentication for it through security enhancement of the execution flow of the application startup process, effectively Solve the problems of key tampering and poor timeliness, and improve the security of computer terminals during application loading within a limited time loss

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing application program safety certification based on CPU space-time isolating mechanism
  • Method for realizing application program safety certification based on CPU space-time isolating mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] Such as Figure 1-2 As shown, a method for implementing application security authentication based on the CPU space-time isolation mechanism, including a signature process and an authentication process;

[0035] Among them, the signature process: each application of the secure operating system provider issues a set of public-private key pairs and X.509 certificates (called application certificates), and embeds the certificate number into the elf file header; The private key signs the elf binary file, and embeds the signature value into the extensible area of ​​the application certificate; in addition, the supplier uses its own private key to sign the application certificate and stores the signature value in the "issuer unique identifier" of the certificate Area, and store the hash value of the certificate to the secure operating system; the signing process generates two sets of important data - the application certificate and the certificate hash value, which provide sup...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for realizing application program safety certification based on a CPU space-time isolating mechanism. The method comprises the following steps: firstly, establishing a credible executing environment with an application program certification component, namely, a safety kernel; secondly, establishing a general running environment for executing an application program; lastly, constructing a safety monitor, switching context between two running environments and running in the CPU safety kernel. The method has the advantages that the hardware-level credible safety certification is supplied through an executing flow of a starting process of a safety enhancing application program; the problems of secret key falsifying and poor timeliness can be effectively solved; the safety of the computer terminal in an application program loading process is promoted within limited time consumption.

Description

technical field [0001] The invention relates to an application program security authentication method, in particular to a method for implementing application program security authentication based on a CPU time-space isolation mechanism, and belongs to the field of application program security authentication methods. Background technique [0002] In the long-term exploration and practice of information security, such a fact has gradually been recognized - more and more security attacks occur on computer terminals. Malicious programs take advantage of the vulnerability of computer terminals to destroy the integrity of applications (modify library files and binary files), run illegal (unauthenticated) programs, and then elevate permissions to achieve the purpose of destroying the system and stealing terminal information. In order to ensure the security of computer terminals, on the one hand, firewalls, intrusion detection and other security protection technologies are used to b...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/12G06F21/57
CPCG06F21/125G06F21/57
Inventor 王定健袁野吴伟夏常钧符兴斌李锁在孟亚平陶亮
Owner 中软信息系统工程有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com