The 2022 OPPO Developer Conference (ODC22) will be held online from August 30th to 31st, with the theme of “Abundant Minds, Walking Together”. The security and privacy sub-forum has set up five topics, and the OPPO security team shared that in the current era of changing technology application scenarios in the metaverse era, in the face of escalating security and privacy challenges, OPPO launched a crackdown on the Internet based on industry development trends and user demand insights. A series of explorations and practices to protect user privacy and security, such as black and gray production, providing digital and trusted terminal products, and relying on Pantanal Security to provide full-link protection. At the same time, OPPO has joined hands with partners to create a more cross-end, wider-area, and more advanced security system for developers, and jointly build an open OPPO ecosystem.
To meet the wave of the metaverse, OPPO accelerates the layout of cutting-edge technologies
Luo Yuanhai, head of OPPO’s basic security and privacy, delivered an opening speech on the theme of “Security and Privacy Technology in the Metaverse/Web3.0 Era”. He said that the digital world is still built on traditional information technology, and the implementation of the Metaverse will integrate various It is based on the latest technologies and systems, so related weaknesses and defects may also be inherited by it, and the further open use of private data will exacerbate the challenges of security and privacy protection.
Luo Yuanhai, OPPO Basic Security and Privacy Leader
In this regard, OPPO quickly laid out an overall technical framework for the security and privacy of Metaverse, with Meta-native security as the foundation, security meta-platform as the pillar, and Metaspace security as the top layer. Metaverse attack and defense runs through the entire stack, covering the security and privacy protection of the next generation Internet. and technical empowerment. Forward-looking strategic layout and technical strength make OPPO at the forefront of the industry.
OPPO Metaverse Security and Privacy Overall Technical Framework
At the defense level, OPPO not only relies on Yuannative security technology to integrate security and business to ensure the security of next-generation Internet infrastructure; it also uses Yuanspace security technology to build invisible and reliable safety valves for virtual space products such as digital identities and digital assets. This technology supports the use of private keys to generate transaction signatures in an independent hardware security area and provides a secure computing environment to effectively protect personal digital assets.
At the same time, OPPO took the initiative to launch the meta-security attack and defense technology. By conducting security tests on Metaverse businesses and products, it can accurately identify potential security threats, in-depth analysis of the weaknesses and defects of Metaverse products and technologies, and prescribe the right medicine to improve its security prevention capabilities.
The security meta-platform OPPO AndesChain, as the core support of the overall technical framework, is the foundation of metaverse applications. It takes the self-developed blockchain core engine of Andes Chain Core as the core, and the OPPO cryptographic platform OPPO Euler as the base. The data intelligence chain application framework provides unified blockchain services for various upper-level business scenarios, and ultimately supports the realization of virtual space.
At present, OPPO has focused on opening AndesChain’s capabilities to the public in two forms: Andes BaaS (enterprise-level blockchain cloud service platform) and AndesChain PaaS (blockchain application middleware platform). Andes BaaS integrates development, management and operation and maintenance functions to effectively lower the threshold for developers to build blockchain systems; AndesChain PaaS includes a series of out-of-the-box blockchain middleware services, greatly improving the development of blockchain applications efficiency. Based on the above, developers can save the cost of paying attention to the underlying details and focus on building upper-layer application apps of the blockchain. In the future, OPPO will also open more capabilities to developers in the metaverse field to jointly build a secure and credible decentralized application ecosystem.
Build a full-stack intelligent security risk control system SDK supply chain breakthrough application ecological protection
Zeng Dekang, head of OPPO’s business security risk control, and He Miao, deputy general manager of Wuhan Antiy Information Technology Co., Ltd., delivered speeches at the meeting on the construction of OPPO’s intelligent security risk control system and the current status and challenges of SDK supply chain security.
With the continuous growth of online black and gray products, OPPO has made a strong counterattack against the derivative iterative nature of black and gray products. OPPO has customized corresponding countermeasures in the fields of advertising, APP distribution, and game joint ventures where black and gray production is rampant. Based on multi-system and in-depth configuration, through the OPPO risk profile system, rule engine and real-time statistical capabilities, it can realize millisecond-level risk decision-making, provide real-time risk control services for a variety of different businesses, and build a full-stack intelligent security risk control system to achieve multiple The scene black and gray produce precise strikes.
Zeng Dekang, Head of OPPO Business Security Risk Control
At the same time, in the face of the significant increase in various application security risks, OPPO, which has the triple identity of application developer, mobile phone manufacturer and application distribution platform, tries to explore solutions to protect the ecological security of applications from various aspects. As an important part of the APP development process, SDK’s supply chain security governance is very critical. To this end, OPPO and Antiy jointly set up a laboratory, relying on the technical strength of both parties and in-depth understanding of OPPO’s business scenarios, to jointly build a security governance system for the application SDK, and are committed to protecting developers from multiple dimensions and multiple scenarios. benefits and application security.
He Miao Deputy General Manager of Wuhan Antiy Information Technology Co., Ltd.
Start with the end and build a secure and trusted terminal ecosystem with the industry
In the sub-forum, Wang Zhenqiang, head of OPPO security operations, and Chen Ronghua, chief architect of Microsoft, shared the topic of “ColorOS Terminal Trust Project”, and proposed to establish a mature and stable trusted mechanism and provide security in the era of integration of all things. Trusted mobile terminals are essential.
In this regard, OPPO carried out terminal trusted engineering practice, and worked with Microsoft, Synopsys and other internationally renowned companies to design and implement a mature trusted engineering mechanism. Especially in the cooperation with Microsoft, the two parties have jointly built a digital trusted engineering system, jointly built the basic SDL content for research and development of security engineering and security operations, and built security research and development capabilities and services aimed at enabling various business scenarios. 12 key safety practices. In the future, OPPO will also cooperate more with Microsoft to create credible systems and products.
OPPO and Microsoft jointly build a digital trust project
Not only that, the security and trustworthy standards formulated by OPPO are applicable to most countries in the world, as well as certain high-standard countries such as Europe and the United States. OPPO’s rigorous security and trustworthy standards have passed key certifications from industry organizations such as CSASTAR, and have established cooperation with well-known domestic and foreign universities and scientific research institutions on technological breaking points, disruptive technologies, technological reserves and breakthroughs to build a trusted ecosystem.
Pantanal announces that OPPO continues to invest in security and privacy protection
At this ODC conference, OPPO released a new smart cross-end system centered on the integration of all things – Pantanal, and invested in security and privacy protection as the core capability of the Pantanal system, relying on OPPO’s security research and development system And innovative mechanisms, continue to create a “safe and trustworthy perception” service experience for users.
Zeng Xin, senior security architect of OPPO, said that Pantanal Security is based on the design principles of precise sharing, dynamic authorization, global security, and transparency and compliance, and based on the principle of zero trust, it provides users with security protection throughout the entire link of data and services. ability. Pantanal Security has built an in-depth defense authentication system, providing 4-layer authentication for OPPO users every time they access the ColorOS system application, continuous authentication and verification; at the same time, OPPO is collecting the data necessary for user services to deeply understand users. In the process of demand, Pantanal Security can provide protection from the entire life cycle of data collection, storage, use, transmission and destruction, minimize the capture of valid data and desensitize it by various means, without affecting the user terminal experience and effective understanding User needs, protect user privacy and security.
Four safety design principles for the Pantanal system
It is worth noting that OPPO has actively participated in the formulation of and followed industry standards, and has obtained the world‘s first MDfPP3.2 security certification and the first domestic 2407 mobile smart terminal security technology level-5 capability certification. At the same time, OPPO, as one of the initiators of the Gold Label Alliance, has jointly established safety testing standards with industry partners, and actively cooperates with industry safety organizations to create a controllable safety service system to provide users with assured, safe and reliable products and services.
Facing the emerging technology waves and business forms in the metaverse era, OPPO, as an ecological technology company integrating software and hardware, accelerates the layout of cutting-edge technologies, provides real-time risk control services and builds a full-stack intelligent security risk control system. Based on the newly released Pantanal system, OPPO continues to strengthen its investment and capacity building in security and privacy protection, and cooperates with industry partners to create a more cross-end, wider-area, and more advanced security system, and jointly build OPPO’s open ecosystem and realize the realization of the system from , applications and even the underlying technology to provide users with comprehensive security and privacy protection.
Disclaimer:
The content is authorized by the columnist to publish or reprint from other media, the purpose is to transmit more information, it does not mean that this website agrees with its views, and this site does not guarantee or promise the authenticity of the content. If the content of the article violates your rights, please contact this site in time to delete it. Contact for infringement complaints:
[email protected]!