Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

TEE-based Internet of Things secure startup implementation method

A technology for secure startup and implementation methods, applied in computer security devices, program/content distribution protection, digital data authentication, etc., can solve the problem of private data theft or tampering damage, TEE or trusted applications cannot provide normal services, cannot boot, etc. question

Pending Publication Date: 2020-11-20
BEIJING BEANPOD TECH CO LTD
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Potential safety hazard: On an IoT device, when the device is powered on, the software on the device is executed. If the software on the device is maliciously implanted or tampered with, the private data of the device will be stolen or tampered with and cause damage , causing the risk of the device not functioning properly or being powered on
[0004] Forgery: Malicious client applications or trusted applications masquerade as legitimate firmware to obtain sensitive data output by TEE, resulting in data leakage
[0005] Tampering: Execution of malicious firmware, causing TEE or trusted applications to fail to provide normal services, and even the device cannot be powered on

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • TEE-based Internet of Things secure startup implementation method
  • TEE-based Internet of Things secure startup implementation method
  • TEE-based Internet of Things secure startup implementation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments of the present invention belong to the protection scope of the present invention.

[0030] Such as figure 1 , 3 As shown, a method for implementing secure start-up based on the TEE Internet of Things according to an embodiment of the present invention includes the following steps:

[0031] S1: Check the validity of the trusted application image header, find out the trusted application image that is a signed image, and use the flag contained in the signature header to identify whether the image is signed. If the flag is not a signed image, stop security start up;

[0032] ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a TEE-based Internet of Things secure startup implementation method. The method comprises the following steps of finding out a trusted application mirror image as a signature mirror image; finding out a certificate, calculating hash abstracts of four groups of key hash fields in the mirror image, and comparing the consistency of the two hash abstracts; calculating a hash abstract of the trusted application signature mirror image; verifying the legality of the signature by using asymmetric encryption; checking the legality of the header of the client application mirror image, and finding out the client application mirror image marked as the signature mirror image; finding out a certificate, calculating hash abstracts of four groups of secret key hash fields in the mirror image, extracting a trusted application security starting secret key hash abstract in a secret key database, and comparing the consistency of the two hash abstracts; calculating a hash abstract of the client application signature mirror image; and verifying the legality of the signature by using asymmetric encryption, and entering a trusted application for execution. By means of the method, safety and flexibility are guaranteed, the published signature mirror image is revoked, and rollback is prevented.

Description

technical field [0001] The present invention relates to the technical field of Internet of Things security, in particular, to a method for implementing secure startup of the Internet of Things based on TEE. Background technique [0002] With the emphasis on security of IoT devices, although sensitive services and information are executed in a secure processing environment, there are still potential security risks of software forgery or tampering. Currently, the following disadvantages exist: [0003] Potential safety hazard: On an IoT device, when the device is powered on, the software on the device is executed. If the software on the device is maliciously implanted or tampered with, the private data of the device will be stolen or tampered with and cause damage , resulting in a risk that the device may not function properly or be unable to boot. [0004] Forgery: Malicious client applications or trusted applications masquerade as legitimate firmware to obtain sensitive da...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F21/12G06F21/33G06F21/64
CPCG06F21/575G06F21/64G06F21/121G06F21/33
Inventor 张志阳刘国锋梁泽宇李林
Owner BEIJING BEANPOD TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products