A method for software trusted update on network security equipment

Abstract

Network security equipment plays an important role in preventing network security attacks. However, with the change of network environment and the upgrade of network attack means, the protection ability of the security software on the existing network security equipment will gradually decrease with time. For some large organizations or enterprises, their information security operations centers lack attention to software version control and software update processes for network security equipment, resulting in some security crises in the software update process. In this paper, we propose a method for software trusted update on network security equipment. This method can provide trusted identify authentication, secure data transmission and effective software version control. It enables the network security operations centers to more safely manage software update process on network security equipment. This method uses the functions of Trusted Cryptography Module to provide trusted execution environment. In this paper, we had introduced the process design, the prototype design and theoretical analysis to explain the feasibility and safety of this method.