Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for secure connection of Android terminal and terminal

A terminal security and terminal technology, which is applied in the field of Android system security, can solve the problems that Android smart terminals cannot guarantee connection security, and achieve the effect of stable security and guaranteed security

Pending Publication Date: 2021-03-30
FUJIAN LANDI COMML TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] There are many kinds of terminal security channels, and the widely popular technology is to securely connect through HTTPS; please refer to Figure 4 , but when the TLS protocol in HTTPS is implemented in the Android terminal, it does not work in a secure trusted execution environment, but is directly implemented in the APP in the REE (Rich Execution Environment, rich operating environment), TEE (Trusted Execution The TA (Trusted Application, trusted program, program running in the TEE) in the Environment (Trusted Execution Environment) indicates to work as an encryption machine, and the TLS session key is held by the APP. During the entire communication process, the APP is The plain text of the data can be obtained, and the communication process also depends on the APP itself running in the REE. Since the REE is not a safe execution environment, there are possible security-threatening events such as the replacement of the APP, which will cause the communication between the terminal and the server to be hijacked. , this approach cannot guarantee connection security for Android smart terminals

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for secure connection of Android terminal and terminal
  • Method for secure connection of Android terminal and terminal
  • Method for secure connection of Android terminal and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0064] Please refer to figure 1 , Embodiment 1 of the present invention is:

[0065] A method for securely connecting an Android terminal, comprising steps:

[0066] S1. Establish a TCP connection with the server in the REE and implement the TLS protocol in the TEE;

[0067] In this embodiment, step S1 is specifically:

[0068] Establish a first program in the REE, and the first program establishes a TCP connection with the server;

[0069] Establishing a second program in the TEE, implementing the TLS protocol in the second program;

[0070] To port the TLS protocol to TEE, on the one hand, it is necessary to modify the TLS protocol (generally using an open source library) so that the modified TLS protocol can run normally in the TEE environment. The basic libc library is changed to the libc library provided by the chip platform (such as Qualcomm), so that it can run normally in the TEE environment corresponding to the chip platform after adaptation; on the other hand, t...

Embodiment 2

[0079] Please refer to image 3 , the second embodiment of the present invention is:

[0080] Apply the above-mentioned secure connection method of an Android terminal to an actual scenario:

[0081] Build the first program (APP) in the REE environment in the Android system of the Android terminal, realize the TCP connection with the server in this first program, realize the data interaction with the server by the TCP connection;

[0082] Build the second program (TA) under the TEE environment in the Android system, and realize the TLS protocol and data storage in the second program; the TEE environment is provided by the Trusty system of the Android terminal, and the Trusty system is independent of the Android system, and calls each other through the interface ;

[0083] The first program and the second program perform data interaction through the communication interface provided by the Android terminal. The first program forwards the corresponding data of the second progra...

Embodiment 3

[0086] Please refer to figure 2 , Embodiment three of the present invention is:

[0087] A terminal 1 securely connected to an Android terminal includes a processor 2, a memory 3, and a computer program stored on the memory 3 and operable on the processor 2, and the processor 2 implements the computer program when executing the computer program Each step in Example 1 or Example 2.

[0088] To sum up, the present invention provides a method and terminal for secure connection of an Android terminal. The TLS protocol is executed in the TEE environment, and the APP in the REE environment is only responsible for establishing a connection with the server, without saving the session key, etc. To implement the operations required by the TLS protocol, the received data is forwarded to the TA in the TEE through the corresponding communication interface for processing. After the TA obtains the data, it is only stored in the TEE, and the reply data is processed according to the TLS prot...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for secure connection of an Android terminal and the terminal. The method comprises the following steps: establishing connection with a server in REE and realizing a TLS protocol in TEE; realizing data interaction between the TEE and the REE through a preset communication interface; realizing data interaction between the TLS protocol in the REE and the server through connection between the REE and the server and data interaction between the TEE and the REE; the TLS protocol and plaintext communication in network connection are separately executed in the Androidterminal, so that the security of the key is ensured, the session key cannot be obtained for an externally open rich execution environment REE, only encrypted data is forwarded, and the security of the data in the transmission process is ensured.

Description

technical field [0001] The invention relates to the field of Android system security, in particular to a method for securely connecting an Android terminal and a terminal. Background technique [0002] With the popularization of Android smart terminals, the stock of Android smart terminal devices in the market is increasing, and higher and higher requirements are put forward for the management and maintenance of devices. The challenge of management and maintenance is also increasing; in the process of production, development and maintenance of Android terminals, it is often necessary to download various sensitive data to the terminal, such as injecting certificate keys, downloading configuration files, etc. Theft during the process will seriously affect the security of Android smart devices, which requires a secure enough channel to complete the connection to achieve data interaction. [0003] There are many kinds of terminal security channels, and the widely popular techno...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/08H04L29/06
CPCH04L67/141H04L63/0471
Inventor 周启龙
Owner FUJIAN LANDI COMML TECH CO LTD