机密计算TEE套件
机密计算TEE套件基于S-EL2在TEE侧实现机密虚机能力,实现现有普通虚机中的软件栈无缝迁移到机密环境中,旨在帮助伙伴更便捷地为行业客户构建机密计算解决方案,从而为客户的关键数据提供完整性、机密性保护和可信使用
TEE SDK
提供机密计算TEE套件的远程证明、密钥封印、安全存储以及机密容器等能力
REE Patch
提供机密计算TEE套件的机密虚机使能的相关内核patch及软件patch
TMM
华为自研安全操作系统,为可信应用提供加解密、安全存储等服务,并确保TA的完整性和机密性
BIOS
完成对TMM的解密、验证、拉起以及运行,确保TMM的机密性以及完整性
BMC
支持TMM固件的升级维护
关键技术
远程证明
机密计算TEE套件远程证明主要是向用户证明CVM和机密计算平台的可信程度。包括:· CVM是否运行在真实的机密计算环境· CVM是否被恶意篡改
价值优势
支持对CVM的启动度量功能,解决CVM本身的安全性问题支持RATS-TLS协议,将远程证明验证嵌入到传输通道建立阶段,实现传输安全支持将IMA度量值扩展到远程证明报告的能力,实现了对应用远程证明度量的能力
关键技术
虚机启动度量、RATS-TLS、IMA度量
适用场景
机密云主机、数据库黑匣子
价值优势
'%3e%3cg%20id='高安全'%20transform='translate(241.111538,%2082.000000)'%3e%3crect%20id='矩形'%20x='0'%20y='0'%20width='48'%20height='48'%3e%3c/rect%3e%3cpath%20d='M24.7257477,2.28731528%20C29.7935354,6.19556504%2035.2654279,8.14089594%2041.1681656,8.14089594%20C41.640369,8.14089594%2042.0276359,8.50455265%2042.0651821,8.96708195%20L42.0681656,9.04089594%20L42.0681656,14.3925472%20C42.0681656,14.8896035%2041.6652218,15.2925472%2041.1681656,15.2925472%20C40.6959621,15.2925472%2040.3086952,14.9288905%2040.271149,14.4663612%20L40.2681656,14.3925472%20L40.268,9.926%20L40.1581091,9.92297384%20C34.4482991,9.71957625%2029.1164565,7.78517341%2024.1828678,4.13310846%20C19.1332701,7.78565373%2013.7360507,9.72007301%208.01005274,9.92305204%20L7.8995,9.926%20L7.9,27.1974599%20C7.9,31.9396178%2010.4973693,35.9162527%2015.8015115,39.1811766%20L16.3219953,39.4960326%20L18.1127304,40.5665907%20L19.4726167,41.3697096%20L20.6707395,42.0670314%20L21.5454707,42.5672457%20L22.0162806,42.8320529%20L22.7319793,43.2259237%20L22.9953924,43.3671954%20L23.348813,43.5521404%20L23.6516451,43.7045185%20L23.9032708,43.8240913%20L24.0272346,43.8790395%20L24.069,43.8965%20L24.0985,43.8965%20L24.1924004,43.8566036%20L24.4268355,43.7480212%20L24.7126817,43.606554%20L24.9315023,43.4940909%20L25.3016606,43.2983449%20L25.7215825,43.070349%20L26.3042736,42.7467316%20L26.7885935,42.4730978%20L27.6858244,41.9581797%20L28.6955027,41.3697316%20L30.0553988,40.5666108%20L31.3120905,39.8165881%20L32.1199251,39.3313602%20C37.5073785,36.0883224%2040.1863759,32.1344014%2040.2663209,27.4157853%20L40.2681656,27.1974599%20L40.2681656,19.2672689%20C40.2681656,18.7702126%2040.6711093,18.3672689%2041.1681656,18.3672689%20C41.640369,18.3672689%2042.0276359,18.7309256%2042.0651821,19.1934549%20L42.0681656,19.2672689%20L42.0681656,27.1974599%20C42.0681656,32.6992674%2039.0233469,37.2767294%2033.0482404,40.8735116%20L31.4620499,41.8240685%20L30.0372302,42.6689393%20L28.7735884,43.4082242%20L27.8435363,43.9437114%20L27.0251677,44.4060026%20L26.4216774,44.7390521%20L26.1087513,44.9080035%20L25.6867706,45.1300506%20L25.4367219,45.2572909%20L25.2114234,45.3680013%20L25.0106462,45.46227%20L24.9193816,45.5032664%20C24.6925324,45.6034175%2024.5136201,45.6694187%2024.3549983,45.7045281%20C24.2843481,45.7201659%2024.2161698,45.7310903%2024.1469326,45.7350408%20L24.0844807,45.7366538%20L24.0312382,45.7355755%20L24.0254207,45.7344843%20C23.9545434,45.7315347%2023.8850187,45.7204803%2023.8129173,45.7045171%20C23.6543234,45.6694043%2023.4754411,45.6034037%2023.248615,45.5032523%20L23.0600322,45.4171722%20L22.8470412,45.3146945%20L22.6094131,45.1957313%20L22.3469192,45.0601942%20L21.9060547,44.8256197%20L21.5803957,44.6482622%20L20.828986,44.2298522%20L19.9659583,43.7382821%20L18.5699946,42.927068%20L16.9547495,41.9721959%20L15.1199251,40.8735116%20C9.22897513,37.3273883%206.18635083,32.8280154%206.10181171,27.4293804%20L6.1,27.1974599%20L6.1,9.04089594%20C6.1,8.54383967%206.50294373,8.14089594%207,8.14089594%20C12.8592433,8.14089594%2018.3553531,6.23067842%2023.5122445,2.39297016%20L23.5737214,2.33113061%20C23.8904619,2.04520158%2024.3758767,2.01749669%2024.7257477,2.28731528%20Z'%20id='形状结合'%20fill-opacity='0.8'%20fill='%23000000'%20fill-rule='nonzero'%3e%3c/path%3e%3cpath%20d='M30.5305861,16.4980837%20C30.790543,16.1756006%2031.2627038,16.1249131%2031.5851869,16.38487%20C31.8875147,16.6285795%2031.9509598,17.0587965%2031.7435116,17.3773394%20L31.6984006,17.4394707%20L23.5839072,27.5057049%20C23.3215296,27.8311909%2022.8484995,27.8761272%2022.5304147,27.6199087%20L22.4726789,27.5683335%20L18.4776435,23.6182503%20C18.1830979,23.3270189%2018.1804112,22.8521527%2018.4716426,22.5576071%20C18.744672,22.2814705%2019.1790992,22.2618506%2019.4750342,22.5004441%20L19.5322858,22.5516061%20L22.937,25.918%20L30.5305861,16.4980837%20Z'%20id='路径-147'%20fill-opacity='0.8'%20fill='%23000000'%20fill-rule='nonzero'%3e%3c/path%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
高安全
管理面与数据面分离用户远程可验证
'%3e%3cg%20id='编组'%20transform='translate(697.000000,%2082.000000)'%3e%3crect%20id='矩形'%20x='0'%20y='0'%20width='48'%20height='48'%3e%3c/rect%3e%3cpath%20d='M24,8.75%20C24.4142136,8.75%2024.75,9.08578644%2024.75,9.5%20C24.75,9.91421356%2024.4142136,10.25%2024,10.25%20C16.4060847,10.25%2010.25,16.4060847%2010.25,24%20C10.25,31.5939153%2016.4060847,37.75%2024,37.75%20C31.5939153,37.75%2037.75,31.5939153%2037.75,24%20C37.75,20.5609424%2036.4836161,17.3210044%2034.2320616,14.8146319%20C33.9552514,14.5064939%2033.9806476,14.0322997%2034.2887856,13.7554896%20C34.5969235,13.4786794%2035.0711177,13.5040756%2035.3479279,13.8122136%20C37.8444667,16.5912963%2039.25,20.1872366%2039.25,24%20C39.25,32.4223424%2032.4223424,39.25%2024,39.25%20C15.5776576,39.25%208.75,32.4223424%208.75,24%20C8.75,15.5776576%2015.5776576,8.75%2024,8.75%20Z'%20id='路径'%20fill-opacity='0.8'%20fill='%23000000'%20fill-rule='nonzero'%3e%3c/path%3e%3cpath%20d='M24,3.6%20C35.2666089,3.6%2044.4,12.7333911%2044.4,24%20C44.4,35.2666089%2035.2666089,44.4%2024,44.4%20C12.7333911,44.4%203.6,35.2666089%203.6,24%20C3.6,12.7333911%2012.7333911,3.6%2024,3.6%20Z%20M24,5.4%20C13.7275037,5.4%205.4,13.7275037%205.4,24%20C5.4,34.2724963%2013.7275037,42.6%2024,42.6%20C34.2724963,42.6%2042.6,34.2724963%2042.6,24%20C42.6,13.7275037%2034.2724963,5.4%2024,5.4%20Z%20M24.8396265,9.17471038%20L24.8656969,9.2538927%20L28.5192835,22.103016%20C28.6691305,22.459577%2028.7780113,22.8375974%2028.8400349,23.2311863%20L28.8656969,23.3241289%20C28.9011075,23.4486876%2028.9084651,23.5745807%2028.8915293,23.6950623%20C28.8968466,23.795537%2028.9,23.8974003%2028.9,24%20C28.9,26.7061953%2026.7061953,28.9%2024,28.9%20C21.2938047,28.9%2019.1,26.7061953%2019.1,24%20C19.1,23.8977389%2019.1031326,23.7962094%2019.109307,23.6955023%20C19.0947781,23.598038%2019.09693,23.4969787%2019.1169882,23.3959453%20L19.1343031,23.3241289%20L19.1599651,23.2311863%20C19.2219887,22.8375974%2019.3308695,22.459577%2019.4807165,22.103016%20L23.1343031,9.2538927%20C23.374416,8.40928129%2024.5415733,8.38288719%2024.8396265,9.17471038%20Z%20M24,20.9%20C22.7462334,20.9%2021.6663072,21.644299%2021.1779711,22.7151474%20L20.9251429,23.6033169%20C20.9085525,23.733204%2020.9,23.8656032%2020.9,24%20C20.9,25.7120827%2022.2879173,27.1%2024,27.1%20C25.7120827,27.1%2027.1,25.7120827%2027.1,24%20C27.1,23.865256%2027.0914033,23.7325198%2027.0747284,23.6023101%20L26.8224826,22.7161427%20C26.3343619,21.6447603%2025.254155,20.9%2024,20.9%20Z%20M24,12.7915%20L22.0969753,19.4832599%20C22.6820606,19.236447%2023.3250959,19.1%2024,19.1%20C24.6752911,19.1%2025.3186768,19.2366035%2025.9040311,19.4836846%20L24,12.7915%20Z'%20id='形状结合'%20fill-opacity='0.8'%20fill='%23000000'%20fill-rule='nonzero'%3e%3c/path%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
高性能
CVM启动/运行性能高支持密码硬件加速使能CVM与设备间的安全IO
'%3e%3cg%20id='编组'%20transform='translate(1153.000000,%2083.000000)'%3e%3crect%20id='矩形'%20x='0'%20y='0'%20width='48'%20height='48'%3e%3c/rect%3e%3cpath%20d='M42.3571429,7.1%20C43.9010668,7.1%2045.141122,8.36752628%2045.197964,9.93281326%20L45.2,10.0451128%20L45.2,26.0630849%20C45.2,26.5601412%2044.7970563,26.9630849%2044.3,26.9630849%20C43.8277965,26.9630849%2043.4405297,26.5994282%2043.4029835,26.1368989%20L43.4,26.0630849%20L43.4,10.0451128%20C43.4,9.43058616%2042.9631004,8.94397325%2042.4303524,8.90282076%20L42.3571429,8.9%20L5.44285714,8.9%20C4.90210033,8.9%204.44168952,9.35989436%204.40267603,9.96213637%20L4.4,10.0451128%20L4.4,35.0977444%20C4.4,35.712271%204.83689964,36.1988839%205.36964762,36.2400364%20L5.44285714,36.2428571%20L42.3571429,36.2428571%20C42.8978997,36.2428571%2043.3583105,35.7829628%2043.397324,35.1807208%20L43.4,35.0977444%20L43.4,30.1390913%20C43.4,29.642035%2043.8029437,29.2390913%2044.3,29.2390913%20C44.7722035,29.2390913%2045.1594703,29.602748%2045.1970165,30.0652773%20L45.2,30.1390913%20L45.2,35.0977444%20C45.2,36.6766607%2043.99585,37.9809059%2042.4668945,38.0407146%20L42.3571429,38.0428571%20L5.44285714,38.0428571%20C3.89893316,38.0428571%202.65887799,36.7753309%202.60203601,35.2100439%20L2.6,35.0977444%20L2.6,10.0451128%20C2.6,8.46619647%203.80414997,7.16195121%205.33310551,7.10214257%20L5.44285714,7.1%20L42.3571429,7.1%20Z%20M35.2968056,40.675%20C35.7938619,40.675%2036.1968056,41.0779437%2036.1968056,41.575%20C36.1968056,42.0472035%2035.8331489,42.4344703%2035.3706196,42.4720165%20L35.2968056,42.475%20L12.3227984,42.475%20C11.8257421,42.475%2011.4227984,42.0720563%2011.4227984,41.575%20C11.4227984,41.1027965%2011.7864551,40.7155297%2012.2489844,40.6779835%20L12.3227984,40.675%20L35.2968056,40.675%20Z'%20id='形状结合'%20fill-opacity='0.8'%20fill='%23000000'%20fill-rule='nonzero'%3e%3c/path%3e%3cpath%20d='M30.9767199,16.420961%20C30.6569255,16.1577037%2030.1842687,16.203536%2029.9210114,16.5233304%20C29.6742076,16.8231377%2029.6990647,17.2572966%2029.9666384,17.5273128%20L30.0233808,17.579039%20L35.8135697,22.345%20L30.0606411,26.5041161%20C29.7447088,26.7325199%2029.6593425,27.1612699%2029.8527157,27.4907777%20L29.8922514,27.5513243%20C30.1206552,27.8672566%2030.5494052,27.9526229%2030.878913,27.7592497%20L30.9394596,27.719714%20L37.479479,22.991596%20C37.8567302,22.7188616%2037.8931156,22.1779816%2037.5733363,21.8562648%20L37.5167393,21.8047582%20L30.9767199,16.420961%20Z%20M17.0633498,16.420961%20C17.3831442,16.1577037%2017.855801,16.203536%2018.1190584,16.5233304%20C18.3658621,16.8231377%2018.341005,17.2572966%2018.0734314,17.5273128%20L18.016689,17.579039%20L12.2265,22.345%20L17.9794286,26.5041161%20C18.2953609,26.7325199%2018.3807272,27.1612699%2018.187354,27.4907777%20L18.1478183,27.5513243%20C17.9194145,27.8672566%2017.4906646,27.9526229%2017.1611567,27.7592497%20L17.1006102,27.719714%20L10.5605908,22.991596%20C10.1833395,22.7188616%2010.1469541,22.1779816%2010.4667334,21.8562648%20L10.5233304,21.8047582%20L17.0633498,16.420961%20Z%20M26.3110311,14.7036526%20C26.4746992,14.3231455%2026.9158404,14.1473629%2027.2963474,14.3110311%20C27.6544717,14.4650717%2027.8312484,14.8649015%2027.7143553,15.2286385%20L27.6889689,15.2963474%20L21.2369929,30.2963474%20C21.0733248,30.6768545%2020.6321836,30.8526371%2020.2516766,30.6889689%20C19.8935523,30.5349283%2019.7167756,30.1350985%2019.8336687,29.7713615%20L19.859055,29.7036526%20L26.3110311,14.7036526%20Z'%20id='形状结合'%20fill-opacity='0.8'%20fill='%23000000'%20fill-rule='nonzero'%3e%3c/path%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
易开发
普通应用迁移零修改硬件兼容
应用场景
金融
在可信执行环境中保护支持、交易安全
医疗
建立安全医疗数据流通基础设备,保证数据可用不可见
云环境
为云环境应用程序中的敏感数据提供增强的安全防护
多方计算
不同用户或厂商之间相互共享数据以便计算挖掘出更大的数据经济价值,确保数据在安全隔离的环境中使用
资源下载
软件名 | 软件类型 | 软件说明 | 资源获取 |
|---|---|---|---|
| TMM套件 | 闭源 | 鲲鹏BoostKit机密计算TEE套件软件包,包含TMM固件 | |
| virtcca_driver | 开源 | virtCCA驱动软件包,包括Sealing Key密钥派生、安全内存可观测相关驱动 | |
| virtcca_sdk | 开源 | virtCCA SDK软件包,提供TEE套件远程证明动态库及头文件 | |
| kernel | 开源 | 操作系统Linux内核,包括Host、Guest OS,支持机密虚机适配补丁 | |
| libvirt | 开源 | 开源的虚拟化管理工具和应用程序接口,支持机密虚机创建管理 | |
| qemu | 开源 | 开源的通用计算机仿真器和虚拟化软件,支持机密虚机虚拟机创建运行 |