A startup method and device suitable for tee safety application examples

A security application and hosting technology, applied in computer security devices, instruments, computing, etc., can solve problems such as poor scalability of instance startup, failure of hash value verification, startup performance problems, etc., to improve memory utilization and ensure Integrity, the effect of reducing usage overhead

Active Publication Date: 2022-06-28
SHANGHAI JIAO TONG UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But its disadvantages are: the cost of hardware computing hash is high, hardware instructions can only perform hash update at the granularity of a single memory "page" (page) each time, and the hash algorithm can only be executed serially, any out-of-order acceleration may cause the hash value verification to fail
The disadvantage of this method is that the newly generated code segment needs to modify the page permissions of the memory, which still requires the participation of the hardware instruction set. The modification of the code segment permissions requires the hardware to update page by page (from readable and writable to Executable), the page-by-page update method results in poor instance startup scalability
Therefore, whether it is a hardware solution or a software solution, they all face the problem of startup performance caused by the limitation of "page" granularity

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A startup method and device suitable for tee safety application examples
  • A startup method and device suitable for tee safety application examples

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be described in detail below with reference to specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that, for those skilled in the art, several changes and improvements can be made without departing from the inventive concept. These all belong to the protection scope of the present invention.

[0031] A method suitable for TEE security application instance startup and verification. The method first divides existing TEE instances into two types. One maintains the characteristics of the original TEE instance, that is, the contents of all encrypted memory pages are not allowed to be shared. The generated instance hash remains unchanged during its life cycle, which we call the host instance; another instance is the plug-in instance proposed by the present invention, which still inherits the characteristics...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a starting method and device suitable for TEE safety application examples. This method divides the existing TEE instance into a host instance and a plug-in instance. The contents of all encrypted memory pages of the host instance are not allowed to be shared, and the generated instance hash remains unchanged during the life cycle. The plug-in instance The hash and content of the plugin are not allowed to be updated after initialization, but the plugin instance is allowed to be added to the host instance using hardware mapping primitives; the host instance reuses the plugin instance's content and hash to avoid lengthy startup time . Compared with the prior art, the present invention has the advantages of low start-up delay, low memory occupancy rate, and low runtime overhead, and simultaneously has good security sharing characteristics.

Description

technical field [0001] The present invention relates to a startup process of a trusted execution environment, and in particular, to a startup method and device suitable for a TEE security application instance. Background technique [0002] Among the hardware security technologies with trusted chips as the core, trusted execution environment technology is one of the important technologies. Trusted execution environment is a security sandbox isolation technology provided by hardware (usually a processor), which isolates the code of the data that the user cares about from the external environment, ensuring the integrity of the execution process and the confidentiality of computing data. sex. In recent years, with the rapid development of data security and privacy computing requirements, trusted execution environment technology has been used in cloud computing security, edge computing security and other fields. [0003] From the perspective of the protected objects, the protec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/53G06F21/57
CPCG06F21/53G06F21/572G06F21/575
Inventor 李明煜夏虞斌陈海波
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap