A kind of processing method and relevant device of the trusted application based on more containers

文档序号：1772240 发布日期：2019-12-03 浏览：23次中文

阅读说明：本技术 一种基于多容器的可信应用程序的处理方法及相关设备 (A kind of processing method and relevant device of the trusted application based on more containers ) 是由季杰于 2018-05-25 设计创作，主要内容包括：本申请公开了一种基于多容器的可信应用程序的处理方法及相关设备,用于简化可信应用程序的开发和部署流程,提高了对可信应用程序的处理效率和可信执行环境的访问接口的安全性。本申请方法包括：终端通过安全计算容器对签名的安全计算单元进行完整性校验；若签名的安全计算单元通过完整性校验,则终端通过安全计算容器对签名的安全计算单元进行合法性校验并获取校验结果；若校验结果为合法的,则终端通过可信执行环境TEE或安全元件SE加载签名的安全计算单元并获取可信应用程序的安全计算结果。(This application discloses the processing methods and relevant device of a kind of trusted application based on more containers, for simplifying the exploitation and deployment process of trusted application, the safety of the access interface to the treatment effeciency and credible performing environment of trusted application is improved.The application method includes: the safe computing unit progress completeness check that terminal calculates container to signature by safety；If the safe computing unit of signature carries out legitimacy verifies by safe computing unit of the safety calculating container to signature and obtains check results by completeness check, terminal；If check results be it is legal, safe computing unit that terminal is signed by credible performing environment TEE or safety element SE load simultaneously obtains the safe calculated result of trusted application.)

1. a kind of processing method of the trusted application based on more containers characterized by comprising

Terminal calculates container by safety and carries out completeness check to the safe computing unit of signature；

If the safe computing unit of the signature calculates container by the safety by the completeness check, the terminal Legitimacy verifies are carried out to the safe computing unit of the signature and obtain check results；

If the check results be it is legal, described in the terminal is loaded by credible performing environment TEE or safety element SE The safe computing unit of signature and the safe calculated result for obtaining trusted application.

2. processing method according to claim 1, which is characterized in that the terminal calculates container to institute by the safety The safe computing unit for stating signature carries out legitimacy verifies and obtains check results

The terminal calculates the second level certificate that container obtains the safe computing unit of the signature, the second level by the safety Certificate is used to verify the legitimacy of the safe computing unit of the signature；

The terminal calculates container by the safety and the second level certificate is sent to authentication server；

The terminal calculates the check results that authentication server described in container reception is sent by the safety.

3. processing method according to claim 1, which is characterized in that the terminal calculates container to signature by safety Safe computing unit carries out completeness check

The terminal calculates the safety calculating in container by the safety and authorizes safety meter of the loading module from the signature It calculates in unit and obtains signature file；

The terminal authorizes loading module by the safety calculating and obtains safety from the safe computing unit of the signature Computing unit file metadata；

The terminal authorizes loading module by the safety calculating and plucks to the safe computing unit file metadata It calculates, obtains the cryptographic Hash of the safe computing unit file metadata；

The terminal authorizes loading module by the safety calculating and the cryptographic Hash and the signature file is compared Verification.

4. processing method according to claim 1, which is characterized in that the terminal calculates container to signature by safety Before safe computing unit carries out completeness check, the method also includes:

The terminal obtains load request from primary tank, and the load request calculates container for the safety of the terminal and loads institute The safe computing unit of signature is stated, the safe computing unit of the signature is based on safe to trusted application progress It calculates.

5. processing method according to claim 1 to 4, which is characterized in that the terminal passes through credible performing environment TEE or safety element SE load the safe computing unit of the signature and obtain trusted application safe calculated result it Afterwards, the method also includes:

The safe calculated result is transmitted to the primary tank of the terminal by the terminal.

6. processing method according to claim 1 to 4, which is characterized in that the method also includes:

If the safe computing unit of the signature, not over the completeness check, the terminal stops loading the signature Safe computing unit process.

7. processing method according to claim 1 to 4, which is characterized in that the method also includes:

If the check results are illegal, the process of the safe computing unit of the terminal stopping load signature.

8. a kind of processing method of the trusted application based on more containers characterized by comprising

Authentication server receives the second level certificate that terminal is sent, and the second level certificate is used to verify the safe computing unit of signature Legitimacy；

The authentication server obtains root certificate from digital certificate authentication server；

The authentication server verifies whether the second level certificate is that the root certificate is signed and issued；

If the second level certificate is that the root certificate is signed and issued, the authentication server determines the safe computing unit of the signature It is legal；

If the second level certificate is not that the root certificate is signed and issued, it is single that the authentication server determines that the safety of the signature calculates Member is illegal.

9. processing method according to claim 8, which is characterized in that the method also includes:

Verification result is sent to the terminal by the authentication server, and the verification result is used to indicate the safety of the signature Whether computing unit is legal.

10. processing method according to claim 8 or claim 9, which is characterized in that the authentication server verifies the second level card Whether book is that the root certificate is signed and issued and includes:

The authentication server judge the second level certificate public key and root certificate public key it is whether identical；

If they are the same, then the authentication server determines that the second level certificate is that the root certificate is signed and issued；

If not identical, the authentication server determines that the second level certificate is not that the root certificate is signed and issued.

11. a kind of terminal characterized by comprising

Verification unit carries out completeness check to the safe computing unit of signature for calculating container by safety；

First processing units, if the safe computing unit of the signature by the completeness check, is used to pass through the peace The full container that calculates carries out legitimacy verifies to the safe computing unit of the signature and obtains check results；

The second processing unit, if the check results be it is legal, for passing through credible performing environment TEE or safety element SE It loads the safe computing unit of the signature and obtains the safe calculated result of trusted application.

12. terminal according to claim 11, which is characterized in that the first processing units are specifically used for:

The second level certificate that container obtains the safe computing unit of the signature is calculated by the safety, the second level certificate is used for Verify the legitimacy of the safe computing unit of the signature；

Container is calculated by the safety, and the second level certificate is sent to authentication server；

The check results that authentication server described in container reception is sent are calculated by the safety.

13. terminal according to claim 11, which is characterized in that the verification unit is specifically used for:

The safety calculating in container, which is calculated, by the safety authorizes loading module from the safe computing unit of the signature Obtain signature file；

It is calculated by the safety and authorizes loading module from the safe computing unit of the signature and obtain safe computing unit File metadata；

It is calculated by the safety and authorizes loading module to the safe computing unit file metadata progress digest calculations, obtained To the cryptographic Hash of the safe computing unit file metadata；

Loading module is authorized by the safety calculating, and verification is compared in the cryptographic Hash and the signature file.

14. terminal according to claim 11, which is characterized in that the terminal further include:

Acquiring unit, for obtaining load request from primary tank, safety of the load request for the terminal calculates container The safe computing unit of the signature is loaded, the safe computing unit of the signature is for pacifying the trusted application It is complete to calculate.

15. any terminal of 1-14 according to claim 1, which is characterized in that the terminal further include:

Transmission unit, for the safe calculated result to be transmitted to the primary tank of the terminal.

16. any terminal of 1-14 according to claim 1, which is characterized in that the terminal further include:

First stop unit, if the safe computing unit of the signature adds not over the completeness check for stopping Carry the process of the safe computing unit of the signature.

17. any terminal of 1-14 according to claim 1, which is characterized in that the terminal further include:

Second stop unit, if the check results be it is illegal, the safety for stopping the load signature calculates list The process of member.

18. a kind of server, which is characterized in that the server is authentication server, comprising:

Receiving unit, for receiving the second level certificate of terminal transmission, the safety that the second level certificate is used to verify signature calculates single The legitimacy of member；

Acquiring unit, for obtaining root certificate from digital certificate authentication server；

Authentication unit, for verifying whether the second level certificate is that the root certificate is signed and issued；

First determination unit, if the second level certificate is that the root certificate is signed and issued, for determining that the safety of the signature calculates Unit is legal；

Second determination unit, if the second level certificate is not that the root certificate is signed and issued, based on the safety for determining the signature It is illegal for calculating unit.

19. server according to claim 18, which is characterized in that the server further include:

Transmission unit, for verification result to be sent to the terminal, the verification result is used to indicate the safety of the signature Whether computing unit is legal.

20. server described in 8 or 19 according to claim 1, which is characterized in that the authentication unit is specifically used for:

Whether the public key of the public key and root certificate that judge the second level certificate is identical；

If they are the same, it is determined that the second level certificate is that the root certificate is signed and issued；

If not identical, it is determined that the second level certificate is not that the root certificate is signed and issued.

21. a kind of terminal characterized by comprising

Memory, transceiver and at least one processor, are stored with program code in the memory, the memory, described By line traffic, the processor runs the code to instruct the terminal to hold for transceiver and at least one described processor Row the method according to claim 1 to 7.

22. a kind of server characterized by comprising

Memory, transceiver and at least one processor, are stored with program code in the memory, the memory, described By line traffic, the processor runs the code to instruct the server for transceiver and at least one described processor Execute such as the described in any item methods of claim 8-10.

23. a kind of computer readable storage medium, including instruction, when run on a computer, so that computer executes such as Method described in claim 1-10 any one.

24. a kind of computer program product comprising instruction, when run on a computer, so that computer executes such as right It is required that method described in 1-10 any one.

Technical field

This application involves the communications field more particularly to a kind of processing methods and phase of the trusted application based on more containers Close equipment.

Background technique

Currently, terminal security relates generally to five kinds of fields: authentication, admission control, safety certification, service authorization, industry Business audit.For safety certification field, start the hardware device (universal for occurring based on Universal Serial Bus Interface Serial bus key, USB Key), credible performing environment (trusted execution environment, TEE) and safety The safer solutions such as element (secure element, SE), wherein credible performing environment TEE, which can solve, to be moved Under dynamic payment scene the upstream and downstream participant such as consumer, trade company, mobile operator, Third-party payment, financial institution it is various not It is current most for one of technology of development potentiality with safe demand.Currently, TEE technology is in mobile phone, set-top box, plate It is widely used in other equipment.

Summary of the invention

The embodiment of the present application provides the processing method and relevant device of a kind of trusted application based on more containers, uses In the exploitation and deployment process that simplify trusted application, the treatment effeciency and credible execution ring to trusted application are improved The safety of the access interface in border.

The application first aspect provides a kind of processing method of trusted application based on more containers, comprising: terminal Completeness check is carried out to the safe computing unit of signature by calculating container safely, that is, determines the safe computing unit of the signature Whether distorted by third party；If the safe computing unit of signature by integrity verification, that is, the safe computing unit signed not by Third party distorts, then terminal calculates container to the safe computing unit progress legitimacy verifies of signature by safety and obtains verification As a result；If check results be it is legal, i.e. the safe computing unit of signature belonging to second level certificate be it is legal, then terminal passes through The safe computing unit of credible performing environment TEE or safety element SE load signature and the safety calculating for obtaining trusted application As a result.By way of introducing safety and calculating container, the client application for avoiding TEE is under attack, has reached isolation The safe effect of primary tank and TEE improves the safety of the access interface of credible performing environment.

In a kind of possible design, in the first implementation of the embodiment of the present application first aspect, terminal passes through Safety calculates container and carries out legitimacy verifies and obtain check results to include: that terminal passes through safety to the safe computing unit of signature The second level certificate that container obtains the safe computing unit of signature is calculated, which is used to verify the safe computing unit of signature Legitimacy；Terminal calculates container by safety and second level certificate is sent to authentication server；Terminal calculates container by safety Receive the check results that authentication server is sent.By distributing second level certificate to safe computing unit, safe computing unit is made to exist Safety except primary tank calculates and carries out the verification of second level certificate in container, and certification and load had both solved trusted application and opened The tediously long problem of the process of hair, reduces the cost of access of third party developer and manufacturer terminal, in turn ensures verifying and load The safety of safe computing unit.

In a kind of possible design, in second of implementation of the embodiment of the present application first aspect, terminal passes through It includes: that terminal passes through the safe peace calculated in container that safety, which calculates container and carries out completeness check to the safe computing unit of signature, Full calculating authorizes loading module and obtains signature file from the safe computing unit of signature；Terminal is authorized by safety calculating Loading module obtains safe computing unit file metadata from the safe computing unit of signature；Terminal calculates authorization by safety Digest calculations are carried out to safe computing unit file metadata with loading module, obtain the Kazakhstan of safe computing unit file metadata Uncommon value；Terminal authorizes loading module by safety calculating and verification is compared in cryptographic Hash and signature file, that is, compares Hash It is worth whether identical as the cryptographic Hash of signature file.Specific integrity check process is refined, in trusted application Development process in, before the safe computing unit of signature is loaded onto credible performing environment, to the safe computing unit of signature Integrity verification is carried out, the reliability and safety of the safe computing unit of signature are improved.

In a kind of possible design, in the third implementation of the embodiment of the present application first aspect, terminal passes through Safety calculates before container carries out completeness check to the safe computing unit of signature, and the method also includes: terminals from main appearance Device obtains load request, which calculates the safe computing unit of container load signature for the safety of the terminal, should The safe computing unit of signature is used to carry out safe calculating to trusted application.It increases from primary tank and obtains load request Process will be split in safe computing unit the safe computing function of trusted application, and what definition calculated safely uniformly connects Mouthful, reach primary development, all terminal platforms can be run, and avoided third party developer and needed for the customization of each terminal platform The process of TA reduces the exploitation and distribution cost of developer and manufacturer terminal.

In a kind of possible design, in the 4th kind of implementation of the embodiment of the present application first aspect, terminal passes through The safe computing unit of credible performing environment TEE or safety element SE load signature and the safety calculating for obtaining trusted application As a result after, the method also includes: terminals to be transmitted to safe calculated result the primary tank of terminal.Safe calculated result is anti- It is fed to trusted application, realizes and the safety of trusted application is calculated.

In a kind of possible design, in the 5th kind of implementation of the embodiment of the present application first aspect, the method Further include: not over integrity verification, if the safety that terminal stops load signature calculates single the safe computing unit of signature The process of member.When increasing the safe computing unit of signature not over integrity verification, the safety for stopping load signature is calculated The process of unit, it is ensured that the validity of safe computing unit improves the safety of the development process of trusted application.

In a kind of possible design, in the 6th kind of implementation of the embodiment of the present application first aspect, the method Further include: if check results are illegal, the process of the safe computing unit of terminal stopping load signature.It increases when two Grade certificate is the process for stopping the safe computing unit of load signature in illegal situation, it is ensured that safe computing unit Legitimacy improves the safety of the development process of trusted application.

In a kind of possible design, in the 7th kind of implementation of the embodiment of the present application first aspect, the peace of signature The file format of full computing unit includes at least initial segment, code segment and data segment.The safe computing unit of signature has been determined Concrete composition specifies unified safe computing unit, simplifies the development process of trusted application.

The application second aspect provides a kind of processing method of trusted application based on more containers, comprising: verifying The second level certificate that server receiving terminal is sent, the second level certificate are used to verify the legitimacy of the safe computing unit of signature；It tests It demonstrate,proves server and obtains root certificate from digital certificate authentication server, the root certificate is corresponding with second level certificate；Authentication server verifying Whether second level certificate is that root certificate is signed and issued；If second level certificate is signed and issued for root certificate, authentication server determines the safety meter of signature It is legal for calculating unit；If second level certificate is not signed and issued for root certificate, authentication server determines that the safe computing unit of signature is It is illegal.Online verification legitimacy is carried out by certificate of the authentication server to safe computing unit, it is only effective in certificate The case where can just load safe computing unit, ensure that the legitimacy of safe computing unit.

In a kind of possible design, in the first implementation of the embodiment of the present application second aspect, the method Further include: verification result is sent to terminal by authentication server, and the safe computing unit which is used to indicate signature is No is legal.The process that verification result is sent to terminal is increased, keeps the embodiment of the present application more perfect in step.

In a kind of possible design, in second of implementation of the embodiment of the present application second aspect, the service for checking credentials It includes: that authentication server judges the public key of second level certificate and the public key of root certificate that whether device verifying second level certificate, which is that root certificate signs and issues, It is whether identical；If they are the same, then authentication server determines that second level certificate is signed and issued for root certificate；If not identical, authentication server is true Determine second level certificate not sign and issue for root certificate.The verification process to second level certificate has been refined, the realization of the embodiment of the present application is increased Mode.

The application third aspect provides a kind of terminal, comprising: verification unit, for calculating container to signature by safety Safe computing unit carry out completeness check；First processing units, if the safe computing unit of signature passes through completeness check, Then for calculating container to the safe computing unit progress legitimacy verifies of signature by safety and obtaining check results；At second Unit is managed, if check results are legal, for signing by credible performing environment TEE or safety element SE load safety Computing unit and the safe calculated result for obtaining trusted application.By way of introducing safety and calculating container, TEE is avoided Client application it is under attack, reached isolation primary tank and TEE safe effect, improve credible performing environment The safety of access interface.

In a kind of possible design, in the first implementation of the embodiment of the present application third aspect, the first processing Unit is specifically used for: the second level certificate for obtaining the safe computing unit of signature by calculating container safely, the second level certificate are used for Verify the legitimacy of the safe computing unit of signature；Second level certificate is sent to authentication server by calculating container safely；It is logical It crosses safety and calculates the check results that container reception authentication server is sent.By distributing second level certificate to safe computing unit, make Safe computing unit calculates in the safety except primary tank and carries out the verification of second level certificate in container, and certification and load both solved The tediously long problem of the process of trusted application exploitation, reduces the cost of access of third party developer and manufacturer terminal, and protect It has demonstrate,proved verifying and has loaded the safety of safe computing unit.

In a kind of possible design, in second of implementation of the embodiment of the present application third aspect, the verification Unit is specifically used for: being calculated by the safety calculated safely in container and authorizes loading module from the safe computing unit of signature Obtain signature file；It authorizes loading module by calculating safely from the safe computing unit of signature and obtains safe computing unit File metadata；Loading module is authorized to safe computing unit file metadata progress digest calculations by calculating safely, is obtained To the cryptographic Hash of safe computing unit file metadata；Loading module is authorized by cryptographic Hash and signature file by calculating safely Verification is compared.Specific integrity check process is refined, in the development process of trusted application, is being signed The safe computing unit of name is loaded onto before credible performing environment, is carried out integrity verification to the safe computing unit of signature, is mentioned The high reliability and safety of the safe computing unit of signature.

In a kind of possible design, in the third implementation of the embodiment of the present application third aspect, terminal is also wrapped Include: acquiring unit, for obtaining load request from primary tank, which calculates container load signature for the safety of terminal Safe computing unit, the safe computing unit of the signature is used to carry out safe calculating to trusted application.It increases from master Container obtains the process of load request, will be split in safe computing unit to the safe computing function of trusted application, fixed The unified interface that Yian city calculates entirely reaches primary development, and all terminal platforms can be run, and avoids third party developer's needs The process that TA is customized for each terminal platform reduces the exploitation and distribution cost of developer and manufacturer terminal.

In a kind of possible design, in the 4th kind of implementation of the embodiment of the present application third aspect, terminal is also wrapped It includes: transmission unit, for safe calculated result to be transmitted to the primary tank of terminal.Safe calculated result is fed back into trusted application Program is realized and is calculated the safety of trusted application.

In a kind of possible design, in the 5th kind of implementation of the embodiment of the present application third aspect, terminal is also wrapped It includes: the first stop unit, if the peace that the safe computing unit of signature is signed not over integrity verification, for stopping load The process of full computing unit.When increasing the safe computing unit of signature not over integrity verification, stop load signature The process of safe computing unit, it is ensured that the validity of safe computing unit improves the development process of trusted application Safety.

In a kind of possible design, in the 6th kind of implementation of the embodiment of the present application third aspect, terminal is also wrapped It includes: the second stop unit, if check results are illegal, the process of the safe computing unit for stopping load signature. It increases when second level certificate is the process for stopping the safe computing unit of load signature in illegal situation, it is ensured that safety The legitimacy of computing unit improves the safety of the development process of trusted application.

In a kind of possible design, in the 7th kind of implementation of the embodiment of the present application third aspect, the peace of signature The file format of full computing unit includes at least initial segment, code segment and data segment.The safe computing unit of signature has been determined Concrete composition specifies unified safe computing unit, simplifies the development process of trusted application.

The application fourth aspect provides a kind of server, and server is authentication server, comprising: receiving unit is used for The second level certificate that terminal is sent is received, which is used to verify the legitimacy of the safe computing unit of signature；Acquiring unit, For obtaining root certificate from digital certificate authentication server；Authentication unit, for verifying whether second level certificate is that root certificate is signed and issued； First determination unit, if second level certificate is signed and issued for root certificate, for determining that the safe computing unit of signature is legal；Second Determination unit, if second level certificate is not signed and issued for root certificate, for determining that the safe computing unit of signature is illegal.Pass through Authentication server carries out online verification legitimacy to the certificate of safe computing unit, only can just load in the effective situation of certificate Safe computing unit ensure that the legitimacy of safe computing unit.

In a kind of possible design, in the first implementation of the embodiment of the present application fourth aspect, server is also It include: transmission unit, for verification result to be sent to terminal, the safe computing unit which is used to indicate signature is No is legal.The process that verification result is sent to terminal is increased, keeps the embodiment of the present application more perfect in step.

In a kind of possible design, in second of implementation of the embodiment of the present application fourth aspect, authentication unit Be specifically used for: whether the public key of the public key and root certificate that judge second level certificate is identical；If they are the same, it is determined that second level certificate is root card Bookmark hair；If not identical, it is determined that second level certificate is not signed and issued for root certificate.The verification process to second level certificate has been refined, has been increased The implementation of the embodiment of the present application.

The 5th aspect of the application provides a kind of terminal, comprising: memory, transceiver and at least one processor, it is described Program code is stored in memory, the memory, the transceiver and at least one described processor pass through line traffic, The processor runs the code to instruct the terminal to execute the above-mentioned described in any item methods of first aspect.

The 6th aspect of the application provides a kind of server, comprising: memory, transceiver and at least one processor, institute It states and is stored with program code in memory, the memory, the transceiver and at least one described processor are logical by route Letter, the processor run the code to instruct the server to execute the above-mentioned described in any item methods of second aspect.

The 7th aspect of the application provides a kind of computer readable storage medium, in the computer readable storage medium It is stored with program code, when run on a computer, so that computer executes method described in above-mentioned first aspect.

The eighth aspect of the application provides a kind of computer readable storage medium, in the computer readable storage medium It is stored with program code, when run on a computer, so that computer executes method described in above-mentioned second aspect.

The 9th aspect of the application provides a kind of computer program product comprising instruction, when it runs on computers When, so that computer executes method described in above-mentioned first aspect.

The tenth aspect of the application provides a kind of computer program product comprising instruction, when it runs on computers When, so that computer executes method described in above-mentioned second aspect.

As can be seen from the above technical solutions, the embodiment of the present application has the advantage that

Terminal calculates container by safety and carries out completeness check to the safe computing unit of signature, that is, determines the signature Whether safe computing unit is distorted by third party；If the safe computing unit of signature is by integrity verification, that is, the safety signed Computing unit is not distorted by third party, then terminal calculates container by the safety and carries out to the safe computing unit of the signature Legitimacy verifies simultaneously obtain check results；If check results be it is legal, i.e. the safety of signature belonging to second level certificate calculates single Member be it is legal, then terminal by credible performing environment TEE or safety element SE load signature safe computing unit and obtain The safe calculated result of trusted application.In the application, by way of introducing safety and calculating container, the visitor of TEE is avoided Family end application program is under attack, reached isolation primary tank and TEE safe effect, improve current trusted application into The process of row verifying, improves the access interface safety of credible performing environment.

Detailed description of the invention

Fig. 1 is the system architecture schematic diagram of existing scheme application；

Fig. 2 is the system architecture schematic diagram of the embodiment of the present application application；

Fig. 3 is the process signal of the processing method of the trusted application based on more containers in the embodiment of the present application Figure；

Fig. 4 is another process signal of the processing method of the trusted application based on more containers in the embodiment of the present application Figure；

Fig. 5 is a structural schematic diagram of terminal in the embodiment of the present application；

Fig. 6 is another structural schematic diagram of terminal in the embodiment of the present application；

Fig. 7 is a structural schematic diagram of authentication server in the embodiment of the present application；

Fig. 8 is another structural schematic diagram of authentication server in the embodiment of the present application；

Fig. 9 A is another structural schematic diagram of terminal in the embodiment of the present application；

Fig. 9 B is another structural schematic diagram of terminal in the embodiment of the present application；

Figure 10 is another structural schematic diagram of terminal in the embodiment of the present application；

Figure 11 is another structural schematic diagram of authentication server in the embodiment of the present application.

Specific embodiment

In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application The embodiment of the present application is described in attached drawing.

The description and claims of this application and term " first ", " second ", " third ", " in above-mentioned attached drawing The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiments described herein can be in addition to illustrating herein Or the sequence other than the content of description is implemented.In addition, term " includes " or " having " and its any deformation, it is intended that covering is not Exclusive includes, for example, the process, method, system, product or equipment for containing a series of steps or units be not necessarily limited to it is clear Step or unit those of is listed on ground, but is not clearly listed or for these process, methods, product or is set Standby intrinsic other step or units.

A kind of system architecture is provided in existing scheme, as shown in Figure 1, in the system architecture, including credible execution ring Border (trusted execution environment, TEE) and rich performing environment (rich execution environment, REE).The sensitive application of high safety is isolated with general software environment, special credible performing environment TEE is provided, and Protect the resource of application and confidentiality, integrality and the access authority of data；The traditional operation attacked is easy to Android etc. System provides general rich performing environment REE.In the application referred to as client application (client that the side REE executes Application, CA), such as the Third-party payments application such as bank's class application, in the application referred to as trusted application that the side TEE executes Program (trusted application, TA), for example execute the application of the key services such as signature, encryption and decryption calculating.Since TA is transported For row in credible performing environment TEE, deployment/updating operation of TA needs to follow strictly TEE publisher (usually manufacturer terminal) Safety verification specification, for example use the measures such as digital signature, it is ensured that TEE links are really believable.Credible execution ring It include credible performing environment internal applications programming interface (trusted execution environment in the TEE of border Internal application programming interface, TEE Internal API) and trusted operating system portion Part, the main function of TEE Internal API are as follows: the function and client application journey of trusted operating system component are provided upwards Sequence CA is communicated, realization TA is communicated with TA, provided secure storage, cryptographic functions, time function etc.；Trusted operating system component master It to include credible core frame, trusted function, trusted kernel and credible performing environment TEE communication agent, wherein credible core frame Frame provides the function of similar operations system for TA；Trusted function provides tenability for application developer；Trusted kernel be used for Credible equipment in platform hardware interacts；Credible performing environment communication agent is logical for the communication that TA and CA provides a safety TA is realized for example, credible performing environment communication agent delivers messages to rich performing environment communication agent by platform hardware in road With the interaction of CA.It include credible performing environment client application programming interface (trusted in rich performing environment REE Execution environment client application programming interface, TEE Client API), credible performing environment functional application programming interface (trusted execution environment Functional application programming interface, TEE Functional API) and multimedia operations System, multimedia OS component mainly include common equipment driving and rich performing environment communication agent, wherein Fu Zhihang ring Border communication agent with TEE for being communicated, and CA and TA provide the communication channel of a safety, and common equipment drives for driving Common equipment in platform hardware.CA is linked into using TEE Client API, TEE Functional API by TA offer Security service.

Since the system architecture is there are some limitations, the TEE of different terminals manufacturer realizes that trusted application management platform is also deposited In more difference, cause the exploitation of TA and deployment process complex.Since the side TEE is ensured by the proprietary measure such as digital signature TEE is really credible, and specific management and control measures are implemented by specific manufacturer terminal (TEE publisher), and optional application program TA's opens Originator must contact each manufacturer terminal and cooperate exploitation, the coupled relation of this upstream and downstream, cause TA development process complexity and It is tediously long.For example, the TA of Alipay application program, need to develop a set of TA in the equipment of each manufacturer terminal, on each platform TA signature and system interface it is all inconsistent, lead to the TA processes of research & development and distribution flow complex of Alipay application program, And then security risk existing for causing due to process is lack of standardization, similarly, other third party developers can also encounter same problem.

The embodiment of the present application can be applied to system architecture as shown in Figure 2, in the system architecture, including terminal 100, test Demonstrate,prove server 200 and digital certificate authentication (certificate authority, CA) server 300, wherein there are three types of terminals Application environment is respectively as follows: rich performing environment (rich execution environment, REE), credible performing environment (trusted execution environment, TEE) and safety element (secure element, SE), terminal includes main appearance Device 101, safety calculate container 102, credible performing environment (trusted execution environment, TEE) and safety member Part (secure element, SE) 103, system kernel 104 and platform hardware 105, wherein running environment is in primary tank 101 REE includes multiple application programs, such as application program 1, application program 2 and application program 3 in primary tank；Safety calculates container 102 include that safety calculating authorizes loading module.Wherein, safety calculating container is independent from primary tank, and safety, which calculates, to be held The hardware that device is supported is identical as the hardware that primary tank is supported, for example, being all the hardware interface for supporting to use REE.CA server 300 For saving all effective certificates of manufacturer terminal offer, effective certificate includes second level certificate and root certificate, manufacturer terminal Can be managed on CA server 300 these effective certificates (these effective certificates can be inquired, increase newly, revoke, Failure, the again operation such as authorization).Authentication server 200 has second level certificate for providing for security certificate with loading module Effect property is verified.The system architecture of the application can be applied to be related in the scene calculated safely in payment, encryption storage etc., is had Body is herein without limitation.

For ease of understanding, the detailed process of the embodiment of the present application is described below, referring to Fig. 3, the application is implemented One embodiment of the processing method of the trusted application based on more containers includes: in example

301, terminal obtains load request from primary tank.

Terminal obtains load request from primary tank, and the safety which is used to indicate terminal calculates container load signature Safe computing unit, the safe computing unit of the signature is used to carry out safe calculating to trusted application TA, wherein safety Computing unit is to execute the functional module calculated safely in trusted application.

Multiple mutually independent system resources, i.e. container are isolated in operating system nucleus, each container operation is only Vertical OS directly can not be accessed mutually between each container, and primary tank provided herein and safety calculate container, wherein leading Application environment in container is REE.

Trusted application TA calculates the safety calculating in container to the safety of terminal and authorizes loading module request of loading The safe computing unit of signature.Specifically, what is run in primary tank is an intelligent operating system (such as android system), Application program (such as Alipay) in this primary tank needs to carry out safe calculating, be no longer directly to TEE initiate call, and It is to calculate container to safety to carry out initiation calling, the safe computing unit and parameter of signature is transmitted to safety and calculated in container Safety, which calculates, authorizes loading module, and safety calculating, which authorizes loading module, can check whether application program has permission this tune of initiation With.

It should be noted that needing user first to develop the safety unsigned before sending load request and calculating list Member is signed to the safe computing unit that this is unsigned, the safe computing unit signed.What exploitation was unsigned The process of safe computing unit is as follows:

User (third party developer) submits necessary data to manufacturer terminal, to manufacturer terminal application developer's certificate, Manufacturer terminal is issued developer's certificate (second level certificate) after audit passes through to user, meanwhile, the public key of second level certificate is protected There are on CA server.Software Development Kit (the software for the safe computing unit that user is provided using manufacturer terminal Development kit, SDK) and the safe computing unit unsigned of compiler external member, wherein SDK contains C standard Library and encryption and decryption calculate library, and compiler external member contains compiler and link script, and link script is for the journey after compiling Sequence is assembled into the safe computing unit an of standard, for example, when user carries out fingerprint payment using Alipay, because of finger print information It for important Secure data information, needs to be collected in the environment of a safety, therefore Alipay is needed to fingerprint collecting Environment carry out safe calculating, the program for executing the function is stripped out the safety for recompilating and being unsigned calculate it is single Member carries out safe calculating by environment of the safe computing unit unsigned to fingerprint collecting.The link script is specifically used for By several input files according to certain compatible rule merging at an output file, for example, link script command ENTRY is specified The entrance function of safe computing unit is compute function, and such TEE can will need to count when loading safe computing unit It calculates parameter and is directly passed to compute function, carry out safe calculating, obtain calculated result.The following institute of the code of the link script Show:

ENTRY(compute)

SECTIONS

{

.=0 × 10000；

.text:{*(.text)}

.=0 × 8000000；

.data:{*(.data)}

.bss:{*(.bss)}

}

Wherein, after being compiled by compiler, the file format and dynamic library file lattice of the safe computing unit unsigned Formula is the same, there is initial (init) section, code segment, data segment etc..

The process signed to the safe computing unit that this is unsigned is as follows:

Digest calculations are carried out to the safe computing unit file unsigned after compiling first with digest algorithm, are obtained The Summary file of safe computing unit, optionally, digest algorithm can use Secure Hash Algorithm (secure Hash Algorithm, SHA), such as SHA256, SHA512 etc.；Then the public key in second level certificate issued using manufacturer terminal is to plucking It signs, generates signature file, specially CERT.RSA file；By the safe computing unit unsigned and signature file into Row synthesis, finally obtains the safe computing unit of signature.

It is understood that needing to define safe computing unit before the safe computing unit that exploitation is unsigned Same format, user do not have to consider further that homogeneity terminal producer use different TEE technologies, realize exploitation it is a set of safety calculate Unit may operate on the TEE of each terminal platform.

302, terminal calculates container by safety and carries out completeness check to the safe computing unit of signature.

Terminal authorizes loading module and judges that trusted application TA has permission initiation according to load request and safety calculating After this is called, terminal calculates safe calculate in container by safety and authorizes safe computing unit of the loading module from signature Middle acquisition key file；Terminal authorizes loading module by the safety calculating and obtains peace from the safe computing unit of signature Full computing unit file metadata；Terminal by safety calculating authorize loading module to safe computing unit file metadata into Row digest calculations obtain the cryptographic Hash of safe computing unit file metadata；Terminal authorizes loading module by safety calculating Verification is compared in cryptographic Hash and signature file.If the safe computing unit of signature by integrity verification, i.e., cryptographic Hash with The cryptographic Hash of signature file is identical, then terminal executes step 303.Integrality refers to the process of in transmission, storage information or data In, it is ensured that information or data not distorting or can be found rapidly after distorting by unauthorized.

For example, safety, which calculates, authorizes the CERT.RSA letter that loading module extracts safe computing unit top of file first Breath；Then the safe computing unit file metadata in safe computing unit is extracted, safe computing unit file metadata rises Beginning address is the tail portion of CERT.RSA, and the end address of safe computing unit file metadata is the end of safe computing unit file Tail；It recycles SHA256 algorithm to carry out digest calculations to safe computing unit file metadata, obtains safe computing unit member number According to cryptographic Hash；Further according to.

It should be noted that if the safe computing unit of signature is not over integrity verification, then terminal can consider this Safe computing unit is distorted by third party, stops the process of the safe computing unit of load signature.

It is understood that the application on the basis of existing " primary tank ", increases a special " safety calculating Container " calculates in container in the safety and is stripped out the processing step for being easy to produce variation subsequent in safe calculation processing.It should Safety calculates container and is still located on the side REE, uses identical hardware with the primary tank of the side REE, but with the operation in primary tank System (android system) is mutually isolated, and the Information Security that safety calculates in container has higher guarantee, highest safety requirements Calculation processing step is still completed by the TA in former TEE.For example, the Alipay program of User Exploitation no longer directly using TEE into Row safety calculates, and carries out safe calculating using TEE by calculating container safely, calculates in container, realizes in newly-increased safety Calculation process is verified, authenticated and loaded to the safe computing unit of Alipay, can guarantee the peace of safe computing unit in this way Quan Xing solves the safety issue of the TA distribution of User Exploitation；And newly-increased safety calculates container, and application program has been isolated Contacting between TEE solves TA and is subject to the risk that the side CA malice is called, and TEE refusal is caused to service.

303, terminal calculates the second level certificate that container obtains the safe computing unit of signature by safety.

Terminal authorizes the safety calculating that loading module obtains signature by calculating the safe calculating in container by safety The second level certificate of unit, the second level certificate are used to verify the legitimacy of the safe computing unit of signature.

For example, terminal authorizes loading module by safety calculating extracts second level card from the safe computing unit of signature Book, the second level certificate are used to indicate the authorization message of the safe computing unit of the signature.

304, terminal calculates container by safety and second level certificate is sent to authentication server.

Terminal authorizes loading module by the safety calculating in safety calculating container and second level certificate is sent to verifying clothes Business device.

It should be noted that second level certificate belong to the root certificate being stored on digital certificate authentication server it is homologous, two Person has same public key, and second level certificate is what root certificate was signed and issued.

305, authentication server obtains root certificate from digital certificate authentication server.

Authentication server obtains root certificate from digital certificate authentication server.

Specifically, authentication server is according to the destination application information carried in second level certificate, to digital certificate authentication Server sends root certificate acquisition request, carries destination application information in the root certificate acquisition request；Digital certificate is recognized It demonstrate,proves server and corresponding root certificate is sent to by authentication server according to destination application information.

306, whether authentication server verifying second level certificate is that root certificate is signed and issued.

Authentication server verifies whether second level certificate is that root certificate is signed and issued.

Specifically, authentication server judge second level certificate public key and root certificate public key it is whether identical；If they are the same, then it tests Card server determines that second level certificate is signed and issued for root certificate；If not identical, authentication server determines that institute's second level certificate is not root card Bookmark hair.If second level certificate is signed and issued for root certificate, authentication server determines that the safe computing unit of signature is legal；If two Grade certificate is not signed and issued for root certificate, then authentication server determines that the safe computing unit of signature is illegal.

It is understood that carrying out being verified as the prior art to certificate by public key, specific details are not described herein again.It can be with Using the legitimacy of other verification methods verifying second level certificate, specifically herein without limitation.

307, verification result is sent to terminal by authentication server.

Verification result is sent to terminal by authentication server, and the safe computing unit which is used to indicate signature is No is legal.

It should be noted that if check results be it is legal, then terminal execute step 308.If check results are illegal , then terminal stops the process of the safe computing unit of load signature.

308, terminal loads the safe computing unit of signature by credible performing environment and obtains the peace of trusted application Full calculated result.

Terminal loads the safe computing unit of signature by credible performing environment TEE and obtains the safety of trusted application Calculated result.Specifically, the trusted application manager (TA Manager) of terminal first checks the safe computing unit of signature Second level certificate it is whether legal, inspection pass through after, TAManager call signature safe computing unit general-purpose interface, obtain Safe calculated result is back to safety and calculates container by safe calculated result.

It should be noted that terminal can also be called the safe computing unit of signature by safety element SE and obtain TA's Safe calculated result, terminal call the process of safe computing unit of signature and the safety of TEE calling signature to calculate list by SE The process of member is similar, and details are not described herein again.

309, the safety that safe calculated result is transmitted to terminal is calculated container by credible performing environment TEE by terminal.

The safety that safe calculated result is transmitted to terminal is calculated the safety in container by credible performing environment TEE by terminal Calculating authorizes loading module.

It should be noted that terminal can also be counted the safety that safe calculated result is transmitted to terminal by safety element SE The safety calculating calculated in container authorizes loading module.

310, safe calculated result is transmitted to the primary tank of terminal by terminal.

Safe calculated result is transmitted to the primary tank of terminal by terminal.Specifically, the safety of terminal calculates and authorizes load The safe calculated result received is transmitted to the trusted application TA in primary tank by module.

In the embodiment of the present application, by second level certificate, in safety container carry out legitimacy verifies method, decoupled mesh The tediously long problem of preceding TA development process has opened the ability of safe calculating to third party developer, simplifies third party developer couple The exploitation and deployment process of TA, improves the treatment effeciency to TA；Container is calculated by newly-increased safety, calculates container in safety In safe computing unit is verified, authenticated and is loaded, ensure that verifying and load the safety of safe computing unit, improve The process that current TA is verified, improves the access interface safety of TEE；The unified interface calculated safely is defined, just In the exploitation of TA application program.

Referring to Fig. 4, another reality of the processing method of the trusted application based on more containers in the embodiment of the present application Applying example includes:

401, terminal obtains load request from primary tank.

402, terminal calculates container by safety and carries out completeness check to the safe computing unit of signature.

403, terminal calculates the second level certificate that container obtains the safe computing unit of signature by safety.

404, terminal calculates container by safety and second level certificate is sent to authentication server.

Terminal authorizes loading module by the safety calculating in safety calculating container and second level certificate is sent to verifying clothes Business device.

405, authentication server obtains root certificate from digital certificate authentication server.

Authentication server obtains root certificate from digital certificate authentication server.

406, whether authentication server verifying second level certificate is that root certificate is signed and issued.

Authentication server verifies whether second level certificate is that root certificate is signed and issued.

407, verification result is sent to terminal by authentication server.

Verification result is sent to terminal by authentication server, and the safe computing unit which is used to indicate signature is No is legal.

It should be noted that if check results be it is legal, then terminal execute step 308.If check results are illegal , then terminal stops the process of the safe computing unit of load signature.

Step 401 is similar to step 307 with step 301 to step 407, and specific details are not described herein again.

408, terminal is counted by the safety that safety element loads the safe computing unit of signature and obtains trusted application Calculate result.

Terminal loads the safe computing unit of signature by safety element SE and obtains the safety meter of trusted application TA Calculate result.Specifically, the trusted application manager (TA Manager) of terminal first checks the safe computing unit of signature Whether second level certificate is legal, and after inspection passes through, TAManager calls the general-purpose interface of the safe computing unit of signature, obtains peace Safe calculated result is back to safety and calculates container by full calculated result.

409, the safety that safe calculated result is transmitted to terminal is calculated container by safety element SE by terminal.

The safety that safe calculated result is transmitted to terminal is calculated the safety in container by safety element SE and calculated by terminal Authorize loading module.

410, safe calculated result is transmitted to the primary tank of terminal by terminal.

In the embodiment of the present application, container is calculated by newly-increased safety, is calculated in container in safety to safe computing unit It verified, authenticated and is loaded, ensure that verifying and load the safety of safe computing unit, improved current TA and verified Process, both reduced the cost of access of third party developer and manufacturer terminal, and in turn ensured verifying and load safe computing unit Safety；By second level certificate, in safety container carry out legitimacy verifies method, it is superfluous to have decoupled current TA development process Long problem has opened the ability of safe calculating to third party developer, simplifies exploitation and deployment of the third party developer to TA Process improves the treatment effeciency to TA.

The processing method of the trusted application based on more containers in the embodiment of the present application is described above, below To in the embodiment of the present application terminal and authentication server be described, referring to Fig. 5, one of terminal in the embodiment of the present application Embodiment includes:

Verification unit 501 carries out completeness check to the safe computing unit of signature for calculating container by safety；

First processing units 502, if the safe computing unit of signature is calculated by completeness check for passing through safety Container carries out legitimacy verifies to the safe computing unit of signature and obtains check results；

The second processing unit 503, if check results be it is legal, for first by credible performing environment TEE or safety The safe computing unit of part SE load signature and the safe calculated result for obtaining trusted application.

The embodiment of the present application, by way of introducing safety and calculating container, avoid the client application of TEE by Attack has reached the safe effect of isolation primary tank and TEE, has improved the safety of the access interface of credible performing environment.

Referring to Fig. 6, another embodiment of terminal includes: in the embodiment of the present application

Verification unit 601 carries out completeness check to the safe computing unit of signature for calculating container by safety；

First processing units 602, if the safe computing unit of signature is calculated by completeness check for passing through safety Container carries out legitimacy verifies to the safe computing unit of signature and obtains check results；

The second processing unit 603, if check results be it is legal, for first by credible performing environment TEE or safety The safe computing unit of part SE load signature and the safe calculated result for obtaining trusted application.

In one example, first processing units 602 are specifically used for:

The second level certificate for obtaining the safe computing unit of signature by calculating container safely, the second level certificate is for verifying label The legitimacy of the safe computing unit of name；

Second level certificate is sent to authentication server by calculating container safely；

By the check results for calculating the transmission of container reception authentication server safely.

In one example, verification unit 601 is specifically used for:

It is calculated by the safety calculated safely in container and authorizes loading module from the safe computing unit of signature and obtain Signature file；

It authorizes loading module by calculating safely and obtains safe computing unit file from the safe computing unit of signature Metadata；

Loading module is authorized to safe computing unit file metadata progress digest calculations by calculating safely, is pacified The cryptographic Hash of full computing unit file metadata；

Loading module is authorized by cryptographic Hash and signature file progress completeness check by calculating safely.

In one example, terminal can also include:

Acquiring unit 604, for obtaining load request from primary tank, safety of the load request for terminal calculates container The safe computing unit of signature is loaded, the safe computing unit of the signature is used to carry out safe calculating to trusted application.

In one example, terminal can also include:

Transmission unit 605, for safe calculated result to be transmitted to the primary tank of terminal.

In one example, terminal can also include:

First stop unit 606, if the safe computing unit of signature is loaded not over integrity verification for stopping The process of the safe computing unit of signature.

In one example, terminal can also include:

Second stop unit 607, if check results are safe computing unit that is illegal, signing for stopping load Process.

In one example, the file format of the safe computing unit of signature includes at least initial segment, code segment and data Section.

In the embodiment of the present application, container is calculated by newly-increased safety, is calculated in container in safety to safe computing unit It verified, authenticated and is loaded, ensure that verifying and load the safety of safe computing unit, improved current TA and verified Process, improve the access interface safety of TEE；By second level certificate, in safety container carry out legitimacy verifies side Method has decoupled the tediously long problem of current TA development process, and the ability of safe calculating has been opened to third party developer, simplifies third Exploitation and deployment process of the square developer to TA, improve the treatment effeciency to TA；The unified interface calculated safely is defined, just In the exploitation of TA application program.

Referring to Fig. 7, one embodiment of authentication server includes: in the embodiment of the present application

Receiving unit 701, for receiving the second level certificate of terminal transmission, the second level certificate is based on the safety for verifying signature Calculate the legitimacy of unit；

Acquiring unit 702, for obtaining root certificate from digital certificate authentication server；

Authentication unit 703, for verifying whether second level certificate is that root certificate is signed and issued；

First determination unit 704, if second level certificate is signed and issued for root certificate, the safe computing unit for determining signature is Legal；

Second determination unit 705, if second level certificate is not signed and issued for root certificate, for determining the safe computing unit of signature It is illegal.

In the embodiment of the present application, online verification legitimacy is carried out by certificate of the authentication server to safe computing unit, Safe computing unit can be just only loaded in the effective situation of certificate, ensure that the legitimacy of safe computing unit.

Referring to Fig. 8, another embodiment of authentication server includes: in the embodiment of the present application

Receiving unit 801, for receiving the second level certificate of terminal transmission, the second level certificate is based on the safety for verifying signature Calculate the legitimacy of unit；

Acquiring unit 802, for obtaining root certificate from digital certificate authentication server；

Authentication unit 803, for verifying whether second level certificate is that root certificate is signed and issued；

First determination unit 804, if second level certificate is signed and issued for root certificate, the safe computing unit for determining signature is Legal；

Second determination unit 805, if second level certificate is not signed and issued for root certificate, for determining the safe computing unit of signature It is illegal.

In one example, server further include:

Transmission unit 806, for verification result to be sent to terminal, the safety which is used to indicate signature is calculated Whether unit is legal.

In one example, authentication unit 803 is specifically used for:

Whether the public key of the public key and root certificate that judge second level certificate is identical；

If they are the same, it is determined that second level certificate is signed and issued for root certificate；

If not identical, it is determined that second level certificate is not signed and issued for root certificate.

Angle of the above figure 5 to Fig. 8 from modular functionality entity is respectively to terminal in the embodiment of the present application and the service for checking credentials Device is described in detail, and is retouched in detail from the angle of hardware handles to terminal in the embodiment of the present application and authentication server below It states.

The embodiment of the present application provides a kind of terminal, and as shown in Figure 9 A, which has memory 901, transceiver 902 and extremely A few processor 903, the memory 901 store protected field in program code and data, such as the memory and can deposit Storage TEE operating system and trusted application, the non-protected areas of the memory can store REE operating system and client Application program, memory 901, transceiver 902 and at least one processor 903 are interconnected by bus 904, and bus 904 can To be Peripheral Component Interconnect standard (peripheral component interconnect, PCI) bus or extension industrial standard Structure (extended industry standard architecture, EISA) bus etc..The processor 903 executes this and deposits Program code in reservoir 901 simplifies trusted application to instruct the terminal to complete the operation in above method embodiment Exploitation and deployment process, improve the treatment effeciency to trusted application.

Fig. 9 B is a kind of structural schematic diagram of terminal provided by the embodiments of the present application, and with reference to Fig. 9 B, terminal 910 includes main appearance Device 911, safety calculate container 912, credible performing environment (trusted execution environment, TEE) and safety member Part (secure element, SE) 913, system kernel 914 and platform hardware 915, wherein running environment is in primary tank 911 REE includes multiple application programs in primary tank 911, and it includes that safety calculating authorizes loading module that safety, which calculates container 912, can Believe to include trusted application manager in performing environment and safety element 913.

Figure 10 shows the block diagram with the part-structure of terminal provided by the embodiments of the present application.With reference to Figure 10, the end End include: radio frequency (radio frequency, RF) circuit 1010, memory 1020, input unit 1030, display unit 1040, Sensor 1050, voicefrequency circuit 1060, Wireless Fidelity (wireless fidelity, WIFI) module 1070 and processor 1080 Equal components.It will be understood by those skilled in the art that terminal structure shown in Figure 10 does not constitute the restriction to the terminal, it can To include perhaps combining certain components or different component layouts than illustrating more or fewer components.

Processor 1080 is the control centre of terminal, in the embodiment of the present application, can be to the safe computing unit of signature Integrity verification is carried out, and loads the safe computing unit of signature and obtains the safe calculated result of trusted application.

RF circuit 1010 is connect by bus with the processor 1080, is responsible for internet transmission data or from interconnection Net receives data, it may also be used for during receiving and sending messages, signal is sended and received, for example, sending second level to authentication server Certificate；In addition, terminal transmits verification result at processor 1080 after the verification result for receiving authentication server transmission Reason.In general, the RF circuit 1010 includes but is not limited to antenna, at least one amplifier, transceiver, coupler, low noise Amplifier (low noise amplifier, LNA), duplexer etc..In addition, the RF circuit 1010 can also pass through channel radio Letter is communicated with network and other equipment.Any communication standard or agreement can be used in above-mentioned wireless communication, including but not limited to entirely Ball mobile communcations system (global system of mobile communication, GSM), general packet radio service (general packet radio service, GPRS), CDMA (code division multiple access, CDMA), wideband code division multiple access (wideband code division multiple access, WCDMA), long term evolution (long term evolution, LTE), Email, short message service (short messaging service, SMS) etc..

Memory 1020 can be used for storing software program and module, and the processor 1080 is stored in described by operation The software program and module of memory 1020, thereby executing the various function application and data processing of terminal.The storage Device 1020 can mainly include storing program area and storage data area, wherein storing program area can storage program area, at least one Application program needed for function (for example integrity verification etc. is carried out to the safe computing unit of signature) etc.；Storage data area can deposit Storage uses created data (such as safe calculated result etc.) etc. according to terminal.In addition, the memory 1020 can wrap High-speed random access memory is included, can also include nonvolatile memory, for example, at least disk memory, a flash memories Part or other volatile solid-state parts.

Figure 11 is a kind of structural schematic diagram of authentication server provided by the embodiments of the present application, which can Bigger difference is generated because configuration or performance are different, may include one or more processors (central Processing units, CPU) 1101 (for example, one or more processors) and storage medium 1108, one or one The storage medium 1108 (such as one or more mass memory units) of application program 1107 or data 1106 stored above. Wherein, storage medium 1108 can be of short duration storage or persistent storage.The program for being stored in storage medium 1108 may include one A or more than one module (diagram does not mark), each module may include to a series of codes in authentication server.More into One step, processor 1101 can be set to communicate with storage medium 1108, and processor 1101 is in the control of authentication server The heart is stored in storage by running or executing using the various pieces of various interfaces and the entire authentication server of connection Software program and/or module in medium 1108, and the data being stored in storage medium 1108 are called, authentication server Various functions and processing data, thus the legitimate verification for the second level certificate that complete paired terminal is sent.

Storage medium 1108 can be used for storing software program and module, and processor 1101 is stored in storage by operation and is situated between The software program and module of matter 1108, thereby executing the various function application and data processing of authentication server 1100.It deposits Storage media 1108 can mainly include storing program area and storage data area, wherein storing program area can storage program area, at least Application program needed for one function (for example judge second level certificate whether legal etc.) etc.；Storage data area can be stored according to verifying Server uses created data (for example determining that second level certificate is legal) etc..In addition, storage medium 1108 can wrap High-speed random access memory is included, can also include nonvolatile memory, for example, at least disk memory, a flash memories Part or other volatile solid-state parts.The trusted application based on more containers provided in the embodiment of the present application The program of processing method and the data flow received store in memory, and when it is desired to be used, processor 1101 is situated between from storage It is called in matter 1108.

Authentication server 1100 can also include one or more power supplys 1102, one or more wired or nothings Wired network interface 1103, one or more input/output interfaces 1104, and/or, one or more operating systems 1105, such as Windows Serve, Mac OS X, Unix, Linux, FreeBSD etc..Those skilled in the art can manage Solution, authentication server structure shown in Figure 11 do not constitute the restriction to authentication server, may include than illustrate it is more or Less component perhaps combines certain components or different component layouts.

It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.

In embodiment provided herein, it should be understood that disclosed system, device and method can pass through Other modes are realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be with In conjunction with or be desirably integrated into another system, or some features can be ignored or not executed.Another point, it is shown or discussed Mutual coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING of device or unit or Communication connection can be electrical property, mechanical or other forms.

The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.

It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of software functional units.

The computer program product includes one or more computer instructions.Load and execute on computers the meter When calculation machine program instruction, entirely or partly generate according to process or function described in the embodiment of the present application.The computer can To be general purpose computer, special purpose computer, computer network or other programmable devices.The computer instruction can be deposited Storage in a computer-readable storage medium, or from a computer readable storage medium to another computer readable storage medium Transmission, for example, the computer instruction can pass through wired (example from a web-site, computer, server or data center Such as coaxial cable, optical fiber, Digital Subscriber Line (digital subscriber line, DSL)) or wireless (such as infrared, wireless, Microwave etc.) mode transmitted to another web-site, computer, server or data center.It is described computer-readable to deposit Storage media can be any usable medium that computer can store or include the integrated clothes of one or more usable mediums The data storage devices such as business device, data center.The usable medium can be magnetic medium, (for example, floppy disk, hard disk, tape), Optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk (solid state disk, SSD)) etc..

If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product When, it can store in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words It embodies, which is stored in a storage medium, including some instructions are used so that a computer Equipment (can be personal computer, server or the network equipment etc.) executes the complete of each embodiment the method for the application Portion or part steps.And storage medium above-mentioned include: USB flash disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic or disk etc. are various can store program The medium of code.

28页详细技术资料下载

上一篇：一种医用注射器针头装配设备

下一篇：面向SGX安全应用的内部隔离方法

A kind of processing method and relevant device of the trusted application based on more containers

相关技术

网友询问留言