一种基于TrustZone的硬件密码资源主动发现与安全使用方法

doi:10.3969/j.issn.1671-1122.2020.08.006

信息网络安全 ›› 2020, Vol. 20 ›› Issue (8): 47-54.doi: 10.3969/j.issn.1671-1122.2020.08.006

一种基于TrustZone的硬件密码资源主动发现与安全使用方法

袁露¹, 黄辰林¹(), 李韵¹, 程华²

1.国防科技大学计算机学院,长沙 410073
2.数学工程与先进计算国家重点实验室,无锡 214083

收稿日期:2020-06-01 出版日期:2020-08-10 发布日期:2020-10-20
通讯作者: 黄辰林 E-mail:huangchenlin76@gmail.com
作者简介:袁露（1992—）,男,江西,硕士研究生,主要研究方向为系统安全|黄辰林（1976—）,男,辽宁,副研究员,博士,主要研究方向为系统安全、人工智能安全|李韵（1996—）,女,湖南,硕士研究生,主要研究方向为系统安全|程华（1976—）,女,安徽,研究员,博士,主要研究方向为操作系统和高性能计算
基金资助:
国家重点研发计划(2018YFB0803501)

An Active Discovering and Secure Using Method of Hardware Cryptographic Resources Based on TrustZone

YUAN Lu¹, HUANG Chenlin¹(), LI Yun¹, CHENG Hua²

1. Academy of Computer Science, National University of Defense Technology, Changsha 410073, China
2. State Key Laboratory of Mathematical Engineering and Advanced Computing, Wuxi 214083, China

Received:2020-06-01 Online:2020-08-10 Published:2020-10-20
Contact: HUANG Chenlin E-mail:huangchenlin76@gmail.com

摘要/Abstract

摘要：

为解决各类密码设备提供商各自为政、安全运维工作量大和安全应用开发不便的问题,研究者在操作系统层面建立了密码服务框架,以统一各类软硬件密码资源。然而,现有的密码服务框架一方面不具备对系统硬件密码资源主动发现和主动挂载的能力,仍然需要用户主动加载密码设备和将密码资源挂载到密码服务框架,然后才能在安全应用中调用;另一方面可能导致高密级的硬件密码设备被越权访问和使用。为解决上述问题,文章提出一种基于TrustZone的硬件密码资源主动发现与安全使用方法。通过TrustZone提供的安全隔离计算环境对密码服务框架进行扩展;通过与操作系统内核的互动,使得密码服务框架具备主动检测和安全加载系统硬件密码资源的能力。文章在飞腾FT-2000/4处理器平台上实现了原型系统,测试表明,文章所提出的方法能够成功实现硬件密码资源的主动发现和安全使用。

关键词: 密码服务框架, 硬件密码资源, 主动发现, 安全使用

Abstract:

In order to solve the problems that various cryptographic equipment providers are independent, the workload of security maintenance is large and the development of security applications is inconvenient, the researchers set up a cryptographic service framework at the operating system level to unify all kinds of hardware and software cryptographic resources. However, on the one hand, existing cryptographic service frameworks do not have the ability to actively discover and apply the hardware cryptographic resources, and users still need to manually load the cryptographic device and mount the cryptographic resources into the cryptographic service framework before they can be invoked and used in the security applications. On the other hand, high level security hardware cryptographic devices may be unauthorized accessed and used. In order to solve the above problems, this paper proposes a method of active discovery and secure use of hardware cryptographic resources based on TrustZone, which extends the cryptographic service framework through the secure isolation computing environment provided by TrustZone, and makes the cryptographic service framework have the ability to actively detect and securely load the system hardware cryptographic resources through the interaction with the operating system kernel. The prototype system is implemented on FT-2000/4 processer platform. The test results show that the proposed method can successfully realize the active discovery and secure use of hardware cryptographic resources.

Key words: cryptographic service framework, hardware cryptographic resource, active discovering, secure using

中图分类号:

TP309

袁露, 黄辰林, 李韵, 程华. 一种基于TrustZone的硬件密码资源主动发现与安全使用方法[J]. 信息网络安全, 2020, 20(8): 47-54.

YUAN Lu, HUANG Chenlin, LI Yun, CHENG Hua. An Active Discovering and Secure Using Method of Hardware Cryptographic Resources Based on TrustZone[J]. Netinfo Security, 2020, 20(8): 47-54.

图/表 8

图1

图2

图3

图4

图5

图6

表1

表2

参考文献 17

[1]	STINSON D R, PATERSON M. Cryptography: Theory and Practice[M]. Boca Raton: CRC Press, 2018.
[2]	LÜ Yao, LI Dongge. Interpretation and Impact Analysis of the Cryptography Law[J]. Cyberspace Security, 2019,10(11):74-78.
	吕尧, 李东格. 《密码法》解读及影响分析[J]. 网络空间安全, 2019,10(11):74-78.
[3]	PINTO S, SANTOS N. Demystifying Arm TrustZone: A Comprehensive Survey[J]. ACM Computing Surveys (CSUR), 2019,51(6):1-36.
[4]	LE A V, MATYAS S M, JOHNSON D B J, et al. A Public Key Extension to the Common Cryptographic Architecture[J]. IBM Systens Journal, 1993,32(3):461-485.
[5]	LIN A, BROWN R. The Application of Security Policy to Role-based Access Control and the Common Data Security Architecture[J]. Computer Communications, 2000,23(17):1584-1593. doi: 10.1016/S0140-3664(00)00244-9 URL
[6]	DELAUNE S, KREMER S, STEEL G. Formal analysis of PKCS# 11[C]// IEEE. 21st IEEE Computer Security Foundations Symposium, June 23-25, 2008, Pittsburgh, PA, USA. Piscataway: IEEE, 2008: 331-344.
[7]	TAN Anfen, JIANG Jianguo. A Case Analyse of Security Architecture[J]. Network Security Technology & Application, 2004,9:13.
	谭安芬, 姜建国. 安全体系架构的一个实例分析[J]. 网络安全技术与应用, 2004,9:13.
[8]	WANG Yuzhu, LÜ Shuwang, WANG Ting. Intel’s CDSA and Microsoft’s CAPI[J]. Application Research of Computers, 2001,18(5):72-74.
	王玉柱, 吕述望, 王挺. Intel的CDSA和Microsoft的CAPI[J]. 计算机应用研究, 2001,18(5):72-74.
[9]	MENG Zhimin, LIU Jun. Research and Implementation of Key Management Mechanism Based on PKCS11[J]. Computer Security, 2012(12):50-53.
	蒙智敏, 刘军. PKCS11 标准下的密钥管理方式研究与实现[J]. 计算机安全, 2012(12):50-53.
[10]	ZHAO Shijun, ZHANG Qianying, QIN Yu, et al. SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE[C]// ACM. The 2019 ACM SIGSAC Conference on Computer and Communications Security, November 11-15, 2019, London, UK. New York: ACM, 2019: 1723-1740.
[11]	SEBASTIAN D J, AGRAWAL U, TAMIMI A, et al. DER-TEE: Secure Distributed Energy Resource Operations through Trusted Execution Environments[J]. IEEE Internet of Things Journal, 2019,6(4):6476-6486.
[12]	RUBINOV K, ROSCULETE L, MITRA T, et al. Automated Partitioning of Android Applications for Trusted Execution Environments[C]// ACM. The 38th International Conference on Software Engineering (ICSE’16), May 14-22, 2016, Austin, TX, USA. New York: ACM, 2016: 923-934.
[13]	AZAB A M, NING P, SHAH J, et al. Hypervision Across Worlds: Real-time Kernel Protection from the Arm Trustzone Secure World[C]// ACM. The 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS’14), November 3-7, 2014, Scottsdale, Arizona, USA. New York: ACM, 2014: 90-102.
[14]	GE Xinyang, VIJAYAKUMAR H, JAEGER T. Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture[J]. Computer Science, 2014,25(6):1793-1795.
[15]	CHEN Haogang, MAO Yandong, WANG Xi, et al. Linux Kernel Vulnerabilities: State-of-the-art Defenses and Open Problems[C]// ACM. The Second Asia-Pacific Workshop on Systems (APSys’11), July 11-12, 2011, Shanghai, China. New York: ACM, 2014: 1-5.
[16]	GUO Hui, WANG Yongyi, PAN Zulie, et al. Research on Detecting Windows Vulnerabilities Based on Security Patch Comparison[C]// IEEE. Sixth International Conference on Instrumentation & Measurement, July 21-23, 2016, Harbin, China. Piscataway: IEEE, 2016: 366-369.
[17]	NEHAL A, AHLAWAT P. Securing IoT Applications with OP-TEE from Hardware Level OS[C]// IEEE. 3rd International Conference on Electronics, Communication and Aerospace Technology (ICECA), June 12-14, 2019, Coimbatore, India. Piscataway: IEEE, 2019: 1441-1444.

序列	测试项目	测试结果
1	管理员登录与退出	成功
2	非管理员试图登录密码服务框架	失败
3	对策略进行增删改操作	成功
4	设置冲突策略	失败并提示

序列	挂载策略	测试结果
1	只允许公开密码设备挂载到普通世界	符合预期
2	只允许公开和秘密级的密码设备挂载到普通世界	符合预期
3	允许所有设备挂载到普通世界	符合预期
4	不允许任何设备挂载到普通世界	符合预期
5	只允许机密级设备挂载到安全世界	符合预期
6	只允许机密级和秘密级设备挂载到安全世界	符合预期
7	允许任何设备挂载到安全世界	符合预期
8	不允许任何设备挂载到安全世界	符合预期
9	普通世界只能挂载公开密码设备、安全世界只能挂载秘密级以上设备	符合预期

一种基于TrustZone的硬件密码资源主动发现与安全使用方法

An Active Discovering and Secure Using Method of Hardware Cryptographic Resources Based on TrustZone

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 8

参考文献 17

相关文章 15

编辑推荐

Metrics

本文评价

[1]	陆佳丽. 基于改进时间序列模型的日志异常检测方法[J]. 信息网络安全, 2020, 20(9): 1-5.
[2]	沈金伟, 赵一, 梁春林, 张萍. 基于循环分组的RFID群组标签所有权转移协议[J]. 信息网络安全, 2020, 20(9): 102-106.
[3]	周枝凝, 王斌君, 翟一鸣, 仝鑫. 基于ALBERT动态词向量的垃圾邮件过滤模型[J]. 信息网络安全, 2020, 20(9): 107-111.
[4]	韩磊, 陈武平, 曾志强, 曾颖明. 区块链层级网络结构与应用研究[J]. 信息网络安全, 2020, 20(9): 112-116.
[5]	李桥, 龙春, 魏金侠, 赵静. 一种基于LMDR和CNN的混合入侵检测模型[J]. 信息网络安全, 2020, 20(9): 117-121.
[6]	仝鑫, 王罗娜, 王润正, 王靖亚. 面向中文文本分类的词级对抗样本生成方法[J]. 信息网络安全, 2020, 20(9): 12-16.
[7]	黄娜, 何泾沙, 吴亚飚, 李建国. 基于LSTM回归模型的内部威胁检测方法[J]. 信息网络安全, 2020, 20(9): 17-21.
[8]	张润滋, 刘文懋, 尤扬, 解烽. AISecOps自动化能力分级与技术趋势研究[J]. 信息网络安全, 2020, 20(9): 22-26.
[9]	毋泽南, 田立勤, 陈楠. 基于随机Petri网的系统安全性量化分析研究[J]. 信息网络安全, 2020, 20(9): 27-31.
[10]	徐瑜, 周游, 林璐, 张聪. 无监督机器学习在游戏反欺诈领域的应用研究[J]. 信息网络安全, 2020, 20(9): 32-36.
[11]	徐绘凯, 刘跃, 马振邦, 段海新. MQTT安全大规模测量研究[J]. 信息网络安全, 2020, 20(9): 37-41.
[12]	刘大恒, 李红灵. QR码网络钓鱼检测研究[J]. 信息网络安全, 2020, 20(9): 42-46.
[13]	汪金苗, 谢永恒, 王国威, 李易庭. 基于属性基加密的区块链隐私保护与访问控制方法[J]. 信息网络安全, 2020, 20(9): 47-51.
[14]	曾颖明, 王斌, 郭敏. 基于群体智能的网络安全协同防御技术研究[J]. 信息网络安全, 2020, 20(9): 52-56.
[15]	李世斌, 李婧, 唐刚, 李艺. 基于HMM的工业控制系统网络安全状态预测与风险评估方法[J]. 信息网络安全, 2020, 20(9): 57-61.