User-level code and data security and credibility protection method and device based on TrustZone

A data security, user-level technology, applied in the direction of digital data authentication, platform integrity maintenance, etc., can solve untrustworthy and other problems

Pending Publication Date: 2021-05-18
NAT UNIV OF DEFENSE TECH
View PDF0 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, use TrustZone to realize the mutual call between non-secure state user code and secure state user code, non-secure state user code to realize safe storage and encryption and other security operat

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User-level code and data security and credibility protection method and device based on TrustZone
  • User-level code and data security and credibility protection method and device based on TrustZone
  • User-level code and data security and credibility protection method and device based on TrustZone

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Such as image 3 and Figure 4 As shown, the user-level code and data security trusted protection method based on TrustZone in this embodiment includes the steps of calling the non-safe application code located in the general-purpose operating system by the secure application code located in the secure operating system:

[0041] A1) The safety application code invokes a dedicated system call interface to initiate a non-safe operation call request to the monitor through the driver program in the safety operating system;

[0042] A2) The monitor utilizes the safety monitoring mode to transfer the non-safety operation call request into the general-purpose operating system of the kernel state;

[0043] A3) The general-purpose operating system in the kernel state loads the target non-safe application code corresponding to the non-safe operation call request, and the target non-safe application code performs the corresponding non-safe operation, and returns the operation res...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a user-level code and data security and credibility protection method and device based on TrustZone. A key code is stored in a protected memory area through encryption, so that a user can load and access the key code and data belonging to the user, and other programs including privileged software cannot access the key code of the user. Meanwhile, mutual calling of the non-safe-state user and the safe-state user code is achieved through TrustZone, the non-safe-state user calls the safe-state user code to achieve safe operation such as safe storage and encryption, the safe-state user calls the non-safe-state user code to complete non-safe operation such as interruption and system calling, all the operations are distinguished, and the problems that privileged software such as an operating system is untrusted, and non-security codes threaten the security state are solved.

Description

technical field [0001] The present invention relates to the field of computer operating systems, in particular to a TrustZone-based user-level code and data security and trusted protection method and device, which are used to realize the security isolation of user-level code and data based on TrustZone and the non-safe state user code and security state Mutual calls of user code. Background technique [0002] TrustZone is a technology supported by software and hardware proposed by ARM to improve system security. In terms of hardware, TrustZone adds an additional control signal bit for reading and writing each channel on the system bus, called NS (Non-Secure) bit, which can divide resources such as memory into secure state and non-secure state through NS bit . The non-secure state can only access system resources in the non-secure state, while the secure state can access all resources. TrustZone implements security isolation of resources such as memory and IO through bus c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/44G06F21/53
CPCG06F21/44G06F21/53
Inventor 董攀夏锦涛马俊黄辰林谭郁松丁滟任怡谭霜李宝张建锋秦莹
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap