Mobile terminal trusted isolation environment core control method

A core control and mobile terminal technology, applied in program control design, instruments, electrical and digital data processing, etc., can solve the problem that resources and data cannot be truly isolated, improve scalability and portability, and ensure security. , the effect of reducing security threats

Active Publication Date: 2019-03-26
INST OF INFORMATION ENG CAS
View PDF5 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Security holes in the Hypervisor and Dom0 layers, as well as various side-channel attack methods in the platform, make it impossible for resources and data between different clients to be truly isolated
It can be seen that although the Xen platform provides mobile terminals with the basic ability to isolate multiple operating environments, the isolation control ability still needs to be further enhanced.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mobile terminal trusted isolation environment core control method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] In order to make the purpose, advantage and technical solution of the present invention clearer, the present invention will be further described in detail through specific implementation descriptions below.

[0020] For the convenience of description, some abbreviations used in the present invention will be introduced first.

[0021] CSC Core Security Control Core Security Controller

[0022] Hyp Hypervisor microkernel

[0023] SMI Security Memory Isolation Secure Memory Isolation

[0024] TEE Trusted Execution Environment Trusted execution environment

[0025] OE Operating Environment Operating environment

[0026]OMM Operating Status Monitor operating status monitoring

[0027] The present invention is mainly to construct a general core control framework of high-trust mobile terminal isolation execution environment. In this framework, TrustZone and virtualization security isolation are combined, and SMI, OSM and corresponding security policies of TrustZone in the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a mobile terminal trusted isolation environment core control method, and aims to solve the trusted isolation problem of different operation environments in a mobile terminal, and a core controller CSC in a security domain is realized based on a TrustZone technology, so that the trusted isolation security among different operation environments is enhanced. According to control of the fine-grained security policy library, memory access behaviors of different operation environments are supervised, and it is ensured that codes and data cannot be accessed by different operation environments; And the operation states of different operation environments are supervised to ensure that illegal operations cannot obtain corresponding authorities.

Description

technical field [0001] The invention relates to a core control method of a trusted isolation environment of a mobile terminal, which enhances the security isolation capability of different execution environments. Background technique [0002] The construction technology of mobile terminal virtual environment based on Xen on ARM is developing vigorously, and the virtualization of mobile terminal brings many advantages. Based on virtualization technology, multiple clients can be run on the mobile terminal to deploy multiple different operating environments to meet the different needs of the same user. For example, multiple clients can be started simultaneously in the same mobile terminal to build office applications The operating environment, personal entertainment and life application operating environment, and high-security applications (such as payment applications and sensitive government application operating environments) isolate resources and data between different envi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/74
CPCG06F21/74G06F2009/45587G06F2221/2149
Inventor 王利明张妍李超群陶小结
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap