Method for realizing security storage of mobile terminal in mobile internet based on TrustZone technology

A mobile Internet and mobile terminal technology, applied in the field of mobile terminal security storage, can solve the problems of long development cycle of software isolation technology, difficult research and development, and many defects, so as to improve reliability and security, reduce research and development difficulty, and solve the problems of software isolation technology. Effects of security risks

Inactive Publication Date: 2018-01-19
SHANDONG UNIV
View PDF2 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Software isolation technology has various problems such as long

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing security storage of mobile terminal in mobile internet based on TrustZone technology
  • Method for realizing security storage of mobile terminal in mobile internet based on TrustZone technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] like Figure 1-2 shown.

[0039] A method for realizing secure storage of a mobile terminal under the mobile Internet based on the TrustZone technology, comprising the following steps:

[0040] 1) The normal world user invokes the application service of the security application in the normal world; after authorization verification, the session is opened, and the data and information of creating the security user / application are passed to the kernel security application;

[0041] 2) The kernel safety application applies to the central control kernel to configure the TrustZone IP core, and the state of the data transmission bus is switched to a safe state through the TrustZoneIP core; the memory is opened up in the memory according to the data and information of the safe user / application through the TrustZone IP core quarantine area;

[0042] 3) loading the encrypted kernel security application into the memory isolation area, and calling the encryption and decryption modu...

Embodiment 2

[0046] As described in embodiment 1, based on TrustZone technology to realize the method for safe storage of mobile terminals under the mobile Internet, the difference is that the encrypted kernel security application in the step 3) is set in the hard disk; the encrypted kernel security application is passed through The data transfer bus is loaded into the memory enclave.

Embodiment 3

[0048] As described in Embodiment 1, the method for implementing secure storage of a mobile terminal under the mobile Internet based on the TrustZone technology is different in that the kernel security application in step 1) runs in the security zone where the central control kernel is located. As the name implies, the security zone is a security zone physically isolated from the normal world allocated in memory by the TrustZone IP core TZASC (TrustZone Address Controller) to run and store programs or information in the security world.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for realizing security storage of a mobile terminal in a mobile internet based on a TrustZone technology. Private applications and data in the mobile terminal are loaded to a hardware isolation security region of the mobile terminal, and an access request of a non security region is refused, so that information security is ensured. The core is to self-develop a TrustZone IP kernel driver and a trusted application; a security kernel of a security world is accessed through a client of an ordinary world of the trusted application; the corresponding trusted application is started; a specific memory region is subjected to hardware isolation through the IP kernel driver; data and codes encrypted through a homemade encryption/decryption module and stored in an external storage device are loaded to an isolation region of a memory; and the encrypted data and codes are decoded by calling a TCM chip after being loaded, so that dynamic storage security of information is guaranteed finally.

Description

technical field [0001] The invention relates to a method for realizing secure storage of a mobile terminal under the mobile Internet based on TrustZone technology, and belongs to the technical field of secure storage of mobile terminals. Background technique [0002] TrustZone(TM) technology appears in ARMv6KZ and later application core architectures. It provides a low-cost solution for adding a dedicated security core in a system-on-chip (SoC), and supports two virtual processors through hardware-based access control. This approach allows the application core to switch between the two states (often renamed worlds to avoid confusion with other functional domain names), and under this framework, information can be avoided from leaking from the more trusted core world to less secure areas. This switching between core domains is usually completely orthogonal to other functions of the processor, so each domain can operate independently but still use the same core. The memory ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/60G06F21/62G06F21/78
Inventor 仇伟民戴鸿君崔立真
Owner SHANDONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap