Security system implementation method based on virtual security element in trusted execution environment

A virtual security element and execution environment technology, applied in computer security devices, internal/peripheral computer component protection, instruments, etc. It is difficult to achieve a balance with the effectiveness of the system architecture, etc., to achieve the effects of improving ease of use and portability, improving system security, and improving security

Active Publication Date: 2015-09-09
SHENZHEN XUEQIU SCI & TECH
View PDF7 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] However, since the above-mentioned technologies involve the control of the trusted channel and authority management by the operating system, the access of the actual application to the trusted execution environment cannot get rid of the constraints of external hardware, and it is difficult to achieve a balance between security and system architecture effectiveness. This has greatly hindered the promotion of trusted execution environments at this stage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security system implementation method based on virtual security element in trusted execution environment
  • Security system implementation method based on virtual security element in trusted execution environment
  • Security system implementation method based on virtual security element in trusted execution environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0041] Such as figure 2 As shown, in this embodiment, the access request is directed to the security application in the virtual secure element in the feasible execution environment.

[0042] In this embodiment, the terminal for accessing the trusted execution environment is added to the channel management and access control module built in Rich OS, and the access control processing for accessing the trusted execution environment is removed, and then a direction to the trusted execution environment is set in the trusted execution environment. Applications in the Rich OS provide a security management module with a unified access interface and at least one virtual security element, and receive all access requests from applications in the Rich OS through the security management module.

[0043] The security management module receives an access request from an application in the Rich OS to the virtual security element, and the access request is sent to the security management modu...

Embodiment 2

[0062] Such as Figure 6 As shown, the difference between this embodiment and Embodiment 1 is that the access request is directed at the security application in the secure element chip. Similarly, in this embodiment, all access requests from applications in the Rich OS are received by the security management module , connect the secure element chip with the trusted execution environment, when the application in the Rich OS sends a request to access the secure application in the secure chip, the access request is first transmitted to the security management module in the trusted execution environment, and the security management module passes the judgment Whether the access request matches the access control rules to accept or deny the request.

[0063] The initialization of the access rules in this embodiment is also read from the source data by the security management module when the trusted execution environment is initialized or when an initial request is received.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A security system implementation method based on a virtual security element in a trusted execution environment is provided by the invention and belongs to the field of information security. The method comprises: adding a terminal that accesses a trusted execution environment to a channel management and access control module built in a Rich OS; removing access control processing that is for accessing the trusted execution environment; then, setting a security management module that provides a uniform access interface for applications in the Rich OS and at least one virtual security element in the trusted execution environment; and receiving all access requests from the applications in the Rich OS by using the security management module, thus improving system security. The method provided by the invention simplifies the existing system structure, and significantly improves system security. A virtual machine is set in each virtual security element, thereby significantly improving usability and portability.

Description

technical field [0001] The present invention relates to a technology in the field of mobile device security, in particular to a security system implementation method based on a virtual secure element (SE, Secure Element) in a Trusted Execution Environment (TEE, Trusted Execution Environment). Background technique [0002] Software operating environment refers to various conditions required for software operation, which can be divided into rich operating environment and trusted execution environment. [0003] The rich operating environment is composed of software and hardware, provides rich functional interfaces, and is a software execution environment created for versatility and richness. It includes a multi-functional operating system and various applications running on it. The multi-functional operating system is also known as the Rich operating system, Rich OS. Take an example of a multifunctional operating system on a mobile device, such as Android, which can run on mob...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/53G06F21/62G06F21/74
CPCG06F21/53G06F21/629G06F21/74
Inventor 韩医徽章勇姜波赵晨曦方琍李川川王巨
Owner SHENZHEN XUEQIU SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap