CN104392188B - A kind of secure data store method and system - Google Patents

A kind of secure data store method and system Download PDF

Info

Publication number
CN104392188B
CN104392188B CN201410619453.2A CN201410619453A CN104392188B CN 104392188 B CN104392188 B CN 104392188B CN 201410619453 A CN201410619453 A CN 201410619453A CN 104392188 B CN104392188 B CN 104392188B
Authority
CN
China
Prior art keywords
untrusted
rpmb
storage service
data objects
safe storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410619453.2A
Other languages
Chinese (zh)
Other versions
CN104392188A (en
Inventor
成亮
叶建隆
张健康
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics China R&D Center
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics China R&D Center
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics China R&D Center, Samsung Electronics Co Ltd filed Critical Samsung Electronics China R&D Center
Priority to CN201410619453.2A priority Critical patent/CN104392188B/en
Publication of CN104392188A publication Critical patent/CN104392188A/en
Application granted granted Critical
Publication of CN104392188B publication Critical patent/CN104392188B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention proposes a kind of secure data store method and system, it is adaptable to support the processor of ARM TrustZone technologies, and uses the eMMC for supporting RPMB subregions as storage medium, and wherein method includes:The secured data objects of trusted application program, safe storage service program and its generation are protected by trusted execution environments;Safe storage service program provides the foundation and access of secured data objects to trusted application program, and calls encryption/decryption module that secured data objects are encrypted and decrypted with processing;Secured data objects after encryption appoint the eMMC RPMB drivers in performing environment to share by the shared drive page and untrusted;Untrusted appoints the eMMC RPMB drivers in performing environment to complete access and storage to eMMC RPMB subregions.The present invention ensure that the reliable memory of secured data objects.

Description

A kind of secure data store method and system
Technical field
The present invention relates to technical field of data storage, more particularly to a kind of secure data store method and system.
Background technology
Embedded device, including mobile phone, TV, tablet personal computer etc., there is the demand that safe storage is carried out to sensitive data, The accounts information of user is preserved for example on non-volatile memory medium, by the key of mandate, and various multimedia copyrights Information and license passport etc..
Existing secure data store method, is usually to be encrypted in untrusted performing environment, such as normal operating system Processing.Encryption and decryption program and calculating process, and clear data and encryption and decryption key, are in untrusted environment;Data are deposited Data object after encryption, is saved in non-volatile memories by the file system interface that storage mode is typically provided using operating system On medium, such as embedded multi-media card (eMMC, embedded Multi Media Card) or flash memory (Flash).
Fig. 1 is the brief block diagram of existing secure data storage system, main to include four functional entitys:Application program, plus Deciphering module, normal operating system, flash storage medium.Common flow is:Application call encryption/decryption module is to safety Data object is encrypted, and calls normal operating system file system interface, and the data object storage after encryption is arrived On eMMC subregions;When application program needs to access data object, call operation system file system interface, from eMMC subregions Data object is re-read, and calls encryption/decryption module that processing is decrypted.On non-volatile memory medium, data object with The form of encryption is saved, therefore ensure that basic data safety.
In the prior art to the storage method of secure data, it is saved in generally by generic file system interface non-volatile Property storage medium on, such as in eMMC or Flash.But it is stored in the data content in Flash partition and is possible to meeting by hacker Distort, even carry out pressure erasing by physical block.As an improvement, eMMC specifications provide for replay protection memory block (RPMB, Replay Protect Memory Block) subregion mandate write-protect mechanism, using preset key to data object press RPMB Data packet format carries out Hash calculation and obtains its message authentication code (MAC), and eMMC cards are reruned and compared, illegally write with resisting Enter.But RPMB drivers need first to obtain preset key, and it is stored in the common memory page, therefore equally exists and cut The risk taken, once and preset key is compromised, then MAC can be just regenerated by using replacement data, come reading of out-tricking Inspection of the extract operation to MAC.
The process of encryption and decryption is carried out to secure data in the prior art, is usually the normal operating system environment in untrusted Middle to carry out, its calculating process is possible to be intercepted and captured by hacker, the Key that encryption and decryption is used, or the clear data that computing is used, and has It may be read and replace.A kind of improved method is in the prior art, the ARM trust regions for supporting An Mou companies (TrustZone) key and encryption process, can be placed in credible performing environment, then the data after encryption are led to by equipment Cross shared drive and return to untrusted performing environment.This calculating process can use Global Platform organizational standards TEE API realize communication and believable interaction, but the follow-up storage of its encrypted data, it is still desirable to by general Lead to the file system interface of operating system to complete, so there are still the risk for being replaced or bypassing.
The content of the invention
The invention provides a kind of secure data store method, the reliable memory of secured data objects ensure that.
Present invention also offers a kind of secure data storage system, the reliable memory of secured data objects ensure that.
The technical proposal of the invention is realized in this way:
A kind of secure data store method, it is adaptable to support the processor of ARM TrustZone technologies, and use support The eMMC of RPMB subregions includes as storage medium, methods described:
The secured data objects of trusted application program, safe storage service program and its generation are by trusted execution environments Protection;
Safe storage service program to trusted application program provide secured data objects foundation and access, and call plus Deciphering module secured data objects is encrypted and decrypted processing;
Secured data objects after encryption appoint the eMMC RPMB in performing environment to drive by the shared drive page and untrusted Dynamic program is shared;
Untrusted appoints the eMMC RPMB drivers in performing environment to complete access and storage to eMMC RPMB subregions.
On a kind of secure data storage system, the processor for operating in ARM trust regions (TrustZone) technology of support, And the embedded multi-media card (eMMC) of replay protection memory block (RPMB) subregion is used as storage medium, the system bag Trusted application program is included, encryption/decryption module, safe storage service program, communication module, untrusted appoints operating system and eMMC RPMB drivers;
The trusted application program is operated in trusted execution environments, by the user program of security context certification, Access safety data object;
The encryption/decryption module is operated in trusted execution environments, is realized using driving hardware engine or software algorithm Encryption and decryption functions;
The safe storage service program is operated in trusted execution environments, and safe number is provided to trusted application program According to the establishment of object, reading, modification, the function of deleting or store;
The eMMC RPMB drivers operate in untrusted and appointed in performing environment, complete the reading to eMMC RPMB subregions Write.
It can be seen that, secure data store method proposed by the present invention and system pass through the credible performing environments of ARM TrustZone Generation and access to plaintext secure data object are controlled, and prevent from being read or being distorted by untrusted program;Encryption process And its key used is isolated in trusted execution environments, it is impossible to appoint performing environment to obtain by untrusted;Peace after encryption Full data object passes to the eMMC RPMB drivers in untrusted performing environment by shared drive, is driven by eMMC RPMB Traverse completes the access and storage to eMMC RPMB subregions, so as to ensure the safety of data object.
Brief description of the drawings
Fig. 1 is existing secure data storage system and method block diagram;
Fig. 2 is the secure data storage system block diagram of the embodiment of the present invention one;
Fig. 3 is the secured data objects Stored Procedure figure in the embodiment of the present invention two;
Fig. 4 is that the secured data objects in the embodiment of the present invention two read flow chart.
Embodiment
The embodiment of the invention discloses a kind of secure data store method based on ARM TrustZone and system, it is applicable In embedded devices of the eMMC with ARM TrustZone processors and comprising RPMB subregions as storage medium, including but It is not limited only to smart mobile phone, tablet personal computer, intelligent television, top box of digital machine, Internet video player etc..The system includes can Trust performing environment and untrusted appoints performing environment.
Wherein, the trusted execution environments include communication module, trusted application program, safe storage service program and Encryption/decryption module.Trusted execution environments appoint performing environment shared processor time, its operating instruction and data quilt with untrusted Safe memory headroom is placed in, by TrustZone IP insulation blocking, it is to avoid execution environment program malice is appointed by untrusted Attack.
Wherein, the untrusted appoints performing environment to appoint operating system comprising untrusted, and untrusted appoints application program, eMMC RPMB drivers.Untrusted appoints performing environment easily by various attacks, including is possessed the superuser execution of root authority Illegal operation, such as modification instruction and reading user program memory pages.
It is preferred that, the communication module operates in the privileged mode of trusted execution environments, receives to appoint execution from untrusted The request of environment and message transmission, and complete untrusted appoint between performing environment and trusted execution environments context switching, Simultaneously by the mapping to the shared drive page, untrusted is supported to appoint the data between performing environment and trusted execution environments to be total to Enjoy.
Further, during communication module can also complete untrusted times between performing environment and trusted execution environments Disconnected forwarding, it is to avoid the influence that interrupt response latency is caused to respective running environment.
It is preferred that, the trusted application program, including executable ELF files and digital signature information can be from non- Trusted execution environments send into trusted execution environments by shared drive, and signature inspection is carried out to it by trusted execution environments Look into, carry out load and execution after being verified again.
It is preferred that, the safe storage service program, the user model run in trusted execution environments or privilege Pattern.
It is preferred that, the safe storage service program, when receiving the establishment data object request of trusted application program, Specific works step includes:
1) secured data objects of plaintext are created, and are stored in trusted execution environments.
2) encryption/decryption module is called, secured data objects are encrypted using symmetric cryptography mode.
3) software interrupt mode is used, notifies untrusted to appoint the eMMC RPMB drivers in performing environment, and reading is worked as The block address of preceding available eMMC RPMB subregions and write count value.
4) according to RPMB data packet formats, data content is filled, random value and count value is write, and use preset key, led to Cross HMAC SHA256 and calculate message authentication code (MAC).
5) the RPMB packets comprising the secured data objects after encryption and MAC value are inserted shared drive, and using soft Part interrupt mode, notifies untrusted to appoint the eMMC RPMB drivers in performing environment.
It is preferred that, the safe storage service program, when receiving the modification data object request of trusted application program, Specific works step includes:
1) the plaintext secure data object is searched in trusted execution environments, and is modified.
2) encryption/decryption module is called, amended secured data objects are encrypted using symmetric cryptography mode.
3) software interrupt mode is used, notifies untrusted to appoint the eMMC RPMB drivers in performing environment, and reading is worked as The block address of preceding available eMMC RPMB subregions and write count value.
4) according to RPMB data packet formats, data content is filled, random value and count value is write, and use preset key, led to Cross HMAC SHA256 and calculate message authentication code (MAC).
5) the RPMB packets comprising the secured data objects after encryption and MAC value are inserted shared drive, and using soft Part interrupt mode, notifies untrusted to appoint the eMMC RPMB drivers in performing environment.
It is preferred that, the safe storage service program, when receiving the deletion data object request of trusted application program, Specific works step includes:
1) the plaintext secure data object is searched in trusted execution environments, it is found in eMMC according to its mark Block address in RPMB subregions.
2) software interrupt mode is used, notifies untrusted to appoint the eMMC RPMB drivers in performing environment, and reading should EMMC RPMB subregions write count value.
3) according to RPMB data packet formats, fill empty data content, random value and write count value, and using preset close Key, passes through Hash operation message authentication code (Hash-based Message Authentication Code, HMAC) SHA256 Calculate message authentication code (MAC).
4) the RPMB packets comprising empty data and MAC value are inserted shared drive, and uses software interrupt mode, led to Know that untrusted appoints the eMMC RPMB drivers in performing environment.
5) the plaintext secure data object in trusted execution environments is deleted.
It is preferred that, the safe storage service program, when receiving the reading data object request of trusted application program, Specific works step includes:
1) the plaintext secure data object is searched in trusted execution environments, if it is found, then directly returning to its data Contents of object.
If 2) data object content is sky, using software interrupt mode, untrusted is notified to appoint in performing environment EMMC RPMB drivers read secured data objects and eMMC RPMB subregions after the encryption in eMMC RPMB blockettes and returned The message authentication code MAC returned, and insert shared drive.
3) according to RPMB data packet formats, using preset key, message authentication code is recalculated by HMAC SHA256 MAC, and compared with the MAC in shared drive, if it is inconsistent, abandoning the data, error result is returned to trusted application Program.
If 4) consistent, encryption/decryption module is called, the secured data objects in shared drive are symmetrically decrypted.
5) secured data objects after decrypting, are added to the data object list in trusted execution environments, and data Contents of object returns to trusted application program.
It is preferred that, the safe storage service program can also be when system starts, be notified by software interrupt mode Untrusted appoints the eMMC RPMB drivers in performing environment, and the secured data objects on RPMB blockettes are disposably read in, And be decrypted one by one, and be added to data after the inspection of completion message authentication code MAC value in trusted execution environments List object.
It is preferred that, in above-mentioned steps, plaintext secure data object is searched in trusted execution environments, can be from caching Or the datarams page is searched.
It is preferred that, the software interrupt mode in above-mentioned steps can be by being programmed reality to universal interrupt controller GIC It is existing, on monokaryon or multi-core platform, it can be acted on by the interruption forwarding of communication module, complete untrusted and appoint performing environment Quick response of the operating system to the interruption.
It is preferred that, the encryption/decryption module can come real by driving encryption and decryption hardware engine, or using software algorithm Existing encryption and decryption functions.Encryption/decryption module is run in trusted execution environments, while its key, data buffer storage and internal memory for using The page, by trusted execution environments insulation blocking, untrusted appoints performing environment not access.
It is preferred that, the embedded device injects before dispatching from the factory, it is necessary to carry out the programming of the keys of SHA 256 to eMMC RPMB; Key injection programming is that single is effective, can not subsequently be modified again.
It is preferred that, the eMMC RPMB drivers operate in untrusted and appointed in performing environment, its job step includes:
1) when receiving credible performing environment software interrupt, its request type is checked.
2) when needing write-in secured data objects, read from the shared drive page comprising encrypted secured data objects With the RPMB packets of MAC value, and eMMC RPMB subregion block address is write.
3) when needing to read secured data objects, read in from eMMC PRMB subregion block address comprising encrypted peace The RPMB packets of full data object and MAC value, and write shared drive.
Wherein, the eMMC RPMB drivers itself do not manage key, can not also be obtained from eMMC RPMB subregions The key having been injected into is taken, preset same key can not be obtained from trusted execution environments;Therefore, the eMMC RPMB Driver can not use replacement data to produce the MAC value of forgery, can so avoid being cheated by the mode of man-in-the-middle attack EMMC or trusted execution environments, it is ensured that the nonvolatile safe storage of data object.
It is preferred that, the untrusted appoints operating system and untrusted to appoint application program, operates in untrusted performing environment, By TrustZone IP buffer action, it is impossible to access execute instruction in any trusted execution environments, data content or Person's memory pages, therefore can not access or change perhaps any key information in the secured data objects of plaintext;And own Secured data objects in shared drive, its content is encrypted state, is not exposed to untrusted and appoints in performing environment Malicious application, it is ensured that the security isolation of data object during operation.
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under the premise of creative work is not made Embodiment, belongs to the scope of protection of the invention.
Embodiment one:
Present embodiments provide a kind of secure data storage system based on ARM TrustZone.The system uses branch Hold ARM TrustZone processor, and use support RPMB eMMC as memory, it is adaptable to as mobile phone, tablet personal computer, The various consumer electronics embedded platforms such as DTV.Shown in Figure 2, the system software performing environment passes through ARM TrustZone technologies appoint performing environment and trusted execution environments to be isolated into untrusted;Wherein, untrusted appoints performing environment bag Include untrusted and appoint operating system (i.e. normal operating system) and eMMC RPMB drivers;Trusted execution environments include communication Module, trusted application program, safe storage service program and encryption/decryption module are specifically included:
Normal operating system in the present embodiment, which is responsible for providing necessary system interface to various application programs, to be supported, in it Core can handle various external device interrupts and software interrupt, and according to interrupt type, call registered driver.This Embodiment is Linux or Android or other general-purpose operating systems.
EMMC RPMB drivers in the present embodiment operate in normal operating system kernel spacing, and its function is mainly wrapped Include:
1) shared drive is registered in the communication module into trusted execution environments.
2) the normal operating system kernel in performing environment is appointed to register software interrupt handler to untrusted.
3) in processing routine of breaking in software, processing is read or write according to the requirement of trusted execution environments.
4) count value is write from the reading of eMMC RPMB subregions is currently valid, and notifies the safety in trusted execution environments Storage service program.
5) shared drive is accessed, is read or RPMB bag data of the write packet containing the data object after encryption and MAC value.
6) read-write operation to eMMC RPMB blockette data is completed, the order of the RPMB defined in eMMC specifications is performed With response flow, various error handles etc. are completed.
Trusted application program in the present embodiment is the application program Jing Guo safety certification, operates in trusted and performs ring In border, digital copyright management drm service is included but are not limited to, the function such as user's certificate of authority management.The trusted application Program, using the function of safe storage service program, is used during running to create, change, delete and preserve inside Various secured data objects.
Safe storage service program in the present embodiment is operated in trusted execution environments, is carried to trusted application program For service interface, its function mainly includes:
1) managed data object list is inserted there is provided the lookup to specified data object, the function such as deletion.
2) receive request to create of the trusted application program to secured data objects, and be added to data object list.
3) receive modification of the trusted application program to secured data objects to ask, and update the data list object.
4) data removal request of the trusted application program to secured data objects is received, and it is clear from data object list Remove.
5) encryption/decryption module is called, the data object to be stored in data object list is encrypted.
6) count value is write according to what is read in from eMMC RPMB, constructs RPMB packets, calculate message authentication code MAC.
7) the RPMB packets comprising the secured data objects after encryption and MAC value are inserted shared drive, passes through software Interrupt mode, notifies that untrusted performing environment eMMC RPMB drivers are stored.
8) data object and MAC after the encryption in shared drive reading eMMC RPMB subregions, according to RPMB packets Form, calculates from new and checks whether its MAC is effective.
9) secured data objects after encryption are decrypted, and are added to data object list.
Encryption/decryption module in the present embodiment is the hardware enciphering and deciphering engine and its driver of on-chip system, is supported such as The symmetrical encryption and decryption functions such as AES ECB/CTR/CBC, while supporting HMAC_SHA256 to calculate message authentication code.Real system It can be software algorithm module.
Communication module in this implementation, its running environment is privileged mode trusty, and its function mainly includes:
1) request that untrusted appoints performing environment, the various command parameters of parsing general register transmission are received.
2) carry out untrusted and appoint the performing environment shared drive page re-mapping to trusted execution environments, carry out data and be total to Enjoy.
3) various hardware or software interrupt in performing environment is appointed to forward trusted execution environments and untrusted, and It is switched to the corresponding performing environment of the interruption and carries out interrupt processing.
Embodiment two
Present embodiments provide a kind of method of the secure data storage based on ARM TrustZone.
Fig. 3 is the flow chart of secured data objects establishment and storage in this example, and the step includes:
Step 301:In trusted execution environments, trusted application program sends the establishment of secured data objects, modification, The request such as deletion.
Step 302:The processing that safe storage service program is responded according to the request type of trusted application program, tool Body includes:
For request to create, secured data objects are searched, if there is no, then new secured data objects are created, it is no Then return to failure;
For modification request, secured data objects are searched, if it is present, corresponding secured data objects are changed, it is no Then return to failure;
For removal request, secured data objects are searched, if it is present, corresponding secured data objects are deleted, it is no Then return to failure;
List object is updated the data, and result is returned to trusted application program.
Step 303:Periodically, safe storage service program uses AES key, to the secured data objects changed Carry out symmetric cryptography, and can select the different masses pattern such as CBC/CTR/ECB as needed, after the completion of send software interrupt to non- Credible performing environment eMMC RPMB drivers.
Step 304:Software interrupt is forwarded to untrusted by communication module and appoints the untrusted in performing environment to appoint operating system In kernel, so as to call eMMC RPMB drivers, read RPMB and write count value, and insert shared drive.
Step 305:Safe storage service program according to RPMB data packet formats, to the secured data objects after encryption, with Machine value and write count value, and use preset key, pass through HMAC SHA256 and calculate message authentication code (MAC).
Step 306:Safe storage service program is inserted complete packet in shared according to RPMB data packet formats Deposit, and send software interrupt to the eMMC RPMB drivers in untrusted times performing environment.
Step 307:EMMC RPMB drivers read RPMB packets from shared drive, wherein including the peace after encryption Full data object and MAC value, then write RPMB subregions.
Fig. 4 is the flow chart being read out to secured data objects, and the step includes:
Step 401:In trusted execution environments, trusted application program sends the read requests of secured data objects.
Step 402:Safe storage service program looks secured data objects, if it is present, directly returning to the safety Data object.
Step 403:If there is no, then safe storage service program sends software interrupt and appoints performing environment to untrusted In eMMC RPMB drivers.
Step 404:EMMC RPMB drivers read in packet from eMMC RPMB subregions, wherein after comprising encryption Data object content and message authentication code MAC, and insert shared drive.
Step 405:Safe storage service program is recalculated to the data object content after encryption using preset key Message authentication code MAC, and matching is checked whether, if mismatched, illustrate data exception, error result is returned to trusted application Program.
Step 406:After MAC inspections are fitted through, safe storage service program needs to parse RPMB packets, to wherein adding Close data object is decrypted after processing using AES key, is updated and is arrived data object list.
Step 407:Plaintext secure data object after decryption is returned to trusted application program by safe storage service program.
RPMB data packet formats and the idiographic flow for calculating message authentication code, refer in eMMC specifications to eMMC RPMB Description.
Compared with prior art, the beneficial effects of the invention are as follows:By using ARM TrustZone technologies to trusted and Untrusted appoints the separation of performing environment, and the encryption and decryption calculating process of secured data objects is isolated in trusted execution environments, and And the key that uses of encryption process and clear data content are protected in believable memory pages, it is to avoid during operation by it is non-can Trust the risk that performing environment is illegally stolen.Simultaneously when needing storage secured data objects, safe storage service program is can Trust and preset key is used in performing environment, calculate and eMMC RPMB message authentication code MAC are provided, to ensure to eMMC RPMB The legal write-in of subregion;When reading secured data objects, safe storage service program recalculates and compared eMMC RPMB's Message authentication code MAC, it is to avoid data are illegally replaced.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.Herein In apply specific case carried out by lock and has been stated for the principle and embodiment of the present invention, the explanation of above example is only intended to side The method and its core concept of the assistant solution present invention;Simultaneously for those of ordinary skill in the art, the think of according to the present invention Think, will change in specific embodiments and applications.In summary, this specification content should not be construed as pair The limitation of the present invention.Any modification, equivalent substitution and improvements made within the spirit and principles of the invention etc., are included Within the scope of the present invention.

Claims (27)

1. a kind of secure data store method, it is characterised in that the place suitable for supporting ARM trust region TrustZone technologies Device is managed, and uses the embedded multi-media card eMMC for supporting replay protection memory block RPMB subregions as storage medium, the side Method includes:
The secured data objects of trusted application program, safe storage service program and its generation are protected by trusted execution environments Shield;
Safe storage service program provides the foundation and access of secured data objects to trusted application program, and calls encryption and decryption Module secured data objects is encrypted and decrypted processing;
Secured data objects after encryption appoint the eMMC RPMB in performing environment to drive journey by the shared drive page and untrusted Sequence is shared;
Untrusted appoints the eMMC RPMB drivers in performing environment to complete access and storage to eMMC RPMB subregions.
2. according to the method described in claim 1, it is characterised in that the trusted application program and safe storage service program Operationally protected by trusted execution environments, its execute instruction can not be appointed the untrusted in performing environment to appoint application by untrusted Program reads or changed.
3. according to the method described in claim 1, it is characterised in that the secured data objects are operationally performed by trusted Environmental protection is in the memory pages of security isolation, and its clear data content can not be appointed the untrusted in performing environment by untrusted Application program is appointed to read or change.
4. according to the method described in claim 1, it is characterised in that the safe storage service program is to trusted application program The mode of foundation and access for providing secured data objects is:
Trusted application program calls the interface of safe storage service program, the safe number of dynamic creation in trusted execution environments According to object, modification or deleting history secured data objects.
5. according to the method described in claim 1, it is characterised in that the safe storage service routine call encryption/decryption module pair The mode that secured data objects are encrypted is:
Safe storage service program to secure data content carry out object encapsulation, using by trusted execution environments protect it is close Key, and call encryption/decryption module to be encrypted.
6. method according to claim 5, it is characterised in that the mode of the encryption is symmetric cryptography mode.
7. method according to claim 6, it is characterised in that the key that the symmetric cryptography is used should for the trusted It is privately owned close that the key or equipment used with the unsolicited key of program, the safe storage service program inside solidifies Key.
8. according to the method described in claim 1, it is characterised in that the safe storage service program passes through software interrupt mode Untrusted is notified to appoint the eMMC RPMB drivers in performing environment to read and currently write count value.
9. according to the method described in claim 1, it is characterised in that the safe storage service program is right the safety after encryption Image data and count value is write according to RPMB packets fields forms, using preset key, and pass through Hash operation message authentication code HMAC SHA256 algorithms calculate its message authentication code MAC, and construct complete RPMB packets.
10. method according to claim 9, it is characterised in that the preset key is stored in trusted execution environments Safe storage service program inside, it is impossible to by untrusted appoint performing environment obtain.
11. method according to claim 9, it is characterised in that the safe storage service program is complete RPMB numbers Shared drive is inserted according to bag, and notifies untrusted to appoint the untrusted in performing environment to appoint operating system by software interrupt.
12. method according to claim 11, it is characterised in that the untrusted appoints the untrusted in performing environment to appoint behaviour Make after systems inspection software interrupt, call eMMC RPMB drivers, and copy the RPMB packets in shared drive, will RPMB packets write eMMC RPMB subregions.
13. method according to claim 12, it is characterised in that the eMMC RPMB drivers do not allow to know use To produce MAC preset key.
14. method according to claim 13, it is characterised in that eMMC equipment needs to complete preset key when dispatching from the factory Injection, it is described to be injected to single effectively, it can not subsequently rewrite.
15. method according to claim 4, it is characterised in that trusted application program is carried in trusted execution environments For secured data objects mark, the interface of safe storage service program is called, the secured data objects produced are accessed.
16. method according to claim 15, it is characterised in that the safe storage service program is according to secure data pair As the local data object list caching in mark retrieval trusted execution environments, and subsequent treatment is carried out according to result.
17. method according to claim 16, it is characterised in that safe storage service program is in local data object list The corresponding secured data objects of secured data objects mark are retrieved in caching, and the secured data objects are not invalid numbers According to when, return to the data content required for trusted application program.
18. method according to claim 16, it is characterised in that safe storage service program is retrieved not in local cache Corresponding secured data objects are marked to the secured data objects;Or can retrieve corresponding to secured data objects mark Secured data objects, but its state is when being invalid data, notifies untrusted is appointed non-in performing environment by traps mode Trusted operating system.
19. method according to claim 18, it is characterised in that the untrusted appoints the untrusted in performing environment to appoint behaviour Received as system after traps, call eMMC RPMB drivers, from eMMCRPMB subregions read encryption after data object with And the MAC value that eMMC RPMB subregions are returned, insert shared drive.
20. method according to claim 16, it is characterised in that safe storage service program is read from shared drive to be added Close data object, and call encryption/decryption module that processing is decrypted, the plaintext secure data object after decryption is stored in credible Appoint the memory pages in performing environment.
21. method according to claim 16, it is characterised in that safe storage service program returns to trusted application journey The plaintext secure data object that sequence needs, and trusted application program is necessary to ensure that the plaintext secure data object content will not Being exposed to untrusted appoints the untrusted in performing environment to appoint operating system or untrusted to appoint application program.
22. a kind of secure data storage system, it is characterised in that the system operation is supporting ARM trust regions TrustZone On the processor of technology, and the embedded multi-media card eMMC of replay protection memory block RPMB subregions is used to be situated between as storage Matter, the system includes trusted application program, and encryption/decryption module, safe storage service program, communication module, untrusted appoints behaviour Make system and eMMC RPMB drivers;
The trusted application program is operated in trusted execution environments, by the user program of security context certification, is accessed Secured data objects;
The encryption/decryption module is operated in trusted execution environments, is realized using driving hardware engine or software algorithm plus solution Close function;
The safe storage service program is operated in trusted execution environments, and secure data pair is provided to trusted application program The establishment of elephant, reading, modification, the function of deleting or store;
The eMMC RPMB drivers operate in untrusted and appointed in performing environment, complete the read-write to eMMC RPMB subregions.
23. system according to claim 22, it is characterised in that the communication module, completes trusted execution environments and arrives Untrusted appoints the switching of performing environment, context to preserve and recover, and handles the mapping of the shared drive page, and interrupt it is non-can Trust the forwarding between performing environment and trusted execution environments.
24. system according to claim 22, it is characterised in that the safe storage service program maintenance trusted is performed There is provided the quick-searching function to secured data objects for environment local security data object list caching.
25. system according to claim 22, it is characterised in that the safe storage service program is responsible for calling encryption and decryption Module, completes the function to the encrypted data objects decryption in shared drive, and be saved in local in trusted execution environments Secured data objects list.
26. system according to claim 22, it is characterised in that the safe storage service program is responsible for calling encryption and decryption Module, completes the function to the clear data object encryption of trusted execution environments memory pages, and insert in shared drive.
27. system according to claim 22, it is characterised in that the untrusted appoints operating system to appoint in untrusted There is provided the basic running environment that untrusted appoints application program in performing environment, the interruption that safe storage service program is produced is responded Processing.
CN201410619453.2A 2014-11-06 2014-11-06 A kind of secure data store method and system Active CN104392188B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410619453.2A CN104392188B (en) 2014-11-06 2014-11-06 A kind of secure data store method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410619453.2A CN104392188B (en) 2014-11-06 2014-11-06 A kind of secure data store method and system

Publications (2)

Publication Number Publication Date
CN104392188A CN104392188A (en) 2015-03-04
CN104392188B true CN104392188B (en) 2017-10-27

Family

ID=52610090

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410619453.2A Active CN104392188B (en) 2014-11-06 2014-11-06 A kind of secure data store method and system

Country Status (1)

Country Link
CN (1) CN104392188B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110442462A (en) * 2019-07-16 2019-11-12 阿里巴巴集团控股有限公司 Multi-thread data transmission method and device in TEE system

Families Citing this family (56)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106156229A (en) * 2015-04-27 2016-11-23 宇龙计算机通信科技(深圳)有限公司 The processing method of file, device and terminal in a kind of multiple operating system terminal
CN104980338A (en) * 2015-05-12 2015-10-14 上海斐讯数据通信技术有限公司 Enterprise instant messaging security application system based on mobile intelligent terminal
KR102130744B1 (en) * 2015-07-21 2020-07-06 삼성전자주식회사 Display device and Method for controlling the display device thereof
CN106411814B (en) * 2015-07-27 2019-12-06 深圳市中兴微电子技术有限公司 policy management method and system
CN105138930A (en) * 2015-08-12 2015-12-09 山东超越数控电子有限公司 Encryption system and encryption method based on TrustZone
CN105068891B (en) * 2015-08-14 2020-09-29 Tcl移动通信科技(宁波)有限公司 Method and terminal for repairing eMMC file
CN105138904B (en) * 2015-08-25 2018-06-15 华为技术有限公司 A kind of access control method and device
CN106534047B (en) * 2015-09-10 2019-06-21 阿里巴巴集团控股有限公司 A kind of information transferring method and device based on Trust application
CN105260663B (en) * 2015-09-15 2017-12-01 中国科学院信息工程研究所 A kind of safe storage service system and method based on TrustZone technologies
CN105447406B (en) * 2015-11-10 2018-10-19 华为技术有限公司 A kind of method and apparatus for accessing memory space
CN105468980B (en) * 2015-11-16 2018-07-03 华为技术有限公司 The method, apparatus and system of a kind of security management and control
CN110059500A (en) 2015-11-30 2019-07-26 华为技术有限公司 User interface switching method and terminal
CN106845174B (en) * 2015-12-03 2020-07-10 福州瑞芯微电子股份有限公司 Application authority management method and system under security system
CN106897584A (en) * 2015-12-21 2017-06-27 上海交通大学 Onboard system digital copyright management method and system based on architectural feature
CN106936774B (en) * 2015-12-29 2020-02-18 中国电信股份有限公司 Authentication method and system in trusted execution environment
CN109996114B (en) * 2016-01-04 2021-02-26 华为技术有限公司 Method and device for controlling video output and control circuit
US11424931B2 (en) * 2016-01-27 2022-08-23 Blackberry Limited Trusted execution environment
CN107305607B (en) * 2016-04-18 2019-12-03 大唐半导体设计有限公司 One kind preventing the independently operated method and apparatus of backstage rogue program
CN106056380A (en) * 2016-05-27 2016-10-26 深圳市雪球科技有限公司 Mobile payment risk control system and mobile payment risk control method
CN106354687B (en) * 2016-08-29 2020-01-03 珠海市魅族科技有限公司 Data transmission method and system
CN107808687B (en) 2016-09-08 2021-01-29 京东方科技集团股份有限公司 Medical data acquisition method, processing method, cluster processing system and method
CN106384042B (en) * 2016-09-13 2019-06-04 北京豆荚科技有限公司 A kind of electronic equipment and security system
EP3534583B1 (en) * 2016-11-15 2021-01-06 Huawei Technologies Co., Ltd. Secure processor chip and terminal device
CN106453398B (en) * 2016-11-22 2019-07-09 北京安云世纪科技有限公司 A kind of data encryption system and method
CN107066331B (en) * 2016-12-20 2021-05-18 华为技术有限公司 TrustZone-based resource allocation method and equipment
CN108268303A (en) * 2017-01-03 2018-07-10 北京润信恒达科技有限公司 A kind of operation requests method, apparatus and system
CN108429719B (en) * 2017-02-14 2020-12-01 华为技术有限公司 Key protection method and device
CN107103257B (en) * 2017-05-16 2020-06-16 陕西国博政通信息科技有限公司 Computer intrusion prevention method
CN107426192A (en) * 2017-06-29 2017-12-01 环球智达科技(北京)有限公司 Method of data synchronization for multi-process
CN109426742B (en) * 2017-08-23 2022-04-22 深圳市中兴微电子技术有限公司 Trusted execution environment-based dynamic management system and method for secure memory
CN107545185A (en) * 2017-08-24 2018-01-05 上海与德科技有限公司 Android mobile terminal administration authority detection method, device, terminal and storage medium
CN109783245B (en) * 2017-11-13 2023-07-18 厦门雅迅网络股份有限公司 Data interaction method and system based on dual-system shared memory
CN108154032B (en) * 2017-11-16 2021-07-30 中国科学院软件研究所 Computer system trust root construction method with memory integrity guarantee function
CN109905233B (en) * 2017-12-08 2022-07-29 阿里巴巴集团控股有限公司 Equipment data processing method and system
CN108255644B (en) * 2017-12-29 2021-12-31 北京元心科技有限公司 File system recovery method and device
KR102501776B1 (en) 2018-01-31 2023-02-21 에스케이하이닉스 주식회사 Storage device and operating method thereof
CN108270574B (en) * 2018-02-11 2021-02-09 浙江中控技术股份有限公司 Safe loading method and device for white list library file
KR20190099693A (en) * 2018-02-19 2019-08-28 에스케이하이닉스 주식회사 Memory system and operating method thereof
WO2019212579A1 (en) * 2018-04-30 2019-11-07 Google Llc Managing enclave creation through a uniform enclave interface
CN111566989B (en) * 2018-06-14 2022-06-07 华为技术有限公司 Key processing method and device
CN112088376A (en) * 2018-06-30 2020-12-15 华为技术有限公司 File storage method and device and storage medium
CN109063516B (en) * 2018-07-27 2020-12-04 杭州中天微系统有限公司 Data processor
CN111105777B (en) * 2018-10-25 2023-10-31 阿里巴巴集团控股有限公司 Voice data acquisition and playing method and device, key package updating method and device and storage medium
CN109558743A (en) * 2018-11-27 2019-04-02 广州供电局有限公司 Data guard method, device, computer equipment and the storage medium of mobile terminal
WO2020186457A1 (en) * 2019-03-19 2020-09-24 华为技术有限公司 Authentication method and apparatus for ip camera
CN110266651B (en) * 2019-05-28 2021-07-13 创新先进技术有限公司 Internet of things equipment and method for same
CN110427274B (en) * 2019-07-16 2020-07-17 阿里巴巴集团控股有限公司 Data transmission method and device in TEE system
CN110399235B (en) 2019-07-16 2020-07-28 阿里巴巴集团控股有限公司 Multithreading data transmission method and device in TEE system
US10699015B1 (en) 2020-01-10 2020-06-30 Alibaba Group Holding Limited Method and apparatus for data transmission in a tee system
US11003785B2 (en) 2019-07-16 2021-05-11 Advanced New Technologies Co., Ltd. Data transmission method and apparatus in tee systems
CN110443078B (en) * 2019-07-19 2021-05-28 南京芯驰半导体科技有限公司 Security storage system based on privilege hierarchy
CN110704839A (en) * 2019-08-05 2020-01-17 慧镕电子系统工程股份有限公司 Data encryption protection method based on national cryptographic algorithm
CN110598384B (en) * 2019-09-16 2022-02-22 Oppo(重庆)智能科技有限公司 Information protection method, information protection device and mobile terminal
CN111143857B (en) * 2019-12-27 2022-04-22 达闼机器人有限公司 Data sharing method, robot controller and storage medium
CN113239347B (en) * 2021-06-18 2022-06-28 上海交通大学 Starting method and device suitable for TEE security application example
CN113810382B (en) * 2021-08-24 2023-07-11 东北大学秦皇岛分校 Ciphertext loading method for resisting SGX side channel attack

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101477612A (en) * 2008-01-02 2009-07-08 Arm有限公司 Protecting the security of secure data sent from a central processor for processing by a further processing device
CN104091135A (en) * 2014-02-24 2014-10-08 电子科技大学 Safety system and safety storage method of intelligent terminal

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101477612A (en) * 2008-01-02 2009-07-08 Arm有限公司 Protecting the security of secure data sent from a central processor for processing by a further processing device
CN104091135A (en) * 2014-02-24 2014-10-08 电子科技大学 Safety system and safety storage method of intelligent terminal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ARM TrustZone安全隔离技术研究与应用;王熙友;《中国优秀硕士学位论文全文数据库 信息科技辑》;20140115;I136-387 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110442462A (en) * 2019-07-16 2019-11-12 阿里巴巴集团控股有限公司 Multi-thread data transmission method and device in TEE system

Also Published As

Publication number Publication date
CN104392188A (en) 2015-03-04

Similar Documents

Publication Publication Date Title
CN104392188B (en) A kind of secure data store method and system
EP3314808B1 (en) Binding a trusted input session to a trusted output session
CA2481569C (en) Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
US7136488B2 (en) Microprocessor using asynchronous public key decryption processing
US11218299B2 (en) Software encryption
EP2696305B1 (en) Method and device for file protection
WO2022028289A1 (en) Data encryption method and apparatus, data decryption method and apparatus, terminal, and storage medium
US20090019290A1 (en) Method and central processing unit for processing encrypted software
CN104335548A (en) Secure data processing
JP4282472B2 (en) Microprocessor
WO2017105704A1 (en) Bidirectional cryptographic io for data streams
CN109697366A (en) A kind of Android file transparent encipher-decipher method based on hook
US9122504B2 (en) Apparatus and method for encryption in virtualized environment using auxiliary medium
CN103532712A (en) Digital media file protection method, system and client
US20220206961A1 (en) Architecture, system and methods thereof for secure computing using hardware security classifications
CN111542050B (en) TEE-based method for guaranteeing remote initialization safety of virtual SIM card
CN105046174A (en) Disk data protection method and system
EP3009952A1 (en) System and method for protecting a device against attacks on procedure calls by encrypting arguments
Szefer Memory protections
CN117150521A (en) Transparent encryption and decryption method and device for universal encryption card
CA2638955C (en) Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
WO2008074472A2 (en) Driver apparatus and application for securing communication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant