CN114372255B - Identity authentication method and equipment based on application software fingerprint - Google Patents
Identity authentication method and equipment based on application software fingerprintInfo
- Publication number
- CN114372255B CN114372255B CN202111553586.0A CN202111553586A CN114372255B CN 114372255 B CN114372255 B CN 114372255B CN 202111553586 A CN202111553586 A CN 202111553586A CN 114372255 B CN114372255 B CN 114372255B
- Authority
- CN
- China
- Prior art keywords
- application
- fingerprint
- micro
- isolation
- middleware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
本发明公开一种基于应用软件指纹的身份认证方法及设备,解决现有方法的应用程序对设备,如车载零部件数据随意访问,造成设备中数据泄露的问题。一种基于应用软件指纹的身份认证方法,包含以下步骤:当应用程序在Rich OS体系中发起访问底层数据资源时,在微隔离抽象中间件中查询应用指纹是否存在认证记录,若存在,则允许访问底层数据,否则,在TEE体系中对所述应用程序进行指纹查询或生成新的指纹并完成身份认证。本申请还包含用于实现所述方法的设备。本发明可应用在汽车零部件当中,用于提高汽车零部件的数据安全性,避免汽车零部件数据泄露。
The present invention discloses an identity authentication method and device based on application software fingerprint, which solves the problem of data leakage in the device caused by the application program of the existing method arbitrarily accessing the data of the device, such as the vehicle-mounted parts. An identity authentication method based on application software fingerprint comprises the following steps: when the application program initiates access to the underlying data resources in the Rich OS system, querying whether there is an authentication record of the application fingerprint in the micro-isolation abstract middleware, if so, allowing access to the underlying data, otherwise, performing fingerprint query on the application program in the TEE system or generating a new fingerprint and completing identity authentication. The present application also includes a device for implementing the method. The present invention can be applied to automotive parts to improve the data security of automotive parts and avoid data leakage of automotive parts.
Description
Technical Field
The invention relates to the technical field of automobile data security, in particular to an identity authentication method and equipment based on application software fingerprints.
Background
With the popularization and penetration of ADAS and intelligent cabins, a large amount of personal data and data related to national security are stored in automobile parts, and application software running in the automobile parts lacks identity validity authentication capability.
The existing method is an application program behavior detection method, namely an Agent is implanted in a kernel layer or ring3 layer of an OS, a hook technology is adopted, when all application software accesses to a system bottom layer resource, the hook program can check the application in the pull Agent (based on rules or models), and the program is released after the check is finished, so that the method has the defects of easy direct deletion by an attacker and larger coupling with an OS version, and the method also comprises a data encryption method, wherein all personal sensitive information stored in parts is encrypted before being stored, so that even if leakage occurs, an attacker cannot restore real data when no key is obtained, and the method has the defects of occupying large system resource and affecting the normal response speed of the system.
Disclosure of Invention
The invention provides an identity authentication method and equipment based on application software fingerprints, which solve the problem of data leakage existing in the existing method and equipment.
To solve the above problems, the present invention is achieved as follows:
The embodiment of the invention provides an identity authentication method based on application software fingerprints, which comprises the following steps that when an application program initiates access to a bottom data resource in a Rich OS system, whether an authentication record exists in the application fingerprint is inquired in a micro-isolation abstract middleware, if so, the access to the bottom data is allowed, and otherwise, the application program is inquired or a new application fingerprint is generated in a TEE system to finish the identity authentication.
Preferably, the step of inquiring an application program or generating a new application fingerprint in a TEE system to complete identity authentication further comprises the steps of inquiring whether an authentication record of the application fingerprint in an authentication center exists or not, if so, sending an instruction for allowing access to underlying data to a Rich OS system through the micro-isolation abstract middleware, otherwise, inquiring whether the application fingerprint exists and whether the application fingerprint is valid or not in a fingerprint database, and if so, updating the authentication record to the authentication center, and simultaneously, sending an instruction for allowing access to underlying data to the Rich OS system through the micro-isolation abstract middleware;
Otherwise, generating a corresponding new application fingerprint, completing identity authentication in a TEE system, and sending an instruction for allowing access to the bottom data to a Rich OS system through the micro-isolation abstract middleware.
Preferably, the method further comprises communicating between the Rich OS architecture and the TEE architecture through the micro-isolation abstraction middleware.
Further, the method also comprises the step of recording an application fingerprint authentication result through the micro-isolation abstract middleware.
Further, when the application program initiates access to the bottom data resource in the Rich OS system, after confirming the identity of the application program, whether the access has the access data authority is confirmed, if so, the application program is allowed to access the bottom data, otherwise, the application program is refused to access the corresponding bottom data.
Preferably, the step of accessing the corresponding underlying data further comprises sending, by the micro isolation abstraction middleware, an instruction to invoke an underlying data interface to an underlying driver.
Preferably, the step of generating the corresponding application fingerprint further comprises parameterizing the name, type, version number, process name, process number, MD5 and/or application behavior of the application program, and generating a unique character string corresponding to the application program through a specific function.
Preferably, the method further comprises periodically querying whether the application fingerprint is valid.
The embodiment of the invention also provides application software fingerprint identity authentication equipment, which uses any one of the methods of the embodiment of the invention to comprise a micro-isolation abstract middleware for inquiring whether an application fingerprint has an authentication record, communicating between a Rich OS system and a TEE system, realizing micro-isolation and adaptation of an OS and a bottom layer in the Rich OS system, an authentication center for carrying out application fingerprint identity authentication inquiry according to an identity authentication inquiry instruction sent by the micro-isolation abstract middleware, a fingerprint database for storing the application fingerprint corresponding to the application program, a fingerprint generation module for generating the corresponding application fingerprint according to the application program, and a fingerprint state inquiry module for inquiring whether the state of the application fingerprint is effective.
Preferably, the micro-isolation abstract middleware is further used for micro-isolation of the OS from the bottom layer.
The application also proposes a computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, implements a method according to any of the embodiments of the application.
Furthermore, the application also provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of being run by the processor, wherein the processor executes the computer program to realize the method according to any embodiment of the application.
The at least one technical scheme adopted by the embodiment of the application has the advantages that the method can strengthen the authentication and data management and control of the application program in the automobile part, ensure that the data is not leaked by the application program, and improve the data safety capability of the automobile part; the application protects the identity authentication function of the fingerprint by using the Rich OS and the TEE, realizes complete separation on hardware by using a micro-isolation middleware technology, realizes extremely low coupling, and independently separates security from service, ensures that user experience, performance and cost are not affected on the basis of improving security.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and do not constitute a limitation on the invention. In the drawings:
FIG. 1 is a flow chart of the method of the present invention;
FIG. 2 is a flowchart of an embodiment of a method of the present invention including instruction transmission;
FIG. 3 (a) is a schematic diagram of the connection of an embodiment of the apparatus of the present invention;
fig. 3 (b) is a schematic diagram of the architecture of an embodiment of the apparatus of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to specific embodiments of the present invention and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Automobile data security has become the most important problem of current regulatory authorities In China, in 2021, several regulations (solicitation opinion manuscripts) on automobile data security management issued by national network credit office have been confirmed, along with popularization and penetration of ADAS (ADVANCED DRIVING ASSISTANCE SYSTEM ) and intelligent cabins, a large amount of personal data and national security related data are stored In automobile parts, the automobile is networked, and application software running In the parts lacks legitimacy authentication capability, so that an attacker can randomly access sensitive data In the parts of the automobile (Linux/Android system), such as DCU (Domain Control Unit, domain controller) and IVI (In-Vehicle Infotainment, in-vehicle information system) host computers, and implanted application programs can directly access sensitive data In the parts. In addition, whether or not a legitimate application among the components has access to personal sensitive data and transmits such data is also a concern.
Automobile parts are mainly divided into two types according to the type of a processor, namely an MCU (Micro Control Unit, a microcontroller) and an MPU (Micro Process Unit, a microprocessor). The MCU is developed mainly by using a C code or an RTOS (Real-time operating system) system, such as an airbag ECU (Electronic Control Unit ), and the MPU is developed mainly by using a Linux/Android system, such as DCU or IVI. The personal sensitive information stored by the parts of the MPU is the most in the two parts, so the invention mainly aims at the application software in the parts, and realizes the identity authentication technology of the application software.
In general, an application accesses underlying data, and the data in the ROM or the RAM can be accessed through an OS (operating system) kernel and a BSP (board level support package, board Support Package), and the whole process is completely without any protection and control mechanism, so long as the application installed in the component can theoretically access any data stored in the component, and the whole access process is not controlled by any control.
The trusted execution environment (Trusted Execution Environment, TEE) may guarantee computation that is not interfered with by the conventional operating system, and is therefore referred to as "trusted". This is achieved by creating a small operating system that can run independently in the trust zone (secure world) that directly provides a small number of services in the form of system calls (handled directly by the trust zone kernel). In addition, the TrustZone kernel may securely load and execute the applet "Trustlets (special software module)" to add "trusted" functionality in the extension model. Trustlets programs can provide secure services for unsecure (common world) operating systems such as Android. The Rich OS and the TrustZone communicate through an IPC (Inter-Process Communication ) channel, and an application program can call the application in the TrustZone through the IPC channel. Specific system architecture diagrams are shown below. At present, the TEE is mainly widely applied under an ARM system, and the ARM system architecture is the vast majority of the automobile parts of the MPU at present, so that the vast majority of the MPU automobile parts on the market can support the TEE at present.
After the TEE is applied, the overall system startup procedure and architecture are as follows. In total 7 steps are required, so the TEE can ensure the security of the whole start-up from the whole start-up procedure, and an attacker cannot crack the TEE from the drive level. The process of applying the TEE is as follows, the first, system is powered up, the PC pointer points to the address of the BOOT ROM inside the chip and executes, the second, BOOT ROM is loaded from the external storage device, the ATF (ARM trusted firmware), TEE OS, LK are loaded (verified) from the external storage, and jumps to the ATF execution, the fourth, ATF jumps to TEE OS execution initialization, and returns to ATF, the fifth, ATF jumps to LK execution, the sixth, LK loading operation Android Linux kernel, and the seventh, system loads the Modem.
Compared with the original Linux/Android system, three parts of a microkernel, a TEE OS and an ATF are added, and the details are shown in the following diagram. If the TEE system does not exist, preloader is directly loaded with Linux Kernel/Android, so that the TEE system architecture ensures the credibility of the whole system from the starting point of view.
The identity authentication technology is an effective solution generated by the process of confirming the identity of an operator, and is a process of verifying whether the true identity of a main body accords with the claimed identity of the main body, and can be divided into authentication between a user and a host and authentication between the host and the host. Traditional authentication techniques include static passwords, short message passwords, dynamic passwords, digital signatures, biometrics, x.509 certificates, and the like. The invention refers to, combines and references these authentication techniques to form a set of application software identity authentication technique suitable for MPU automobile parts.
The existing identity authentication technology comprises the steps of implanting an Agent (application program) in a kernel layer or ring3 layer of an OS, adopting a hook technology, and when all application software accesses to the bottom layer resource of the system, the hook program can pull the application into the Agent for checking (based on rules or models), and releasing the program after checking. If an exception occurs, the Agent may directly shut down the process of the application.
The method has the defects that the first Agent and the Agent lack of a protection scheme because of being deployed in an OS kernel layer or a ring3 layer and are easy to be directly deleted by an attacker, and even if the protection program is placed in a BSP layer, the possibility that the Agent is deleted is improved, but if the attacker knows about the protection scheme, the protection program can be deleted in the BSP layer. Secondly, the Agent is influenced by the OS version and has very large coupling with the OS kernel, if once the kernel is updated, the Agent also needs to be synchronously adapted and updated, and because the updating speed of the OS kernel is higher, the Agent is easy to forget to update, and the Agent is not matched with the new OS kernel, so that the whole automobile part is influenced.
The existing identity authentication technology also comprises data encryption. In theory, the data encryption technology can encrypt all personal sensitive information stored in the parts before storage, so that even if leakage occurs, an attacker cannot restore real data when the attacker does not obtain the secret key. Data encryption has the disadvantage that first, the system resources are very large and the cost is increased. Along with the diversification of data volume and data types, simple data encryption is suitable for a small amount of text data, but huge operation can occupy resources of a CPU and a memory for data of pictures and videos, and parts manufacturers must replace the CPU with higher performance and the memory with larger memory to deal with, so that the cost of the parts is greatly increased. Secondly, the normal response speed of the system is influenced, and the user experience is reduced. When the system uses the encrypted data, the encrypted data needs to be decrypted first, a certain time is required to be consumed for decryption, and the response time of normal application software can be influenced by accumulation, so that the user experience is reduced.
The invention has the innovation points that the first and the second invention are the identity authentication based on the application behavior fingerprint of the automobile part, the application in the automobile part is realized by codes, the behavior is fixed and specific, the invention takes the application behavior as the fingerprint and further as the application identity authentication factor, the application can be easily distinguished through the fingerprint, the invention is used for the identity authentication on one hand, and the data access management and control can be conveniently carried out at the same time. Secondly, the invention adopts micro-isolation abstract middleware to carry out communication and functional interaction between the Rich OS system and the TEE system, thereby increasing the adaptation to the bottom layer and the OS and also needing to increase the corresponding information security capability.
The following describes in detail the technical solutions provided by the embodiments of the present invention with reference to the accompanying drawings.
Fig. 1 is a flowchart of an embodiment of the method of the present invention, which can be used for identity authentication of application software of automobile parts, and as an embodiment of the present invention, an application software fingerprint identity authentication method specifically includes the following steps 101 to 102:
and step 101, inquiring whether an authentication record exists in the application fingerprint in the micro-isolation abstract middleware when the application program initiates access to the underlying data resource in the Rich OS system.
In step 101, preferably, when an application initiates access to the underlying data resource in the Rich OS system, after confirming the identity of the application, it is further confirmed whether the access has access data authority, if the access authority is provided, and if an authentication record of an application fingerprint exists in the micro-isolated abstract middleware, the application is allowed to access the underlying data, otherwise, access to the corresponding underlying data is denied.
And 102, if the micro-isolation abstract middleware has an authentication record of the application fingerprint, allowing access to corresponding bottom data, otherwise, inquiring the application program or generating a new application fingerprint in a TEE system to complete identity authentication.
In step 102, further, when the application program is queried or a new application fingerprint is generated in the TEE system to complete identity authentication, if the identity authentication condition is met, a request for allowing access to the corresponding underlying data is initiated to the Rich OS system through the micro-isolation abstract middleware, and if the identity authentication condition is not met, an identity authentication request is initiated to the application program in the Rich OS system.
In steps 101 and 102, communication is performed between the Rich OS architecture and the TEE architecture through the micro-isolated abstract middleware. The micro-isolation abstract middleware can be used for realizing communication and functional interaction between two systems, isolation and adaptation of bottom layer resources (driving programs and hardware resources) and isolation and adaptation of an operating system layer, so that effective application and data isolation are realized, and effective access control is performed.
The embodiment of the invention can bring the following effects that firstly, the identity authentication of the application software in the MPU automobile part is realized, the authority setting is carried out on the application software, the fact that all the application software can access the sensitive data in the part is ensured, the sensitive data comprise individuals and the sensitive data possibly related to national security, and the problem of data leakage in equipment caused by random access of the automobile part data is solved.
Second, the application fingerprint authentication technology adopted by the invention realizes the identity authentication of the application software. The traditional authentication technology generally adopts an X.509 certificate, but the certificate needs to rely on a PKI system and needs to be networked for CA authentication, and the technical scheme is also not suitable for equipment in an automobile internal network, so that the embodiment of the invention forms application fingerprints by locking application behaviors, processes, MD5 and other modes, and is suitable for the automobile field.
Third, the embodiment of the invention can also prevent the protection program from being deleted and tampered. Since the authentication protection program is placed in the TEE OS, an attacker cannot tamper with any application in the TEE OS, both while running and while storing. Because if the TEE OS is tampered with at the time of storage, the ATF is not bootable at the time of boot-up.
Fourth, the embodiment of the invention can unbind the coupling of the Linux/Android OS and the bottom hardware through the micro-isolation middleware, and solves the problem that the whole OS and the bottom hardware need to be re-adapted for related security functions caused by updating under the Rich OS system.
Fifth, the embodiment of the invention does not affect the performance and the response time of the application program of the existing system, and avoids the increase of the cost of parts. Because the TEE OS and the Rich OS are independent in hardware, the security application is a hardware resource that does not consume the Rich OS.
Fig. 2 is a flowchart of a method of the present invention including instruction transmission, and provides a flowchart of fingerprint identity authentication of application software of an automobile part based on micro-isolation, as an embodiment of the present invention, a fingerprint identity authentication method of application software, specifically comprising the following steps 201 to 215:
Step 201, an application program initiates a request for accessing underlying data to an operating system.
Step 202, an operating system requests to access micro-isolation abstract middleware.
And 203, inquiring whether the application fingerprint has an authentication record or not through the micro-isolation abstract middleware.
And 204, if the application fingerprint has an authentication record in the micro-isolation abstract middleware, calling a bottom data interface through the BSP.
Step 205, accessing the bottom data resource according to the instruction for calling the bottom data interface.
In step 201 to 205, when an application program wants to access an underlying data resource, an access data request needs to be sent to an operating system (Linux/Android), after the operating system receives the request, the operating system needs to directly send an access request micro-isolation abstract middleware, after the micro-isolation abstract middleware receives the request, whether the application is authenticated and passed or not is confirmed, and meanwhile, whether the application has access data authority or not is confirmed, if the application passes, the application is directly allowed to call an access underlying data interface of a BSP, and at this time, the application can directly access data stored in a ROM or a RAM. If the micro-isolation abstract middleware finds that the application does not have the authentication record, an authentication center call request is initiated to the TEE trusted execution environment to enable the application to be authenticated.
It should be noted that, a part of application fingerprint authentication records, such as application fingerprints corresponding to application programs that access the underlying data frequently recently, are stored in the micro-isolation abstract middleware, so that a process that the application programs need to perform identity authentication in a TEE system every time of access is avoided, and the application programs can access the underlying data quickly. It should be noted that the number of application fingerprint authentication records stored in the micro-isolated abstract middleware is not limited.
Step 206, if the application fingerprint does not have the authentication record in the micro-isolation abstract middleware, calling an authentication center interface to the TEE OS through the micro-isolation abstract middleware.
In step 206, the micro-isolated abstract middleware functions to communicate between the Rich OS architecture and the TEE OS architecture.
Step 207, inquiring whether the authentication record of the application fingerprint exists in the authentication center.
In step 207, the authentication center stores a part of authentication records of the application fingerprint, so as to facilitate quick determination of whether the application fingerprint exists, avoid that the application fingerprint needs to be queried through the fingerprint database every time, and speed of accessing the underlying data by the application program is increased.
And step 208, if the authentication record of the application fingerprint exists in the authentication center, the authentication is recorded through the micro-isolation abstract middle record.
In step 208, the micro-isolation abstraction middleware may record the most recent authentication result for the authentication center.
In step 208, after the authentication is recorded in the middle of the micro isolation abstraction, the steps 204 and 205 are shifted to.
Step 209, if the authentication record of the application fingerprint does not exist in the authentication center, inquiring whether the application fingerprint exists or not through a fingerprint database.
In step 209, the fingerprint database stores all authenticated application fingerprints, and the application fingerprint identity authentication result of the current application program can be obtained by traversing the fingerprint database.
Step 210, if the authentication record of the application fingerprint exists in the fingerprint database query, querying the application fingerprint state through a fingerprint state query module.
In step 210, the fingerprint state query module queries whether the state of the fingerprint is active (valid) or inactive (invalid). The management and control center can check whether the fingerprint state of each application program is in an activated state or not at regular intervals, and if the fingerprint state is in an inactivated state, the management and control center needs to prevent the application from accessing data later.
Step 211, if the application fingerprint state is valid, updating the application fingerprint through the authentication center.
After the application fingerprint is updated in step 211, the process proceeds to step 208.
Step 212, if at least one condition that the application fingerprint state is invalid and the authentication record of the application fingerprint does not exist in the fingerprint database query is satisfied, requesting to generate the application fingerprint through the fingerprint generation module.
In step 212, the step of generating the corresponding application fingerprint further includes parameterizing the name, type, version number, process name, process number, MD5 and/or application behavior of the application program, such as calling interface, accessed file path, file operation, network access, etc., and generating a unique character string corresponding to the application program by a specific function, such as SHA256 or entropy, where the character string is the application fingerprint of the application program.
And step 213, initiating an application fingerprint generation request through the micro isolation abstract middleware.
Step 214, calling an application fingerprint generation interface through an operating system.
Step 215, collecting application fingerprints through an application program to generate required data.
In steps 206-215, further consider whether the application program has the authority to access the underlying data, namely, the trusted execution environment receives the authentication center call request of the micro-isolated abstract middleware, and after the authentication center receives the request, the authentication center inquires whether the application has an application fingerprint in the authentication center, if the authentication center finds the application fingerprint, the application fingerprint is returned to the micro-isolated abstract middleware, the micro-isolated abstract middleware records the authentication, and at the same time, the application is allowed to call the underlying data when the application is confirmed to have the authority to access the data. If the application fingerprint can not be found by the authentication center, a request is sent to the fingerprint database, the fingerprint database is queried, if the application fingerprint can be found, the application fingerprint is firstly queried in the fingerprint state query module to determine whether the state of the application fingerprint is valid, if the application fingerprint is valid, the application fingerprint is updated to the authentication center, meanwhile, the authentication center sends the application fingerprint information to the micro-isolation abstract middleware, the authentication is recorded, and meanwhile, the application is allowed to access the underlying data. If the application fingerprint is not in the fingerprint database, or the application fingerprint is in the fingerprint database but the fingerprint state is invalid, the fingerprint generation module is called to allow the application to regenerate a new application fingerprint. The fingerprint generation module is sent to the micro-isolation abstract middleware, and the micro-isolation abstract middleware is directly sent to the application through the OS, so that the application initiates fingerprint generation operation and performs identity authentication.
The traditional identity authentication is realized by means of an X.509 certificate, a human biological feature, a user name, a password and the like, the identity authentication is never performed by means of user 'behavior', and at most, illegal judgment is performed by means of behavior, such as comparison popular UEBA, and whether the behavior is attack or not is judged by means of abnormal behavior in the using process. Applications in automobile parts are all realized by codes, and the behavior is fixed and specific, for example, navigation applications only access map data and absolutely access data in music applications suddenly. Therefore, the application behavior is taken as a fingerprint as an application identity authentication factor, has strong characteristics, can be easily distinguished through the fingerprint, is used for identity authentication on one hand, and can conveniently carry out data access management and control.
Fig. 3 (a) is a schematic connection diagram of an embodiment of the apparatus of the present invention, and fig. 3 (b) is a schematic architecture diagram of an embodiment of the apparatus of the present invention, where the method of any embodiment of the present invention may be used, and an application software fingerprint identity authentication system includes a micro-isolation abstract middleware 1, an authentication center 2, a fingerprint database 3, a fingerprint generation module 4, and a fingerprint status query module 5.
Fig. 3 (a) provides a schematic diagram of the connection relationship between the modules of the apparatus of the present invention. Fig. 3 (b) provides an architecture of the various modules of the device of the present invention in the Rich OS architecture and TEE architecture. The authentication center, the fingerprint database, the fingerprint generation module and the fingerprint state query module are placed in the TEE OS, and a micro-isolation abstract layer middleware is inserted between two systems (a Rich system and a trusted execution system) for protecting and isolating bottom layer resources, realizing communication between the two systems, and simultaneously realizing adaptation of an operating system between the two systems.
In the embodiment of the invention, the micro-isolation abstract middleware is used for inquiring whether the application fingerprint has an authentication record, is also used for communication between a Rich OS system and a TEE system, is also used for access control of data in automobile parts, and is used for micro-isolation and adaptation of an OS and a bottom layer in the Rich OS system.
The authentication center is used for carrying out application fingerprint identity authentication inquiry according to the identity authentication inquiry command sent by the micro-isolation abstract middleware.
The fingerprint database is used for storing application fingerprints corresponding to the application programs.
The fingerprint generation module is used for generating corresponding application fingerprints according to the application program.
The fingerprint state inquiry module is used for inquiring whether the state of the application fingerprint is valid or not.
Specifically, the authentication center is responsible for authenticating the fingerprint of the application program, confirming the identity of the application program, and simultaneously informing the management and control center that the authentication result is released or blocked.
The fingerprint database is used for storing the trusted application program fingerprints, and after the system is restarted, all application programs need to be authenticated again. The fingerprint generation module is used for generating the fingerprint of the application program.
The fingerprint generation module needs to parameterize the name, the process name, the MD5, the application behavior (such as calling interface, accessed file path, file operation, network access, etc.) and the like of the application program needing fingerprint generation in advance, and generates a unique character string corresponding to the application program through a specific function such as SHA256 or entropy, wherein the character string is the fingerprint of the application program.
The fingerprint state inquiry module inquires whether the state of the fingerprint is activated or logged off. The management and control center needs to check whether the fingerprint state of each application program is in an activated state or not at regular intervals, and if the fingerprint state is in an inactivated state, the management and control center needs to prevent the application from accessing data later.
The micro-isolation abstract middleware is used for realizing communication and functional interaction between two systems, isolation and adaptation of bottom-layer resources (drivers and hardware resources) and isolation and adaptation of an operating system layer. Thereby effectively isolating the application from the data and performing effective access control.
The micro-isolation abstract middleware is further used for realizing any one of the following functions:
And packaging the BSP bottom layer driver, namely packaging the bottom layer drivers of the main stream in the current automobile industry, such as the drivers of the main stream chips of NXP, infrax, ruisha and TI lamps, and ensuring the bottom layer adaptation of the micro-isolation abstract middleware.
And (3) OS packaging, namely packaging the currently mainstream Linux/Android system kernel, and switching API packaging interfaces by the microkernel abstract middleware according to different versions.
And controlling the access authority of the data resource, namely controlling the access of the data resource based on the behavior authority of the application, and not allowing the data resource beyond the access authority of the application.
And auditing, namely recording logs of application data access, identity authentication and the like, realizing log auditing and reporting abnormality.
The embodiment of the invention mainly aims at a TEE system, needs to modify and develop the TEE in implementation aspect, and needs to develop an authentication center, a fingerprint database, a fingerprint generation module and a fingerprint state query module aiming at a TEE OS, which are four Trustlets. Meanwhile, development of micro-isolation abstract middleware is needed, adaptation to the bottom layer and the OS is increased, and corresponding information security capability is also needed to be increased. Because the whole starting flow is based on the trusted computing system provided by the ARM and has a complete trusted chain, the trusted state can be ensured in each step from the starting time, and therefore the trusted state and the security of the whole system are ensured to the greatest extent.
The application therefore also proposes a computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, implements a method according to any of the embodiments of the application.
Furthermore, the application also provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of being run by the processor, wherein the processor executes the computer program to realize the method according to any embodiment of the application.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The foregoing is merely exemplary of the present invention and is not intended to limit the present invention. Various modifications and variations of the present invention will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the invention are to be included in the scope of the claims of the present invention.
Claims (8)
1. An identity authentication method based on application software fingerprints is characterized by comprising the following steps:
when an application program initiates access to a bottom data resource in a Rich OS system, inquiring whether an authentication record exists in an application fingerprint in a micro-isolation abstract middleware, if so, allowing access to the bottom data, otherwise, inquiring the application program or generating a new application fingerprint in a TEE system to finish identity authentication;
the step of accessing the bottom data further comprises the steps of sending an instruction for calling the bottom data interface to the bottom driver through the micro isolation abstract middleware;
The step of querying the application program or generating a new application fingerprint in the TEE system to complete identity authentication further comprises the following steps:
Inquiring whether the authentication record of the application fingerprint exists in the authentication center, and if so, sending an instruction for allowing access to the bottom data to a Rich OS system through the micro-isolation abstract middleware;
if the application fingerprint does not exist, inquiring whether the application fingerprint exists and whether the application fingerprint is effective in a fingerprint database, if the application fingerprint exists and is effective, updating an authentication record to the authentication center, and simultaneously sending an instruction for allowing access to bottom data to a Rich OS system through the micro-isolation abstract middleware;
Otherwise, the application program generates a corresponding new application fingerprint, the identity authentication is completed in the TEE system, and an instruction for allowing access to the bottom data is sent to the Rich OS system through the micro-isolation abstract middleware.
2. The application fingerprint-based identity authentication method of claim 1, further comprising:
and communicating between the Rich OS architecture and the TEE architecture through the micro-isolation abstract middleware.
3. The application fingerprint-based identity authentication method of claim 1, further comprising:
And recording an application fingerprint authentication result through the micro-isolation abstract middleware.
4. The application fingerprint-based identity authentication method of claim 1, further comprising:
When an application program initiates access to the bottom data resource in the Rich OS system, after confirming the identity of the application program, confirming whether the access has the access data authority or not, if so, allowing the application program to access the bottom data, otherwise, refusing to access the corresponding bottom data.
5. The application software fingerprint-based authentication method according to claim 1, wherein the step of generating the corresponding application fingerprint further comprises:
The name, type, version number, process name, process number, MD5 and/or application behavior of the application program are parameterized, and unique character strings corresponding to the application program are generated through specific functions.
6. The application fingerprint-based identity authentication method of claim 1, further comprising:
The application fingerprint is periodically queried for validity.
7. An identity authentication device based on application software fingerprint, which uses the method of any one of claims 1 to 6, and is characterized by comprising:
The micro-isolation abstract middleware is used for inquiring whether an authentication record exists in the application fingerprint, communicating between the Rich OS system and the TEE system, and realizing micro-isolation and adaptation of the OS and the bottom layer in the Rich OS system;
The authentication center is used for carrying out the identity authentication of the application program fingerprint according to the identity authentication inquiry instruction sent by the micro-isolation abstract middleware;
The fingerprint database is used for storing application fingerprints corresponding to the application programs;
the fingerprint generation module is used for generating corresponding application fingerprints according to the application program;
And the fingerprint state query module is used for querying whether the state of the application fingerprint is valid.
8. The application fingerprint-based authentication device according to claim 7, wherein the micro-isolation abstraction middleware is further configured for micro-isolation of an OS from an underlying layer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111553586.0A CN114372255B (en) | 2021-12-17 | 2021-12-17 | Identity authentication method and equipment based on application software fingerprint |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111553586.0A CN114372255B (en) | 2021-12-17 | 2021-12-17 | Identity authentication method and equipment based on application software fingerprint |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114372255A CN114372255A (en) | 2022-04-19 |
| CN114372255B true CN114372255B (en) | 2025-07-22 |
Family
ID=81139715
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111553586.0A Active CN114372255B (en) | 2021-12-17 | 2021-12-17 | Identity authentication method and equipment based on application software fingerprint |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114372255B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116136901B (en) * | 2023-04-19 | 2023-07-14 | 杭州美创科技股份有限公司 | Application program anti-counterfeiting method and device, computer equipment and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108171063A (en) * | 2018-01-11 | 2018-06-15 | 深圳市金立通信设备有限公司 | Method, terminal and the computer readable storage medium of access safety element |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6888445B2 (en) * | 2017-07-10 | 2021-06-16 | 大日本印刷株式会社 | How to install secure elements, computer programs, devices, servers and trusted applications |
| CN107480519A (en) * | 2017-08-04 | 2017-12-15 | 深圳市金立通信设备有限公司 | A kind of method and server for identifying risk application |
-
2021
- 2021-12-17 CN CN202111553586.0A patent/CN114372255B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108171063A (en) * | 2018-01-11 | 2018-06-15 | 深圳市金立通信设备有限公司 | Method, terminal and the computer readable storage medium of access safety element |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114372255A (en) | 2022-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8201239B2 (en) | Extensible pre-boot authentication | |
| US8909940B2 (en) | Extensible pre-boot authentication | |
| EP3039604B1 (en) | Method of authorizing an operation to be performed on a targeted computing device | |
| US8850193B2 (en) | Secure system for allowing the execution of authorized computer program code | |
| US7836299B2 (en) | Virtualization of software configuration registers of the TPM cryptographic processor | |
| CN114651253B (en) | Virtual environment type validation for policy enforcement | |
| JP5346608B2 (en) | Information processing apparatus and file verification system | |
| US20100229242A1 (en) | Program execution control system, program execution control method and computer program for program execution control | |
| US20090125974A1 (en) | Method and system for enforcing trusted computing policies in a hypervisor security module architecture | |
| EP2786545B1 (en) | Method and computer device to control software file downloads | |
| CN101304409A (en) | Malicious code detection method and system | |
| CN112204548A (en) | Automatic generation of application-specific client certificates | |
| WO2015038219A1 (en) | Mobile communication device and method of operating thereof | |
| CN105308610A (en) | Method and system for platform and user application security on a device | |
| WO2017016231A1 (en) | Policy management method, system and computer storage medium | |
| KR20200041639A (en) | In-vehicle software update system and method for controlling the same | |
| CN114372255B (en) | Identity authentication method and equipment based on application software fingerprint | |
| CN117678251B (en) | Method, apparatus and computer program product for checking permission to use at least one performance feature in an Internet of Things device | |
| US20220159004A1 (en) | Method for granting access to objects in a computerized system, computer program product, and field device | |
| KR102034934B1 (en) | Securing the network access of local devices by using TPM | |
| JP7635494B2 (en) | Processing system with trust anchor computing device and corresponding method - Patents.com | |
| JP2007052618A (en) | Information processing device | |
| CN115357948A (en) | Hardware anti-copying encryption method and device based on TEE and encryption chip | |
| Scheibel et al. | Design and implementation of an architecture for vehicular software protection | |
| KR20150043954A (en) | Access control system and method to security engine of mobile terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20250623 Address after: 101108 Beijing Tongzhou District Xiji Town Network Security Park Innovation Center No. 1 - 243 Applicant after: Guotou Yunwang Digital Technology Co.,Ltd. Country or region after: China Address before: 100085 No. 5, Yangfang East Road, Haidian District, Beijing, Meiyaboke Applicant before: Beijing meiyabaike Network Security Technology Co.,Ltd. Country or region before: China |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |