CN105631314A - Execution environment switching method of terminal, execution environment switching system of terminal, and terminal - Google Patents
Execution environment switching method of terminal, execution environment switching system of terminal, and terminal Download PDFInfo
- Publication number
- CN105631314A CN105631314A CN201510200483.4A CN201510200483A CN105631314A CN 105631314 A CN105631314 A CN 105631314A CN 201510200483 A CN201510200483 A CN 201510200483A CN 105631314 A CN105631314 A CN 105631314A
- Authority
- CN
- China
- Prior art keywords
- execution environment
- terminal
- authentication server
- judged result
- checking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides an execution environment switching method of a terminal, an execution environment switching system of the terminal, and the terminal. The method comprises the following steps of sending a verification request to a verification server of the terminal or an external verification server connected with the terminal according to a switching request from the process; and determining whether to enter a target execution environment or not from a current execution environment or not according to the judging result from the verification server or the external verification server, wherein the security grade of the current execution environment is lower than the target execution environment. By using the technical scheme, the conditions of malicious access to a monitor and the chance of switching to the secure execution environment to access system secure resources and to threaten the user sensitive properties can be effectively prevented; further, the security of the system is effectively improved; the leakage of security information is avoided; and the user experience is improved.
Description
Technical field
The present invention relates to field of terminal technology, in particular to a kind of environment changing method that performs of terminal, the execution environment changing system of a kind of terminal and a kind of terminal.
Background technology
At present, in order to solve the credible switching between secure execution environments and common execution environment, introducing a special mechanism monitors device pattern, Monitor (watch-dog) as shown in Figure 1, the task of Monitor primary responsibility is exactly that management difference performs the switching between environment. Each processor core with TrustZone (ARM is for the safe proposed a kind of framework of consumer-elcetronics devices) security extension has two virtual processor core, each processor core adheres to different execution environment (secure execution environments and non-security execution environment) separately, ensureing that non-security virtual processor is only capable of accessing non-security system resource by the coordination of monitoring module, secure virtual processor can access all of resource.
The working mechanism of watch-dog is particularly as follows: be in safe condition or non-secure states to distinguish current system, the CP15 coprocessor of the arm processor with TrustZone security extension has a secure configuration registers (SCR), this depositor has a NS position (non-security flag), for indicating the state of current system, if NS is 1, then current system is in non-secure states; If NS is 0, then it represents that current system is in a safe condition. And, only watch-dog could change the NS position of secure configuration registers, say, that the process of common execution environment wants to access secure system resources, it is necessary to be introduced into watch-dog, it is 0 by watch-dog by the NS position of secure configuration registers, is switched to secure execution environments.
Under normal circumstances, the process in common execution environment wants to enter watch-dog, has following three kinds of modes:
(1) SMC instruction (special instruction, watch-dog routine can be called by it) is performed;
(2) outside termination, including prefetching outside termination and data external termination, outside termination is to occur when accessing storage system, but will not by MMU (MemoryManagementUnit, memory management unit) exception that detects, when typically occurring in the resource that conventional environment accesses security context;
(3) interrupt, interrupt including FIQ (FastInterruptRequest, fast interrupt requests) and IRQ (InterruptRequest, interrupt requests) interrupts.
Process in common execution environment, watch-dog pattern can be entered by three of the above mode, and the exception handler of trigger monitor, the concrete function of watch-dog can be defined by software developer, but the switching performing environment will carry out in watch-dog, say, that can only revise the NS position of secure configuration registers (SCR) in watch-dog.
The existing handover scheme being carried out common execution environment and secure execution environments by watch-dog Monitor, have the following disadvantages: the safety of watch-dog can not be guaranteed, any software is interrupted by SMC instruction, outside termination or FIQ, IRQ, can enter in the middle of watch-dog, this also makes malicious code have an opportunity to be performed in watch-dog, have an opportunity to revise the NS position of secure configuration registers (SCR), thus switch to secure execution environments, access security of system resource.
Therefore, how improving the safety of system, it is prevented that Malware enters watch-dog, malice is switched to secure execution environments, and then accesses security of system resource, and threat user's sensitive assets becomes technical problem urgently to be resolved hurrily.
Summary of the invention
The present invention is based on the problems referred to above, propose a kind of new technical scheme, by the proof procedure of client/server, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it being effectively improved the safety of system, it is to avoid safety information leaks, and improves Consumer's Experience.
In view of this, an aspect of of the present present invention proposes a kind of execution environment changing method of terminal, environment is performed for terminal switching, including: according to the handover request from the process in described terminal, send checking request to the authentication server of described terminal or the external authentication server that is connected with described terminal; According to the judged result from described authentication server or described external authentication server, determine whether to switch to described target execution environment from current execution environment, wherein, the safe class of described current execution environment is lower than the safe class of described target execution environment.
In this technical scheme, when terminal there being process application enter watch-dog pattern, namely attempt from current execution environment (common execution environment) switch to target execution environment (secure execution environments) time, judged by the authentication server of terminal or the external authentication server that is connected with terminal, determine whether to be switched to target execution environment from current execution environment according to judged result, so, by the proof procedure of server, the process that application enters watch-dog pattern carries out strict checking and checks on, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, safety information is avoided to leak, improve Consumer's Experience. wherein, the safe class of current execution environment is lower than the safe class of target execution environment.
In technique scheme, it is preferable that described in determine whether to switch to target execution environment from current execution environment, specifically include: when described judged result is for being, switch to described target execution environment from described current execution environment; When described judged result is no, forbids switching to described target execution environment from described current execution environment, and send prompting.
In this technical scheme, when the authentication server of terminal or the judged result of external server are for being, namely when process can enter watch-dog pattern and revise NS position, then process can enter watch-dog and be switched to target execution environment from current execution environment, otherwise, it is prohibited from entering watch-dog and is switched to target execution environment from current execution environment, and send prompting when forbidding and switching, so, may insure that application enters credibility and the safety of the process of watch-dog pattern, and then guarantee the safety of terminal system.
In technique scheme, preferably, described determine whether to switch to target execution environment from current execution environment before, also include: control described authentication server or described external authentication server according to described checking request judge whether described process belongs to trusted process data base; And control described authentication server or described external authentication server described judged result is encrypted after feed back to described terminal.
In this technical scheme, judge whether the process of request entrance watch-dog pattern belongs to the trusted process data base of authentication server by the authentication server of terminal or external authentication server according to checking request, and feed back to terminal after will determine that result encryption, so that terminal determines whether to switch to target execution environment from current execution environment according to judged result, so, may insure that the judged result that authentication server feeds back is not held as a hostage and revises, further ensure that application enters the credibility of the process of watch-dog pattern, to ensure to switch to accuracy and the safety of target execution environment from current execution environment.
In technique scheme, it is preferable that also include: control described process according to described prompting and carry out registration checking to described authentication server or described external authentication server, for entering described trusted process data base.
In this technical scheme, when judge application enter watch-dog pattern namely from current execution environment switch to the process of target execution environment be not belonging to credible carry out data base time, registration checking can be carried out according to authentication server or the external authentication server of judged result prompting this process of control to terminal, by authentication server being rigid in checking up to the trust authentication of process, the integrity of trusted process data base can be effectively ensured, and then improve the efficiency performing environment changing and the safety of terminal.
In technique scheme, it is preferable that by the checking client of described terminal, described checking request is sent to described authentication server or described external authentication server.
In this technical scheme, when receiving the handover request from process, checking request is sent by the checking client of the terminal authentication server to terminal or external server, so, by the proof procedure of client/server, it is possible to be effectively prevented watch-dog and maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it being effectively improved the safety of system, it is to avoid safety information leaks, and improves Consumer's Experience.
In technique scheme, it is preferable that the mode of described prompting includes: sound, word and/or image.
In this technical scheme, when the process judged in terminal is not belonging to the trusted process data base of the authentication server of terminal or external authentication server, prompting can be provided by the mode of sound, word, image or combination, prompting reply process carries out trust authentication in advance, certainly, the mode of prompting includes but not limited to above several.
Another aspect of the present invention proposes the execution environment changing system of a kind of terminal, environment is performed for terminal switching, including: sending module, for according to from the handover request of the process in described terminal, send checking to the authentication server of described terminal or the external authentication server that is connected with described terminal and ask; Handover module, for according to the judged result from described authentication server or described external authentication server, determining whether to switch to target execution environment from current execution environment, wherein, the safe class of described current execution environment is lower than the safe class of described target execution environment.
In this technical scheme, when terminal there being process application enter watch-dog pattern, namely attempt from current execution environment (common execution environment) switch to target execution environment (secure execution environments) time, judged by the authentication server of terminal or the external authentication server that is connected with terminal, determine whether to be switched to target execution environment from current execution environment according to judged result, so, by the proof procedure of server, the process that application enters watch-dog pattern carries out strict checking and checks on, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, safety information is avoided to leak, improve Consumer's Experience. wherein, the safe class of current execution environment is lower than the safe class of target execution environment.
In technique scheme, it is preferable that described handover module specifically for: when described judged result is for being, control switch to described target execution environment from described current execution environment; When described judged result is no, controls to forbid switching to described target execution environment from described current execution environment, and send prompting.
In this technical scheme, when the authentication server of terminal or the judged result of external server are for being, namely when process can enter watch-dog pattern and revise NS position, then process can enter watch-dog and be switched to target execution environment from current execution environment, otherwise, it is prohibited from entering watch-dog and is switched to target execution environment from current execution environment, and send prompting when forbidding and switching, so, may insure that application enters credibility and the safety of the process of watch-dog pattern, and then guarantee the safety of terminal system.
In technique scheme, it is preferable that also include: control module, it is used for controlling described authentication server or described external authentication server and judges whether described process belongs to trusted process data base according to described checking request; And be additionally operable to: control described authentication server or described external authentication server described judged result is encrypted after feed back to described terminal.
In this technical scheme, judge whether the process of request entrance watch-dog pattern belongs to the trusted process data base of authentication server by the authentication server of terminal or external authentication server according to checking request, and feed back to terminal after will determine that result encryption, so that terminal determines whether to switch to target execution environment from current execution environment according to judged result, so, may insure that the judged result that authentication server feeds back is not held as a hostage and revises, further ensure that application enters the credibility of the process of watch-dog pattern, to ensure to switch to accuracy and the safety of target execution environment from current execution environment.
In technique scheme, it is preferable that described control module is additionally operable to: control described process according to described prompting and carry out registration checking to described authentication server or described external authentication server, for entering described trusted process data base.
In this technical scheme, when judge application enter watch-dog pattern namely from current execution environment switch to the process of target execution environment be not belonging to credible carry out data base time, registration checking can be carried out according to authentication server or the external authentication server of judged result prompting this process of control to terminal, by authentication server being rigid in checking up to the trust authentication of process, the integrity of trusted process data base can be effectively ensured, and then improve the efficiency performing environment changing and the safety of terminal.
In technique scheme, it is preferable that described sending module is additionally operable to: control to be sent described checking request to described authentication server or described external authentication server by the checking client of described terminal.
In this technical scheme, when receiving the handover request from process, checking request is sent by the checking client of the terminal authentication server to terminal or external server, so, by the proof procedure of client/server, it is possible to be effectively prevented watch-dog and maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it being effectively improved the safety of system, it is to avoid safety information leaks, and improves Consumer's Experience.
In technique scheme, it is preferable that the mode of described prompting includes: sound, word and/or image.
In this technical scheme, when the process judged in terminal is not belonging to the trusted process data base of the authentication server of terminal or external authentication server, prompting can be provided by the mode of sound, word, image or combination, prompting reply process carries out trust authentication in advance, certainly, the mode of prompting includes but not limited to above several.
Another aspect of the present invention proposes a kind of terminal, including the execution environment changing system of the terminal described in as above any one technical scheme.
When terminal there being process application enter watch-dog pattern, namely attempt from current execution environment (common execution environment) switch to target execution environment (secure execution environments) time, judged by the authentication server of terminal or the external authentication server that is connected with terminal, determine whether to be switched to target execution environment from current execution environment according to judged result, so, by the proof procedure of server, the process that application enters watch-dog pattern carries out strict checking and checks on, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, safety information is avoided to leak, improve Consumer's Experience. wherein, the safe class of current execution environment is lower than the safe class of target execution environment.
Pass through technical scheme, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then be effectively improved the safety of system, avoid safety information to leak, improve Consumer's Experience.
Accompanying drawing explanation
Fig. 1 illustrates the schematic flow sheet performing environment changing method of the terminal in correlation technique;
Fig. 2 illustrates the schematic flow sheet performing environment changing method of terminal according to an embodiment of the invention;
Fig. 3 illustrates the structural representation performing environment changing system of terminal according to an embodiment of the invention;
Fig. 4 illustrates the structural representation of terminal according to an embodiment of the invention;
Fig. 5 illustrates the schematic flow sheet performing environment changing method of terminal according to another embodiment of the invention;
Fig. 6 illustrates another schematic flow sheet performing environment changing method of terminal according to another embodiment of the invention.
Detailed description of the invention
In order to the above-mentioned purpose of the present invention, feature and advantage can be more clearly understood that, below in conjunction with the drawings and specific embodiments, the present invention is further described in detail. It should be noted that when not conflicting, embodiments herein and the feature in embodiment can be mutually combined.
Elaborate a lot of detail in the following description so that fully understanding the present invention; but; the present invention can also adopt other to be different from other modes described here to implement, and therefore, protection scope of the present invention is by the restriction of following public specific embodiment.
Fig. 2 illustrates the schematic flow sheet performing environment changing method of terminal according to an embodiment of the invention.
As shown in Figure 2, the execution environment changing method of terminal according to an embodiment of the invention, environment is performed for terminal switching, including: step 102, according to the handover request from the process in described terminal, send checking request to the authentication server of described terminal or the external authentication server that is connected with described terminal; Step 104, according to the judged result from described authentication server or described external authentication server, determining whether to switch to described target execution environment from current execution environment, wherein, the safe class of described current execution environment is lower than the safe class of described target execution environment.
In this technical scheme, when terminal there being process application enter watch-dog pattern, namely attempt from current execution environment (common execution environment) switch to target execution environment (secure execution environments) time, judged by the authentication server of terminal or the external authentication server that is connected with terminal, determine whether to be switched to target execution environment from current execution environment according to judged result, so, by the proof procedure of server, the process that application enters watch-dog pattern carries out strict checking and checks on, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, safety information is avoided to leak, improve Consumer's Experience. wherein, the safe class of current execution environment is lower than the safe class of target execution environment.
In technique scheme, it is preferable that described in determine whether to switch to target execution environment from current execution environment, specifically include: when described judged result is for being, switch to described target execution environment from described current execution environment; When described judged result is no, forbids switching to described target execution environment from described current execution environment, and send prompting.
In this technical scheme, when the authentication server of terminal or the judged result of external server are for being, namely when process can enter watch-dog pattern and revise NS position, then process can enter watch-dog and be switched to target execution environment from current execution environment, otherwise, it is prohibited from entering watch-dog and is switched to target execution environment from current execution environment, and send prompting when forbidding and switching, so, may insure that application enters credibility and the safety of the process of watch-dog pattern, and then guarantee the safety of terminal system.
In technique scheme, preferably, described determine whether to switch to target execution environment from current execution environment before, also include: control described authentication server or described external authentication server according to described checking request judge whether described process belongs to trusted process data base; And control described authentication server or described external authentication server described judged result is encrypted after feed back to described terminal.
In this technical scheme, judge whether the process of request entrance watch-dog pattern belongs to the trusted process data base of authentication server by the authentication server of terminal or external authentication server according to checking request, and feed back to terminal after will determine that result encryption, so that terminal determines whether to switch to target execution environment from current execution environment according to judged result, so, may insure that the judged result that authentication server feeds back is not held as a hostage and revises, further ensure that application enters the credibility of the process of watch-dog pattern, to ensure to switch to accuracy and the safety of target execution environment from current execution environment.
In technique scheme, it is preferable that also include: control described process according to described prompting and carry out registration checking to described authentication server or described external authentication server, for entering described trusted process data base.
In this technical scheme, when judge application enter watch-dog pattern namely from current execution environment switch to the process of target execution environment be not belonging to credible carry out data base time, registration checking can be carried out according to authentication server or the external authentication server of judged result prompting this process of control to terminal, by authentication server being rigid in checking up to the trust authentication of process, the integrity of trusted process data base can be effectively ensured, and then improve the efficiency performing environment changing and the safety of terminal.
In technique scheme, it is preferable that by the checking client of described terminal, described checking request is sent to described authentication server or described external authentication server.
In this technical scheme, when receiving the handover request from process, checking request is sent by the checking client of the terminal authentication server to terminal or external server, so, by the proof procedure of client/server, it is possible to be effectively prevented watch-dog and maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it being effectively improved the safety of system, it is to avoid safety information leaks, and improves Consumer's Experience.
In technique scheme, it is preferable that the mode of described prompting includes: sound, word and/or image.
In this technical scheme, when the process judged in terminal is not belonging to the trusted process data base of the authentication server of terminal or external authentication server, prompting can be provided by the mode of sound, word, image or combination, prompting reply process carries out trust authentication in advance, certainly, the mode of prompting includes but not limited to above several.
Fig. 3 illustrates the structural representation performing environment changing system of terminal according to an embodiment of the invention.
As shown in Figure 3, the execution environment changing system 300 of terminal according to an embodiment of the invention, environment is performed for terminal switching, including: sending module 302, for according to from the handover request of the process in described terminal, send checking to the authentication server of described terminal or the external authentication server that is connected with described terminal and ask; Handover module 304, for according to the judged result from described authentication server or described external authentication server, determining whether to switch to described target execution environment from current execution environment, wherein, the safe class of described current execution environment is lower than the safe class of described target execution environment.
In this technical scheme, when terminal there being process application enter watch-dog pattern, namely attempt from current execution environment (common execution environment) switch to target execution environment (secure execution environments) time, judged by the authentication server of terminal or the external authentication server that is connected with terminal, determine whether to be switched to target execution environment from current execution environment according to judged result, so, by the proof procedure of server, the process that application enters watch-dog pattern carries out strict checking and checks on, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, safety information is avoided to leak, improve Consumer's Experience. wherein, the safe class of current execution environment is lower than the safe class of target execution environment.
In technique scheme, it is preferable that described handover module 304 specifically for: when described judged result is for being, control switch to described target execution environment from described current execution environment; When described judged result is no, controls to forbid switching to described target execution environment from described current execution environment, and send prompting.
In this technical scheme, when the authentication server of terminal or the judged result of external server are for being, namely when process can enter watch-dog pattern and revise NS position, then process can enter watch-dog and be switched to target execution environment from current execution environment, otherwise, it is prohibited from entering watch-dog and is switched to target execution environment from current execution environment, and send prompting when forbidding and switching, so, may insure that application enters credibility and the safety of the process of watch-dog pattern, and then guarantee the safety of terminal system.
In technique scheme, it is preferable that also include: control module 306, it is used for controlling described authentication server or described external authentication server and judges whether described process belongs to trusted process data base according to described checking request; And be additionally operable to: control described authentication server or described external authentication server described judged result is encrypted after feed back to described terminal.
In this technical scheme, judge whether the process of request entrance watch-dog pattern belongs to the trusted process data base of authentication server by the authentication server of terminal or external authentication server according to checking request, and feed back to terminal after will determine that result encryption, so that terminal determines whether to switch to target execution environment from current execution environment according to judged result, so, may insure that the judged result that authentication server feeds back is not held as a hostage and revises, further ensure that application enters the credibility of the process of watch-dog pattern, to ensure to switch to accuracy and the safety of target execution environment from current execution environment.
In technique scheme, it is preferable that described control module 306 is additionally operable to: control described process according to described prompting and carry out registration checking to described authentication server or described external authentication server, for entering described trusted process data base.
In this technical scheme, when judge application enter watch-dog pattern namely from current execution environment switch to the process of target execution environment be not belonging to credible carry out data base time, registration checking can be carried out according to authentication server or the external authentication server of judged result prompting this process of control to terminal, by authentication server being rigid in checking up to the trust authentication of process, the integrity of trusted process data base can be effectively ensured, and then improve the efficiency performing environment changing and the safety of terminal.
In technique scheme, it is preferable that described sending module 302 is additionally operable to: control to be sent described checking request to described authentication server or described external authentication server by the checking client of described terminal.
In this technical scheme, when receiving the handover request from process, checking request is sent by the checking client of the terminal authentication server to terminal or external server, so, by the proof procedure of client/server, it is possible to be effectively prevented watch-dog and maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it being effectively improved the safety of system, it is to avoid safety information leaks, and improves Consumer's Experience.
In technique scheme, it is preferable that the mode of described prompting includes: sound, word and/or image.
In this technical scheme, when the process judged in terminal is not belonging to the trusted process data base of the authentication server of terminal or external authentication server, prompting can be provided by the mode of sound, word, image or combination, prompting reply process carries out trust authentication in advance, certainly, the mode of prompting includes but not limited to above several.
Fig. 4 illustrates the structural representation of terminal according to an embodiment of the invention.
As shown in Figure 4, terminal 400 according to an embodiment of the invention, including the execution environment changing system 300 of the terminal described in as above any one technical scheme.
When terminal 400 there being process application enter watch-dog pattern, namely attempt from current execution environment (common execution environment) switch to target execution environment (secure execution environments) time, judged by the authentication server of terminal 400 or the external authentication server that is connected with terminal 400, determine whether to be switched to target execution environment from current execution environment according to judged result, so, by the proof procedure of server, the process that application enters watch-dog pattern carries out strict checking and checks on, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, safety information is avoided to leak, improve Consumer's Experience. wherein, the safe class of current execution environment is lower than the safe class of target execution environment.
Fig. 5 illustrates the schematic flow sheet performing environment changing method of terminal according to another embodiment of the invention.
Fig. 6 illustrates another schematic flow sheet performing environment changing method of terminal according to another embodiment of the invention.
As shown in Figure 5 and Figure 6, the idiographic flow performing environment changing method of terminal according to another embodiment of the invention includes:
(1) process application enters watch-dog pattern (by any one mode application of SMC, IRQ, FIQ three), namely sends handover request;
(2) checking client of terminal sends checking request to the authentication server of terminal;
(3) the trusted process data base of queries oneself, inquire about whether this process can trust, whether the process namely judging whether to enter watch-dog pattern advances to server and has registered, server needs to carry out strict checking on simultaneously, it is ensured that do not allow any suspicious process add in the trust data storehouse of oneself;
(4) authentication server returns the Query Result of oneself to checking client, return true (YES) and represent that this process is a believable process, watch-dog pattern can be entered, return false (no) and represent that this process is but without carrying out server authentication, it is incredible, it should refuse it and enter watch-dog pattern;
(5) Query Result that checking client returns according to authentication server, select, if server returns true (YES), this process is then allowed to enter watch-dog pattern, to carry out performing environment changing, otherwise provide prompting, illustrate to need to go authentication server to carry out trust authentication in advance, and refuse its entrance watch-dog pattern.
And, the communication process of checking client and authentication server needs to carry out strict control extension, to guarantee that the result that authentication server returns will not be held as a hostage and revise; The trust authentication of authentication server is also required to be rigid in checking up, to guarantee that any malicious process is all without the trusted process data base entering into server.
Technical scheme is described in detail above in association with accompanying drawing, by the proof procedure of client/server, watch-dog can be effectively prevented maliciously invaded and have an opportunity to be switched to secure execution environments, to access security of system resource and to threaten user's sensitive assets, and then it is effectively improved the safety of system, avoid safety information to leak, improve Consumer's Experience.
The foregoing is only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations. All within the spirit and principles in the present invention, any amendment of making, equivalent replacement, improvement etc., should be included within protection scope of the present invention.
Claims (10)
1. an execution environment changing method for terminal, performs environment for terminal switching, it is characterised in that including:
According to the handover request from the process in described terminal, send checking request to the authentication server of described terminal or the external authentication server that is connected with described terminal;
According to the judged result from described authentication server or described external authentication server, it is determined whether switch to target execution environment from current execution environment, wherein, the safe class of described current execution environment is lower than the safe class of described target execution environment.
2. the execution environment changing method of terminal according to claim 1, it is characterised in that described in determine whether to switch to target execution environment from current execution environment, specifically include:
When described judged result is for being, switch to described target execution environment from described current execution environment;
When described judged result is no, forbids switching to described target execution environment from described current execution environment, and send prompting.
3. the execution environment changing method of terminal according to claim 2, it is characterised in that described determine whether to switch to target execution environment from current execution environment before, also include:
Control described authentication server or described external authentication server and judge whether described process belongs to trusted process data base according to described checking request; And
Control described authentication server or described external authentication server described judged result is encrypted after feed back to described terminal.
4. the execution environment changing method of terminal according to claim 3, it is characterized in that, also include: control described process according to described prompting and carry out registration checking to described authentication server or described external authentication server, for entering described trusted process data base.
5. the execution environment changing method of terminal according to any one of claim 1 to 4, it is characterised in that described checking request is sent to described authentication server or described external authentication server by the checking client of described terminal.
6. an execution environment changing system for terminal, performs environment for terminal switching, it is characterised in that including:
Sending module, for according to from the handover request of the process in described terminal, sends checking to the authentication server of described terminal or the external authentication server that is connected with described terminal and asks;
Handover module, for according to the judged result from described authentication server or described external authentication server, determining whether to switch to target execution environment from current execution environment, wherein, the safe class of described current execution environment is lower than the safe class of described target execution environment.
7. the execution environment changing system of terminal according to claim 6, it is characterised in that described handover module specifically for: when described judged result is for being, control switch to described target execution environment from described current execution environment;
When described judged result is no, controls to forbid switching to described target execution environment from described current execution environment, and send prompting.
8. the execution environment changing system of terminal according to claim 7, it is characterized in that, also include: control module, be used for controlling described authentication server or described external authentication server and judge whether described process belongs to trusted process data base according to described checking request; And be additionally operable to:
Control described authentication server or described external authentication server described judged result is encrypted after feed back to described terminal.
9. the execution environment changing system of terminal according to claim 8, it is characterized in that, described control module is additionally operable to: controls described process according to described prompting and carries out registration checking to described authentication server or described external authentication server, for entering described trusted process data base.
10. a terminal, it is characterised in that include the terminal as according to any one of claim 6 to 9 and perform environment changing system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510200483.4A CN105631314A (en) | 2015-04-24 | 2015-04-24 | Execution environment switching method of terminal, execution environment switching system of terminal, and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510200483.4A CN105631314A (en) | 2015-04-24 | 2015-04-24 | Execution environment switching method of terminal, execution environment switching system of terminal, and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105631314A true CN105631314A (en) | 2016-06-01 |
Family
ID=56046239
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510200483.4A Pending CN105631314A (en) | 2015-04-24 | 2015-04-24 | Execution environment switching method of terminal, execution environment switching system of terminal, and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105631314A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108090376A (en) * | 2016-11-23 | 2018-05-29 | 厦门雅迅网络股份有限公司 | CAN bus data prevention method and system based on TrustZone |
| CN112800431A (en) * | 2020-08-28 | 2021-05-14 | 支付宝(杭州)信息技术有限公司 | Method and device for safely entering trusted execution environment in hyper-thread scene |
| CN113792276A (en) * | 2021-11-11 | 2021-12-14 | 麒麟软件有限公司 | Operating system user identity authentication method and system based on dual-architecture |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100132015A1 (en) * | 2008-11-21 | 2010-05-27 | Sung-Min Lee | Apparatus and method for providing security information in virtual environment |
| CN103714459A (en) * | 2013-12-26 | 2014-04-09 | 电子科技大学 | Secure payment system and method of intelligent terminal |
| CN104063788A (en) * | 2014-07-16 | 2014-09-24 | 武汉大学 | Mobile platform credibility payment system and method |
| CN104239783A (en) * | 2014-09-19 | 2014-12-24 | 东软集团股份有限公司 | System and method for safely inputting customizing messages |
| CN104463025A (en) * | 2014-12-19 | 2015-03-25 | 宇龙计算机通信科技(深圳)有限公司 | System switching method, system switching device and terminal |
| CN104462935A (en) * | 2014-12-24 | 2015-03-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and terminal for performing safety verification on application program in multi-operation system |
-
2015
- 2015-04-24 CN CN201510200483.4A patent/CN105631314A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100132015A1 (en) * | 2008-11-21 | 2010-05-27 | Sung-Min Lee | Apparatus and method for providing security information in virtual environment |
| CN103714459A (en) * | 2013-12-26 | 2014-04-09 | 电子科技大学 | Secure payment system and method of intelligent terminal |
| CN104063788A (en) * | 2014-07-16 | 2014-09-24 | 武汉大学 | Mobile platform credibility payment system and method |
| CN104239783A (en) * | 2014-09-19 | 2014-12-24 | 东软集团股份有限公司 | System and method for safely inputting customizing messages |
| CN104463025A (en) * | 2014-12-19 | 2015-03-25 | 宇龙计算机通信科技(深圳)有限公司 | System switching method, system switching device and terminal |
| CN104462935A (en) * | 2014-12-24 | 2015-03-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and terminal for performing safety verification on application program in multi-operation system |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108090376A (en) * | 2016-11-23 | 2018-05-29 | 厦门雅迅网络股份有限公司 | CAN bus data prevention method and system based on TrustZone |
| CN108090376B (en) * | 2016-11-23 | 2021-01-12 | 厦门雅迅网络股份有限公司 | CAN bus data protection method and system based on TrustZone |
| CN112800431A (en) * | 2020-08-28 | 2021-05-14 | 支付宝(杭州)信息技术有限公司 | Method and device for safely entering trusted execution environment in hyper-thread scene |
| CN112800431B (en) * | 2020-08-28 | 2023-09-29 | 支付宝(杭州)信息技术有限公司 | Method and device for safely entering trusted execution environment in hyper-threading scene |
| CN113792276A (en) * | 2021-11-11 | 2021-12-14 | 麒麟软件有限公司 | Operating system user identity authentication method and system based on dual-architecture |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5580857B2 (en) | System and method for identifying and preventing security breaches in computer systems | |
| US9787681B2 (en) | Systems and methods for enforcing access control policies on privileged accesses for mobile devices | |
| US8307416B2 (en) | Data structures for use in firewalls | |
| WO2019192344A1 (en) | Trust zone-based operating system and method | |
| US20070011419A1 (en) | Method and system for a multi-sharing security firewall | |
| US9870467B2 (en) | Apparatus and method for implementing a forked system call in a system with a protected region | |
| US20120159172A1 (en) | Secure and private location | |
| CN105531692A (en) | Security policies for loading, linking, and executing native code by mobile applications running inside of virtual machines | |
| CN105468980A (en) | Security control method, device and system | |
| US20100100929A1 (en) | Apparatus and method for security managing of information terminal | |
| CN103890716A (en) | Web-based interface to access a function of a basic input/output system | |
| CN106603498B (en) | Event reporting method and device | |
| KR20160147993A (en) | Premises-aware security and policy orchestration | |
| US20130042297A1 (en) | Method and apparatus for providing secure software execution environment based on domain separation | |
| KR20170090645A (en) | System and method for preventing from ransome virus | |
| CN103890717A (en) | Providing a function of a basic input/output system (BIOS) in a privileged domain | |
| US20090177826A1 (en) | System and method for preemptive masking and unmasking of non-secure processor interrupts | |
| CN105631314A (en) | Execution environment switching method of terminal, execution environment switching system of terminal, and terminal | |
| CN113987468A (en) | Security check method and security check device | |
| CN110276214A (en) | A kind of credible SOC framework of double-core and method based on slave access protection | |
| US20130237187A1 (en) | Terminal and control method for location information security | |
| KR20160145574A (en) | Systems and methods for enforcing security in mobile computing | |
| JP5069406B2 (en) | System and method for identifying and preventing security breaches in computer systems | |
| CN114826785B (en) | Dynamic protection method, system-on-chip, electronic device and medium | |
| EP2118804B1 (en) | Initiator and target firewalls |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160601 |