信息安全 - uboot, TEE, ATF, trustzone, SHE,HSM, HIS, Evita, ISO 21434, CC认证(Common Criteria)
目录
标准、规范的时间线
组织标准
Evita
SHE 由HIS 提出 (HIS 是个工作组)
TPM 由TCG 提出
通用标准(CC)是全球公认的标准/认证(ISO / IEC 15408)
实施方案
TrustZone
uboot和tee关系
ATF(ARM Trusted firmware)
SMC指令 SMC (Secure Monitor Call) instruction
Trustzone vs TEE
Trustzone vs ATF
TEE vs ATF
trustzone vs HSM
HSM vs SHE
TPM vs HSM
HSM:
KMS:
缩写词
标准、规范的时间线
? - 2009 SHE
SHE是针对硬件模块的规范。汽车网络安全的实现不仅需要软件支持,还需要硬件的支持,所以奥迪和宝马合作制定了这个硬件密码模块规范,主要包括密码模块的硬件、硬件软件接口。这个规范已被广泛接受,很多针对汽车行业的微处理器都支持这个规范。
2008 - 2011 Evita
Evita是一个欧盟资助的项目,目标是研究网联汽车应用场景(V2X)下车辆的通信安全,基于SHE规范提出了HSM硬件规范。这个规范也被广泛接受,很多针对汽车行业的微处理器支持这个规范。
2016 SAE J3061
SAE J3061是针对车辆整个生命周期的标准。提供了车辆网络安全的流程框架和指导,考虑了车辆的整个生命周期,从概念到生产、运行、维护和报废。
2020 ISO 21434
ISO 21434是基于SAE J3061制定的、针对车辆整个生命周期的标准。目前正在制定中,计划2020年完成。这将是一个重量级的标准,和ISO 26262功能
组织标准
Evita
Evita是欧盟组织的一个项目,目标是研究V2X应用场景的网络安全。
在Evita的规范中,定义了HSM的功能。
Evita把HSM分为三个等级,high、medium、light。Light版本的HSM近似SHE的功能。
The EVITA project, funded by the EU, has developed a set of guidelines that details the design, verification and prototyping of a range of security architectures for automotive ECUs.
SHE 由HIS 提出 (HIS 是个工作组)
the Secure Hardware Extension (SHE) specification developed by Escrypt for Audi and BMW via the HIS Working Group
The HIS consortium was founded in 2004 and consists of members from Audi, BMW, Daimler, Porsche, and Volkswagen to address activities and develop common standards related to automotive manufacturing. In 2006, HIS published a document describing the requirements for an HIS Security Module standard that incorporated mechanisms for error detection, authorization, and authenticity. This was further developed by ESCRYPT in partnership with OEMs Audi and BMW, and semiconductor vendors, such as Freescale (now NXP) into an open standard, publicly released in April 2009.
The resulting SHE specification outlines how a secure zone can be created within any ECU via an on-chip extension within a Microcontroller Unit (MCU), providing cryptographic services at the application layer, and isolating the storage of secret keys from the remainder of the MCU’s resources. Although the standard originated within the German automotive industry at the OEM level, it has since become an open standard accepted at the global level.
SHE is one of the earliest examples of automotive-grade connected module hardening and quickly grew to become a standard requirement by OEMs on a global basis. It was primarily built for securing cryptographic key material against software attacks, but cannot really be used to protect communications (such as V2X). As such, it has served as a basis for later HSM standards (such as EVITA). Today, modern automotive HSMs leverage functionalities from SHE, TPM and smartcards.
参考:
https://argus-sec.com/hersteller-initiative-software-his-security-hardware-extension-she/
https://st.inf.tu-dresden.de/files/teaching/ws08/ase/07_ASE_WS_2008-09_NormenStandardsEmpfehlungen_31_HIS_Praesentation_2007_v13.pdf
https://www.sasol.com/sites/sasol/files/content/files/10.9%20SAR-SAF-RPR-0001%20Construction%20Sector%20SHE%20specifications.pdf
Hersteller Initiative Software (HIS) Security Hardware Extension (SHE)
TPM 由TCG 提出
Another standards organization is the Trusted Computing Group (TCG), which claims to provide open, interoperable and international standards for trusted computing. One specification released by this organization is their Trusted Platform Module (TPM)—published as ISO/IEC 11889 Parts 1-4. Like the SHE specification, TPM supports secure keys for authentication and encryption functions.
通用标准(CC)是全球公认的标准/认证(ISO / IEC 15408)
实施方案
TrustZone
a kind of HSM
ARM® developed its TrustZone® security infrastructure, which has been integrated into microcontrollers and microprocessors from various manufacturers,
uboot和tee关系
带ATF的芯片,通常的上电启动流程是:
BOOTROM—>PL(PreLoader)—>ATF—>optee—>uboot—>OS
ATF可以不需要走BL1/BL2阶段load optee/uboot镜像到内存了
make的时候传入RESET_TO_BL31=1
参考:https://blog.csdn.net/chenying126/article/details/78638944
https://www.pianshen.com/article/391857483/
ATF(ARM Trusted firmware)
https://blog.csdn.net/weixin_44124323/article/details/110758865
ATF是可选项,可以略过ATF,直接加载uboot。
The first is passing execution to a payload directly and the second one is passing to the BL3-1 code before a payload.
However, you need to enable Trusted Firmware if you want to run Linux because it expects to work with PSCI.
SMC指令 SMC (Secure Monitor Call) instruction
SMC是TrustZone的一部分。通过SMC指令进入到TrustZone
Trustzone vs TEE
ARM中TrustZone技术可用于实现TEE。参考: http://www.arm.com/zh/products/processors/technologies/trustzone/index.php
OP-TEE是ST和Linaro合作开发的TEE开源实现。参考: http://www.linaro.org/blog/core-dump/op-tee-open-source-security-mass-market/
Trustzone vs ATF
Trustzone支持ATF的硬件。ATF是软件。
Trustzone:支持ATF的硬件。ATF是软件。
TrustZone是一种架构,它对ARM的扩展,其实只是增加了一条指令,一个配置状态位,以及一个新的有别于核心态和用户态的安全态。
TrustZone 是一种在控制器中实现的硬件机制
ATF is an ARMv8 open source framework to use Trustzone to boots a Secure payload and a Non trusted firmware (e.g., U-Boot, etc.) in the Secure world and the Normal world respectively.
TEE vs ATF
AFT 包含了TEE内容。
bl2 + bl31 + bl32 + bl33
bl32=optee-os
bl33=u-boot
trustzone vs HSM
trustzone是HSM的一种
HSM vs SHE
SHE: 是HIS制定的标准,“安全硬件扩展”。旨在将秘钥的控制从软件领域移到硬件领域。如TPM芯片等。
SHE是HSM的基础,SHE是针对汽车领域的密钥存储,硬件加解密算法的芯片模块。
TPM vs HSM
TPM:通常是硬件chip,用于单机授权验证。常见, 固定于PC电脑主板中.
HSM:除chip 外,还有支撑的软件,可以扩展为网络上存取验证。
Trusted Platform Modules
A Trusted Platform Module (TPM) is a hardware chip on the computer’s motherboard that stores cryptographic keys used for encryption. Many laptop computers include a TPM, but if the system doesn’t include it, it is not feasible to add one. Once enabled, the Trusted Platform Module provides full disk encryption capabilities. It becomes the "root of trust" for the system to provide integrity and authentication to the boot process. It keeps hard drives locked/sealed until the system completes a system verification, or authentication check.
The TPM includes a unique RSA key burned into it, which is used for asymmetric encryption. Additionally, it can generate, store, and protect other keys used in the encryption and decryption process.
Hardware Security Modules
A hardware security module (HSM) is a security device you can add to a system to manage, generate, and securely store cryptographic keys.
High performance HSMs are external devices connected to a network using TCP/IP. Smaller HSMs come as expansion cards you install within a server, or as devices you plug into computer ports.
One of the noteworthy differences between the two is that HSMs are removable or external devices. In comparison, a TPM is a chip embedded into the motherboard. You can easily add an HSM to a system or a network, but if a system didn’t ship with a TPM, it’s not feasible to add one later. Both provide secure encryption capabilities by storing and using RSA keys.
Source: https://blogs.getcertifiedgetahead.com/tpm-hsm-hardware-encryption-devices/
TPM (Trusted Platform Module) and HSM (Hardware Security Module) are considered as cryptoprocessor.
They are similar, and TPMs can actually be used as rudimentary HSMs and keep private keys secure, though conventional HSMs are focused on performance and key storage space,
where as TPMs are only designed to keep a few values (PCRs) and a single key in memory and don't put much effort into performance (cf. the 1 request/second on the SSL example)
HSM:
是SHE, TPM的演进
KMS:
KMS (Key Management System) is a newer technology than both TPM and HSM. Key management systems are more modern implementations of cryptographic security and can operate across multiple platforms like cloud and hybrid environments. Things start to get complicated because each cloud service generally handles security in their own unique way, so if you use two unrelated vendors for specific applications or services, then you would have to have specific HSM standards for each.
KMS seeks to manage multiple environments from a single solution, especially in a cloud setup. This means that companies can enjoy benefits of the cloud, such as scaling and redundancy, while still enjoying the security that is required to operate successfully.
KMS also has its limitations, especially where multiple cloud providers are a requirement for companies to operate. There are other technologies available such as AWS CloudHSM, which does a lot of control functions such as scaling and management of your cloud services while keeping everything secure.
缩写词
SHE: Secure Hardware Extension
TPM:Trusted Platform Module
HSM:hardware Secure module
Hersteller Initiative Software (HIS) Hersteller是德语,Manufacturer的意思。
信息安全 - uboot, TEE, ATF, trustzone, SHE,HSM, HIS, Evita, ISO 21434, CC认证(Common Criteria)相关推荐
- 汽车网络安全:TEE是否能够取代HSM?
随着越来越多的设备接入网络,对关键资产的安全性防护需求也在增加.以往,这些都由硬件安全模块 (HSM)提供,但在过去十年中,可信执行环境(TEE)的使用显着增长.本文旨在让读者了解这两种解决方案之间的 ...
- 安全加密 - HSM vs Trustzone vs SHE vs Evita ,
基于SAEJ3061,制定了ISO 21434. 基于SHE,扩展了HSM (在EVITA项目中提出) https://www.cnblogs.com/byronsh/p/automotive-cyb ...
- 2022 极术通讯-汽车网络安全:TEE是否能够取代HSM?
导读:极术通讯引入行业媒体和技术社区.咨询机构优质内容,定期分享产业技术趋势与市场应用热点 芯方向 • Arm64 CentOS系统下MySQL使用jemalloc时的问题和解决方法 Jemalloc ...
- Sansec HSM 通过 FIPS 140-2 Level 3 认证
Sansec HSM 通过了 FIPS 140-2 Level 3 认证,证书号为#3350. 在中国,Sansec HSM通过 FIPS 140-2 Level 3 认证,为业务系统提供数据加/解密 ...
- 4、隐私计算--可信计算
目录 可信计算技术 可信计算发展背景 可信计算技术国内外研究 1.国外研究 2.国内研究 可信计算的核心概念 可信计算的关键技术 信任链 可信计算平台 可信平台模块TPM 可信软件栈 可信网络连接(T ...
- Android与鸿蒙系统安全(三)
八.鸿蒙安全系统 OpenHarmony操作系统是一个开放的系统,开发者可以通过OpenHarmony开发灵活的服务和应用,为开发者和使用者带来便利和价值.为了达到这一目的,OpenHarmony提供 ...
- 2021-07-27_TPM描述
引言 可信计算是信息安全领域一个重要的应用和研究分支,是从系统角度解决当前信息安全隐患的一种有效机制.介绍了可信计算技术的基本概念,重点对可信计算的密钥管理体系和证书类型进行了系统分析,对可信平台模块 ...
- 浅谈华为鸿蒙获得国际安全评估EAL5+证书
2019年9月6日,华为鸿蒙获得了国际CC的EAL5+的证书,消息一出,业界一片哗然.一方面赞叹华为的技术实力无人能及,另一方面却对操作系统为什么能获得EAL5+表示百思不得其解. 首先说华为鸿蒙获得 ...
- 22.信息系统安全管理-策略7定.方案.安全体系架构.PKI.PMI
信息系统的安全威胁分成七类,从风险源的角度划分,可以将安全威胁划分为:自然事件风险.人为事件风险.软件风险.软件过程风险.项目管理风险.应用风险.用户使用风险. 信息系统安全四个层次:设备安全.数 ...
最新文章
- Android内置第三方输入法
- 微软 CTO 韦青:对微软这样已经走过44年的公司,现在也只是个小小小的开始!!!
- matlab 三角形隶属函数,在MATLAB模糊逻辑工具箱中,常用的隶属函数有:
- 【Hook】postman工具的代码生成工具让它锦上添花
- leetcode413. 等差数列划分(动态规划)
- Linux内核 eBPF基础: 探索USDT探针
- vscode markdown_VS Code中的Markdown插件
- 0x00007FFEBAD050D8 处(位于 first.exe 中)有未经处理的异常: Microsoft C++ 异常: cv::Exception,位于内存位置 0x0000000DD73CE
- MIT6.830 lab6 Rollback and Recovery 实验报告
- ubuntu文件夹建立软链接方法
- java jmx 监控_利用VisualVm和JMX远程监控Java进程
- python自动交易 缠论_缠论自动交易系统实现了
- 【必会】SQL 命令大全
- 微软面试题--三个灯泡--三个开关
- 英语口语学习(03-06)
- 下载opencv3.4.2.16
- 正则表达式判断以字母开头的
- python文件包括两种类型_python第六篇文件处理类型
- oracle 12c创建归档,Oracle12C开启归档模式
- 关于域名备案的注意事项