Movatterモバイル変換

[0]ホーム
URL:

CN118550647A - Data sharing method and related device of secure virtual machine - Google Patents

Data sharing method and related device of secure virtual machineDownload PDF

Info

Publication number
CN118550647A
CN118550647ACN202410683055.0ACN202410683055ACN118550647ACN 118550647 ACN118550647 ACN 118550647ACN 202410683055 ACN202410683055 ACN 202410683055ACN 118550647 ACN118550647 ACN 118550647A
Authority
CN
China
Prior art keywords
virtual machine
secure
secure virtual
key
shared
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410683055.0A
Other languages
Chinese (zh)
Inventor
黎奥
王博
李�根
唐遇星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Phytium Technology Co Ltd
Original Assignee
Phytium Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Phytium Technology Co LtdfiledCriticalPhytium Technology Co Ltd
Priority to CN202410683055.0ApriorityCriticalpatent/CN118550647A/en
Publication of CN118550647ApublicationCriticalpatent/CN118550647A/en
Pendinglegal-statusCriticalCurrent

Links

Classifications

Landscapes

Abstract

The embodiment of the specification provides a data sharing method of a secure virtual machine, which meets the data sharing requirement between the secure virtual machines through a virtual machine sharing key, improves the convenience of data sharing between the secure virtual machines, and also ensures the security of data sharing between the secure virtual machines based on the virtual machine sharing key. Meanwhile, the configuration information of the secure virtual machine comprises shared memory information, and the shared memory information is used for creating a shared memory, so that in the data sharing process, the secure firmware can share shared data with the target secure virtual machine by utilizing the shared memory according to a virtual machine shared key corresponding to the current secure virtual machine, and the data sharing efficiency is improved.

Description

Translated fromChinese
安全虚拟机的数据共享方法及相关装置Data sharing method and related device of secure virtual machine

技术领域Technical Field

本说明书涉及计算机应用技术领域,具体地说,涉及计算机应用技术领域下的可信技术,更具体地说,涉及一种安全虚拟机的数据共享方法及相关装置。The present invention relates to the field of computer application technology, in particular, to trusted technology under the field of computer application technology, and more particularly, to a data sharing method and related device for a secure virtual machine.

背景技术Background Art

随着计算机应用技术的不断发展,出现了SaaS(Software as a Service,软件即服务)等新类型的软件交付模式,云平台厂商可以通过互联网提供软件服务,用户无需在本地安装和维护软件。在这种模式下,软件供应商会开发和维护一个软件应用,多个租户(或称用户)可以共享这个应用。With the continuous development of computer application technology, new types of software delivery models such as SaaS (Software as a Service) have emerged. Cloud platform vendors can provide software services through the Internet, and users do not need to install and maintain software locally. In this model, software vendors will develop and maintain a software application, and multiple tenants (or users) can share this application.

云平台厂商可以通过在云平台上运行多租户应用(Software Multitenancy)等架构的软件为多个用户以SaaS的方式提供软件服务。多租户应用是一种软件架构,在多租户应用架构下,多个租户共享同一个软件实例和数据库,但每个租户的数据和配置都是隔离的,以保证数据的安全性和隐私性。这种架构可以提高资源的利用率,降低维护成本,并提供更好的可扩展性。Cloud platform vendors can provide software services to multiple users in the form of SaaS by running software with architectures such as multi-tenant applications on cloud platforms. Multi-tenant applications are a type of software architecture where multiple tenants share the same software instance and database, but each tenant's data and configuration are isolated to ensure data security and privacy. This architecture can improve resource utilization, reduce maintenance costs, and provide better scalability.

在云平台中,多个虚拟机可能运行在同一个物理服务器上。通过共享数据,可以减少存储资源的重复占用,降低成本,同时提高资源利用率。在数据共享等使用过程中,需要保障多个租户的私有数据以及云平台厂商的私有数据等大量数据的安全性,因此,保障云平台的安全性,特别是虚拟机间数据共享的安全性具有重要意义。In a cloud platform, multiple virtual machines may run on the same physical server. By sharing data, the duplication of storage resources can be reduced, costs can be reduced, and resource utilization can be improved. In the process of data sharing, it is necessary to ensure the security of a large amount of data, such as the private data of multiple tenants and the private data of cloud platform vendors. Therefore, it is of great significance to ensure the security of the cloud platform, especially the security of data sharing between virtual machines.

发明内容Summary of the invention

本说明书实施例提供了一种安全虚拟机的数据共享方法及相关装置,以实现提高云平台的安全性的目的。The embodiments of this specification provide a data sharing method and related devices for a secure virtual machine to achieve the purpose of improving the security of a cloud platform.

为实现上述技术目的,本说明书实施例提供了如下技术方案:To achieve the above technical objectives, the embodiments of this specification provide the following technical solutions:

第一方面,本说明书的一个实施方式提供一种安全虚拟机的数据共享方法,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,所述安全虚拟机的数据共享方法包括:In a first aspect, an embodiment of the present specification provides a data sharing method for a secure virtual machine, which is applied to a first processor in a system on chip, where the first processor is used to run a secure firmware, and the system on chip also includes a second processor, where the second processor is used to run a secure virtual machine, and the data sharing method for the secure virtual machine includes:

响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;In response to a configuration operation for a current secure virtual machine, generating a virtual machine shared key corresponding to the current secure virtual machine according to configuration information of the current secure virtual machine; the configuration information of the secure virtual machine includes shared memory information; the shared memory information is used to create a shared memory;

响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。In response to a data sharing request carrying target secure virtual machine information, the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on a virtual machine sharing key corresponding to the current secure virtual machine.

第二方面,本说明书的一个实施方式提供一种安全虚拟机的数据共享装置,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,所述安全虚拟机的数据共享装置包括:In a second aspect, an embodiment of the present specification provides a data sharing device for a secure virtual machine, which is applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip also includes a second processor, the second processor is used to run a secure virtual machine, and the data sharing device for the secure virtual machine includes:

第二共享密钥模块,用于响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;A second shared key module, configured to generate a virtual machine shared key corresponding to the current secure virtual machine in response to a configuration operation for the current secure virtual machine according to configuration information of the current secure virtual machine; the configuration information of the secure virtual machine includes shared memory information; the shared memory information is used to create a shared memory;

第二数据共享模块,用于响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。The second data sharing module is used to respond to a data sharing request carrying target secure virtual machine information, and the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on the virtual machine sharing key corresponding to the current secure virtual machine.

第三方面,本说明书的一个实施方式还提供了一种片上系统,包括:第一处理器和第二处理器;其中,In a third aspect, an embodiment of the present specification further provides a system on chip, including: a first processor and a second processor; wherein:

所述第一处理器用于运行安全固件,所述第二处理器用于运行安全虚拟机;The first processor is used to run the security firmware, and the second processor is used to run the security virtual machine;

所述安全固件被配置为:响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;The security firmware is configured to: in response to a configuration operation for a current security virtual machine, generate a virtual machine shared key corresponding to the current security virtual machine according to configuration information of the current security virtual machine; the configuration information of the security virtual machine includes shared memory information; the shared memory information is used to create a shared memory;

响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。In response to a data sharing request carrying target secure virtual machine information, the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on a virtual machine sharing key corresponding to the current secure virtual machine.

第四方面,本说明书的一个实施方式还提供了一种计算设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现如上所述的安全虚拟机的数据共享方法。In a fourth aspect, an embodiment of the present specification also provides a computing device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the data sharing method of the secure virtual machine as described above when executing the computer program.

第五方面,本说明书的一个实施方式还提供了一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现如上所述的安全虚拟机的数据共享方法。In a fifth aspect, an embodiment of the present specification further provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the data sharing method of the secure virtual machine as described above is implemented.

第六方面,本说明书实施例提供了一种计算机程序产品或计算机程序,所述计算机程序产品包括计算机程序,所述计算机程序存储在计算机可读存储介质中;所述计算机设备的处理器从所述计算机可读存储介质读取所述计算机程序,所述处理器执行所述计算机程序时实现上述的安全虚拟机的数据共享方法的步骤。In a sixth aspect, an embodiment of the present specification provides a computer program product or a computer program, wherein the computer program product includes a computer program, and the computer program is stored in a computer-readable storage medium; the processor of the computer device reads the computer program from the computer-readable storage medium, and the processor implements the steps of the above-mentioned secure virtual machine data sharing method when executing the computer program.

从上述技术方案可以看出,本说明书实施例提供的安全虚拟机的数据共享方法通过虚拟机共享密钥满足了安全虚拟机之间的数据共享需求,提高了安全虚拟机之间数据共享的便利性,也基于虚拟机共享密钥保障了安全虚拟机之间数据共享的安全性。同时,安全虚拟机的配置信息包括共享内存信息,所述共享内存信息用于创建共享内存,如此在数据共享过程中,所述安全固件可以根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享,有利于提高数据数据共享效率。It can be seen from the above technical solution that the data sharing method of the secure virtual machine provided in the embodiment of this specification meets the data sharing requirements between secure virtual machines through the virtual machine shared key, improves the convenience of data sharing between secure virtual machines, and also ensures the security of data sharing between secure virtual machines based on the virtual machine shared key. At the same time, the configuration information of the secure virtual machine includes shared memory information, and the shared memory information is used to create shared memory. In this way, during the data sharing process, the secure firmware can share the shared data with the target secure virtual machine using the shared memory according to the virtual machine shared key corresponding to the current secure virtual machine, which is conducive to improving the efficiency of data sharing.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本说明书实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本说明书的实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据提供的附图获得其他的附图。In order to more clearly illustrate the embodiments of this specification or the technical solutions in the prior art, the drawings required for use in the embodiments or the description of the prior art will be briefly introduced below. Obviously, the drawings described below are only embodiments of this specification. For ordinary technicians in this field, other drawings can be obtained based on the provided drawings without paying creative work.

图1为本说明书的一个实施方式提供的一种应用场景的示意图;FIG1 is a schematic diagram of an application scenario provided by an embodiment of this specification;

图2为本说明书的一个实施方式提供的一种密钥管理方法的流程示意图;FIG2 is a schematic diagram of a flow chart of a key management method provided in one embodiment of this specification;

图3为本说明书的一个实施方式提供的一种虚拟机加密密钥的生成与使用流程示意图;FIG3 is a schematic diagram of a flow chart of generating and using a virtual machine encryption key according to an embodiment of the present specification;

图4为本说明书的一个实施方式提供的一种信道唯一密钥的生成与使用流程示意图;FIG4 is a schematic diagram of a flow chart of generation and use of a channel unique key according to an embodiment of the present specification;

图5为本说明书的一个实施方式提供的一种虚拟机磁盘加密密钥的生成与使用流程示意图;FIG5 is a schematic diagram of a flow chart of generating and using a virtual machine disk encryption key according to an embodiment of the present specification;

图6为本说明书的一个实施方式提供的一种多密钥安全虚拟机的密钥管理方法的流程示意图;FIG6 is a schematic flow chart of a key management method for a multi-key secure virtual machine provided in one embodiment of this specification;

图7为本说明书的一个实施方式提供的一种虚拟机共享密钥的生成与使用流程示意图;FIG. 7 is a schematic diagram of a flow chart of generating and using a virtual machine shared key according to an embodiment of the present specification;

图8为本说明书的一个实施方式提供的一种安全虚拟机的数据共享方法的流程示意图;FIG8 is a flow chart of a data sharing method for a secure virtual machine provided in one embodiment of this specification;

图9为本说明书的一个实施方式提供的一种密钥管理装置的结构示意图;FIG9 is a schematic diagram of the structure of a key management device provided by one embodiment of this specification;

图10为本说明书的一个实施方式提供的另一种密钥管理装置的结构示意图;FIG10 is a schematic diagram of the structure of another key management device provided by one embodiment of this specification;

图11为本说明书的一个实施方式提供的又一种密钥管理装置的结构示意图;FIG11 is a schematic diagram of the structure of another key management device provided by an embodiment of this specification;

图12为本说明书的一个实施方式提供的一种片上系统的结构示意图;FIG12 is a schematic diagram of the structure of a system on a chip provided by one embodiment of the present specification;

图13为本说明书的一个实施方式提供的一种计算设备的结构示意图。FIG. 13 is a schematic diagram of the structure of a computing device provided in accordance with one embodiment of the present specification.

具体实施方式DETAILED DESCRIPTION

除非另外定义,本说明书实施例使用的技术术语或者科学术语应当为本说明书所属领域内具有一般技能的人士所理解的通常意义。本说明书实施例使用的“第一”、“第二”以及类似的词语并不表示任何顺序、数量或者重要性,而只是用来避免构成要素的混同而设置的。Unless otherwise defined, the technical terms or scientific terms used in the embodiments of this specification shall have the common meanings understood by persons with ordinary skills in the field to which this specification belongs. The words "first", "second" and similar words used in the embodiments of this specification do not indicate any order, quantity or importance, but are only used to avoid confusion of constituent elements.

除非上下文另有要求,否则,在整个说明书中,“多个”表示“至少两个”,“包括”被解释为开放、包含的意思,即为“包含,但不限于”。在说明书的描述中,术语“一个实施例”、“一些实施例”、“示例性实施例”、“示例”、“特定示例”或“一些示例”等旨在表明与该实施例或示例相关的特定特征、结构、材料或特性包括在本说明书的至少一个实施例或示例中。上述术语的示意性表示不一定是指同一实施例或示例。Unless the context requires otherwise, throughout the specification, "plurality" means "at least two", and "including" is interpreted as an open, inclusive meaning, that is, "including, but not limited to". In the description of the specification, the terms "one embodiment", "some embodiments", "exemplary embodiments", "example", "specific example" or "some examples" are intended to indicate that a particular feature, structure, material or characteristic associated with the embodiment or example is included in at least one embodiment or example of the specification. The schematic representation of the above terms does not necessarily refer to the same embodiment or example.

下面将结合本说明书实施例中的附图,对本说明书实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本说明书一部分实施例,而不是全部的实施例。基于本说明书中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本说明书保护的范围。The following will be combined with the drawings in the embodiments of this specification to clearly and completely describe the technical solutions in the embodiments of this specification. Obviously, the described embodiments are only part of the embodiments of this specification, not all of the embodiments. Based on the embodiments in this specification, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of this specification.

概述Overview

云平台是一种能够提供按需分配计算资源(如服务器、存储、数据库、网络等)的基础设施服务。它通过虚拟化技术将物理资源抽象化并进行动态调度,使得租户可以根据需求随时获取所需的IT(Information Technology,信息技术)资源,并根据使用量进行付费。A cloud platform is an infrastructure service that can provide on-demand computing resources (such as servers, storage, databases, networks, etc.). It abstracts physical resources through virtualization technology and dynamically schedules them, allowing tenants to obtain the required IT (Information Technology) resources at any time according to demand and pay according to usage.

租户在使用云平台提供的软件服务时,可以在云平台中创建虚拟机(VirtualMachine,VM),通过虚拟机使用云平台提供的软件服务和相应资源。这种方式可以实现租户间的资源隔离,防止不同租户间的恶意攻击或数据泄露,有利于保障租户的资源安全,同时通过为租户创建虚拟机的方式向租户提供软件服务也有利于满足租户对于IT资源的灵活扩展与定制化需求。参考图1,图1示出了租户与云平台之间的关系示意图,多个租户(例如图1中的租户A、B和C)首次使用云平台时,可以基于虚拟化技术建立各自对应的虚拟机1~3,这些虚拟机可由云平台的虚拟机监视器(Hypervisor)进行管理,例如由虚拟机监视器管理虚拟机在物理内存(例如图1中的存储器)中的虚拟机内存控件。租户在建立了各自对应的虚拟机后,即可基于各自对应的虚拟机使用云平台提供的软件服务以及相应的资源。可以理解的是,图1中虽然示出了3个租户以及与3个租户对应的3个虚拟机,但图1仅用于进行示例性说明,在实际应用中,虚拟机数量和租户数量可以更多或更少,本说明书在此不做穷举。When using the software services provided by the cloud platform, tenants can create virtual machines (VMs) in the cloud platform and use the software services and corresponding resources provided by the cloud platform through the virtual machines. This method can achieve resource isolation between tenants, prevent malicious attacks or data leakage between different tenants, and is conducive to ensuring the resource security of tenants. At the same time, providing software services to tenants by creating virtual machines for tenants is also conducive to meeting the tenants' flexible expansion and customization needs for IT resources. Referring to Figure 1, Figure 1 shows a schematic diagram of the relationship between tenants and the cloud platform. When multiple tenants (such as tenants A, B, and C in Figure 1) use the cloud platform for the first time, they can establish their corresponding virtual machines 1 to 3 based on virtualization technology. These virtual machines can be managed by the virtual machine monitor (Hypervisor) of the cloud platform. For example, the virtual machine monitor manages the virtual machine memory control of the virtual machine in the physical memory (such as the memory in Figure 1). After the tenants have established their corresponding virtual machines, they can use the software services and corresponding resources provided by the cloud platform based on their corresponding virtual machines. It is understandable that although Figure 1 shows three tenants and three virtual machines corresponding to the three tenants, Figure 1 is only used for exemplary illustration. In actual applications, the number of virtual machines and the number of tenants may be more or less, and this specification does not list them all.

如背景技术中所述,由于云平台通过共享硬件资源并以虚拟机的形式向租户提供服务,这些虚拟机共享硬件资源,因此云平台的安全性不容忽视。为了提高云平台的安全性,可以使用区别于传统虚拟化技术的加密虚拟化技术,加密虚拟化技术可以对虚拟机进行加密保护,受到加密保护的虚拟机即可称为安全虚拟机(Secure Virtual Machine,SVM)。安全虚拟机提供了一种硬件级别的隔离环境。这为机密计算提供了基础设施,确保敏感数据在计算过程中得到保护。As described in the background technology, since the cloud platform provides services to tenants in the form of virtual machines by sharing hardware resources, these virtual machines share hardware resources, so the security of the cloud platform cannot be ignored. In order to improve the security of the cloud platform, encryption virtualization technology, which is different from traditional virtualization technology, can be used. Encryption virtualization technology can encrypt and protect virtual machines. The virtual machines protected by encryption can be called secure virtual machines (SVM). Secure virtual machines provide a hardware-level isolation environment. This provides infrastructure for confidential computing, ensuring that sensitive data is protected during the computing process.

在加密虚拟化技术中,可能会用到多种密钥,这些密钥可能会包括HRK(HardwareRoot Key,芯片厂商根密钥)、HSK(Hardware Series Key,芯片产品密钥)、HEK(HardwareEndorsement Key,芯片唯一密钥)、CPK(Cloud Provider Key,云厂商私有密钥)、PUK(Platform Unique Key,云平台唯一密钥)和SEK(Session Unique Key,信道唯一密钥)等,其中,HRK是由硬件制造商(即芯片厂商)预先烧录在芯片中的根密钥,这个根密钥可以用于验证芯片的身份或者用于生成其他密钥。HSK是由硬件制造商为某一系列或型号的芯片生成的密钥,这个密钥可以用于验证芯片的系列或型号,或者用于生成其他密钥。HEK是每个芯片的唯一密钥,这个密钥可以用于验证芯片的唯一身份或者用于生成其他密钥。CPK是云服务提供商(或称云平台的提供商)生成的私有密钥,这个密钥可以用于验证云服务提供商的身份或者用于生成其他密钥。PUK是云服务提供商为每个云平台(例如,一个数据中心或一个服务器群)生成的唯一密钥,这个密钥可以用于验证云平台的唯一身份或者用于生成其他密钥,PUK的存在可以使得信任链从片上系统扩展到整个云平台,保障云平台的唯一性和可靠性。SEK是为每个虚拟机或每个通信会话生成的唯一密钥,这个密钥可以用于保护虚拟机和宿主机之间的通信,防止被其他虚拟机或者攻击者窃听或者修改。上述密钥可能会在云平台的启动过程中使用或生成。除了上述密钥之外,在一些实施方式中,为了确保安全虚拟机的隔离性和独立性,还可能用到的密钥包括安全虚拟机加密密钥(Secure VirtualMachine Encryption Key)、安全虚拟机磁盘加密密钥(Secure Virtual Machine DiskEncryption Key)、安全虚拟机传输密钥(Secure Virtual Machine Transport Kye)和安全虚拟机共享密钥(Secure Virtual Machine Shared Key)等等,其中,安全虚拟机加密密钥用于加密虚拟机的内存内容,在加密虚拟化技术中,不同的虚拟机可以对应不同的虚拟机加密密钥,各个虚拟机对应的虚拟机加密密钥可由安全协处理器(Secure Coprocessor,SCP)进行生成、分配和管理,虚拟机加密密钥可以保存在安全协处理器的私有内存中,由密码引擎在使用时调用。安全虚拟机磁盘加密密钥用于加密和解密虚拟机的磁盘内容,包括虚拟硬盘文件以及虚拟机的镜像文件。加密虚拟机的磁盘内容可以防止未授权的访问和修改,提供数据在静态时的安全保护。安全虚拟机传输密钥可以用于在安全虚拟机迁移过程中加密安全虚拟机的私有数据和状态,这意味着即使攻击者能够监听安全虚拟机的迁移过程,也无法读取或修改安全虚拟机的私有数据和状态。安全虚拟机共享密钥可以用于在不同安全虚拟机之间共享数据,在一些实施方式中,将能够基于安全虚拟机共享密钥在不同安全虚拟机之间进行数据共享的安全虚拟机称为多密钥安全虚拟机(Multi-Key SecureVirtual Machine),而将不能在不同安全虚拟机之间进行数据共享的安全虚拟机称为单密钥安全虚拟机。安全固件可以利用上述的至少部分密钥实现对安全虚拟机的控制与管理。In encryption virtualization technology, multiple keys may be used, including HRK (Hardware Root Key, chip manufacturer root key), HSK (Hardware Series Key, chip product key), HEK (Hardware Endorsement Key, chip unique key), CPK (Cloud Provider Key, cloud manufacturer private key), PUK (Platform Unique Key, cloud platform unique key) and SEK (Session Unique Key, channel unique key), etc. Among them, HRK is the root key pre-burned into the chip by the hardware manufacturer (i.e., chip manufacturer). This root key can be used to verify the identity of the chip or to generate other keys. HSK is a key generated by the hardware manufacturer for a series or model of chips. This key can be used to verify the series or model of the chip, or to generate other keys. HEK is a unique key for each chip. This key can be used to verify the unique identity of the chip or to generate other keys. CPK is a private key generated by a cloud service provider (or cloud platform provider). This key can be used to verify the identity of the cloud service provider or to generate other keys. PUK is a unique key generated by the cloud service provider for each cloud platform (for example, a data center or a server cluster). This key can be used to verify the unique identity of the cloud platform or to generate other keys. The existence of PUK can extend the trust chain from the system on chip to the entire cloud platform, ensuring the uniqueness and reliability of the cloud platform. SEK is a unique key generated for each virtual machine or each communication session. This key can be used to protect the communication between the virtual machine and the host machine to prevent eavesdropping or modification by other virtual machines or attackers. The above keys may be used or generated during the startup process of the cloud platform. In addition to the above keys, in some implementations, in order to ensure the isolation and independence of the secure virtual machine, the keys that may be used include a secure virtual machine encryption key, a secure virtual machine disk encryption key, a secure virtual machine transport key, and a secure virtual machine shared key, etc., wherein the secure virtual machine encryption key is used to encrypt the memory content of the virtual machine. In the encryption virtualization technology, different virtual machines can correspond to different virtual machine encryption keys. The virtual machine encryption keys corresponding to each virtual machine can be generated, allocated and managed by a secure coprocessor (SCP). The virtual machine encryption key can be stored in the private memory of the secure coprocessor and called by the cryptographic engine when used. The secure virtual machine disk encryption key is used to encrypt and decrypt the disk content of the virtual machine, including the virtual hard disk file and the image file of the virtual machine. Encrypting the disk content of the virtual machine can prevent unauthorized access and modification, and provide security protection for data at rest. The secure virtual machine transport key can be used to encrypt the private data and state of the secure virtual machine during the secure virtual machine migration process, which means that even if an attacker can monitor the migration process of the secure virtual machine, the private data and state of the secure virtual machine cannot be read or modified. The secure virtual machine shared key can be used to share data between different secure virtual machines. In some embodiments, a secure virtual machine that can share data between different secure virtual machines based on the secure virtual machine shared key is called a multi-key secure virtual machine (Multi-Key SecureVirtual Machine), and a secure virtual machine that cannot share data between different secure virtual machines is called a single-key secure virtual machine. The secure firmware can use at least part of the above keys to control and manage the secure virtual machine.

为了提升云平台的安全性,在本说明书中,参考图1,在云平台的片上系统中设置了应用处理器(Application Processor,AP)和安全协处理器(Secure Coprocessor,SCP),将应用处理器中运行的虚拟机监视器对安全虚拟机的控制权限转交给安全协处理器上的安全固件,可以让安全固件负责云平台的生命周期安全、安全虚拟机生命周期、密钥调度和管理等事项中的至少一项。In order to improve the security of the cloud platform, in this specification, referring to Figure 1, an application processor (AP) and a secure coprocessor (SCP) are set in the system-on-chip of the cloud platform, and the control authority of the virtual machine monitor running in the application processor over the secure virtual machine is transferred to the secure firmware on the secure coprocessor, so that the secure firmware can be responsible for at least one of the lifecycle security of the cloud platform, the lifecycle of the secure virtual machine, key scheduling and management, etc.

应用处理器可以是指运行云平台操作系统(Operating System,OS)和云平台提供的软件应用服务等的处理器。安全协处理器可以是指专门设置的负责数据安全的处理器,安全协处理器上运行的安全固件可以是指专门用于负责数据安全的固件。在一些实施方式中,虚拟机监视器可以与安全协处理器配置用于通信的API(Application ProgrammingInterface,应用程序接口),实现虚拟机监视器与安全协处理器的交互。除了应用处理器和安全协处理器之外,在一些实施方式中,片上系统中还可以设置专门用于密钥管理的密码引擎,以及用于密钥加载与调用的密钥存储单元(Key Slot),为了提高密码引擎与密钥存储单元的独立性,保障密钥的安全性,在一些实施方式中,密码引擎可以为独立于安全协处理器和应用处理器的硬件,密钥存储单元可以为密码引擎中的硬件存储单元。为了保障加载于密钥存储单元中的密钥的安全性,可以设置密钥存储单元为只写不可读的状态,如此,可避免攻击者读取加载于密钥存储单元中的密钥的情况出现,有利于保障密钥存储单元中加载的密钥的安全性,从而保障密钥在使用过程中的安全性。当密钥存储单元为只写不可读的状态时,安全固件需要调用密钥存储单元中加载的密钥时,可以通过特定接口向密码引擎发起加密请求或解密请求,由密码引擎内部完成基于加载的密钥的加解密过程。例如,在一些实施方式中,密钥存储单元可以为寄存器等具有存取功能的硬件。在一些实施方式中,密钥存储单元可以包括多个槽位(Key Slot),每个槽位都可以用于加载一个密钥,这使得密钥存储单元可以加载多个密钥,满足安全固件对多个安全虚拟机的密钥的管理与调用需求。此外,在一些实施方式中,安全固件可以通过设置标志位信息的方式来命中密钥存储单元中加载的密钥,从而使得密钥存储单元中的密钥在调用过程中,不会出现明文的密钥相关信息(例如密钥名称、密钥标识等),有利于提高密钥使用过程中的安全性。标志位信息可以包括一个或多个数据位,例如在一个实施方式中,标志位信息可以包括两个数据位,通过两个数据位的取值组合来命中密钥存储单元中加载的密钥。例如,为了提高密钥使用过程中的安全性,当配置了密钥存储单元时,在云平台的配置过程中,可以设置机密计算位和共享位等标志位的使能状态(可通过标志位的取值表征使能状态),使得安全协处理器上的安全固件可以根据这些标志位的使能状态,进行密钥生成与密钥存储单元中加载的密钥的管理,后续安全固件可以基于密钥存储单元中加载的密钥进行虚拟机数据和云平台数据的加解密。在整个密钥生成与使用过程中,无需虚拟机监视器参与,有利于保障密钥的安全性。根据密码引擎采用的密码算法的不同,密码引擎可以分为SM2引擎、SM3引擎和SM4引擎等等,其中,SM2引擎采用SM2算法进行数据的加解密操作,SM3引擎采用SM3算法进行数据的加解密操作,SM4引擎采用SM4算法进行数据的加解密操作。其中,SM2算法包括3个子算法:椭圆曲线数字签名算法(SM2-1)、椭圆曲线密钥交换协议(SM2-2)和椭圆曲线公钥加密算法(SM2-3)。SM4算法可以是基于ISO/IEC 18033-3:2010/AMD1:2021《信息技术安全技术加密算法第3部分:分组密码补篇1:SM4》标准的算法,该算法是一个分组算法,分组长度为128位,密钥长度为128位,加密算法与密钥扩展算法都采用32轮非线性迭代结构。SM3算法可以是基于GM/T 0004-2012《SM3密码杂凑算法》标准的算法,该算法将不定长度的文本压缩为32字节的摘要值。The application processor may refer to a processor that runs the cloud platform operating system (OS) and software application services provided by the cloud platform. The security coprocessor may refer to a processor that is specially set up to be responsible for data security, and the security firmware running on the security coprocessor may refer to firmware that is specially used to be responsible for data security. In some embodiments, the virtual machine monitor may configure an API (Application Programming Interface) for communication with the security coprocessor to realize the interaction between the virtual machine monitor and the security coprocessor. In addition to the application processor and the security coprocessor, in some embodiments, a cryptographic engine specifically used for key management and a key storage unit (Key Slot) for key loading and calling may also be set in the system on chip. In order to improve the independence of the cryptographic engine and the key storage unit and ensure the security of the key, in some embodiments, the cryptographic engine may be hardware independent of the security coprocessor and the application processor, and the key storage unit may be a hardware storage unit in the cryptographic engine. In order to ensure the security of the key loaded in the key storage unit, the key storage unit may be set to a write-only and non-readable state, so that the situation where an attacker reads the key loaded in the key storage unit can be avoided, which is conducive to ensuring the security of the key loaded in the key storage unit, thereby ensuring the security of the key during use. When the key storage unit is in a write-only and non-readable state, when the security firmware needs to call the key loaded in the key storage unit, it can initiate an encryption request or a decryption request to the cryptographic engine through a specific interface, and the encryption and decryption process based on the loaded key is completed by the cryptographic engine. For example, in some embodiments, the key storage unit can be a hardware with access functions such as a register. In some embodiments, the key storage unit may include multiple slots (Key Slot), each of which can be used to load a key, so that the key storage unit can load multiple keys, meeting the security firmware's management and call requirements for the keys of multiple secure virtual machines. In addition, in some embodiments, the security firmware can hit the key loaded in the key storage unit by setting the flag information, so that the key in the key storage unit will not appear in the plain text key-related information (such as key name, key identification, etc.) during the call process, which is conducive to improving the security of the key during use. The flag information may include one or more data bits. For example, in one embodiment, the flag information may include two data bits, and the key loaded in the key storage unit is hit by the value combination of the two data bits. For example, in order to improve the security of key usage, when the key storage unit is configured, during the configuration of the cloud platform, the enable state of flags such as the confidential computing bit and the sharing bit can be set (the enable state can be represented by the value of the flag), so that the security firmware on the security coprocessor can generate keys and manage the keys loaded in the key storage unit according to the enable state of these flags, and the subsequent security firmware can encrypt and decrypt virtual machine data and cloud platform data based on the keys loaded in the key storage unit. In the entire key generation and use process, there is no need for the participation of the virtual machine monitor, which is conducive to ensuring the security of the key. According to the different cryptographic algorithms used by the cryptographic engine, the cryptographic engine can be divided into SM2 engine, SM3 engine and SM4 engine, etc., among which the SM2 engine uses the SM2 algorithm to perform data encryption and decryption operations, the SM3 engine uses the SM3 algorithm to perform data encryption and decryption operations, and the SM4 engine uses the SM4 algorithm to perform data encryption and decryption operations. Among them, the SM2 algorithm includes 3 sub-algorithms: elliptic curve digital signature algorithm (SM2-1), elliptic curve key exchange protocol (SM2-2) and elliptic curve public key encryption algorithm (SM2-3). The SM4 algorithm may be an algorithm based on the ISO/IEC 18033-3:2010/AMD1:2021 "Information Technology Security Technology Cryptographic Algorithms Part 3: Block Cipher Supplement 1: SM4" standard, which is a block algorithm with a block length of 128 bits and a key length of 128 bits. Both the encryption algorithm and the key expansion algorithm use a 32-round nonlinear iterative structure. The SM3 algorithm may be an algorithm based on the GM/T 0004-2012 "SM3 Cryptographic Hash Algorithm" standard, which compresses text of indefinite length into a 32-byte digest value.

另外,安全协处理器除了可以通过独立于应用处理器的方式保证安全固件等的安全性之外,安全协处理器也可以基于可信计算技术保障安全固件和密码引擎的安全性。例如,在一些实施方式中,安全协处理器可以构建TEE(Trusted Execution Environment,可信执行环境)子系统,TEE子系统为安全固件和密码引擎提供一个用于处理敏感数据的安全区域,进一步保障安全固件和密码引擎的安全性。相对的,应用处理器运行的环境可以称为REE(Rich Execution Environment,富执行环境)子系统,云平台的操作系统和虚拟机等都可以运行于REE子系统中。In addition, in addition to ensuring the security of security firmware and the like in a manner independent of the application processor, the security coprocessor can also ensure the security of security firmware and cryptographic engines based on trusted computing technology. For example, in some embodiments, the security coprocessor can build a TEE (Trusted Execution Environment) subsystem, which provides a secure area for processing sensitive data for the security firmware and cryptographic engines, further ensuring the security of the security firmware and cryptographic engines. In contrast, the environment in which the application processor runs can be called a REE (Rich Execution Environment) subsystem, and the operating system and virtual machines of the cloud platform can all run in the REE subsystem.

在云平台中,除了上述结构之外,还可以包括存储设备、输入/输出设备、网络设备、扩展插槽和扩展卡等外设设备,本说明书对此并不做穷举,具体视实际情况而定。In addition to the above structures, the cloud platform may also include peripheral devices such as storage devices, input/output devices, network devices, expansion slots and expansion cards. This manual does not list them all, and the specific details will depend on the actual situation.

如前文所述,虚拟机加密密钥、虚拟机信道唯一密钥和虚拟机磁盘加密密钥是安全虚拟机整个生命周期中非常重要的几种密钥。As mentioned above, the virtual machine encryption key, the virtual machine channel unique key, and the virtual machine disk encryption key are very important keys in the entire life cycle of a secure virtual machine.

其中,虚拟机加密密钥可以用于加密虚拟机的内存内容。例如,在一些实施方式中,每个安全虚拟机都可以有一个唯一的虚拟机加密密钥,该密钥用于动态加密和解密安全虚拟机的内存内容。这个密钥可以由安全协处理器运行的安全固件管理,而且虚拟机监视器无法访问,这样可以防止虚拟机监视器或者其他虚拟机访问或者修改虚拟机的内存内容。Among them, the virtual machine encryption key can be used to encrypt the memory content of the virtual machine. For example, in some embodiments, each secure virtual machine can have a unique virtual machine encryption key, which is used to dynamically encrypt and decrypt the memory content of the secure virtual machine. This key can be managed by the secure firmware running on the security coprocessor and cannot be accessed by the virtual machine monitor, which can prevent the virtual machine monitor or other virtual machines from accessing or modifying the memory content of the virtual machine.

虚拟机信道唯一密钥可以用于保护虚拟机和宿主机之间的通信。例如,当虚拟机需要与宿主机的虚拟机监视器(例如,hypervisor)进行通信时,这个通信通道可能会被加密,以防止被其他虚拟机或者攻击者窃听或者修改。这个密钥通常是每个虚拟机唯一的,以保证各个虚拟机之间的隔离性。The virtual machine channel unique key can be used to protect the communication between the virtual machine and the host. For example, when the virtual machine needs to communicate with the host's virtual machine monitor (e.g., hypervisor), the communication channel may be encrypted to prevent eavesdropping or modification by other virtual machines or attackers. This key is usually unique to each virtual machine to ensure isolation between virtual machines.

虚拟机磁盘加密密钥可以用于加密和解密虚拟机的磁盘内容,包括虚拟硬盘文件以及虚拟机的镜像文件。加密虚拟机的磁盘内容可以防止未授权的访问和修改,提供数据在静态时的安全保护。The virtual machine disk encryption key can be used to encrypt and decrypt the virtual machine's disk content, including the virtual hard disk file and the virtual machine's image file. Encrypting the virtual machine's disk content can prevent unauthorized access and modification, and provide security protection for data at rest.

在本说明书中,为了保障上述密钥的安全性,将虚拟机加密密钥的生成与调用权限交由安全固件,避免了通过虚拟机监视器管理虚拟机加密密钥可能导致的密钥泄露或被截获等安全风险。此外,在安全虚拟机激活时,将虚拟机加密密钥加载于密钥存储单元中,由安全固件调用,使得虚拟机加密密钥在调用过程中不会出第一处理器的安全边界,避免虚拟机监视器访问密钥存储单元中加载的密钥,提高了虚拟机加密密钥在调用过程中的安全性。另外,安全固件可以通过标志位信息命中密钥存储单元中加载的密钥,无需通过与所需调用的密钥的身份信息相关的明文调用密钥,有利于保障密钥存储单元中加载的密钥的安全性与独立性。In this specification, in order to ensure the security of the above-mentioned keys, the generation and calling authority of the virtual machine encryption key is handed over to the security firmware, avoiding the security risks such as key leakage or interception that may be caused by managing the virtual machine encryption key through the virtual machine monitor. In addition, when the secure virtual machine is activated, the virtual machine encryption key is loaded into the key storage unit and called by the secure firmware, so that the virtual machine encryption key will not go out of the security boundary of the first processor during the calling process, avoiding the virtual machine monitor from accessing the key loaded in the key storage unit, and improving the security of the virtual machine encryption key during the calling process. In addition, the secure firmware can hit the key loaded in the key storage unit through the flag information, without the need to call the key through the plain text related to the identity information of the key to be called, which is conducive to ensuring the security and independence of the key loaded in the key storage unit.

基于上述构思,下面对本说明书实施方式提供的密钥管理方法进行示例性说明。Based on the above concept, the key management method provided in the implementation manner of this specification is exemplarily described below.

示例性方法Exemplary Methods

以应用于图1所示的片上系统中的第一处理器为例,本说明书实施方式提供了一种密钥管理方法,所述第一处理器用于运行安全固件,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,如图2所示,所述密钥管理方法包括:Taking the first processor applied to the system on chip shown in FIG. 1 as an example, an embodiment of this specification provides a key management method, wherein the first processor is used to run a secure firmware, the system on chip further includes a cryptographic engine, the cryptographic engine includes a key storage unit, and the system on chip further includes a second processor, and the second processor is used to run a secure virtual machine. As shown in FIG. 2, the key management method includes:

S201:响应于所述安全虚拟机的启动操作,所述安全固件生成所述安全虚拟机对应的虚拟机加密密钥,所述虚拟机加密密钥用于加密所述安全虚拟机的数据;S201: In response to a startup operation of the secure virtual machine, the secure firmware generates a virtual machine encryption key corresponding to the secure virtual machine, where the virtual machine encryption key is used to encrypt data of the secure virtual machine;

S202:响应于所述安全虚拟机的激活请求,所述安全固件将所述虚拟机加密密钥加载于所述密钥存储单元,所述密钥存储单元中加载的所述虚拟机加密密钥用于供所述安全固件调用。S202: In response to an activation request of the secure virtual machine, the secure firmware loads the virtual machine encryption key into the key storage unit, and the virtual machine encryption key loaded into the key storage unit is used for being called by the secure firmware.

第一处理器可以包括如图1所示的安全协处理器,第二处理器可以包括如图1所示的应用处理器。第一处理器和第二处理器的数量可以为一个或多个,本说明书对此并不做限定,具体视实际情况而定。第一处理器用于运行安全固件可以是指第一处理器具有安全固件的运行权限或功能,而并不是限定第一处理器仅用于安全固件的运行,在一些实施方式中,第一处理器还可能被配置为运行或控制其他软硬件,本说明书对此并不做限定。类似的,第二处理器用于运行安全虚拟机可以是指第二处理器具有安全虚拟机的运行权限或功能,而并不是限定第二处理器仅用于安全虚拟机的运行,在一些实施方式中,第二处理器还可能被配置为运行或控制其他软硬件,例如第二处理器还可能被配置为运行系统固件和用户应用程序(Client Application,CA)等,本说明书对此并不做限定。在一个可行的实施方式中,所述密码引擎可以设置于片上系统的内存控制器中。The first processor may include a security coprocessor as shown in FIG1, and the second processor may include an application processor as shown in FIG1. The number of the first processor and the second processor may be one or more, which is not limited in this specification and depends on the actual situation. The first processor is used to run the security firmware, which may mean that the first processor has the running authority or function of the security firmware, but does not limit the first processor to be only used for the running of the security firmware. In some embodiments, the first processor may also be configured to run or control other software and hardware, which is not limited in this specification. Similarly, the second processor is used to run the security virtual machine, which may mean that the second processor has the running authority or function of the security virtual machine, but does not limit the second processor to be only used for the running of the security virtual machine. In some embodiments, the second processor may also be configured to run or control other software and hardware, for example, the second processor may also be configured to run system firmware and user applications (Client Application, CA), etc., which is not limited in this specification. In a feasible embodiment, the cryptographic engine may be set in the memory controller of the system on chip.

如前文所述,安全固件可以是指运行于安全协处理器上,且用于负责数据安全的固件。安全固件与运行于第二处理器上的系统固件不同,以ARM架构的处理器为例,系统固件可以包括可信固件(Arm Trusted Firmware,ATF)和云平台的操作系统(OS),可信固件将计算设备启动和运行过程中的特权级进行了划分。这些特权级与安全硬件架构相结合,共同保障计算设备的启动过程的安全性。具体地,可信固件技术划分了EL0(Exception Level0)到EL3共四个特权级。从EL0到EL3,特权级依次递增。从高LE转低EL通过ERET命令,从低EL转高EL通过exception,从而可以严格区分不同的特权级。其中EL0、EL1和EL2可以分成NS-ELx(None Secure ELx,x=0,1,2,即普通世界ELx)和S-ELx(Secure ELx,x=0,1,2,即安全世界ELx),而EL3只有安全世界EL3一种。在一些情形中,计算设备的启动过程所需运行的固件可以包括BL1固件、BL2固件、BL31固件、BL32固件和BL33固件。As mentioned above, secure firmware may refer to firmware that runs on a secure coprocessor and is responsible for data security. Secure firmware is different from system firmware that runs on a second processor. Taking an ARM architecture processor as an example, system firmware may include trusted firmware (ATF) and the operating system (OS) of a cloud platform. Trusted firmware divides the privilege levels during the startup and operation of a computing device. These privilege levels are combined with a secure hardware architecture to jointly ensure the security of the startup process of a computing device. Specifically, trusted firmware technology divides four privilege levels from EL0 (Exception Level 0) to EL3. From EL0 to EL3, the privilege levels increase in sequence. From high LE to low EL through the ERET command, from low EL to high EL through exception, so that different privilege levels can be strictly distinguished. Among them, EL0, EL1 and EL2 can be divided into NS-ELx (None Secure ELx, x = 0, 1, 2, i.e., normal world ELx) and S-ELx (Secure ELx, x = 0, 1, 2, i.e., secure world ELx), while EL3 has only one type of secure world EL3. In some cases, the firmware required to run during the boot process of the computing device may include BL1 firmware, BL2 firmware, BL31 firmware, BL32 firmware, and BL33 firmware.

其中,BL1固件可以称为Trusted Boot ROM(可信启动ROM),是启动过程中运行最早的固件,也是存储于处理器ROM(Read-Only Memory,只读存储器)中的固件,BL1固件与计算设备的BIOS并不在一起,在一些类型的可信固件技术中,BL1固件是一切的信任根。BL1固件可以用于初始化计算设备的核心硬件(例如Trusted SRAM(可信静态随机存取存储器)、串口等),并找到BL2固件,一些情况下,BL1固件会对固件进行验签。BL1固件运行在EL3特权级上。Among them, BL1 firmware can be called Trusted Boot ROM (Trusted Boot ROM), which is the earliest firmware running in the boot process and is also the firmware stored in the processor ROM (Read-Only Memory). BL1 firmware is not together with the BIOS of the computing device. In some types of trusted firmware technology, BL1 firmware is the root of trust for everything. BL1 firmware can be used to initialize the core hardware of the computing device (such as Trusted SRAM (Trusted Static Random Access Memory), serial port, etc.) and find BL2 firmware. In some cases, BL1 firmware will verify the signature of the firmware. BL1 firmware runs at the EL3 privilege level.

BL2固件可以称为Trusted Boot Firmware(可信启动固件),BL2固件同样运行在EL3特权级上,BL2固件和BL1固件的显著不同是BL2固件可以存储在外置的可信存储设备上,其信任基可以是建立在BL1固件对它的验证上。BL2固件会初始化一些关键安全硬件和软件框架,BL2固件在初始化完成之后,会找到BL31。BL2 firmware can be called Trusted Boot Firmware. BL2 firmware also runs at the EL3 privilege level. The significant difference between BL2 firmware and BL1 firmware is that BL2 firmware can be stored on an external trusted storage device, and its trust base can be established on the verification of BL1 firmware. BL2 firmware will initialize some key security hardware and software frameworks. After the initialization is completed, BL2 firmware will find BL31.

BL31固件可以称为EL3 Runtime Firmware(EL3运行固件),BL31固件也运行在EL3特权级上,BL31固件不像BL1固件和BL2固件是一次性运行的,它通过SMC(Secure MonitorCall,安全监视调用)为普通世界(Non-Secure)持续提供涉及安全的服务。BL31 firmware can be called EL3 Runtime Firmware. BL31 firmware also runs at the EL3 privilege level. Unlike BL1 firmware and BL2 firmware, BL31 firmware is not a one-time run. It continuously provides security-related services to the normal world (Non-Secure) through SMC (Secure Monitor Call).

BL32固件可以包括OPTEE OS(Open Portable Tee Operate System,开放可移植Tee操作系统)和可信应用,OPTEE OS可以是指可信执行环境Tee的操作系统。BL32固件运行在S-EL1上,BL32固件上的可信应用运行在S-EL0。在一些情形下,OPTEE OS运行完毕后,返回EL3的BL31固件,BL31固件找到BL33固件,BL31固件还可以验签BL33固件。BL32 firmware can include OPTEE OS (Open Portable Tee Operate System) and trusted applications. OPTEE OS can refer to the operating system of the trusted execution environment Tee. BL32 firmware runs on S-EL1, and the trusted application on BL32 firmware runs on S-EL0. In some cases, after OPTEE OS runs, it returns to EL3's BL31 firmware, BL31 firmware finds BL33 firmware, and BL31 firmware can also verify the signature of BL33 firmware.

BL33固件可以包括运行在普通世界的固件(Non-Trusted Firmware),BL33固件可以包括面向桌面、服务器等领域的UEFI(Unified Extensible Firmware Interface,可扩展固件接口)固件或者U-boot(面向嵌入式领域的引导加载程序),也可以包括LinuxKernel(Linux内核),还可以包括基本输入输出系统(basic input output system,BIOS)固件。在普通世界下,EL0、EL1、EL2、EL3的执行权限依次增大。其中,UEFI固件被配置运行在普通世界的EL2级别,OP-TEE被配置运行在安全世界的EL1级别。在进入UEFI(BL33)启动的时候,OP-TEE已经完成启动,而UEFI与OP-TEE之间可以通过安全监控调用(secure monitorcall,SMC)接口进行通信。因此,在进行UEFI启动时,在对镜像文件进行完整性和安全性验证时,可以通过普通世界触发SMC方式调用安全世界的OP-TEE对应接口来实现某些功能,如此,可以将涉及到对镜像文件的验证过程传递到安全世界进行验证,并返回验证结果给普通世界。BL33 firmware may include firmware (Non-Trusted Firmware) running in the ordinary world. BL33 firmware may include UEFI (Unified Extensible Firmware Interface) firmware or U-boot (boot loader for embedded fields) for desktops, servers and other fields, and may also include Linux Kernel (Linux kernel) and basic input output system (BIOS) firmware. In the ordinary world, the execution permissions of EL0, EL1, EL2, and EL3 increase in sequence. Among them, UEFI firmware is configured to run at the EL2 level of the ordinary world, and OP-TEE is configured to run at the EL1 level of the secure world. When entering the UEFI (BL33) startup, OP-TEE has completed the startup, and UEFI and OP-TEE can communicate through the secure monitorcall (SMC) interface. Therefore, when performing UEFI booting, when verifying the integrity and security of the image file, the ordinary world can trigger the SMC method to call the corresponding OP-TEE interface of the secure world to implement certain functions. In this way, the verification process involving the image file can be passed to the secure world for verification, and the verification result can be returned to the ordinary world.

当然地,上述仅以示例性方式介绍了可信固件可能包括的固件类型,在一些实施方式中,可信固件可能包括更多或更少数量的固件,例如在一些实施方式中,可信固件还可以包括独立管理模块(Standalone MM,STMM)等固件。STMM可以提供相关的安全应用,这种安全应用包括安全变量处理、安全固件升级、安全与非安全世界交互等。STMM可以帮助系统管理员处理非安全世界对安全世界的应用请求,提高系统的安全性。还例如在一些实施方式中,可信固件中可以不包括BL32固件,本说明书对所述可信固件可能包括的具体固件类型和数量并不做限定,具体视实际情况而定。Of course, the above only introduces the types of firmware that may be included in the trusted firmware in an exemplary manner. In some embodiments, the trusted firmware may include a greater or lesser number of firmware. For example, in some embodiments, the trusted firmware may also include firmware such as a standalone management module (STMM). STMM can provide relevant security applications, such security applications include security variable processing, security firmware upgrades, and interaction between the secure and non-secure worlds. STMM can help system administrators process application requests from the non-secure world to the secure world, thereby improving the security of the system. For example, in some embodiments, the trusted firmware may not include BL32 firmware. This specification does not limit the specific types and quantities of firmware that may be included in the trusted firmware, which depends on the actual situation.

关于虚拟机加密密钥,整个生命周期可参考图3,安全虚拟机在启动之前,租户可以先对安全虚拟机进行配置,例如配置安全虚拟机的资源、数据是否可共享等。安全虚拟机的启动操作可以是指云平台租户在云平台中启动安全虚拟机的操作,安全固件可响应安全虚拟机的启动操作,生成所述安全虚拟机对应的虚拟机加密密钥。在一些实施方式中,运行于第二处理器上的虚拟机监视器从身份标识池中给需要启动的安全虚拟机分配未被使用的虚拟机身份标识(VMID),并将该虚拟机身份标识作为安全虚拟机的身份标识使用。身份标识池可以用于存储所述虚拟机身份标识以及所述虚拟机身份标识的使用状态。例如在一些实施方式中,身份标识池可以包括未使用标识池和已使用标识池,未使用标识池中存储有未被使用的虚拟机身份标识,已使用标识池中存储有已被使用的虚拟机身份标识,本说明书对具体使用状态的标识方式并不做限定,具体视实际情况而定。Regarding the virtual machine encryption key, the entire life cycle can refer to Figure 3. Before the secure virtual machine is started, the tenant can first configure the secure virtual machine, such as configuring the resources of the secure virtual machine, whether the data can be shared, etc. The startup operation of the secure virtual machine may refer to the operation of the cloud platform tenant to start the secure virtual machine in the cloud platform. The secure firmware can respond to the startup operation of the secure virtual machine and generate a virtual machine encryption key corresponding to the secure virtual machine. In some embodiments, the virtual machine monitor running on the second processor assigns an unused virtual machine identity (VMID) to the secure virtual machine to be started from the identity pool, and uses the virtual machine identity as the identity of the secure virtual machine. The identity pool can be used to store the virtual machine identity and the usage status of the virtual machine identity. For example, in some embodiments, the identity pool may include an unused identity pool and a used identity pool, the unused identity pool stores unused virtual machine identities, and the used identity pool stores used virtual machine identities. This specification does not limit the identification method of the specific usage status, which depends on the actual situation.

当安全固件接收到安全虚拟机请求进入激活状态的激活请求时,该激活请求可以携带有所述安全虚拟机对应的虚拟机身份标识,且该激活请求可以由虚拟机监视器发送给安全固件。安全固件将与需要进入激活状态的安全虚拟机对应的虚拟机加密密钥传输给密码引擎,并加载于密码引擎的密钥存储单元中,此后,安全固件可以基于密钥存储单元中存储的虚拟机加密密钥对安全虚拟机的私有内存数据进行加解密操作。在一些实施方式中,密钥存储单元中可以加载的密钥数量可以为多个,即密钥存储单元中的槽位可以为多个,以满足不同类型的密钥或同一类型的多个密钥的加载需求。除此之外,为了进一步保障密钥存储单元中加载的密钥的安全性,在一些实施方式中,所述安全固件调用所述密钥存储单元中加载的密钥的方法包括:When the security firmware receives an activation request from a secure virtual machine requesting to enter an activated state, the activation request may carry a virtual machine identity corresponding to the secure virtual machine, and the activation request may be sent by the virtual machine monitor to the security firmware. The security firmware transmits the virtual machine encryption key corresponding to the secure virtual machine that needs to enter the activated state to the cryptographic engine, and loads it into the key storage unit of the cryptographic engine. Thereafter, the security firmware may perform encryption and decryption operations on the private memory data of the secure virtual machine based on the virtual machine encryption key stored in the key storage unit. In some embodiments, the number of keys that can be loaded into the key storage unit may be multiple, that is, the number of slots in the key storage unit may be multiple, to meet the requirements of loading different types of keys or multiple keys of the same type. In addition, in order to further ensure the security of the keys loaded into the key storage unit, in some embodiments, the method by which the security firmware calls the keys loaded into the key storage unit includes:

所述安全固件根据目标密钥的类型,设置与所述目标密钥的类型对应的标志位信息,利用所述标志位信息从所述密钥存储单元中确定所述目标密钥,所述目标密钥为所述安全固件需要调用的密钥。The security firmware sets flag information corresponding to the type of the target key according to the type of the target key, and determines the target key from the key storage unit using the flag information, where the target key is the key that the security firmware needs to call.

即安全固件可以通过设置标志位信息的方式来命中密钥存储单元中加载的密钥,从而使得密钥存储单元中的密钥在调用过程中,不会出现明文的密钥相关信息(例如密钥名称、密钥标识等),有利于提高密钥使用过程中的安全性。That is, the security firmware can hit the key loaded in the key storage unit by setting the flag information, so that during the calling process of the key in the key storage unit, no plain text key-related information (such as key name, key identifier, etc.) will appear, which is beneficial to improving the security of the key use process.

在一些实施方式中,为了保障安全虚拟机的镜像的安全性,所述密钥管理方法还包括:In some implementations, in order to ensure the security of the image of the secure virtual machine, the key management method further includes:

在所述安全虚拟机的启动过程中,利用所述虚拟机加密密钥对所述安全虚拟机的镜像进行加密。During the startup process of the secure virtual machine, the image of the secure virtual machine is encrypted using the virtual machine encryption key.

虚拟机镜像(Virtual Machine Image)是一个包含虚拟硬盘内容的文件,它包含了一个操作系统、预安装的应用程序以及这些程序的配置信息。这个镜像可以被虚拟机监视器用来启动一个安全虚拟机。利用虚拟机加密密钥对安全虚拟机的镜像进行加密可以防止对安全虚拟机镜像未授权的访问和修改。A virtual machine image is a file containing the contents of a virtual hard disk, which includes an operating system, pre-installed applications, and configuration information for these programs. This image can be used by a virtual machine monitor to start a secure virtual machine. Encrypting the secure virtual machine image with a virtual machine encryption key can prevent unauthorized access and modification to the secure virtual machine image.

下面的一些实施方式对虚拟机加密密钥在状态切换和迁移过程中的使用进行说明,在一个实施方式中,所述密钥管理方法还包括:The following embodiments illustrate the use of virtual machine encryption keys in state switching and migration processes. In one embodiment, the key management method further includes:

响应于针对目标安全虚拟机和当前安全虚拟机的状态切换请求,将所述密钥存储单元中加载的第一虚拟机加密密钥替换为第二虚拟机加密密钥,所述第一虚拟机加密密钥包括:与所述当前安全虚拟机对应的虚拟机加密密钥,所述第二虚拟机加密密钥包括:与所述目标安全虚拟机对应的虚拟机加密密钥;In response to a state switching request for a target secure virtual machine and a current secure virtual machine, replacing a first virtual machine encryption key loaded in the key storage unit with a second virtual machine encryption key, wherein the first virtual machine encryption key includes: a virtual machine encryption key corresponding to the current secure virtual machine, and the second virtual machine encryption key includes: a virtual machine encryption key corresponding to the target secure virtual machine;

所述状态切换请求用于请求将所述当前安全虚拟机的状态切换为非激活态。The state switching request is used to request to switch the state of the current secure virtual machine to an inactive state.

在本实施方式中,在当前安全虚拟机由于某些情况(例如当前安全虚拟机运行出错或为遇到无法处理的事项时)需要由激活态切换为非激活态时,虚拟机监视器可以将携带有需要进入激活态的下一个安全虚拟机(即目标安全虚拟机)的虚拟机身份标识和需要切换为非激活态的安全虚拟机(即当前安全虚拟机)的虚拟机身份标识的状态切换请求发送给安全固件,安全固件响应该请求,将密钥存储单元中加载的第一虚拟机加密密钥替换为第二虚拟机加密密钥,一方面避免切换为非激活态的当前安全虚拟机对应的第一虚拟机加密密钥占用密钥存储单元导致资源浪费,另一方面避免第一虚拟机加密密钥在当前安全虚拟机处于非激活态时被错误或非法调用。In this embodiment, when the current secure virtual machine needs to switch from an activated state to an inactivated state due to certain circumstances (for example, when the current secure virtual machine runs into an error or encounters an unprocessable matter), the virtual machine monitor can send a state switching request carrying the virtual machine identity of the next secure virtual machine that needs to enter the activated state (i.e., the target secure virtual machine) and the virtual machine identity of the secure virtual machine that needs to be switched to the inactivated state (i.e., the current secure virtual machine) to the secure firmware. In response to the request, the secure firmware replaces the first virtual machine encryption key loaded in the key storage unit with the second virtual machine encryption key. This, on the one hand, avoids the first virtual machine encryption key corresponding to the current secure virtual machine that is switched to the inactivated state from occupying the key storage unit and causing a waste of resources. On the other hand, it avoids the first virtual machine encryption key from being erroneously or illegally called when the current secure virtual machine is in the inactivated state.

为了满足安全虚拟机的迁移需求,在一个实施方式中,所述密钥管理方法还包括:In order to meet the migration requirements of the secure virtual machine, in one embodiment, the key management method further includes:

响应于针对待迁移安全虚拟机的迁移请求,利用所述密钥存储单元中加载的与所述待迁移安全虚拟机对应的虚拟机加密密钥,解密所述待迁移安全虚拟机的私有内存数据;In response to a migration request for the secure virtual machine to be migrated, decrypting private memory data of the secure virtual machine to be migrated using a virtual machine encryption key corresponding to the secure virtual machine to be migrated loaded in the key storage unit;

将解密后的私有内存数据发送至目标第一处理器,所述目标第一处理器与所述第一处理器位于不同的片上系统中;Sending the decrypted private memory data to a target first processor, where the target first processor and the first processor are located in different systems on a chip;

所述解密后的私有内存数据用于请求所述目标第一处理器运行的安全固件利用新的虚拟机加密密钥对所述解密后的私有内存数据进行加密,所述新的虚拟机加密密钥由所述目标第一处理器运行的安全固件生成。The decrypted private memory data is used to request the secure firmware running on the target first processor to encrypt the decrypted private memory data using a new virtual machine encryption key, where the new virtual machine encryption key is generated by the secure firmware running on the target first processor.

所述利用所述密钥存储单元中加载的与所述待迁移安全虚拟机对应的虚拟机加密密钥,解密所述待迁移安全虚拟机的私有内存数据之前还包括:Before decrypting the private memory data of the secure virtual machine to be migrated by using the virtual machine encryption key corresponding to the secure virtual machine to be migrated loaded in the key storage unit, the method further includes:

若所述密钥存储单元中未加载与所述待迁移安全虚拟机对应的虚拟机加密密钥,则将与所述待迁移安全虚拟机对应的虚拟机加密密钥加载于所述密钥存储单元中。If the virtual machine encryption key corresponding to the secure virtual machine to be migrated is not loaded in the key storage unit, the virtual machine encryption key corresponding to the secure virtual machine to be migrated is loaded into the key storage unit.

当安全虚拟机需要在不同的物理机之间进行迁移时,发送端(即待迁移安全虚拟机在迁移之前的宿主机)上的安全固件在确认了接收端(即待迁移安全虚拟机迁移的目标宿主机,目标第一处理器即为目标宿主机的处理器)的平台安全性(例如可以通过云平台唯一密钥PUK、云平台安全证书等方式验证平台安全性)后,若所述密钥存储单元中未加载与所述待迁移安全虚拟机对应的虚拟机加密密钥,则将与所述待迁移安全虚拟机对应的虚拟机加密密钥加载于所述密钥存储单元中,利用加载于密钥存储单元中的虚拟机加密密钥,将待迁移安全虚拟机的私有内存数据进行解密,并将解密后的私有内存数据传输给接收端,接收端的目标第一处理器运行的安全固件利用新的虚拟机加密密钥对所述解密后的私有内存数据进行加密,所述新的虚拟机加密密钥由所述目标第一处理器运行的安全固件生成。在待迁移虚拟机迁移完成后,接收端的安全固件删除所述待迁移安全虚拟机对应的虚拟机加密密钥。When a secure virtual machine needs to be migrated between different physical machines, after the secure firmware on the sending end (i.e., the host machine of the secure virtual machine to be migrated before migration) confirms the platform security of the receiving end (i.e., the target host machine to which the secure virtual machine to be migrated is migrated, and the target first processor is the processor of the target host machine) (for example, the platform security can be verified by means of the cloud platform unique key PUK, cloud platform security certificate, etc.), if the virtual machine encryption key corresponding to the secure virtual machine to be migrated is not loaded in the key storage unit, the virtual machine encryption key corresponding to the secure virtual machine to be migrated is loaded into the key storage unit, and the private memory data of the secure virtual machine to be migrated is decrypted using the virtual machine encryption key loaded in the key storage unit, and the decrypted private memory data is transmitted to the receiving end, and the secure firmware running on the target first processor of the receiving end encrypts the decrypted private memory data using the new virtual machine encryption key, and the new virtual machine encryption key is generated by the secure firmware running on the target first processor. After the migration of the virtual machine to be migrated is completed, the secure firmware on the receiving end deletes the virtual machine encryption key corresponding to the secure virtual machine to be migrated.

在安全虚拟机销毁阶段,虚拟机监视器将针对待销毁安全虚拟机的销毁请求发送给第一处理器上的安全固件,安全固件删除所述待销毁安全虚拟机对应的虚拟机加密密钥。In the secure virtual machine destruction phase, the virtual machine monitor sends a destruction request for the secure virtual machine to be destroyed to the secure firmware on the first processor, and the secure firmware deletes the virtual machine encryption key corresponding to the secure virtual machine to be destroyed.

除了虚拟机加密密钥外,还可以利用信道唯一密钥保障安全虚拟机与安全固件等之间的通信安全。关于信道唯一密钥的整个生命周期可参考图4。In addition to the virtual machine encryption key, the channel unique key can also be used to ensure the communication security between the secure virtual machine and the secure firmware. For the entire life cycle of the channel unique key, please refer to Figure 4.

在一个实施方式中,所述响应于所述安全虚拟机的激活请求之前,所述密钥管理方法还包括:In one embodiment, before responding to the activation request of the secure virtual machine, the key management method further includes:

所述安全固件基于所述密钥存储单元中加载的信道唯一密钥与所述安全虚拟机建立安全信道;The security firmware establishes a secure channel with the secure virtual machine based on the channel unique key loaded in the key storage unit;

所述安全固件对所述安全虚拟机进行安全度量,将度量信息通过所述安全信道传输给所述安全虚拟机;所述度量信息用于指示所述安全虚拟机在所述度量信息满足配置需求时,请求所述虚拟机监视器向所述安全固件发送所述激活请求。The security firmware performs security measurement on the security virtual machine and transmits the measurement information to the security virtual machine through the security channel; the measurement information is used to instruct the security virtual machine to request the virtual machine monitor to send the activation request to the security firmware when the measurement information meets the configuration requirements.

在云平台完成安全启动后,安全固件可以生成信道唯一密钥。在安全虚拟机的配置阶段,安全固件将云平台的安全证书和信道唯一密钥发送给虚拟机租户,虚拟机租户在完成安全虚拟机的配置文件后,生成用户信道密钥并发送给安全固件,实现密钥交换,至此安全信道构建完成。在安全虚拟机的度量阶段,安全固件通过安全信道将度量信息发送给安全虚拟机的租户,传输的度量信息(或称度量结果)可以采用信道唯一密钥加密。在虚拟机激活阶段,安全虚拟机的租户在确认度量信息满足配置需求后,通知虚拟机监视器激活安全虚拟机。After the cloud platform completes secure boot, the secure firmware can generate a channel-unique key. During the configuration phase of the secure virtual machine, the secure firmware sends the cloud platform's security certificate and channel-unique key to the virtual machine tenant. After completing the configuration file of the secure virtual machine, the virtual machine tenant generates a user channel key and sends it to the secure firmware to implement key exchange. At this point, the secure channel construction is complete. During the measurement phase of the secure virtual machine, the secure firmware sends the measurement information to the tenant of the secure virtual machine through a secure channel. The transmitted measurement information (or measurement results) can be encrypted using the channel-unique key. During the virtual machine activation phase, after confirming that the measurement information meets the configuration requirements, the tenant of the secure virtual machine notifies the virtual machine monitor to activate the secure virtual machine.

为了保障信道唯一密钥的新鲜度与安全性,在一些实施方式中,所述密钥管理方法还包括:In order to ensure the freshness and security of the channel unique key, in some embodiments, the key management method further includes:

响应于所述安全虚拟机启动完成,所述安全固件重新生成所述信道唯一密钥,并利用新生成的信道唯一密钥替换云平台启动完成后生成的信道唯一密钥。In response to the completion of the startup of the secure virtual machine, the secure firmware regenerates the channel unique key, and uses the newly generated channel unique key to replace the channel unique key generated after the cloud platform startup is completed.

在本实施方式中,云平台在安全启动完成后,安全固件会生成信道唯一密钥。当用户完成虚拟机的配置和度量后,用户在确认度量信息满足配置需求时通知虚拟机监视器启动安全虚拟机,当安全虚拟机启动完成后,安全固件重新生成与安全虚拟机对应的新的信道唯一密钥,并利用新生成的信道唯一密钥替换云平台启动完成后生成的信道唯一密钥,保障信道唯一密钥的新鲜度与安全性。In this embodiment, after the cloud platform completes secure startup, the security firmware will generate a channel unique key. After the user completes the configuration and measurement of the virtual machine, the user notifies the virtual machine monitor to start the secure virtual machine when confirming that the measurement information meets the configuration requirements. After the secure virtual machine is started, the security firmware regenerates a new channel unique key corresponding to the secure virtual machine, and uses the newly generated channel unique key to replace the channel unique key generated after the cloud platform is started, ensuring the freshness and security of the channel unique key.

在安全虚拟机的迁移阶段,所述密钥管理方法还包括:During the migration phase of the secure virtual machine, the key management method further includes:

响应于针对待迁移安全虚拟机的迁移请求,基于所述密钥存储单元加载的信道唯一密钥,在目标第一处理器和第一处理器之间构建安全信道,基于构建的安全信道进行数据传输;In response to a migration request for the secure virtual machine to be migrated, a secure channel is established between the target first processor and the first processor based on the channel unique key loaded by the key storage unit, and data transmission is performed based on the established secure channel;

在所述待迁移安全虚拟机迁移完成后,所述目标第一处理器和所述第一处理器删除所述信道唯一密钥。After the migration of the secure virtual machine to be migrated is completed, the target first processor and the first processor delete the channel unique key.

虚拟机迁移之前,通过信道唯一密钥构建在发送端和接收端之间构建安全信道,并利用虚拟机传输密钥(或称迁移密钥,该密钥可在云平台启动完成后由安全固件生成)对传输内容进行加密,如此可以保障安全虚拟机与安全固件等之间的通信的安全性,并且将信道唯一密钥的管理和调用权限交由安全固件,降低了虚拟机监视器或者攻击方截获信道唯一密钥的风险。Before the virtual machine is migrated, a secure channel is established between the sender and the receiver through the channel-unique key, and the transmission content is encrypted using the virtual machine transmission key (or migration key, which can be generated by the secure firmware after the cloud platform is started). This ensures the security of communication between the secure virtual machine and the secure firmware, and the management and calling authority of the channel-unique key are handed over to the secure firmware, reducing the risk of the virtual machine monitor or attacker intercepting the channel-unique key.

除了信道唯一密钥和虚拟机加密密钥之外,还可以利用虚拟机磁盘加密密钥保障安全虚拟机的磁盘内容的安全性,参考图5,在一个实施方式中,所述密钥管理方法还包括:In addition to the channel unique key and the virtual machine encryption key, the virtual machine disk encryption key can also be used to ensure the security of the disk content of the secure virtual machine. Referring to FIG. 5 , in one embodiment, the key management method further includes:

所述安全固件接收与所述安全虚拟机对应的虚拟机磁盘加密密钥;The security firmware receives a virtual machine disk encryption key corresponding to the secure virtual machine;

所述安全固件利用所述虚拟机磁盘加密密钥对所述安全虚拟机的磁盘上的私有数据进行加密操作;The security firmware uses the virtual machine disk encryption key to perform an encryption operation on private data on the disk of the secure virtual machine;

在所述安全虚拟机迁移完成后,所述安全固件将所述虚拟机磁盘加密密钥发送给目标第一处理器,并删除保存的所述虚拟机磁盘加密密钥。After the secure virtual machine migration is completed, the secure firmware sends the virtual machine disk encryption key to the target first processor and deletes the saved virtual machine disk encryption key.

在虚拟机度量阶段,安全虚拟机的租户在确认了安全虚拟机按照要求启动(度量结果确认)后,安全虚拟机的租户生成虚拟机磁盘加密密钥并通过安全信道传输至第一处理器上的安全固件。安全固件利用磁盘加密密钥对安全虚拟机磁盘上的私有数据进行加密操作。在虚拟机迁移阶段,发送端第一处理器上的安全固件在虚拟机迁移完成后将磁盘加密密钥传输至接收端第一处理器上的安全固件,发送端第一处理器上的安全固件同时删除磁盘加密密钥。在虚拟机销毁阶段,第一处理器上的安全固件删除当前安全虚拟机的虚拟机磁盘加密密钥。During the virtual machine measurement phase, after the tenant of the secure virtual machine confirms that the secure virtual machine is started as required (measurement result confirmation), the tenant of the secure virtual machine generates a virtual machine disk encryption key and transmits it to the secure firmware on the first processor through a secure channel. The secure firmware uses the disk encryption key to encrypt private data on the secure virtual machine disk. During the virtual machine migration phase, the secure firmware on the first processor at the sending end transmits the disk encryption key to the secure firmware on the first processor at the receiving end after the virtual machine migration is completed, and the secure firmware on the first processor at the sending end deletes the disk encryption key at the same time. During the virtual machine destruction phase, the secure firmware on the first processor deletes the virtual machine disk encryption key of the current secure virtual machine.

为了及时删除销毁或迁移的安全虚拟机的密钥,在一个实施方式中,所述密钥管理方法还包括:In order to promptly delete the key of the destroyed or migrated secure virtual machine, in one embodiment, the key management method further includes:

响应于所述安全虚拟机的销毁请求或所述安全虚拟机迁移完成,将所述密钥存储单元中加载的与所述安全虚拟机对应的密钥替换为默认密钥,并将所述安全虚拟机对应的密钥删除,所述默认密钥用于所述安全虚拟机与虚拟机监视器之间的数据共享。In response to a destruction request for the secure virtual machine or completion of the migration of the secure virtual machine, the key corresponding to the secure virtual machine loaded in the key storage unit is replaced with a default key, and the key corresponding to the secure virtual machine is deleted. The default key is used for data sharing between the secure virtual machine and the virtual machine monitor.

在本实施方式中,可以利用寄存器等存储单元作为所述密钥存储单元,在安全虚拟机销毁或迁移完成时,及时利用默认密钥将密钥存储单元中加载的与安全虚拟机对应的密钥替换为默认密钥,并将所述安全虚拟机对应的密钥(例如虚拟机加密密钥、信道唯一密钥和虚拟机磁盘加密密钥等)删除,以释放相应的存储空间,并避免已销毁或已迁移的安全虚拟机的密钥的误用。In this embodiment, a storage unit such as a register can be used as the key storage unit. When the secure virtual machine is destroyed or migrated, the key corresponding to the secure virtual machine loaded in the key storage unit is promptly replaced with the default key using the default key, and the key corresponding to the secure virtual machine (such as a virtual machine encryption key, a channel unique key, and a virtual machine disk encryption key, etc.) is deleted to release the corresponding storage space and avoid misuse of the key of the destroyed or migrated secure virtual machine.

在传统的安全虚拟机控制技术中,为了在一定程度上保障安全虚拟机的私有数据安全,通常只允许安全虚拟机与虚拟机监视器之间进行数据的通信与共享,当用户需要在安全虚拟机与安全虚拟机之间进行通信时,只能先将第一个安全虚拟机的数据共享给虚拟机监视器,再由虚拟机监视器共享给另一个安全虚拟机。整个过程需要多次数据拷贝,不仅效率较低,而且存在资源浪费的问题。为了解决这一问题,本说明书实施方式基于加密虚拟化技术,提供了一种虚拟机共享密钥,安全固件基于虚拟机共享密钥可直接实现安全虚拟机之间的数据共享,无需通过虚拟机监视器,有利于提高数据共享效率,减少资源浪费,此外,也可避免虚拟机监视器通过数据共享方式盗取安全虚拟机私有数据的情况出现。In traditional secure virtual machine control technology, in order to ensure the security of private data of secure virtual machines to a certain extent, data communication and sharing are usually only allowed between secure virtual machines and virtual machine monitors. When users need to communicate between secure virtual machines, they can only share the data of the first secure virtual machine with the virtual machine monitor, and then the virtual machine monitor shares it with another secure virtual machine. The whole process requires multiple data copies, which is not only inefficient, but also wastes resources. In order to solve this problem, the implementation method of this specification provides a virtual machine shared key based on encrypted virtualization technology. The secure firmware can directly realize data sharing between secure virtual machines based on the virtual machine shared key without going through the virtual machine monitor, which is conducive to improving data sharing efficiency and reducing resource waste. In addition, it can also avoid the situation where the virtual machine monitor steals the private data of the secure virtual machine through data sharing.

下面将针对虚拟机共享密钥进行示例性说明,在本说明书的一个实施方式中,提供了一种针对多密钥安全虚拟机的密钥管理方法,如图6所示,所述密钥管理方法应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,所述密钥管理方法包括:The following is an exemplary description of a virtual machine shared key. In one embodiment of the present specification, a key management method for a multi-key secure virtual machine is provided. As shown in FIG6 , the key management method is applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip further includes a cryptographic engine, the cryptographic engine includes a key storage unit, the system on chip further includes a second processor, the second processor is used to run a secure virtual machine, and the key management method includes:

S601:响应于所述安全虚拟机的启动操作,根据所述安全虚拟机的配置信息,生成与所述安全虚拟机对应的虚拟机共享密钥;S601: In response to a startup operation of the secure virtual machine, generating a virtual machine shared key corresponding to the secure virtual machine according to configuration information of the secure virtual machine;

S602:响应于所述安全虚拟机与其他所述安全虚拟机的数据共享请求,所述安全固件将所述虚拟机共享密钥加载于所述密钥存储单元,基于所述密钥存储单元加载的所述虚拟机共享密钥,控制所述安全虚拟机与其他所述安全虚拟机进行数据共享;在所述数据共享完成后,所述安全固件将所述虚拟机共享密钥从所述密钥存储单元中移除。S602: In response to a data sharing request between the secure virtual machine and other secure virtual machines, the secure firmware loads the virtual machine shared key into the key storage unit, and controls the secure virtual machine to share data with other secure virtual machines based on the virtual machine shared key loaded by the key storage unit; after the data sharing is completed, the secure firmware removes the virtual machine shared key from the key storage unit.

虚拟机共享密钥的整个生命周期可参考图7,所述安全虚拟机的配置信息可以是指安全虚拟机的租户在虚拟机配置阶段设置的相关信息,在本实施方式中,对于多密钥安全虚拟机而言,配置信息中可以包括是否允许安全虚拟机之间的数据共享,在配置信息包括允许安全虚拟机之间进行数据共享时,所述安全固件响应针对安全虚拟机的启动操作时,会生成与所述安全虚拟机对应的虚拟机共享密钥。该虚拟机共享密钥可以用于在安全固件的管理下进行安全虚拟机之间的数据共享。在虚拟机共享密钥生成后,可以基于一定策略进行虚拟机共享密钥的策略存储,例如可以存储于密码引擎中等。The entire life cycle of the virtual machine shared key can refer to Figure 7. The configuration information of the secure virtual machine may refer to the relevant information set by the tenant of the secure virtual machine during the virtual machine configuration stage. In this embodiment, for a multi-key secure virtual machine, the configuration information may include whether data sharing between secure virtual machines is allowed. When the configuration information includes allowing data sharing between secure virtual machines, the secure firmware will generate a virtual machine shared key corresponding to the secure virtual machine when responding to the startup operation for the secure virtual machine. The virtual machine shared key can be used to share data between secure virtual machines under the management of the secure firmware. After the virtual machine shared key is generated, the policy storage of the virtual machine shared key can be performed based on a certain policy, for example, it can be stored in a cryptographic engine, etc.

在安全虚拟机处于激活态时,安全虚拟机可以请求与其他安全虚拟机进行数据共享(即共享申请),安全固件响应该请求进行密钥调度,具体例如可以根据请求进行数据共享的安全虚拟机的虚拟机身份标识找到与其对应的虚拟机共享密钥,并将该安全虚拟机共享密钥加载于密钥存储单元中,以满足安全固件调用该虚拟机共享密钥的需求。在安全虚拟机之间进行数据共享时,安全固件可以利用虚拟机共享密钥对共享的数据进行加解密,以满足安全虚拟机之间进行数据共享时的安全性需求。由于虚拟机共享密钥在数据共享过程中仅由安全固件管理,避免了其他安全虚拟机租户、虚拟机监视器和其他攻击者盗用虚拟机共享密钥的情况出现。When the secure virtual machine is in an activated state, the secure virtual machine can request to share data with other secure virtual machines (i.e., a sharing application), and the secure firmware performs key scheduling in response to the request. Specifically, for example, the virtual machine sharing key corresponding to the secure virtual machine requesting data sharing can be found based on the virtual machine identity of the secure virtual machine requesting data sharing, and the secure virtual machine sharing key can be loaded into the key storage unit to meet the security firmware's need to call the virtual machine sharing key. When data is shared between secure virtual machines, the secure firmware can use the virtual machine sharing key to encrypt and decrypt the shared data to meet the security requirements when data is shared between secure virtual machines. Since the virtual machine sharing key is only managed by the secure firmware during the data sharing process, the situation where other secure virtual machine tenants, virtual machine monitors, and other attackers steal the virtual machine sharing key is avoided.

总的来说,在本实施方式中,密钥管理方法通过虚拟机共享密钥满足了安全虚拟机之间的数据共享需求,提高了安全虚拟机之间数据共享的便利性,也基于虚拟机共享密钥保障了安全虚拟机之间数据共享的安全性。同时,虚拟机共享密钥的生成与调用权限交由安全固件,避免了通过虚拟机监视器管理虚拟机共享密钥可能导致的密钥泄露或被截获等安全风险,也避免了虚拟机监视器滥用虚拟机共享密钥的情况,进一步提高了安全虚拟机之间进行数据共享时的数据安全性。此外,在安全虚拟机之间进行数据共享时,安全固件将虚拟机共享密钥加载于密钥存储单元中,由安全固件调用,使得虚拟机共享密钥在调用过程中可以通过专门的安全通道传输,不会出第一处理器的安全边界,不会被第二处理器或虚拟机监视器窥测到,提高了虚拟机共享密钥在调用过程中的安全性;在安全虚拟机之间的数据共享结束时,安全固件即将虚拟机共享密钥从密钥存储单元中移除,进一步降低了虚拟机共享密钥被截获或误用的可能。In general, in this embodiment, the key management method meets the data sharing requirements between secure virtual machines through virtual machine shared keys, improves the convenience of data sharing between secure virtual machines, and also ensures the security of data sharing between secure virtual machines based on virtual machine shared keys. At the same time, the generation and calling authority of virtual machine shared keys are handed over to the secure firmware, avoiding the security risks such as key leakage or interception that may be caused by managing virtual machine shared keys through virtual machine monitors, and also avoiding the situation where virtual machine monitors abuse virtual machine shared keys, further improving the data security when data is shared between secure virtual machines. In addition, when data is shared between secure virtual machines, the secure firmware loads the virtual machine shared key into the key storage unit and calls it by the secure firmware, so that the virtual machine shared key can be transmitted through a dedicated secure channel during the calling process, will not go out of the security boundary of the first processor, will not be detected by the second processor or the virtual machine monitor, and improves the security of the virtual machine shared key during the calling process; when the data sharing between secure virtual machines ends, the secure firmware will remove the virtual machine shared key from the key storage unit, further reducing the possibility of interception or misuse of the virtual machine shared key.

为了提高虚拟机共享密钥在使用过程中的安全性,与虚拟机加密密钥类似的,所述安全固件可以根据目标密钥的类型,设置与所述目标密钥的类型对应的标志位信息,利用所述标志位信息从所述密钥存储单元中确定所述目标密钥,所述目标密钥为所述安全固件需要调用的密钥。In order to improve the security of the virtual machine shared key during use, similar to the virtual machine encryption key, the security firmware can set flag information corresponding to the type of the target key according to the type of the target key, and use the flag information to determine the target key from the key storage unit, and the target key is the key that the security firmware needs to call.

在一些实施方式中,为了区别于虚拟机加密密钥等密钥,且为了方便地通过标志位信息命中虚拟机共享密钥,为虚拟机共享密钥,所述密钥存储单元包括共享密钥槽位;In some implementations, in order to distinguish from a virtual machine encryption key or other key, and to conveniently hit the virtual machine shared key through the flag information, the virtual machine shared key, the key storage unit includes a shared key slot;

所述安全固件将所述虚拟机共享密钥加载于所述密钥存储单元具体包括:The secure firmware loads the virtual machine shared key into the key storage unit specifically including:

所述安全固件将所述虚拟机共享密钥加载于所述共享密钥槽位。The security firmware loads the virtual machine shared key into the shared key slot.

为了保障虚拟机迁移过程的安全性,在一个实施方式中,所述密钥管理方法还包括:In order to ensure the security of the virtual machine migration process, in one embodiment, the key management method further includes:

响应于平台安全性确认信息,所述安全固件生成虚拟机传输密钥;所述平台安全性确认信息用于表征所述安全虚拟机的租户确认云平台的安全性;In response to the platform security confirmation information, the security firmware generates a virtual machine transmission key; the platform security confirmation information is used to indicate that the tenant of the secure virtual machine confirms the security of the cloud platform;

所述安全固件对所述安全虚拟机进行安全度量,利用所述虚拟机传输密钥加密度量信息,并将加密后的所述度量信息通过安全信道传输给所述安全虚拟机;所述度量信息用于指示所述安全虚拟机在所述度量信息满足配置需求时,请求所述虚拟机监视器向所述安全固件发送所述激活请求。The security firmware performs security measurement on the secure virtual machine, encrypts measurement information using the virtual machine transmission key, and transmits the encrypted measurement information to the secure virtual machine through a secure channel; the measurement information is used to instruct the secure virtual machine to request the virtual machine monitor to send the activation request to the security firmware when the measurement information meets the configuration requirements.

平台安全性确认消息是虚拟机租户通过平台唯一密钥、云平台安全证书等方式验证平台安全性后给出的确认消息,安全固件响应于该消息生成虚拟机传输密钥。在度量过程中,基于虚拟机传输密钥进行度量信息的加密,可保障度量信息的安全性。安全信道的建立过程可参考上文中的相关描述。The platform security confirmation message is a confirmation message given by the virtual machine tenant after verifying the platform security through the platform unique key, cloud platform security certificate, etc. The security firmware generates a virtual machine transport key in response to the message. During the measurement process, the encryption of the measurement information based on the virtual machine transport key can ensure the security of the measurement information. The process of establishing a secure channel can refer to the relevant description above.

除了度量阶段外,在虚拟机迁移过程中,也可以基于虚拟机传输密钥保障迁移过程的数据安全,具体地,在一个实施方式中,所述密钥管理方法还包括:In addition to the measurement phase, during the virtual machine migration process, data security during the migration process can also be ensured based on the virtual machine transmission key. Specifically, in one embodiment, the key management method further includes:

响应于针对待迁移安全虚拟机的迁移请求,基于所述虚拟机传输密钥加密传输数据。In response to a migration request for a secure virtual machine to be migrated, encrypted transmission data is transmitted based on the virtual machine transmission key.

关于安全虚拟机的迁移过程具体可参考图4及相关描述。For details about the migration process of the secure virtual machine, please refer to Figure 4 and related descriptions.

与前文描述的虚拟机加密密钥等类似,在安全虚拟机销毁或迁移完成后,需要对虚拟机共享密钥和虚拟机传输密钥进行删除。即在一个实施方式中,所述密钥管理方法还包括:Similar to the virtual machine encryption key described above, after the secure virtual machine is destroyed or migrated, the virtual machine shared key and the virtual machine transport key need to be deleted. That is, in one embodiment, the key management method further includes:

响应于所述安全虚拟机的销毁请求或所述安全虚拟机迁移完成,将所述密钥存储单元中加载的与所述安全虚拟机对应的密钥替换为默认密钥,并将所述安全虚拟机对应的密钥删除,所述默认密钥用于所述安全虚拟机与虚拟机监视器之间的数据共享。在一些实施方式中,所述默认密钥可以包括主机(host)密钥。In response to a request to destroy the secure virtual machine or completion of migration of the secure virtual machine, the key corresponding to the secure virtual machine loaded in the key storage unit is replaced with a default key, and the key corresponding to the secure virtual machine is deleted, and the default key is used for data sharing between the secure virtual machine and the virtual machine monitor. In some embodiments, the default key may include a host key.

如此,可避免安全虚拟机销毁或迁移完成后,其对应的密钥仍占用存储控件导致资源浪费等问题。In this way, it can be avoided that after the secure virtual machine is destroyed or migrated, its corresponding key still occupies the storage control, causing resource waste and other problems.

在一些实施方式中,提供了一种可行地安全虚拟机的数据共享方法,如图8所示,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,所述安全虚拟机的数据共享方法包括:In some embodiments, a feasible data sharing method for a secure virtual machine is provided, as shown in FIG8, applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip also includes a second processor, the second processor is used to run a secure virtual machine, the data sharing method for the secure virtual machine includes:

S801:响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;S801: In response to a configuration operation for a current secure virtual machine, generating a virtual machine shared key corresponding to the current secure virtual machine according to configuration information of the current secure virtual machine; the configuration information of the secure virtual machine includes shared memory information; the shared memory information is used to create a shared memory;

S802:响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。S802: In response to a data sharing request carrying target secure virtual machine information, the secure firmware shares the shared data with the target secure virtual machine using the shared memory according to a virtual machine sharing key corresponding to the current secure virtual machine.

在本实施方式中,所述数据共享方法通过虚拟机共享密钥满足了安全虚拟机之间的数据共享需求,提高了安全虚拟机之间数据共享的便利性,也基于虚拟机共享密钥保障了安全虚拟机之间数据共享的安全性。同时,安全虚拟机的配置信息包括共享内存信息,所述共享内存信息用于创建共享内存,如此在数据共享过程中,所述安全固件可以根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享,有利于提高数据数据共享效率。In this embodiment, the data sharing method meets the data sharing requirements between secure virtual machines through the virtual machine shared key, improves the convenience of data sharing between secure virtual machines, and also ensures the security of data sharing between secure virtual machines based on the virtual machine shared key. At the same time, the configuration information of the secure virtual machine includes shared memory information, and the shared memory information is used to create shared memory. In this way, during the data sharing process, the secure firmware can share the shared data with the target secure virtual machine using the shared memory according to the virtual machine shared key corresponding to the current secure virtual machine, which is conducive to improving the efficiency of data sharing.

在安全虚拟机创建的输出阶段,安全虚拟机的租户在确认云平台的安全性之后,可以对安全虚拟机的初始共享策略进行配置,在一些实施方式中,初始共享策略可以包括:(1)、不允许当前安全虚拟机进行数据共享;(2)、允许当前安全虚拟机在本租户的安全虚拟机之间进行数据共享;(3)、允许当前安全虚拟机在不同租户的安全虚拟机之间进行数据共享。当初始共享策略为不允许当前安全虚拟机进行数据共享时,不进行后续共享相关配置操作,这些初始共享策略可以作为配置信息的一部分。In the output stage of secure virtual machine creation, after confirming the security of the cloud platform, the tenant of the secure virtual machine can configure the initial sharing policy of the secure virtual machine. In some embodiments, the initial sharing policy may include: (1) not allowing the current secure virtual machine to share data; (2) allowing the current secure virtual machine to share data between the secure virtual machines of the tenant; (3) allowing the current secure virtual machine to share data between the secure virtual machines of different tenants. When the initial sharing policy does not allow the current secure virtual machine to share data, subsequent sharing-related configuration operations are not performed. These initial sharing policies can be used as part of the configuration information.

允许当前安全虚拟机在本租户的安全虚拟机之间进行数据共享又包括:允许当前安全虚拟机在本宿主机的本租户的安全虚拟机之间进行数据共享,以及允许当前安全虚拟机在不同宿主机的本租户的安全虚拟机之间进行数据共享。Allowing the current secure virtual machine to share data between the secure virtual machines of the tenant includes: allowing the current secure virtual machine to share data between the secure virtual machines of the tenant of the host machine, and allowing the current secure virtual machine to share data between the secure virtual machines of the tenant of different host machines.

允许当前安全虚拟机在不同租户的安全虚拟机之间进行数据共享又包括:允许当前安全虚拟机在本宿主机的不同租户的安全虚拟机之间进行数据共享,以及允许当前安全虚拟机在不同宿主机的不同租户的安全虚拟机之间进行数据共享。宿主机(Host)可以是指用于运行安全虚拟机的计算机系统。本租户是指拥有当前安全虚拟机的租户,本宿主机则是指运行当前安全虚拟机的宿主机。Allowing the current secure virtual machine to share data between secure virtual machines of different tenants also includes: allowing the current secure virtual machine to share data between secure virtual machines of different tenants of the current host, and allowing the current secure virtual machine to share data between secure virtual machines of different tenants of different hosts. A host may refer to a computer system used to run a secure virtual machine. The current tenant refers to the tenant that owns the current secure virtual machine, and the current host refers to the host that runs the current secure virtual machine.

下面将对不同的初始共享策略下的安全虚拟机的数据共享方法进行示例性说明。The following is an exemplary description of the data sharing method of the secure virtual machine under different initial sharing strategies.

对于虚拟机共享密钥的生成,在一个实施方式中,所述根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥包括:Regarding the generation of a virtual machine shared key, in one embodiment, generating a virtual machine shared key corresponding to the current secure virtual machine according to the configuration information of the current secure virtual machine includes:

在所述配置信息包括允许同一宿主机中的不同安全虚拟机进行数据共享时,所述安全固件利用软件算法或所述真随机数发生器模块生成与所述当前安全虚拟机对应的虚拟机共享密钥;When the configuration information includes allowing different secure virtual machines in the same host machine to share data, the secure firmware generates a virtual machine shared key corresponding to the current secure virtual machine using a software algorithm or the true random number generator module;

在所述配置信息包括允许不同宿主机中的不同安全虚拟机进行数据共享时,所述安全固件利用所述真随机数发生器模块生成与所述当前安全虚拟机对应的虚拟机共享密钥。When the configuration information includes allowing different secure virtual machines in different host machines to share data, the secure firmware uses the true random number generator module to generate a virtual machine shared key corresponding to the current secure virtual machine.

在本实施方式中,当用户配置的配置信息包括允许同一宿主机中的不同安全虚拟机进行数据共享(不包括允许不同宿主机中的不同安全虚拟机进行数据共享)时,由于同一宿主机中的不同安全虚拟机基于相同的硬件基础,不同安全虚拟机之间的可信度相对较高,因此,在生成虚拟机共享密钥时,可以由安全固件利用软件算法生成的随机数生成,也可以由安全固件利用真随机数发生器模块生成,如此,为租户提供效率优先和安全性优先的选择,提高该方法的灵活性。In this embodiment, when the configuration information configured by the user includes allowing different secure virtual machines in the same host machine to share data (excluding allowing different secure virtual machines in different hosts to share data), since different secure virtual machines in the same host machine are based on the same hardware foundation, the credibility between different secure virtual machines is relatively high. Therefore, when generating a virtual machine shared key, it can be generated by the security firmware using a random number generated by a software algorithm, or it can be generated by the security firmware using a true random number generator module. In this way, tenants are provided with the choice of efficiency priority and security priority, thereby improving the flexibility of the method.

当用户配置的配置信息包括允许不同宿主机中的不同安全虚拟机进行数据共享时,由于不同宿主机中的安全虚拟机基于的硬件基础不同,不同宿主机的安全性设置和状态可能因为配置的不同而不同,因此,有必要基于安全性考虑,由安全固件基于真随机数发生器模块生成虚拟机共享密钥,避免由于软件算法生成的随机数被预测而可能导致的安全性问题。When the configuration information configured by the user includes allowing different secure virtual machines in different host machines to share data, since the secure virtual machines in different host machines are based on different hardware foundations, the security settings and status of different host machines may be different due to different configurations. Therefore, it is necessary to generate a virtual machine shared key based on a true random number generator module by the secure firmware based on security considerations to avoid security issues that may be caused by the random numbers generated by the software algorithm being predicted.

对于同一宿主机,在一个实施方式中,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,在所述目标安全虚拟机与所述当前安全虚拟机位于同一宿主机中时;For the same host machine, in one embodiment, the system on chip further includes a cryptographic engine, the cryptographic engine including a key storage unit, when the target secure virtual machine and the current secure virtual machine are located in the same host machine;

所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享包括:The secure firmware uses the shared memory to share the shared data with the target secure virtual machine according to the virtual machine shared key corresponding to the current secure virtual machine, including:

对所述数据共享请求进行检查,在检查通过的情况下,将所述当前安全虚拟机对应的虚拟机共享密钥加载于所述密钥存储单元中;加载于所述密钥存储单元中的所述虚拟机共享密钥,用于供所述当前虚拟机对解密完成后的待共享数据进行加密,以获得所述共享数据并写入所述共享内存;The data sharing request is checked, and if the check passes, the virtual machine sharing key corresponding to the current secure virtual machine is loaded into the key storage unit; the virtual machine sharing key loaded into the key storage unit is used by the current virtual machine to encrypt the data to be shared after decryption is completed, so as to obtain the shared data and write it into the shared memory;

响应于所述共享数据共享完毕,所述安全固件采用默认密钥替换所述密钥存储单元中加载的所述虚拟机共享密钥;所述待共享数据基于所述当前安全虚拟机对应的虚拟机加密密钥解密,所述默认密钥用于所述安全虚拟机与虚拟机监视器之间的数据共享。In response to the completion of sharing the shared data, the security firmware uses a default key to replace the virtual machine shared key loaded in the key storage unit; the data to be shared is decrypted based on the virtual machine encryption key corresponding to the current secure virtual machine, and the default key is used for data sharing between the secure virtual machine and the virtual machine monitor.

对数据共享请求进行检查,可以包括对数据共享请求中的相关信息的完整性、安全性等的检查,例如,对于目标安全虚拟机信息的完整性检查以及对于目标安全虚拟机信息表征的目标安全虚拟机的安全性检查等等。在一些实施方式中,数据共享请求还可以包括共享内存信息,针对数据共享请求的检查还可以包括针对共享内存信息的检查,例如检查共享内存大小、地址等是否合规等等。Checking the data sharing request may include checking the integrity and security of the relevant information in the data sharing request, for example, checking the integrity of the target secure virtual machine information and checking the security of the target secure virtual machine represented by the target secure virtual machine information, etc. In some embodiments, the data sharing request may also include shared memory information, and the check on the data sharing request may also include checking the shared memory information, for example, checking whether the shared memory size, address, etc. are compliant, etc.

在检查通过的情况下,安全固件将虚拟机共享密钥加载于密钥存储单元。此后,安全虚拟机基于安全虚拟机的虚拟机加密密钥对待共享数据进行解密,解密后待共享数据基于加载于密钥存储单元中的虚拟机共享密钥进行加密,以得到共享数据,该共享数据写入共享内存后,即可由目标安全虚拟机从共享内存中进行共享数据的读取和拷贝,目标安全虚拟机也可基于加载于密钥存储单元中的虚拟机共享密钥对共享数据进行解密,并利用目标安全虚拟机对应的虚拟机加密密钥进行加密后存储,至此完成同一宿主机中不同安全虚拟机之间的数据共享。If the check passes, the security firmware loads the virtual machine shared key into the key storage unit. After that, the secure virtual machine decrypts the shared data based on the virtual machine encryption key of the secure virtual machine. After decryption, the shared data is encrypted based on the virtual machine shared key loaded in the key storage unit to obtain the shared data. After the shared data is written into the shared memory, the target secure virtual machine can read and copy the shared data from the shared memory. The target secure virtual machine can also decrypt the shared data based on the virtual machine shared key loaded in the key storage unit, and encrypt it with the virtual machine encryption key corresponding to the target secure virtual machine and store it. At this point, data sharing between different secure virtual machines in the same host is completed.

在共享数据共享完毕后,当前安全虚拟机可以给安全固件发送一个共享完成的通知信息,此时安全固件响应于该信息,采用默认密钥替换密钥存储单元中加载的虚拟机共享密钥,实现虚拟机共享密钥从密钥存储单元中的卸载。即在本实施方式中,密钥存储单元可以被配置为只写不可读的状态,因此,通过默认密钥覆盖其中加载的密钥的方式,可提高密钥存储单元中加载的密钥的安全性,使攻击者无法通过读取密钥存储单元中加载的密钥的方式获得密钥。After the shared data is shared, the current secure virtual machine can send a sharing completion notification message to the secure firmware. At this time, the secure firmware responds to the message and uses the default key to replace the virtual machine shared key loaded in the key storage unit, thereby uninstalling the virtual machine shared key from the key storage unit. That is, in this embodiment, the key storage unit can be configured to be write-only and not readable. Therefore, by overwriting the key loaded therein with the default key, the security of the key loaded in the key storage unit can be improved, so that an attacker cannot obtain the key by reading the key loaded in the key storage unit.

当所述目标安全虚拟机与所述当前安全虚拟机属于不同租户时,所述数据共享请求还携带有目标租户的信息;When the target secure virtual machine and the current secure virtual machine belong to different tenants, the data sharing request also carries information of the target tenant;

所述对所述数据共享请求进行检查包括:The checking of the data sharing request comprises:

对所述目标租户的信息进行安全性检查。A security check is performed on the target tenant's information.

对目标租户的信息进行安全性检查可以包括针对目标租户的身份是否合规,目标租户与目标安全虚拟机之间是否对应等方面的检查,以避免伪造的目标租户请求数据共享可能导致的安全性问题。The security check on the target tenant's information may include checking whether the target tenant's identity is compliant, whether the target tenant corresponds to the target secure virtual machine, etc., to avoid security issues that may be caused by forged target tenant requests for data sharing.

对于不同的宿主机,不同安全虚拟机之间的数据共享,在一个实施方式中,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,在所述目标安全虚拟机与所述当前安全虚拟机位于不同宿主机中时;For data sharing between different secure virtual machines on different hosts, in one embodiment, the system on chip further includes a cryptographic engine, the cryptographic engine including a key storage unit, when the target secure virtual machine and the current secure virtual machine are located in different hosts;

所述数据共享请求还包括目标宿主机的信息;The data sharing request also includes information of the target host machine;

所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享包括:The secure firmware uses the shared memory to share the shared data with the target secure virtual machine according to the virtual machine shared key corresponding to the current secure virtual machine, including:

在所述目标宿主机的信息的安全性检查通过的情况下,将与所述当前安全虚拟机对应的虚拟机共享密钥加载于所述密钥存储单元,并将与所述当前安全虚拟机对应的虚拟机共享密钥发送给所述目标宿主机中的目标第一处理器;加载于所述密钥存储单元中的所述虚拟机共享密钥,用于供所述当前虚拟机对解密完成后的待共享数据进行加密,以获得所述共享数据并写入所述共享内存;In the case where the security check of the information of the target host machine passes, the virtual machine shared key corresponding to the current secure virtual machine is loaded into the key storage unit, and the virtual machine shared key corresponding to the current secure virtual machine is sent to the target first processor in the target host machine; the virtual machine shared key loaded in the key storage unit is used for the current virtual machine to encrypt the data to be shared after the decryption is completed, so as to obtain the shared data and write it into the shared memory;

响应于所述共享数据写入所述共享内存,所述安全固件将所述共享数据通过安全信道发送给所述目标安全虚拟机;发送给所述目标安全虚拟机的共享数据,用于指示所述目标第一处理器上的安全固件利用与所述当前虚拟机对应的虚拟机共享密钥对所述共享数据进行解密,并将解密后的数据利用与所述目标安全虚拟机对应的虚拟机加密密钥进行加密后存储。In response to the shared data being written into the shared memory, the security firmware sends the shared data to the target secure virtual machine through a secure channel; the shared data sent to the target secure virtual machine is used to instruct the security firmware on the target first processor to decrypt the shared data using the virtual machine shared key corresponding to the current virtual machine, and to encrypt the decrypted data using the virtual machine encryption key corresponding to the target secure virtual machine and then store it.

在本实施方式中,在当前安全虚拟机将共享数据写入共享内存中,安全固件可以将共享数据通过安全信道发送给目标安全虚拟机,安全信道可以基于信道唯一密钥建立,具体建立过程可参考上文中的相关描述。In this embodiment, when the current secure virtual machine writes shared data into shared memory, the secure firmware can send the shared data to the target secure virtual machine through a secure channel. The secure channel can be established based on a channel-unique key. The specific establishment process can refer to the relevant description above.

目标安全虚拟机可以运行于目标第二处理器上,目标第一处理器的安全固件利用与所述当前虚拟机对应的虚拟机共享密钥对所述共享数据进行解密,并利用与目标安全虚拟机对应的虚拟机加密密钥进行加密后存储于目标安全虚拟机的私有存储中,至此完成跨宿主机的数据共享。目标第一处理器和目标第二处理器都可以位于目标安全虚拟机中,可以位于同一片上系统中。The target secure virtual machine can run on the target second processor, and the secure firmware of the target first processor uses the virtual machine shared key corresponding to the current virtual machine to decrypt the shared data, and uses the virtual machine encryption key corresponding to the target secure virtual machine to encrypt the shared data and store it in the private storage of the target secure virtual machine, thereby completing the cross-host data sharing. Both the target first processor and the target second processor can be located in the target secure virtual machine and can be located in the same system on chip.

在完成跨宿主机的数据共享后,为了保障虚拟机共享密钥的安全性,在一个实施方式中,所述安全固件将所述共享数据通过安全信道发送给所述目标安全虚拟机之后,还包括:After completing the data sharing across the host machines, in order to ensure the security of the virtual machine shared key, in one embodiment, after the secure firmware sends the shared data to the target secure virtual machine through a secure channel, it also includes:

响应于所述目标第一处理器上的安全固件发送的共享完成命令,删除所述当前安全虚拟机对应的虚拟机共享密钥。所述共享完成命令也可用于指示所述目标第一处理器删除所述当前虚拟机对应的虚拟机共享密钥。In response to a sharing completion command sent by the security firmware on the target first processor, the virtual machine shared key corresponding to the current secure virtual machine is deleted. The sharing completion command can also be used to instruct the target first processor to delete the virtual machine shared key corresponding to the current virtual machine.

如此,在跨宿主机的数据共享完成后,由于虚拟机共享密钥实际上已经被两个不同的宿主机获悉,增加了虚拟机共享密钥被攻击而泄露的风险,因此,在跨宿主机的数据共享完成后,发送端和接收端上的第一处理器均删除保存的与当前安全虚拟机对应的虚拟机共享密钥,以保障当前安全虚拟机的数据安全性。在当前安全虚拟机再次有数据共享需求时,安全固件可以响应于当前安全虚拟机的数据共享请求,重新生成与当前安全虚拟机对应的虚拟机共享密钥,在保障了当前安全虚拟机的数据安全性的基础上,实现了支持当前安全虚拟机继续进行新的数据共享操作的目的。In this way, after the data sharing across hosts is completed, since the virtual machine shared key has actually been known by two different hosts, the risk of the virtual machine shared key being attacked and leaked is increased. Therefore, after the data sharing across hosts is completed, the first processors on both the sending end and the receiving end delete the saved virtual machine shared key corresponding to the current secure virtual machine to ensure the data security of the current secure virtual machine. When the current secure virtual machine has a data sharing demand again, the secure firmware can respond to the data sharing request of the current secure virtual machine and regenerate the virtual machine shared key corresponding to the current secure virtual machine. On the basis of ensuring the data security of the current secure virtual machine, the purpose of supporting the current secure virtual machine to continue new data sharing operations is achieved.

对于跨宿主机的数据共享,在一些实施方式中,发送给所述目标安全虚拟机的共享数据,还用于在所述目标第一处理器上的安全固件利用与所述当前虚拟机对应的虚拟机共享密钥对所述共享数据进行解密后,通过所述目标第一处理器上的安全固件指示所述目标宿主机中的虚拟机监视器启动所述目标安全虚拟机,在所述目标安全虚拟机的状态检查通过后,执行将解密后的数据利用与所述目标安全虚拟机对应的虚拟机加密密钥进行加密后存储的步骤。Regarding data sharing across host machines, in some embodiments, the shared data sent to the target secure virtual machine is also used to decrypt the shared data using the virtual machine shared key corresponding to the current virtual machine, and then instruct the virtual machine monitor in the target host machine to start the target secure virtual machine through the secure firmware on the target first processor. After the status check of the target secure virtual machine passes, the step of encrypting the decrypted data using the virtual machine encryption key corresponding to the target secure virtual machine and then storing it is performed.

在本实施方式中,在目标第一处理器的安全固件对共享数据进行解密后,目标第一处理的安全固件还用于指示目标宿主机中的虚拟机监视器启动目标安全虚拟机,并对目标安全虚拟机的状态进行检查,判断目标安全虚拟机是否处于激活态以及是否满足数据共享要求等等,在检查通过时才进行解密后的数据的加密存储,有利于保障数据安全性。In this embodiment, after the security firmware of the target first processor decrypts the shared data, the security firmware of the target first processor is also used to instruct the virtual machine monitor in the target host machine to start the target secure virtual machine, and check the status of the target secure virtual machine to determine whether the target secure virtual machine is in an activated state and whether it meets the data sharing requirements, etc. The decrypted data is encrypted and stored only when the check passes, which is beneficial to ensure data security.

示例性相关装置Exemplary Related Devices

在本说明书的一个示例性实施例中,还提供了一种密钥管理装置,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,如图9所示,所述密钥管理装置包括:In an exemplary embodiment of the present specification, a key management device is further provided, which is applied to a first processor in a system on chip, the first processor is used to run a security firmware, the system on chip further includes a cryptographic engine, the cryptographic engine includes a key storage unit, the system on chip further includes a second processor, the second processor is used to run a secure virtual machine, as shown in FIG9 , the key management device includes:

启动模块801,用于响应于所述安全虚拟机的启动操作,所述安全固件生成所述安全虚拟机对应的虚拟机加密密钥,所述虚拟机加密密钥用于加密所述安全虚拟机的数据;A startup module 801, configured to generate, by the security firmware, a virtual machine encryption key corresponding to the secure virtual machine in response to a startup operation of the secure virtual machine, wherein the virtual machine encryption key is used to encrypt data of the secure virtual machine;

激活模块802,用于响应于所述安全虚拟机的激活请求,所述安全固件将所述虚拟机加密密钥加载于所述密钥存储单元,所述密钥存储单元中加载的所述虚拟机加密密钥用于供所述安全固件调用。The activation module 802 is used to respond to the activation request of the secure virtual machine, and the secure firmware loads the virtual machine encryption key into the key storage unit, and the virtual machine encryption key loaded in the key storage unit is used for the secure firmware to call.

相应的,在本说明书的一个示例性实施例中,还提供了一种密钥管理装置,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,如图10所示,所述密钥管理装置包括:Accordingly, in an exemplary embodiment of the present specification, a key management device is further provided, which is applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip further includes a cryptographic engine, the cryptographic engine includes a key storage unit, the system on chip further includes a second processor, the second processor is used to run a secure virtual machine, as shown in FIG10 , the key management device includes:

共享密钥模块901,用于响应于所述安全虚拟机的启动操作,根据所述安全虚拟机的配置信息,生成与所述安全虚拟机对应的虚拟机共享密钥;A shared key module 901, configured to generate a virtual machine shared key corresponding to the secure virtual machine in response to a startup operation of the secure virtual machine and according to configuration information of the secure virtual machine;

数据共享模块902,用于响应于所述安全虚拟机与其他所述安全虚拟机的数据共享请求,所述安全固件将所述虚拟机共享密钥加载于所述密钥存储单元,基于所述密钥存储单元加载的所述虚拟机共享密钥,控制所述安全虚拟机与其他所述安全虚拟机进行数据共享。The data sharing module 902 is used to respond to a data sharing request between the secure virtual machine and other secure virtual machines. The secure firmware loads the virtual machine sharing key into the key storage unit, and controls the secure virtual machine to share data with other secure virtual machines based on the virtual machine sharing key loaded by the key storage unit.

关于密钥管理装置的具体限定可以参见上文中关于密钥管理方法的限定,在此不再赘述。上述密钥管理装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。For the specific definition of the key management device, please refer to the definition of the key management method above, which will not be repeated here. Each module in the above-mentioned key management device can be implemented in whole or in part by software, hardware and their combination. The above-mentioned modules can be embedded in or independent of the processor in the computer device in the form of hardware, or can be stored in the memory of the computer device in the form of software, so that the processor can call and execute the operations corresponding to the above modules.

相应的,在本说明书的一个示例性实施例中,还提供了一种安全虚拟机的数据共享装置,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,如图11所示,所述安全虚拟机的数据共享装置包括:Accordingly, in an exemplary embodiment of the present specification, a data sharing device for a secure virtual machine is further provided, which is applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip further includes a second processor, the second processor is used to run a secure virtual machine, as shown in FIG11, the data sharing device for the secure virtual machine includes:

第二共享密钥模块1101,用于响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;The second shared key module 1101 is used to generate a virtual machine shared key corresponding to the current secure virtual machine according to the configuration information of the current secure virtual machine in response to the configuration operation for the current secure virtual machine; the configuration information of the secure virtual machine includes shared memory information; the shared memory information is used to create a shared memory;

第二数据共享模块1102,用于响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。The second data sharing module 1102 is used to respond to a data sharing request carrying target secure virtual machine information, and the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on the virtual machine sharing key corresponding to the current secure virtual machine.

关于安全虚拟机的数据共享装置的具体限定可以参见上文中关于安全虚拟机的数据共享方法的限定,在此不再赘述。上述安全虚拟机的数据共享装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。The specific definition of the data sharing device of the secure virtual machine can be found in the definition of the data sharing method of the secure virtual machine mentioned above, which will not be repeated here. Each module in the data sharing device of the secure virtual machine can be implemented in whole or in part by software, hardware and a combination thereof. Each of the above modules can be embedded in or independent of the processor in the computer device in the form of hardware, or can be stored in the memory of the computer device in the form of software, so that the processor can call and execute the operations corresponding to each of the above modules.

在本说明书的一个示例性实施例中,还提供了一种片上系统,如图12所示,包括:第一处理器、第二处理器和密码引擎;其中,In an exemplary embodiment of the present specification, a system on chip is also provided, as shown in FIG12, comprising: a first processor, a second processor and a cryptographic engine; wherein,

所述第一处理器用于运行安全固件,所述密码引擎包括密钥存储单元,所述第二处理器用于运行安全虚拟机;The first processor is used to run the security firmware, the cryptographic engine includes a key storage unit, and the second processor is used to run the security virtual machine;

所述安全固件被配置为:响应于所述安全虚拟机的启动操作,所述安全固件生成所述安全虚拟机对应的虚拟机加密密钥,所述虚拟机加密密钥用于加密所述安全虚拟机的数据;The security firmware is configured to: in response to a startup operation of the security virtual machine, generate a virtual machine encryption key corresponding to the security virtual machine, wherein the virtual machine encryption key is used to encrypt data of the security virtual machine;

响应于所述安全虚拟机的激活请求,所述安全固件将所述虚拟机加密密钥加载于所述密钥存储单元,所述密钥存储单元中加载的所述虚拟机加密密钥用于供所述安全固件调用。In response to an activation request of the secure virtual machine, the secure firmware loads the virtual machine encryption key into the key storage unit, and the virtual machine encryption key loaded into the key storage unit is used for being called by the secure firmware.

在本说明书的另一个示例性实施例中,还提供了一种片上系统,仍然参考图12,包括:第一处理器、第二处理器和密码引擎;其中,In another exemplary embodiment of the present specification, a system on chip is also provided, still referring to FIG. 12 , comprising: a first processor, a second processor and a cryptographic engine; wherein,

所述第一处理器用于运行安全固件,所述密码引擎包括密钥存储单元,所述第二处理器用于运行安全虚拟机;The first processor is used to run the security firmware, the cryptographic engine includes a key storage unit, and the second processor is used to run the security virtual machine;

所述安全固件被配置为:响应于所述安全虚拟机的启动操作,根据所述安全虚拟机的配置信息,生成与所述安全虚拟机对应的虚拟机共享密钥;The security firmware is configured to: in response to a startup operation of the security virtual machine, generate a virtual machine shared key corresponding to the security virtual machine according to configuration information of the security virtual machine;

响应于所述安全虚拟机与其他所述安全虚拟机的数据共享请求,所述安全固件将所述虚拟机共享密钥加载于所述密钥存储单元,基于所述密钥存储单元加载的所述虚拟机共享密钥,控制所述安全虚拟机与其他所述安全虚拟机进行数据共享。In response to a data sharing request between the secure virtual machine and other secure virtual machines, the secure firmware loads the virtual machine sharing key into the key storage unit, and controls the secure virtual machine to share data with other secure virtual machines based on the virtual machine sharing key loaded by the key storage unit.

在本说明书的又一个示例性实施例中,还提供了一种片上系统,,仍然参考图12,包括:第一处理器和第二处理器;其中,In another exemplary embodiment of the present specification, a system on chip is provided, still referring to FIG. 12 , comprising: a first processor and a second processor; wherein:

所述第一处理器用于运行安全固件,所述第二处理器用于运行安全虚拟机;The first processor is used to run the security firmware, and the second processor is used to run the security virtual machine;

所述安全固件被配置为:响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;The security firmware is configured to: in response to a configuration operation for a current security virtual machine, generate a virtual machine shared key corresponding to the current security virtual machine according to configuration information of the current security virtual machine; the configuration information of the security virtual machine includes shared memory information; the shared memory information is used to create a shared memory;

响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。In response to a data sharing request carrying target secure virtual machine information, the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on a virtual machine sharing key corresponding to the current secure virtual machine.

关于片上系统中安全固件的具体限定,可参考上文中关于密钥管理方法或安全虚拟机的数据共享方法的限定,在此不再赘述。For the specific limitations of the secure firmware in the system on chip, please refer to the above limitations on the key management method or the data sharing method of the secure virtual machine, which will not be repeated here.

本说明书另一实施例还提出一种计算设备,参见图13所示,本说明书的一个示例性实施例还提供了一种计算设备,包括:存储器和处理器,所述存储器存储有计算机程序,所述处理器执行所述计算机程序时执行本说明书上述实施例中描述的根据本说明书各种实施例的密钥管理方法或安全虚拟机的数据共享方法中的步骤。Another embodiment of the present specification further proposes a computing device. As shown in FIG13 , an exemplary embodiment of the present specification further provides a computing device, including: a memory and a processor, wherein the memory stores a computer program, and when the processor executes the computer program, the steps of the key management method or the data sharing method of the secure virtual machine according to various embodiments of the present specification described in the above embodiments of the present specification are executed.

该计算设备的内部结构可以如图13所示,该计算设备包括通过系统总线连接的处理器、存储器、网络接口和输入装置。其中,该计算设备的处理器用于提供计算和控制能力。该计算设备的存储器包括非易失性存储介质、内存储器。该非易失性存储介质存储有操作系统和计算机程序。该内存储器为非易失性存储介质中的操作系统和计算机程序的运行提供环境。该计算设备的网络接口用于与外部的终端通过网络连接通信。该计算机程序被处理器执行时以本说明书上述实施例中描述的根据本说明书各种实施例的密钥管理方法或安全虚拟机的数据共享方法中的步骤。The internal structure of the computing device may be as shown in FIG13 , and the computing device includes a processor, a memory, a network interface, and an input device connected via a system bus. The processor of the computing device is used to provide computing and control capabilities. The memory of the computing device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and the computer program in the non-volatile storage medium. The network interface of the computing device is used to communicate with an external terminal via a network connection. When the computer program is executed by the processor, the steps in the key management method or the data sharing method of the secure virtual machine according to various embodiments of the present specification described in the above embodiments of the present specification are followed.

处理器可包括主处理器,还可包括基带芯片、调制解调器等。The processor may include a main processor, and may also include a baseband chip, a modem, etc.

存储器中保存有执行本发明技术方案的程序,还可以保存有操作系统和其他关键业务。具体地,程序可以包括程序代码,程序代码包括计算机操作命令。更具体的,存储器可以包括只读存储器(read-only memory,ROM)、可存储静态信息和命令的其他类型的静态存储设备、随机存取存储器(random access memory,RAM)、可存储信息和命令的其他类型的动态存储设备、磁盘存储器、flash等等。The memory stores a program for executing the technical solution of the present invention, and may also store an operating system and other key services. Specifically, the program may include a program code, and the program code includes a computer operation command. More specifically, the memory may include a read-only memory (ROM), other types of static storage devices that can store static information and commands, a random access memory (RAM), other types of dynamic storage devices that can store information and commands, a disk storage, a flash, and the like.

处理器可以是通用处理器,例如通用中央处理器(CPU)、微处理器等,也可以是特定应用集成电路(application-specific integrated circuit,ASIC),或一个或多个用于控制本发明方案程序执行的集成电路。还可以是数字信号处理器(DSP)、专用集成电路(ASIC)、现成可编程门阵列(FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。The processor may be a general-purpose processor, such as a general-purpose central processing unit (CPU), a microprocessor, etc., or an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the program of the scheme of the present invention. It may also be a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component.

输入设备可包括接收用户输入的数据和信息的装置,例如键盘、鼠标、摄像头、扫描仪、光笔、语音输入装置、触摸屏、计步器或重力感应器等。The input device may include a device for receiving data and information input by a user, such as a keyboard, a mouse, a camera, a scanner, a light pen, a voice input device, a touch screen, a pedometer, or a gravity sensor.

输出设备可包括允许输出信息给用户的装置,例如显示屏、打印机、扬声器等。Output devices may include means that allow information to be output to a user, such as display screens, printers, speakers, etc.

通信接口可包括使用任何收发器一类的装置,以便与其他设备或通信网络通信,如以太网,无线接入网(RAN),无线局域网(WLAN)等。The communication interface may include using any transceiver or the like to communicate with other devices or communication networks, such as Ethernet, Radio Access Network (RAN), Wireless Local Area Network (WLAN), etc.

处理器执行存储器中所存放的程序,以及调用其他设备,可用于实现本说明书上述实施例所提供的任意一种密钥管理方法或安全虚拟机的数据共享方法的各个步骤。The processor executes the program stored in the memory and calls other devices, which can be used to implement each step of any key management method or secure virtual machine data sharing method provided in the above embodiments of this specification.

该计算设备还可以包括显示组件和语音组件,该显示组件可以是液晶显示屏或者电子墨水显示屏,该计算设备的输入装置可以是显示组件上覆盖的触摸层,也可以是计算设备外壳上设置的按键、轨迹球或触控板,还可以是外接的键盘、触控板或鼠标等。The computing device may also include a display component and a voice component. The display component may be a liquid crystal display or an electronic ink display. The input device of the computing device may be a touch layer covered on the display component, or may be a button, trackball or touchpad provided on the housing of the computing device, or may be an external keyboard, touchpad or mouse.

本领域技术人员可以理解,图13中示出的结构,仅仅是与本说明书方案相关的部分结构的框图,并不构成对本说明书方案所应用于其上的计算设备的限定,具体的计算设备可以包括比图中所示更多或更少的部件,或者组合某些部件,或者具有不同的部件布置。Those skilled in the art will understand that the structure shown in FIG. 13 is merely a block diagram of a portion of the structure related to the scheme of this specification, and does not constitute a limitation on the computing device to which the scheme of this specification is applied. The specific computing device may include more or fewer components than shown in the figure, or combine certain components, or have a different arrangement of components.

示例性计算机程序产品和存储介质Exemplary computer program products and storage media

除了上述方法和设备以外,本说明书实施例提供的密钥管理方法或安全虚拟机的数据共享方法还可以是计算机程序产品,其包括计算机程序命令,所述计算机程序命令在被处理器运行时使得所述处理器执行本说明书上述“示例性方法”部分中描述的根据本说明书各种实施例的密钥管理方法或安全虚拟机的数据共享方法中的步骤。In addition to the above-mentioned methods and devices, the key management method or data sharing method of a secure virtual machine provided in the embodiments of this specification may also be a computer program product, which includes computer program commands, which, when executed by a processor, enable the processor to execute the steps of the key management method or data sharing method of a secure virtual machine according to various embodiments of this specification described in the above "Exemplary Method" section of this specification.

所述计算机程序产品可以以一种或多种程序设计语言的任意组合来编写用于执行本说明书实施例操作的程序代码,所述程序设计语言包括面向对象的程序设计语言,诸如Java、C++等,还包括常规的过程式程序设计语言,诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算设备上执行、部分地在用户设备上执行、作为一个独立的软件包执行、部分在用户计算设备上部分在远程计算设备上执行、或者完全在远程计算设备或服务器上执行。The computer program product may be written in any combination of one or more programming languages to write program code for performing the operations of the embodiments of the present specification, including object-oriented programming languages such as Java, C++, etc., and conventional procedural programming languages such as "C" or similar programming languages. The program code may be executed entirely on the user computing device, partially on the user device, as a separate software package, partially on the user computing device and partially on a remote computing device, or entirely on a remote computing device or server.

此外,本说明书实施例还提供了一种计算机可读存储介质,其上存储有计算机程序,计算机程序被处理器执行本说明书上述“示例性方法”部分中描述的根据本说明书各种实施例的密钥管理方法或安全虚拟机的数据共享方法中的步骤。In addition, an embodiment of the present specification also provides a computer-readable storage medium on which a computer program is stored, and the computer program is executed by a processor to execute the steps of the key management method or the data sharing method of the secure virtual machine according to various embodiments of the present specification described in the above "Exemplary Method" section of the present specification.

本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来命令相关的硬件来完成,所述的计算机程序可存储于一非易失性计算机可读取存储介质中,该计算机程序在执行时,可包括如上述各方法的实施例的流程。其中,本说明书所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synch link)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。Those skilled in the art can understand that all or part of the processes in the above-mentioned embodiment methods can be completed by commanding the relevant hardware through a computer program, and the computer program can be stored in a non-volatile computer-readable storage medium. When the computer program is executed, it can include the processes of the embodiments of the above-mentioned methods. Among them, any reference to memory, storage, database or other media used in the embodiments provided in this specification can include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM) or flash memory. Volatile memory can include random access memory (RAM) or external cache memory. As an illustration and not limitation, RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link (Synch link) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).

以上实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。The technical features of the above embodiments may be arbitrarily combined. To make the description concise, not all possible combinations of the technical features in the above embodiments are described. However, as long as there is no contradiction in the combination of these technical features, they should be considered to be within the scope of this specification.

以上所述实施例仅表达了本说明书的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对本说明书实施例提供的方案范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本说明书构思的前提下,还可以做出若干变形和改进,这些都属于本说明书的保护范围。因此,本说明书专利的保护范围应以所附权利要求为准。The above-mentioned embodiments only express several implementation methods of this specification, and the descriptions are relatively specific and detailed, but they cannot be understood as limiting the scope of the solutions provided by the embodiments of this specification. It should be pointed out that for ordinary technicians in this field, several modifications and improvements can be made without departing from the concept of this specification, which all belong to the protection scope of this specification. Therefore, the protection scope of the patent of this specification shall be based on the attached claims.

Claims (11)

Translated fromChinese
1.一种安全虚拟机的数据共享方法,其特征在于,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,所述安全虚拟机的数据共享方法包括:1. A data sharing method for a secure virtual machine, characterized in that it is applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip also includes a second processor, the second processor is used to run a secure virtual machine, the data sharing method for the secure virtual machine comprises:响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;In response to a configuration operation for a current secure virtual machine, generating a virtual machine shared key corresponding to the current secure virtual machine according to configuration information of the current secure virtual machine; the configuration information of the secure virtual machine includes shared memory information; the shared memory information is used to create a shared memory;响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。In response to a data sharing request carrying target secure virtual machine information, the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on a virtual machine sharing key corresponding to the current secure virtual machine.2.根据权利要求1所述的方法,其特征在于,所述第一处理器还包括真随机数发生器模块;2. The method according to claim 1, characterized in that the first processor further comprises a true random number generator module;所述根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥包括:The generating, according to the configuration information of the current secure virtual machine, a virtual machine shared key corresponding to the current secure virtual machine comprises:在所述配置信息包括允许同一宿主机中的不同安全虚拟机进行数据共享时,所述安全固件利用软件算法或所述真随机数发生器模块生成与所述当前安全虚拟机对应的虚拟机共享密钥;When the configuration information includes allowing different secure virtual machines in the same host machine to share data, the secure firmware generates a virtual machine shared key corresponding to the current secure virtual machine using a software algorithm or the true random number generator module;在所述配置信息包括允许不同宿主机中的不同安全虚拟机进行数据共享时,所述安全固件利用所述真随机数发生器模块生成与所述当前安全虚拟机对应的虚拟机共享密钥。When the configuration information includes allowing different secure virtual machines in different host machines to share data, the secure firmware uses the true random number generator module to generate a virtual machine shared key corresponding to the current secure virtual machine.3.根据权利要求1所述的方法,其特征在于,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,在所述目标安全虚拟机与所述当前安全虚拟机位于同一宿主机中时;3. The method according to claim 1, characterized in that the system on chip further comprises a cryptographic engine, the cryptographic engine comprises a key storage unit, when the target secure virtual machine and the current secure virtual machine are located in the same host machine;所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享包括:The secure firmware uses the shared memory to share the shared data with the target secure virtual machine according to the virtual machine shared key corresponding to the current secure virtual machine, including:对所述数据共享请求进行检查,在检查通过的情况下,将所述当前安全虚拟机对应的虚拟机共享密钥加载于所述密钥存储单元中;加载于所述密钥存储单元中的所述虚拟机共享密钥,用于供所述当前虚拟机对解密完成后的待共享数据进行加密,以获得所述共享数据并写入所述共享内存;The data sharing request is checked, and if the check passes, the virtual machine sharing key corresponding to the current secure virtual machine is loaded into the key storage unit; the virtual machine sharing key loaded into the key storage unit is used by the current virtual machine to encrypt the data to be shared after decryption is completed, so as to obtain the shared data and write it into the shared memory;响应于所述共享数据共享完毕,所述安全固件采用默认密钥替换所述密钥存储单元中加载的所述虚拟机共享密钥;所述待共享数据基于所述当前安全虚拟机对应的虚拟机加密密钥解密,所述默认密钥用于所述安全虚拟机与虚拟机监视器之间的数据共享。In response to the completion of sharing the shared data, the security firmware uses a default key to replace the virtual machine shared key loaded in the key storage unit; the data to be shared is decrypted based on the virtual machine encryption key corresponding to the current secure virtual machine, and the default key is used for data sharing between the secure virtual machine and the virtual machine monitor.4.根据权利要求3所述的方法,其特征在于,当所述目标安全虚拟机与所述当前安全虚拟机属于不同租户时,所述数据共享请求还携带有目标租户的信息;4. The method according to claim 3, characterized in that when the target secure virtual machine and the current secure virtual machine belong to different tenants, the data sharing request also carries information of the target tenant;所述对所述数据共享请求进行检查包括:The checking of the data sharing request comprises:对所述目标租户的信息进行安全性检查。A security check is performed on the target tenant's information.5.根据权利要求1所述的方法,其特征在于,所述片上系统还包括密码引擎,所述密码引擎包括密钥存储单元,在所述目标安全虚拟机与所述当前安全虚拟机位于不同宿主机中时;5. The method according to claim 1, characterized in that the system on chip further comprises a cryptographic engine, the cryptographic engine comprises a key storage unit, when the target secure virtual machine and the current secure virtual machine are located in different host machines;所述数据共享请求还包括目标宿主机的信息;The data sharing request also includes information of the target host machine;所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享包括:The secure firmware uses the shared memory to share the shared data with the target secure virtual machine according to the virtual machine shared key corresponding to the current secure virtual machine, including:在所述目标宿主机的信息的安全性检查通过的情况下,将与所述当前安全虚拟机对应的虚拟机共享密钥加载于所述密钥存储单元,并将与所述当前安全虚拟机对应的虚拟机共享密钥发送给所述目标宿主机中的目标第一处理器;加载于所述密钥存储单元中的所述虚拟机共享密钥,用于供所述当前虚拟机对解密完成后的待共享数据进行加密,以获得所述共享数据并写入所述共享内存;In the case where the security check of the information of the target host machine passes, the virtual machine shared key corresponding to the current secure virtual machine is loaded into the key storage unit, and the virtual machine shared key corresponding to the current secure virtual machine is sent to the target first processor in the target host machine; the virtual machine shared key loaded in the key storage unit is used for the current virtual machine to encrypt the data to be shared after the decryption is completed, so as to obtain the shared data and write it into the shared memory;响应于所述共享数据写入所述共享内存,所述安全固件将所述共享数据通过安全信道发送给所述目标安全虚拟机;发送给所述目标安全虚拟机的共享数据,用于指示所述目标第一处理器上的安全固件利用与所述当前虚拟机对应的虚拟机共享密钥对所述共享数据进行解密,并将解密后的数据利用与所述目标安全虚拟机对应的虚拟机加密密钥进行加密后存储。In response to the shared data being written into the shared memory, the security firmware sends the shared data to the target secure virtual machine through a secure channel; the shared data sent to the target secure virtual machine is used to instruct the security firmware on the target first processor to decrypt the shared data using the virtual machine shared key corresponding to the current virtual machine, and to encrypt the decrypted data using the virtual machine encryption key corresponding to the target secure virtual machine and then store it.6.根据权利要求5所述的方法,其特征在于,所述安全固件将所述共享数据通过安全信道发送给所述目标安全虚拟机之后,还包括:6. The method according to claim 5, characterized in that after the secure firmware sends the shared data to the target secure virtual machine through a secure channel, it also includes:响应于所述目标第一处理器上的安全固件发送的共享完成命令,删除所述当前安全虚拟机对应的虚拟机共享密钥;所述共享完成命令还用于指示所述目标第一处理器删除所述当前虚拟机对应的虚拟机共享密钥。In response to a sharing completion command sent by the security firmware on the target first processor, the virtual machine shared key corresponding to the current secure virtual machine is deleted; the sharing completion command is also used to instruct the target first processor to delete the virtual machine shared key corresponding to the current virtual machine.7.根据权利要求5所述的方法,其特征在于,发送给所述目标安全虚拟机的共享数据,还用于在所述目标第一处理器上的安全固件利用与所述当前虚拟机对应的虚拟机共享密钥对所述共享数据进行解密后,通过所述目标第一处理器上的安全固件指示所述目标宿主机中的虚拟机监视器启动所述目标安全虚拟机,在所述目标安全虚拟机的状态检查通过后,执行将解密后的数据利用与所述目标安全虚拟机对应的虚拟机加密密钥进行加密后存储的步骤。7. The method according to claim 5 is characterized in that the shared data sent to the target secure virtual machine is also used to instruct the virtual machine monitor in the target host machine to start the target secure virtual machine through the secure firmware on the target first processor after the shared data is decrypted by the secure firmware on the target first processor using the virtual machine shared key corresponding to the current virtual machine, and after the status check of the target secure virtual machine passes, the step of encrypting the decrypted data using the virtual machine encryption key corresponding to the target secure virtual machine and then storing it.8.一种安全虚拟机的数据共享装置,其特征在于,应用于片上系统中的第一处理器,所述第一处理器用于运行安全固件,所述片上系统还包括第二处理器,所述第二处理器用于运行安全虚拟机,所述安全虚拟机的数据共享装置包括:8. A data sharing device for a secure virtual machine, characterized in that it is applied to a first processor in a system on chip, the first processor is used to run a secure firmware, the system on chip also includes a second processor, the second processor is used to run a secure virtual machine, and the data sharing device for the secure virtual machine includes:第二共享密钥模块,用于响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;A second shared key module, configured to generate a virtual machine shared key corresponding to the current secure virtual machine in response to a configuration operation for the current secure virtual machine according to configuration information of the current secure virtual machine; the configuration information of the secure virtual machine includes shared memory information; the shared memory information is used to create a shared memory;第二数据共享模块,用于响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。The second data sharing module is used to respond to a data sharing request carrying target secure virtual machine information, and the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on the virtual machine sharing key corresponding to the current secure virtual machine.9.一种片上系统,其特征在于,包括:第一处理器和第二处理器;其中,9. A system on chip, comprising: a first processor and a second processor; wherein:所述第一处理器用于运行安全固件,所述第二处理器用于运行安全虚拟机;The first processor is used to run the security firmware, and the second processor is used to run the security virtual machine;所述安全固件被配置为:响应于针对当前安全虚拟机的配置操作,根据所述当前安全虚拟机的配置信息,生成与所述当前安全虚拟机对应的虚拟机共享密钥;所述安全虚拟机的配置信息包括共享内存信息;所述共享内存信息用于创建共享内存;The security firmware is configured to: in response to a configuration operation for a current security virtual machine, generate a virtual machine shared key corresponding to the current security virtual machine according to configuration information of the current security virtual machine; the configuration information of the security virtual machine includes shared memory information; the shared memory information is used to create a shared memory;响应于携带有目标安全虚拟机信息的数据共享请求,所述安全固件根据与所述当前安全虚拟机对应的虚拟机共享密钥,利用所述共享内存将共享数据与目标安全虚拟机进行共享。In response to a data sharing request carrying target secure virtual machine information, the secure firmware uses the shared memory to share the shared data with the target secure virtual machine based on a virtual machine sharing key corresponding to the current secure virtual machine.10.一种计算设备,其特征在于,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现权利要求1~7任一项所述的安全虚拟机的数据共享方法。10. A computing device, characterized in that it comprises a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein when the processor executes the computer program, the data sharing method for the secure virtual machine described in any one of claims 1 to 7 is implemented.11.一种计算机可读存储介质,其特征在于,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现权利要求1~7任一项所述的安全虚拟机的数据共享方法。11. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the data sharing method of the secure virtual machine according to any one of claims 1 to 7 is implemented.
CN202410683055.0A2024-05-292024-05-29Data sharing method and related device of secure virtual machinePendingCN118550647A (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN202410683055.0ACN118550647A (en)2024-05-292024-05-29Data sharing method and related device of secure virtual machine

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN202410683055.0ACN118550647A (en)2024-05-292024-05-29Data sharing method and related device of secure virtual machine

Publications (1)

Publication NumberPublication Date
CN118550647Atrue CN118550647A (en)2024-08-27

Family

ID=92449637

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN202410683055.0APendingCN118550647A (en)2024-05-292024-05-29Data sharing method and related device of secure virtual machine

Country Status (1)

CountryLink
CN (1)CN118550647A (en)

Similar Documents

PublicationPublication DateTitle
US20230325492A1 (en)Secure Runtime Systems And Methods
CN102948114B (en)Single-use authentication method and system for accessing encrypted data
US10382195B2 (en)Validating using an offload device security component
CA2918596C (en)A secure server on a system with virtual machines
US8909940B2 (en)Extensible pre-boot authentication
CN103069428B (en) Secure Virtual Machine Booting in Untrusted Cloud Infrastructure
US10211985B1 (en)Validating using an offload device security component
US10243739B1 (en)Validating using an offload device security component
CN113485785B (en)Virtual trusted platform module realization method, secure processor and storage medium
US10853086B2 (en)Information handling systems and related methods for establishing trust between boot firmware and applications based on user physical presence verification
WO2019245789A1 (en)Secure sharing of license data in computing systems
CN106610863A (en)Virtual machine trusted migration method and apparatus
US12192182B2 (en)Container with encrypted software packages
CN114296873B (en) A virtual machine image protection method, related devices, chips and electronic equipment
CN118502881A (en)Key management method and system on chip
CN118606925A (en) Host, password service management method, storage medium and program
WO2025112388A1 (en)Confidential computing environment creation method, cryptographic operation method, cryptographic operation system, electronic device, and storage medium
US20230267214A1 (en)Virtual trusted platform module implementation method and related apparatus
CN115374483B (en) Data security storage method and device, electronic equipment, medium, chip
US10824766B2 (en)Technologies for authenticated USB device policy enforcement
CN118550647A (en)Data sharing method and related device of secure virtual machine
JP6741236B2 (en) Information processing equipment
CN118504005A (en)Key management method, device, system on chip, computing device and storage medium
CN118551386A (en) A secure startup method and system on chip for cloud platform
CN119848829A (en)Privacy protection method, terminal and storage medium based on confidential cloud computing

Legal Events

DateCodeTitleDescription
PB01Publication
PB01Publication
SE01Entry into force of request for substantive examination
SE01Entry into force of request for substantive examination
[8]ページ先頭
©2009-2025 Movatter.jp