At the 2021 Huawei Developer Conference, the brightest "star" is none other than the Hongmeng system: the number of devices equipped with HarmonyOS exceeds 150 million, and the preview version of HarmonyOS 3 developer preview around the three core values of elastic deployment, hyperterminal, and one-time development of multi-terminal deployment has received great attention from the industry.
However, the Hongmeng system, which is born for the intelligent Internet of Things, cannot avoid the question: Can it crack the "Achilles heel" of IoT privacy security? Because the Internet of Things brings development opportunities at the same time, but also brings security problems. Can Hongmeng system achieve all-scenario smart life experience and privacy security worry-free?
At the Huawei Developer Conference, Huawei's consumer business released the "Four Propositions" and "Three Commitments" on network security and privacy protection, which is the best response to the above questions. An in-depth analysis of the innovation of the Hongmeng system in privacy and security can clearly see that the Hongmeng operating system system has become the benchmark for the privacy and security protection of Huawei's consumer business, with privacy and security as the solid base, and the Hongmeng ecosystem supports the era of intelligent connection of all things and billions of billions of connections.
<h1 class="pgc-h-arrow-right" data-track="8" > reconstruct "people, devices, and data" with innovative technologies</h1>
He Gang, Chief Operating Officer of Huawei's Consumer Business, pointed out that "privacy is the basic right of users" is not a slogan, and Huawei has always used innovative technologies to defend user privacy and security.
Hongmeng operating system is like this, through the reconstruction of "people, devices, data", it uses innovative technology to bring "new security" in the era of intelligent Internet of Things.
Reconstructing "people" is to use multi-dimensional authentication to surpass single-dimensional authentication. When it comes to the recognition of "people", we first think of the fingerprints, face recognition, passwords and other ways of mobile phones. However, it must be pointed out that no matter how strong the authentication method can not achieve 100% reliability, from time to time on the Internet there are reports of biometric recognition such as face recognition being cracked.
Hongmeng operating system will go further in security, bringing multi-device collaborative authentication, that is, through user identity management, the authentication of the same user on different devices is associated to identify a user, improve the accuracy of authentication, and ensure the "right person". For example, it is possible to use a watch and a mobile phone to co-authenticate, and only when the two devices are together can the face unlock be successful, which is more secure than single-dimensional mobile phone face authentication. Similarly, you can also use high-security devices to assist low-security devices to improve the accuracy of user identity authentication, such as the use of mobile phones and smart screen collaborative authentication on smart screen payment, which helps to improve the payment security of smart screens.
Refactoring "devices" is a security rating that only allows devices that meet security capabilities to join HyperTerminal. One of the security risks of the Internet of Things is that when different devices are connected, because the security capabilities are uneven, the weakest devices may become the entrance to the attack, which in turn will lead to serious security problems in the entire Internet of Things. This is a bit like the "barrel effect", the security capabilities of the entire Internet of Things are determined by the weakest device.
The response of Hongmeng operating system is to classify all smart devices, define the security capabilities required for different levels, and then verify the security when accessing the Internet of Things, and continuously detect the security status during operation, find problems and deal with them in a timely manner. The result of this is obvious, each device that joins the "HyperTerminal" needs to first get a license similar to the pass, and it will also "check the ticket" at any time during operation, and once it is found that there is a problem with a certain device, it will be eliminated in time to ensure the overall security.
It is worth noting that in the Hongmeng operating system, the sensitive data on the high-security level device is a hardware-based trusted execution environment (TEE) and is only used in te. When transmission is necessary, a secure channel is established from the TEE of one device to the TEE of another device after secure environment verification using the device certificate to ensure secure transmission.
Refactoring "data" is also about rating data security to ensure that the right device accesses the right data. It's like giving different levels of passes to different devices and different data, and only if the pass level is the same can it be matched successfully. For example, because the mobile phone stores a large amount of personal data, the security ability is strong, it is a high-security level device, while the bracelet is a low-security level device because of the relatively single function, and the same data is also graded, and the sports health data in the bracelet is lower than the password. With the rating, access can be limited, such as the mobile phone can access the sports health data in the bracelet, and the bracelet cannot access the higher level of password data.
It can be seen that the privacy and security of Hongmeng operating system has distinct intelligent IoT characteristics, that is, jumping out of the shackles of a single device or single type of data, standing in a higher dimension to look at the relationship between "people, devices, and data", and realizing "the right person uses data correctly on the right device" through grading and collaboration.
<h1 class="pgc-h-arrow-right" data-track="54" >from "product safety" to "ecological safety"</h1>
The protection of privacy and security by Hongmeng operating system well reflects the "four major propositions" and "three commitments" of Huawei's consumer business security and privacy protection.
"Huawei's privacy and security standards are very strict, and any business that does not comply with security and privacy protection principles and processes is not allowed to be released." This can be seen in the full-lifecycle privacy security management of Hongmeng operating system for applications. Specifically, during the development phase, developers are authenticated with real names to ensure the legitimacy of developers from the source; during the release stage, Huawei's application market will monitor the application in a comprehensive way such as viruses, privacy, and advertisements; during the installation stage, the system will conduct security detection of the application; and during the operation stage, the system will use AI technology to detect application behavior and quickly identify malicious behaviors such as malicious deductions, information theft, and remote control. It can be said that this kind of privacy and security guarantee of the whole process will enable Hongmeng System to build a pure application operating environment.
Among the "four major propositions" of Huawei's consumer business security and privacy protection, an important one is to "cooperate with industry authorities to build a security verification system". Huawei says so and does the same. It is understood that Huawei, together with international standards organizations such as GSMA and ETSI, has jointly promoted more than ten international security standards such as TEE and SecurePlatform, supporting the country and industry to issue more than 25 standards and more than 30 group standards.
Taking TEE as an example, Hongmeng operating system provides a trusted execution environment for the device through hardware, and the user's personal sensitive data is only used in it, thereby ensuring the security of user data. The TEE OS security kernel of Hongmeng system has obtained the CC EAL5+ certification with the highest security level of the world's commercial operating system kernel, and TEE has become an international security standard driven by Huawei.
At the same time, Huawei is also continuing to "open up security and privacy capabilities to ecological partners". For application ecosystem partners, Huawei has opened 4 security capability packages with more than 10 security capability subsets, and for device ecosystem partners, Huawei has opened 2 security capability packages and more than 30 security capability subsets. In the process of promoting privacy and security standardization, Huawei has also contributed many excellent privacy and security practices to the industry. It is understood that in China, Huawei is the manufacturer with the largest contribution to privacy and security standardization.
Through openness and empowerment, Huawei is building a truly secure "ecological security.". At the Huawei Developer Conference, the HarmonyOS Connect Eco-Device Security and Privacy Protection Guide was released, and ecosystem partners can obtain specific guidance when developing products and work with Huawei to build a secure and reliable digital world.
<h1 class="pgc-h-arrow-right" data-track="55" > Postscript: The cornerstone of all-scenario smart life</h1>
At this year's Huawei Developer Conference, the full-scenario smart life experience opened up the imagination space. For example, Hongmeng operating system brings the display of smart home, smart office, smart travel, sports and health, audio and video entertainment and other life scenes. In the super kitchen, the recipe graphics on the mobile phone can be transferred to the steam oven, and the average person can also cook with one click. The many features of the spoiler HarmonyOS 3 at the meeting are even more eye-opening, such as mobile phones, smart screens, and PCs that can play games collaboratively, use the large-screen display of smart screens, use THE graphics card of the PC, and enjoy the longest board of various devices.
However, the realization of such a beautiful experience depends on privacy and security. As He just said, "At present, the full-scenario era of intelligent connection of all things and billions of connections is coming, and it is most important to build a global ecology of billions of connections and ensure the security and credibility of the ecology." It can be seen from the "four propositions" and "three commitments" of Huawei's consumer business security and privacy protection that Huawei regards network security and privacy protection as the company's highest program, and the responsibility for network and business security protection is placed above the company's commercial interests. Huawei is putting network security and privacy protection at the origin of the all-scenario ecological strategy for "care", not only the strategic determination to protect privacy and security, but also the practical action of using innovative technologies for privacy protection.
It can be expected that with the joint efforts of Huawei and ecological partners, the digital world will become safe and credible, and ecological security as a solid foundation will surely support the intelligent life of all scenarios and win the era of intelligent connection of all things and billions of billions of connections.