秦宇  男  硕导  中国科学院软件研究所
电子邮件: qinyu@iscas.ac.cn
通信地址: 北京海淀区中关村南四街4号
邮政编码: 100000

研究领域

​系统安全、可信计算、物联网安全、工控安全、应用密码学;

招生信息

   
招生专业
083900-网络空间安全
招生方向
系统安全,可信计算
软件安全,物联网安全
应用密码学

教育背景

2005-09--2009-01   中国科学院软件研究所   博士学位

工作经历

   
工作简历
2009-03~现在, 中国科学院软件研究所, 助理研究员,高级工程师

专利与奖励

   
奖励信息
(1) 中国电子学会电子信息科学技术奖一等奖, 一等奖, 部委级, 2010
专利成果
[1] 秦宇, 李为, 冯伟, 冯登国, 刘敬彬, 牛海行, 齐兵, 姜皞昊. 一种可信计算信任根的根密钥保护方法. CN: CN113282910A, 2021-08-20.
[2] 吕志宁, 秦宇, 刘敬彬, 赵世军, 宁柏锋, 冯伟, 习伟, 罗伟峰, 邓巍, 刘威, 匡晓云, 姚浩, 于杨. 一种基于日志的嵌入式设备控制流证明方法及系统. CN: CN109960940A, 2019-07-02.
[3] 秦宇, 初晓博, 赵世军, 冯伟, 匡晓云, 习伟, 姚浩, 于杨, 吕志宁, 宁柏锋, 罗伟峰, 刘威, 邓巍. 一种基于Merkle树的Linux程序运行时验证与管控方法和系统. CN: CN109766688A, 2019-05-17.
[4] 初晓博, 冯伟, 秦宇, 赵世军. 一种基于可信执行环境的系统配置属性证明方法及系统. CN: CN108171042A, 2018-06-15.
[5] 李昊, 陈震宇, 迟佳琳, 张敏, 苏璞睿, 秦宇. 工业控制系统安全支撑框架及其数据安全传输和存储方法. CN: CN104991526A, 2015-10-21.
[6] 张敏, 冯登国, 张振峰, 李昊, 苏璞睿, 秦宇, 陈震宇, 迟佳琳. 一种可信的数据库完整性保护方法及系统. CN: CN104615947A, 2015-05-13.
[7] 李昊, 冯登国, 张振峰, 张敏, 苏璞睿, 秦宇, 迟佳琳, 陈震宇. 一种可信的数据库机密性保护方法及系统. CN: CN104573549A, 2015-04-29.
[8] 杨波, 冯登国, 秦宇, 苏璞睿, 张敏, 李昊, 张英骏, 邵建雄, 詹世才. 一种基于安全芯片的工控系统可信环境管控方法和平台. CN: CN104573516A, 2015-04-29.
[9] 赵世军, 初晓博, 张倩颖, 秦宇, 冯伟. 一种保护终端配置隐私的可信网络接入方法及系统. CN: CN103152350A, 2013-06-12.
[10] 冯登国, 冯伟, 秦宇, 初晓博, 张倩颖, 奚瓅, 杨波. 一种基于移动设备的可信模块及其可信服务方法. CN: CN103150514A, 2013-06-12.
[11] 冯登国, 初晓博, 秦宇, 奚瓅, 王维谨. 基于代理重加密和安全芯片的数据广播分发保护方法. CN: CN103095462A, 2013-05-08.
[12] 冯登国, 秦宇, 初晓博, 张倩颖, 冯伟. 基于椭圆曲线和双线性对密码体制的直接匿名证明方法. CN: CN102096778A, 2011-06-15.
[13] 于爱民, 秦宇, 赵世军, 汪丹, 李昊, 常德显. 一种分层连接可信网络的方法及系统. CN: CN102035837A, 2011-04-27.
[14] 冯登国, 秦宇, 聂晓伟. 一种虚拟环境信任构建方法. CN: CN101350044B, 2010-07-14.
[15] 秦宇, 冯等国, 汪丹. 基于TPM的多实例动态远程证明方法. CN: CN101344903A, 2009-01-14.
[16] 冯登国, 秦宇, 徐震. 基于安全需求的远程证明方法及其系统. CN: CN101043338A, 2007-09-26.
[17] 冯登国, 徐震, 张立武, 秦宇, 汪丹. 可信引导方法及其系统. CN: CN101038556A, 2007-09-19.

出版信息

   
发表论文
[1] 齐兵, 秦宇, 李敏虹, 谢宏, 尚科彤, 冯伟, 李为. 基于MQTT协议扩展的IoT设备完整性监控方案. 计算机系统应用[J]. 2022, [2] 陈思, 吴秋新, 张铭坤, 安晓楠, 龚钢军, 刘韧, 秦宇. 基于边云协同的智能工控系统入侵检测技术. 计算机应用与软件[J]. 2020, 37(11): 280-285+333, https://kns.cnki.net/kcms/detail/detail.aspx?dbcode=CJFQ&dbname=CJFDLAST2020&filename=JYRJ202011046&v=MTg0NjdlWmVkb0ZpSGtVNy9JTHpUWlpMRzRITkhOcm85QllvUjhlWDFMdXhZUzdEaDFUM3FUcldNMUZyQ1VSN3E=.
[3] Yu Qin, Jingbin Liu, Shijun Zhao, Dengguo Feng, Wei Feng. RIPTE: Runtime Integrity Protection Based on Trusted Execution for IoT Device. SECURITY AND COMMUNICATION NETWORKS[J]. 2020, 2020: https://doaj.org/article/792227205aa34fe8971a092fd96dce6f.
[4] 于杨, 姚浩, 习伟, 秦宇, 赵世军. 具有主动免疫能力的电力终端内嵌入式组件解决方案. 南方电网技术[J]. 2020, 14(1): 65-73, https://kns.cnki.net/KCMS/detail/detail.aspx?dbcode=CJFQ&dbname=CJFDLAST2020&filename=NFDW202001012&v=MDExMjU3cWVadWR1RnkzblViM09LeXZQZWJHNEhOSE1ybzlFWm9SOGVYMUx1eFlTN0RoMVQzcVRyV00xRnJDVVI=.
[5] 冯登国, 刘敬彬, 秦宇, 冯伟. 创新发展中的可信计算理论与技术. 中国科学:信息科学[J]. 2020, 50(8): 1127-1147, http://lib.cqvip.com/Qikan/Article/Detail?id=7102699914.
[6] 周星锦, 秦宇, 吴秋新, 习伟, 赵世军. Android框架层完整性度量方案. 计算机系统应用[J]. 2019, 28(8): 1-9, http://lib.cqvip.com/Qikan/Article/Detail?id=7002704256.
[7] Jingbin Liu, 秦宇, Wei Liu, Shijun Zhao, 冯登国. Log-Based Control Flow Attestation for Embedded Devices. CCS[J]. 2019, [8] Zhao, Shijun, Zhang, Qianying, Qin, Yu, Feng, Wei, Lv, Zhining, Feng, Dengguo, USENIX Assoc. Minimal Kernel: An Operating System Architecture for TEE to Resist Board Level Physical Attacks. PROCEEDINGS OF THE 22ND INTERNATIONAL SYMPOSIUM ON RESEARCH IN ATTACKS, INTRUSIONS AND DEFENSESnull. 2019, 105-120, http://apps.webofknowledge.com/CitedFullRecord.do?product=UA&colName=WOS&SID=5CCFccWmJJRAuMzNPjj&search_mode=CitedFullRecord&isickref=WOS:000527802800008.
[9] Zhao Shijun, Zhang Qianying, Qin Yu, Feng Wei, Feng Dengguo. SecTEE: A Software-based Approach to Secure Enclave Architecture Using TEE. PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (CCS'19)[J]. 2019, 1723-1740, http://dx.doi.org/10.1145/3319535.3363205.
[10] Feng, Wei, Qin, Yu, Zhao, Shijun, Liu, Ziwen, Chu, Xiaobo, Feng, Dengguo, Capkun, S, Chow, SSM. Secure Code Updates for Smart Embedded Devices Based on PUFs. CRYPTOLOGY AND NETWORK SECURITY (CANS 2017)null. 2018, 11261: 325-346, [11] Shao, Jianxiong, Qin, Yu, Feng, Dengguo. Formal analysis of HMAC authorisation in the TPM2.0 specification. IET INFORMATION SECURITY[J]. 2018, 12(2): 133-140, https://www.webofscience.com/wos/woscc/full-record/WOS:000426543600004.
[12] Feng, Wei, Qin, Yu, Zhao, Shijun, Feng, Dengguo. AAoT: Lightweight attestation and authentication of low-resource things in IoT and CPS. COMPUTER NETWORKS[J]. 2018, 134: 167-182, http://dx.doi.org/10.1016/j.comnet.2018.01.039.
[13] Feng, Wei, Qin, Yu, Feng, Dengguo. Using mobile phones to enhance computing platform trust. TELECOMMUNICATION SYSTEMS[J]. 2018, 69(2): 187-205, https://www.webofscience.com/wos/woscc/full-record/WOS:000443443100003.
[14] 杜变霞, 秦宇, 冯伟, 初晓博. 面向物联网的高效集群证明机制. 计算机系统应用[J]. 2018, 27(10): 22-32, http://lib.cqvip.com/Qikan/Article/Detail?id=676541336.
[15] Yu Qin. Formal Analysis of HMAC Authorization in the TPM2.0 Specification. IET Information Security. 2017, [16] 张英骏, 冯登国, 秦宇, 杨波. 基于TrustZone的开放环境中敏感应用防护方案. 计算机研究与发展[J]. 2017, 54(10): 2268-2283, http://lib.cqvip.com/Qikan/Article/Detail?id=673516473.
[17] Yu Qin. TICS: Trusted Industry Control System based on Hardware Security Module. the 9th International Conference on Symposium on Cyberspace Safety and Security(CSS 2017). 2017, [18] 杨波, 冯登国, 秦宇, 张英骏. 基于TrustZone的可信移动终端云服务安全接入方案. 软件学报[J]. 2016, 1366-1383, http://lib.cqvip.com/Qikan/Article/Detail?id=669126883.
[19] 詹世才, 秦宇, 初晓博. 移动智能终端平台基于行为的远程证明方案. 计算机系统应用[J]. 2016, 35-43, http://lib.cqvip.com/Qikan/Article/Detail?id=670083699.
[20] Shao Jianxiong, Qin Yu, Feng Dengguo, Piessens F, Vigano L. Computational Soundness Results for Stateful Applied pi Calculus. PRINCIPLES OF SECURITY AND TRUST (POST 2016)null. 2016, 9635: 254-275, [21] Yang Bo, Yang Kang, Zhang Zhenfeng, Qin Yu, Feng Dengguo, Bishop M, Nascimento ACA. AEP-M: Practical Anonymous E-Payment for Mobile Devices Using ARM TrustZone and Divisible E-Cash. INFORMATION SECURITY, (ISC 2016)null. 2016, 9866: 130-146, [22] Feng Dengguo. Formal Analysis of Enhanced Authorization in the TPM 2.0. AsiaCCS 2015. 2015, [23] Zhao, Shijun, Xi, Li, Zhang, Qianying, Qin, Yu, Feng, Dengguo. Security analysis of SM2 key exchange protocol in TPM2.0. SECURITY AND COMMUNICATION NETWORKS[J]. 2015, 8(3): 383-395, [24] Yang Bo, Yang Kang, Qin Yu, Zhang Zhenfeng, Feng Dengguo, Conti M, Schunter M, Askoxylakis I. DAA-TZ: An Efficient DAA Scheme for Mobile Devices Using ARM TrustZone. TRUST AND TRUSTWORTHY COMPUTING, TRUST 2015null. 2015, 9229: 209-227, [25] 冯伟, 秦宇, 冯登国, 杨波, 张英骏. 基于TCM的安全Windows平台设计与实现. 通信学报[J]. 2015, 36(8): 91-103, http://lib.cqvip.com/Qikan/Article/Detail?id=665742510.
[26] 张英骏, 冯登国, 秦宇, 杨波. 基于Trustzone的强安全需求环境下可信代码执行方案. 计算机研究与发展[J]. 2015, 52(10): 2224-2238, http://lib.cqvip.com/Qikan/Article/Detail?id=666362299.
[27] Weijin Wang, Yu Qin, Dengguo Feng. Automated proof for authorization protocols of TPM 2.0 in computational model. 10th International Conference on Information Security Practice and Experience, ISPEC 2014null. 2014, 144-158, http://ir.iscas.ac.cn/handle/311060/16620.
[28] Weijin Wang, Dengguo Feng, Yu Qin, Jianxiong Shao, Li Xi, Xiaobo Chu. ExBLACR: Extending BLACR system. 19th Australasian Conference on Information Security and Privacy, ACISP 2014null. 2014, 397-412, http://ir.iscas.ac.cn/handle/311060/16602.
[29] Xi Li, Feng Dengguo, Qin Yu, Wei Feng, Shao Jianxiong, Yang Bo, Miri A, Hengartner U, Huang NF, Josang A, GarciaAlfaro J. Direct Anonymous Attestation in Practice: Implementation and Efficient Revocation. 2014 TWELFTH ANNUAL INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST)null. 2014, 67-74, [30] Yang Bo, Feng Dengguo, Qin Yu, IEEE. A Lightweight Anonymous Mobile Shopping Scheme Based on DAA for Trusted Mobile Platform. 2014 IEEE 13TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM)null. 2014, 9-17, [31] Zhao Shijun, Zhang Qianying, Qin Yu, Feng Dengguo, Au MH, Carminati B, Kuo CCJ. Universally Composable Secure TNC Protocol Based on IF-T Binding to TLS. NETWORK AND SYSTEM SECURITYnull. 2014, 8792: 110-123, [32] Feng, Dengguo, Qin, Yu, Feng, Wei, Shao, Jianxiong. The theory and practice in the evolution of trusted computing. CHINESE SCIENCE BULLETIN[J]. 2014, 59(32): 4173-4189, https://www.webofscience.com/wos/woscc/full-record/WOS:000342451800003.
[33] 杨波, 冯登国, 秦宇, 张倩颖, 奚瓅, 郑昌文. 基于可信移动平台的直接匿名证明方案研究. 计算机研究与发展[J]. 2014, 51(7): 1436-1445, http://lib.cqvip.com/Qikan/Article/Detail?id=50300263.
[34] Zhang, Qianying, Zhao, Shijun, Qin, Yu, Feng, Dengguo. Formal analysis of TPM2.0 key management APIs. CHINESE SCIENCE BULLETIN[J]. 2014, 59(32): 4210-4224, https://www.webofscience.com/wos/woscc/full-record/WOS:000342451800006.
[35] Feng Wei, Feng Dengguo, Wei Ge, Qin Yu, Zhang Qianying, Chang Dexian. TEEM: A user-oriented trusted mobile device for multi-platform security applications. 6th International Conference on Trust and Trustworthy Computing, TRUST 2013null. 2013, 133-141, http://ir.iscas.ac.cn/handle/311060/16680.
[36] Yu Qin. Mobile Trusted Agent(MTA):Build user-based trust for general-purpose computer platform. The 7th International Conference on Network and System Security (NSS 2013). 2013, [37] Yu Qin. Formal analysis of ECC-based Direct Anonymous Attestation schemes in Applied Pi Calculus. The 16th Information Security Conference (ISC 2013). 2013, [38] Shao Jianxiong, Feng Dengguo, Qin Yu. Type-based analysis of protected storage in the TPM. 15th International Conference on Information and Communications Security, ICICS 2013null. 2013, 135-150, http://ir.iscas.ac.cn/handle/311060/16640.
[39] Chang DeXian, Feng DengGuo, Qin Yu, Zhang QianYing. Analyzing the trust chain of trusted virtualization platform based on the extended ls2. TONGXIN XUEBAO/JOURNAL ON COMMUNICATIONS[J]. 2013, 34(5): 31-41, [40] 常德显, 冯登国, 秦宇, 张倩颖. 基于扩展LS~2的可信虚拟平台信任链分析. 通信学报[J]. 2013, 34(5): 31-41, http://lib.cqvip.com/Qikan/Article/Detail?id=45838032.
[41] Qin Yu, Chu Xiaobo, Feng Dengguo, Feng Wei. Daa protocol analysis and verification. LECTURE NOTES IN COMPUTER SCIENCE (INCLUDING SUBSERIES LECTURE NOTES IN ARTIFICIAL INTELLIGENCE AND LECTURE NOTES IN BIOINFORMATICS)null. 2012, 338-350, http://ir.iscas.ac.cn/handle/311060/15763.
[42] Qin Yu, Zhao Shijun, Zhang Qianying. Formal Analysis of Trusted Platform Module Commands for Compromising User Key. CHINA COMMUNICATIONS[J]. 2012, 9(10): 91-102, http://lib.cqvip.com/Qikan/Article/Detail?id=43739453.
[43] Chang Dexian, Chu Xiaobo, Qin Yu, Feng Dengguo. Tsd: a flexible root of trust for the cloud. PROC. OF THE 11TH IEEE INT. CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM-2012 - 11TH IEEE INT. CONFERENCE ON UBIQUITOUS COMPUTING AND COMMUNICATIONS, IUCC-2012null. 2012, 119-126, http://ir.iscas.ac.cn/handle/311060/15865.
[44] Chu Xiaobo, Yu Qin. A new efficient property-based attestation protocol based on elliptic curves. PROC. OF THE 11TH IEEE INT. CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM-2012 - 11TH IEEE INT. CONFERENCE ON UBIQUITOUS COMPUTING AND COMMUNICATIONS, IUCC-2012null. 2012, 730-736, http://ir.iscas.ac.cn/handle/311060/15834.
[45] Yu Qin. A Formal Analysis of TPM Commands for Compromising User Key. China Communication. 2012, [46] 秦宇, 兰海波. TPM虚拟域安全模型. 中国科学院研究生院学报[J]. 2011, 28(5): 648-658, http://lib.cqvip.com/Qikan/Article/Detail?id=39212914.
[47] 胡浩, 冯登国, 秦宇, 于爱民. 分布式环境下可信使用控制实施方案. 计算机研究与发展[J]. 2011, 48(12): 2201-2211, http://lib.cqvip.com/Qikan/Article/Detail?id=40227812.
[48] Yu Aimin, Qin Yu, Wang Dan. Obtaining the integrity of your virtual machine in the cloud. PROCEEDINGS - 2011 3RD IEEE INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE, CLOUDCOM 2011null. 2011, 213-222, http://ir.iscas.ac.cn/handle/311060/16305.
[49] Qin Yu, Wu Qiuxin, Chu Xiaobo. Design and analysis on direct anonymous attestation for security chip. PROCEEDINGS - 2011 INTERNATIONAL SYMPOSIUM ON INTELLIGENCE INFORMATION PROCESSING AND TRUSTED COMPUTING, IPTC 2011null. 2011, 13-18, http://ir.iscas.ac.cn/handle/311060/16260.
[50] Qin Yu, Chang Dexian, Zhao Shijun, Zhang Qianying. A property-based attestation scheme with the variable privacy. PROC. 10TH IEEE INT. CONF. ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM 2011, 8TH IEEE INT. CONF. ON EMBEDDED SOFTWARE AND SYSTEMS, ICESS 2011, 6TH INT. CONF. ON FCST 2011null. 2011, 1616-1623, http://ir.iscas.ac.cn/handle/311060/16242.
[51] 李昊, 秦宇, 冯登国. 基于可信平台模块的虚拟单调计数器研究. 计算机研究与发展[J]. 2011, 48(3): 415-422, http://lib.cqvip.com/Qikan/Article/Detail?id=37020493.
[52] Feng Wei, Qin Yu, Yu AiMin, Feng Dengguo. A drtm-based method for trusted network connection. PROC. 10TH IEEE INT. CONF. ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS, TRUSTCOM 2011, 8TH IEEE INT. CONF. ON EMBEDDED SOFTWARE AND SYSTEMS, ICESS 2011, 6TH INT. CONF. ON FCST 2011null. 2011, 425-435, http://ir.iscas.ac.cn/handle/311060/16252.
[53] 冯登国, 秦宇, 汪丹, 初晓博. 可信计算技术研究. 计算机研究与发展[J]. 2011, 48(8): 1332-1349, http://lib.cqvip.com/Qikan/Article/Detail?id=38802181.
[54] 初晓博, 秦宇. 一种基于可信计算的分布式使用控制系统. 计算机学报[J]. 2010, 93-102, http://lib.cqvip.com/Qikan/Article/Detail?id=32756508.
[55] Feng Dengguo, Qin Yu. A property-based attestation protocol for TCM. 中国科学:信息科学(英文版)[J]. 2010, 454-464, http://lib.cqvip.com/Qikan/Article/Detail?id=33277254.
[56] FENG DengGuo, QIN Yu. A property-based attestation protocol for TCM. 中国科学:信息科学(英文版)[J]. 2010, 454-464, http://lib.cqvip.com/Qikan/Article/Detail?id=33277254.
[57] Feng DengGuo, Qin Yu. A property-based attestation protocol for TCM. SCIENCE CHINA-INFORMATION SCIENCES[J]. 2010, 53(3): 454-464, http://lib.cqvip.com/Qikan/Article/Detail?id=33277254.
[58] 冯登国, 秦宇. 一种基于TCM的属性证明协议. 中国科学:信息科学[J]. 2010, 40(2): 189-199, [59] 秦宇, 冯登国. 基于组件属性的远程证明. 软件学报[J]. 2009, 1625-1641, http://lib.cqvip.com/Qikan/Article/Detail?id=30626110.
[60] Yu Qin. An anonymous property-based attestation protocol from bilinear maps. The 8th IEEE/IFIP International Symposium on Trusted Computing and Communications(TrustCom’09). 2009, [61] 冯登国, 秦宇. 可信计算环境证明方法研究. 计算机学报[J]. 2008, 31(9): 1640-1652, http://lib.cqvip.com/Qikan/Article/Detail?id=28228238.
[62] QIN Yu, FENG Dengguo, LIU Chunyong. TPM Context Manager and Dynamic Configuration Management for Trusted Virtualization Platform. 武汉大学学报:自然科学英文版[J]. 2008, 13(5): 539-546, http://lib.cqvip.com/Qikan/Article/Detail?id=28316854.
发表著作
(1) Trusted Computing: Principle and Practice, Walter de Gruyter Publish, German., 2018-02, 第 2 作者

科研活动

   
科研项目
( 1 ) 下一代可信计算平台远程证明理论与方法研究, 主持, 国家级, 2013-01--2015-12
( 2 ) 可信计算环境测评理论与技术研究, 参与, 国家级, 2012-01--2015-12
( 3 ) InTrust工控可信计算安全平台研制, 主持, 院级, 2015-09--2019-09
( 4 ) 同方可信Android系统研发, 主持, 院级, 2017-05--2019-05
( 5 ) 面向智能嵌入式设备的轻量级证明机制研究, 参与, 国家级, 2017-01--2019-12
( 6 ) 电力系统终端嵌入式组件和控制单元安全防护技术(2018YFB0904903), 主持, 国家级, 2018-07--2021-06
( 7 ) 可信工控终端进程管控系统定制, 主持, 院级, 2017-10--2019-10
( 8 ) 物联网设备可信系统和软件安全研究, 主持, 国家级, 2019-01--2022-12
( 9 ) 工控可信计算平台运维服务项目, 主持, 院级, 2019-01--2020-01
( 10 ) 基于量子密钥的物联网安全体系和关键技术联合研发, 主持, 国家级, 2020-06--2023-05
( 11 ) 基于主动免疫的安全防护平台关键技术研究, 主持, 院级, 2020-05--2022-05

指导学生

已指导学生

詹世才  硕士研究生  081203-计算机应用技术  

杜变霞  硕士研究生  081203-计算机应用技术  

周星锦  硕士研究生  085211-计算机技术  

现指导学生

牛海行  硕士研究生  083500-软件工程  

齐兵  硕士研究生  085212-软件工程  

尚科彤  硕士研究生  085400-电子信息