中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

7 records (took 0.016 seconds)

    VTPM-based virtual machine security protection method and system
    2.
    发明授权
    VTPM-based virtual machine security protection method and system 有权

    公开(公告)号:US10922117B2

    公开(公告)日:2021-02-16

    申请号:US15892594

    申请日:2018-02-09

    Applicant: HUAWEI TECHNOLOGIES CO., LTD.

    Inventor: Xun Shi Juan Wang Bo Zhao

    IPC: G06F9/455 G06F21/53 H04L12/24 H04L29/08 G06F21/57 H04L9/08 H04L9/14 H04L9/30 H04L29/06

    Abstract: The present application discloses a virtual trusted platform module (vTPM)-based virtual machine security protection method and system. The method, executed by a physical host, includes: receiving a primary seed acquisition request sent by a virtual machine, where the primary seed acquisition request carries a UUID; sending the UUID to a KMC, so that the KMC generates a primary seed according to the UUID; and receiving the primary seed fed back by the KMC, and sending the primary seed to the virtual machine, so that the virtual machine creates a root key of a vTPM according to the primary seed, where the root key is used by the vTPM to create a key for the virtual machine to protect security of the virtual machine. As such, the same root key can be created by using the primary seed.

    Method and apparatus for authenticating network access of terminal
    4.
    发明授权
    Method and apparatus for authenticating network access of terminal 有权

    公开(公告)号:US11432150B2

    公开(公告)日:2022-08-30

    申请号:US16862236

    申请日:2020-04-29

    Applicant: HUAWEI TECHNOLOGIES CO., LTD.

    Inventor: Xiaoqiang Du Bo Zhao Yu Xiao

    IPC: H04W12/069 H04L9/32

    Abstract: A system and method for authenticating network access of a terminal is described. The method may include sending, by the terminal, a user identity authentication request including first authentication information and second authentication information to an authentication server, where the first authentication information is used to authenticate a user identity of the terminal, and the second authentication information is used to determine a platform corresponding to the terminal. The method may also include after receiving user identity authentication acknowledgment information sent by the authentication server, sending, by the terminal to the authentication server, a platform identity authentication request including third authentication information used to determine the platform corresponding to the terminal. The authentication server sends platform identity authentication acknowledgment information to the terminal when determining that the platform corresponding to the second authentication information is consistent with the platform corresponding to the third authentication information.

    Trusted kernel starting method and apparatus
    5.
    发明授权
    Trusted kernel starting method and apparatus 有权

    公开(公告)号:US10032030B2

    公开(公告)日:2018-07-24

    申请号:US15272199

    申请日:2016-09-21

    Applicant: Huawei Technologies Co., Ltd. Wuhan University

    Inventor: Zhi Li Bo Zhao Yongkang Fei

    IPC: G06F21/57 G06F9/44 H04L9/08 H04L9/32 G06F9/4401

    Abstract: A trusted kernel starting method and apparatus are provided. The method includes: starting a security boot module boot loader; invoking the boot loader to measure, according to a first security algorithm, whether a platform configuration register (PCR) partition is trusted; if the PCR partition is trusted, invoking the boot loader to read kernel code into a memory, and invoking the boot loader to measure, according to a first complete algorithm and a kernel code standard measurement value prestored in the PCR partition, whether the kernel code is trusted; initializing, if the kernel code is trusted, the kernel code to trigger an initialized kernel to measure, according to a second complete algorithm, whether the boot loader is trusted; and starting the kernel if the boot loader is trusted. Kernel starting security is improved.

    Data Access Method, Apparatus, and System
    6.
    发明申请
    Data Access Method, Apparatus, and System 有权

    公开(公告)号:US20250077420A1

    公开(公告)日:2025-03-06

    申请号:US18825043

    申请日:2024-09-05

    Applicant: Huawei Technologies Co., Ltd.

    Inventor: Ankun Yu Bo Zhao Qiqing Wu Bingjian Hou

    IPC: G06F12/02 G06F12/0868 G06F13/16

    Abstract: A data access method includes: receiving a data request, where the data request indicates a plurality of source storage addresses and a target data type; reading, from a memory based on the data request, a first memory block indicated by each of the plurality of source storage addresses, where a length of the first memory block is a granularity for accessing the memory; extracting data of each source storage address from the first memory block indicated by each source storage address; combining data of all the source storage addresses based on a length of a cache line to obtain a second memory block; and sending the second memory block to a processing subsystem, for the processing subsystem to cache the second memory block.

Patent Agency Ranking