KR20140027580A - Method for secure input in on-line service, apparatus and storage medium therefor - Google Patents

Method for secure input in on-line service, apparatus and storage medium therefor Download PDF

Info

Publication number
KR20140027580A
KR20140027580A KR1020120074041A KR20120074041A KR20140027580A KR 20140027580 A KR20140027580 A KR 20140027580A KR 1020120074041 A KR1020120074041 A KR 1020120074041A KR 20120074041 A KR20120074041 A KR 20120074041A KR 20140027580 A KR20140027580 A KR 20140027580A
Authority
KR
South Korea
Prior art keywords
security
application
data
input
service
Prior art date
Application number
KR1020120074041A
Other languages
Korean (ko)
Inventor
신정금
김현욱
김도완
전윤호
정원석
Original Assignee
에스케이플래닛 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 에스케이플래닛 주식회사 filed Critical 에스케이플래닛 주식회사
Priority to KR1020120074041A priority Critical patent/KR20140027580A/en
Publication of KR20140027580A publication Critical patent/KR20140027580A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a method and apparatus for secure input in an online service, which are capable of safely transmitting user data required during the online service from a terminal device to a service device using an isolation environment of the terminal device in which a non-secure area managed by an open operating system and a secure area managed by a security operating system are physically separated from each other. The service device performs a specific service or function in connection with an application installed in the terminal device. If the service device requests data input to the application of the terminal device, the terminal device receives and encrypts user data through the secure area according to the request of the application installed in the non-secure area, and transmits the encrypted data to the service device through the application, wherein the terminal device has the isolation environment whereby the non-secure area operated by the open operating system and the secure area operated by the separate security operating system are physically separated from each other. [Reference numerals] (151a) Application; (152a) Service API module; (152b) Secure input module; (152c) Encryption module; (210) Application server unit; (220) Secure input server unit

Description

Method for secure input in on-line service, apparatus and storage medium therefor}

The present invention relates to a method for secure input in an online service and an apparatus therefor, and more particularly, to a terminal device in which a non-secure area operated by a general operating system and a secure area operated by a secure operating system are physically separated. The present invention relates to a method for secure input in an online service for safely inputting data requiring security in an online service using an isolation environment, an apparatus, and a recording medium therefor.

BACKGROUND OF THE INVENTION A portable terminal device is a terminal device that supports a communication function based on mobility, and is used in a wide range of fields due to its convenience and ease of portability. Such portable terminal devices have recently been developed in the form of smart phones equipped with various user functions, and provide various conveniences and entertainment. These smartphones support the activation of the open market, so that customers can easily obtain a variety of applications you want. The high performance also allows smartphones to handle many of the functions that PCs handle.

However, since smartphones are based on the open operating system (OS), which is a unique feature of smartphones, along with the rapid market expansion, there are various security threats due to the operator's open network and the use of applications through the open market. For example, smartphones are easily exposed to malware and are vulnerable to hacking such as Lab Attack. Smartphones infected with malware can cause not only terminal device malfunction but also excessive battery consumption due to continuous network connection, excessive billing, and leakage of personal and financial information. These malicious codes are mainly dealt with by software through vaccines. On the other hand, in the case of Lab Attack, which is a hack that reads specific information in the internal storage area of the smart phone or references and changes the terminal device itself information, the terminal device subject to Lab Attack has a risk of theft such as duplication due to hacking of IMEI of the terminal device. May be exposed.

Currently, security technology for smart phones to eliminate the security risks described above has been mainly focused on S / W-based vaccine programs or traffic control on the network. However, in the case of smart phones, user information can be easily exposed through hardware control, and conventional S / W-based security technology can not provide sufficient security. In particular, the security technology of the smartphone is essential for the security of the smartphone itself, such as jailbreak or rooting, payment, finance, corporate services, and the like.

In particular, various applications installed in a smart phone mostly include an online operation, and a terminal device often receives a process of receiving various types of data according to a request of a service device and transmitting the data to the service device.

However, during the data input process or the transmission of the input data in the terminal device described above, the data is likely to be exposed to a third party having a malicious purpose, and in this case, it may cause problems such as personal information leakage or financial damage. Therefore, a security measure for this is required.

Patent Document 1: KR 10-2011-0098889 A, 2011.09.02 publication (name: security method of client and server)

Accordingly, the present invention securely stores user data required during an online service from a terminal device to a service device by using an isolation environment of a terminal device in which a non-security area operated by a general operating system and a security area operated by a security operating system are physically separated. A method for secure input in an online service for delivery, an apparatus and a recording medium therefor are provided.

As a means for solving the above problems, the present invention, a service device for requesting data input to the application installed in the terminal device, and performing a specific service or function using the received data according to the request; And a non-secure zone operating based on an open operating system and a secure zone operating based on a security operating system, and having a separate isolation environment. Provides a system for secure input in the online service, including a terminal device for receiving and encrypting the user data through the user data and then transmitting the encrypted data to the service device through the application in the non-security area.

In addition, the present invention is a means for solving the above problems, the communication unit for connecting to the service device via a communication network for transmitting and receiving data; An input unit to receive data from a user; And a non-secure area operating based on an open operating system and a secure area operating based on an operating system for security, and executing an application performing a specific service or function by interworking with a service device through the non-secure area. In response to a request of an application, the control unit controls an input unit through a security zone, receives data from a user, encrypts the data, and then transmits the encrypted data to a service device through an application in an insecure area. Provided is a terminal device for secure input.

A terminal device according to the present invention, the control unit includes a security input module for receiving data from a user by accessing an input unit based on a security operating system; An encryption module operating based on a security operating system to encrypt data input from a security input module; And a service API module that executes the secure input module and the encryption module according to a request from an application installed in the non-secure area, and returns the encrypted data to the application as a result value.

In the terminal device according to the present invention, the control unit may further transmit the encryption seed value used to encrypt the data to the service device.

In addition, the present invention is another means for solving the above problems, the non-security area operating based on the open operating system and the security area operating based on the security operating system is executed in the non-secure area of the physically separated terminal device An application server unit for requesting input of user data to an application, receiving encrypted data from the application in response thereto, and performing a specific service or function based on data obtained through decryption of the encrypted data; And a security input server unit for decrypting the encrypted data.

In the service apparatus according to the present invention, the application server unit further receives an encryption seed value together with the encrypted data from the application of the terminal device, the security input server unit generates a decryption key through the encryption seed value, and generates the decryption key Encrypted data can be decrypted.

In addition, the present invention is another means for solving the above problems, the terminal device, the step of executing an application for performing a specific service or function in conjunction with a service based on an open operating system in the non-security area; Receiving user data through a security area based on a security operating system according to a request of an application; Encrypting data received through the secure area; And transmitting the encrypted data to the service device through the application in the non-secure area.

In the method for secure input in an online service according to the present invention, before the step of receiving user data through the secure area, the application receives a data input request from the service device, and a service configured for secure input service in the secure area. The method may further include requesting data input to a security area through an application program interface (API).

In the service device for secure input in the online service according to the present invention, the step of transmitting to the service device comprises the steps of: returning encrypted data to the application in the secure area; And transmitting, by the application, the returned encrypted data to the service device.

According to another aspect of the present invention, there is provided a service device in a non-secure area of a terminal device in which a service device is physically separated from a non-secure area that operates based on an open operating system and a secure area that operates based on a security operating system. Requesting input of user data to an executed application; Receiving encrypted data from the application in response to the request; And decrypting the encrypted data, and performing a specific service or function based on the decrypted data.

The method for secure input in the above-described online service may further include receiving an encryption seed value from an application of a terminal device and generating a decryption key to be applied to data encrypted through the encryption seed value.

In addition, the present invention is another means for solving the above-described problem, in response to a request of an application that is executed by a computer, based on an open operating system in a non-secure area, through a security area based on a security operating system Receiving user data; Encrypting data received through the security area; And a computer readable recording medium storing a program implemented to perform a step of returning encrypted data to the application.

As described above, according to the method and apparatus for secure input in an online service according to the present invention, when an arbitrary application installed in a terminal device operates in connection with a service device connected through a communication network, it is based on an open operating system. Through the isolation environment technology in which the non-security area in operation and the security area in operation by the security operating system are physically separated, data requested by the service device can be securely delivered.

In particular, the present invention, by driving the security input module installed in the security area in response to the request of any application installed in the non-security area, it is possible to securely receive data necessary to perform the service from the user, and also to drive the encryption module installed in the security area By encrypting the input data and returning the encrypted data to an application operating in the non-secure area, so that the data can be securely transferred to the service device through an application.

In particular, in transmitting the encrypted data to the service device, by transmitting the encryption seed value, it is possible to securely obtain the original data by decrypting the encrypted data using the encryption seed value received at the service device.

1 is a diagram schematically showing the configuration of a system for secure input in an online service according to an embodiment of the present invention.
2 is a block diagram showing the overall configuration of a terminal device for secure input in an online service according to an embodiment of the present invention.
3 is a block diagram schematically illustrating an isolation environment structure in a terminal device according to an exemplary embodiment of the present invention.
4 is a block diagram illustrating a detailed configuration for secure input in a terminal device for secure input in an online service according to an embodiment of the present invention.
5 is a diagram illustrating a processing procedure in a system for secure input in an online service according to an exemplary embodiment of the present invention.
6 is a flowchart illustrating a method for secure input in an online service performed by a terminal device according to an exemplary embodiment of the present invention.
7 is a flowchart illustrating a method for secure input in an online service performed by a service apparatus according to an exemplary embodiment of the present invention.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description and the accompanying drawings, detailed description of well-known functions or constructions that may obscure the subject matter of the present invention will be omitted. It should be noted that the same constituent elements are denoted by the same reference numerals as possible throughout the drawings.

1 is a diagram schematically showing the configuration of a system for secure input in an online service according to an embodiment of the present invention.

As shown in FIG. 1, the present invention may be applied to a case in which the terminal device 100 and the service device 200 provide an online service in cooperation with the communication network 300.

Here, the terminal apparatus 100 is a user's information processing terminal having a communication function, and the communication function includes both wired communication as well as wireless communication. For example, the terminal device 100 may be a smart phone, a tablet PC, a desktop personal computer, a notebook, a personal digital assistant (PDA), or the like. In the present invention, the terminal device 100 provides an isolation environment in which a non-security area driven by an open operating system generally used and a security area driven by a separate security operating system are physically separated. Supports secure input from online services based on

The service device 200 refers to a server device that provides a predetermined online service to any terminal device 100 connected through the communication network 300. Here, the online service means a service made through data communication through the communication network 300. In particular, in the present invention, the service device 200 provides a predetermined service or function to the terminal device 100 in cooperation with any application installed in the terminal device 100. For example, the service device 200 may be a server device for electronic commerce or financial transaction.

In addition, the communication network 300 is a medium for transferring data by connecting the terminal device 100 and the service device 200, a wired communication method such as the Internet, a wireless communication method including Wi-Fi, and 2G, 3G, 4G, etc. may be configured in a form that can integrally provide one or more mobile communication methods of various generations.

2 is a block diagram illustrating a configuration of a terminal device 100 according to an embodiment of the present invention.

Referring to FIG. 2, the terminal device 100 of the present invention may include a configuration of the communication unit 110, the input unit 120, the output unit 130, the storage unit 140, and the controller 150.

The terminal device 100 of the present invention has an isolation environment for physically separating the non-security area 151 operated by a general open operating system and the security area 152 operated by a separate security operating system through the controller 150. When the service device 200 requests specific data (eg, data on user personal information), the data is securely received and encrypted using the isolation environment, and then provided to the service device 200. As a result, the specific operation of each component for this is as follows.

First, the communication unit 110 may be configured as a communication module according to at least one of various communication methods for forming a communication channel with the communication network 300. For example, the communication unit 110 may be configured with at least one of communication modules supporting various mobile communication methods such as CDMA, GSM, WCDMA, OFDMA. Also, the communication unit 110 can be implemented as an IP-based wired / wireless communication module.

The communication unit 110 forms a communication channel with the service device 200 through the communication network 300 under the control of a predetermined routine or the controller 150 in the process of performing an online service through interworking with the service device 200. And transmit / receive data required to perform a service through the corresponding communication channel. In particular, the communication unit 110 transmits the encrypted data received through the security area of the isolation environment to the service device 200. In this case, the communication unit 110 may further transmit an encryption seed value together with the encrypted data. The encryption seed value is a reference value for generating a key for decrypting the encrypted data, and the service device 200 decrypts the decryption key from the encryption seed value through a key generation algorithm promised with the terminal device 100. Can be generated.

The input unit 120 is a means for receiving various data (letters, numbers, symbols, etc.) from a user, and may be formed of various types of input means such as a keyboard, a keypad, a mouse, a motion sensor, and the like. When the touch screen is manufactured as a touch screen, it may be configured to include a soft key and a side key or a separate hot key, a shortcut key, and the like implemented on the touch screen. The input unit 120 may include a plurality of input keys and function keys for receiving numeric or character information and setting various functions.

The output unit 130 is an output means for displaying an operation state and an operation result of the terminal device 100 or providing predetermined information to the user. The output unit 130 displays information input by the user or information provided to the user, including various menus. do. That is, the output unit 130 may provide various screens according to the use of the terminal device 100, for example, a standby screen, a menu screen, a message writing screen, a call screen, a terminal device end screen, a terminal device boot screen, and the like. In particular, the output unit 130 may provide the execution screen according to the execution of any application on the terminal device 100.

The output unit 130 may be formed in the form of a flat panel display panel such as a liquid crystal display (LCD), an organic light emitting diode (OLED), or the like. The output unit 130 may be manufactured in a structure including a display panel and a touch panel according to a manufacturing form. In particular, the output unit 130 of the present invention provides an execution screen of an application executed through the non-secure area of the isolation environment, and also executes through the security area of the isolation environment in response to a data input request from the service device 200. A security input screen can be provided.

The storage 140 stores programs and data necessary for the operation of the terminal device 100 and data generated as a result of the operation, and may largely include a program area and a data area. The program area stores a general open OS program and a security OS program for building an execution environment of the terminal device 100, and stores application programs necessary for various user functions. Here, the application program may include both a general application operating based on the open OS program and a security application program (for example, a security applet) operating based on the security OS program. To this end, the storage unit 140 divides the storage space into two areas, one of which is accessible only through the OS for security of the security area, The security OS program and the security application program.

The controller 150 controls the overall operation of the terminal device 100. In the present invention, the controller 150 includes a non-secure area 151 operated by a general OS program stored in the storage 140, It is divided into a security area 152 operated by the security OS program. The non-secure area 151 executes an open operating system (OS) program for supporting a user function that does not use secure data, and a standard interface thereof is disclosed. As a result, general users can create applications corresponding to various functions that operate on an open OS. Meanwhile, the security area 152 is not open and an independent separate OS program for security is executed.

The non-secure area 151 and the secure area 152 described above may be driven alternately according to time division, and the secure area 152 may be a process requiring security, for example, in response to a request from the non-secure area 151. Authentication, encryption, decryption, etc. may be executed and the result may be returned to the non-secure area 151. In this case, the non-security area 151 may perform the remaining processing of the corresponding function by using the returned result value.

For example, when a payment request using secure data is generated, the non-secure area 151 passes the payment request to the secure area 152. The secure area 152 executes all payment processing for the payment request received from the non-secure area 151 and returns the result value to the non-secure area 151. Accordingly, the non-security area 151 may receive a result value for the success or failure of the payment process from the security area 152. Then, the non-security area 151 may receive data transmission / reception according to a procedure after a corresponding payment function, for example, a delivery procedure or a guidance procedure, upon receiving a result value for the payment success processing. In addition, the non-secure area 151 may process data transmission / reception for a non-transaction notification due to payment failure upon receiving a result value of payment failure processing. The non-secure area 151 and the secure area 152 may also use a separate memory space to fundamentally block external access to data requiring security. The security zone 152 is accessible through authority verification (for example, a certificate), and cannot be accessed or invaded from the outside.

The non-security area 151 and the security area 152 mean a control area that is physically separated from each other, and may be implemented through, for example, a multi-core technology including two or more microprocessors.

In addition, the non-secure area 151 and the secure area 152 are control areas that operate independently of each other, and the non-secure area 151 and the secure area 152 alternately operate according to time division, or The security zone 152 may operate according to the call.

When the power supply is applied to the terminal device 100, the control unit 150 of the terminal device 100 implemented as an isolation environment typically executes a security OS program first and escapes or routes through the security area 152. If the same malicious intrusion is confirmed, and stability is confirmed, an open OS program may be executed to implement the non-secure area 151.

In the above-described configuration, when a data input request is generated from the service device 200 while the application device 200 interoperates with any application installed in the non-secure area 151, the controller 150 opens the secure area 152. The requested data is securely input from the input unit 120, and then the input data is encrypted using a predetermined encryption technique. Subsequently, the application of the non-secure area 151 receives the encrypted data from the secure area 152 and transmits the encrypted data to the service device 200 through the communication network 300.

3 is a view for explaining the hierarchical structure of the terminal device 100 according to the present invention. The terminal device 100 is a hardware device constituting the terminal device 100, for example, the communication unit 110 and the input unit. The hardware layer 10, which is a physical layer including the output unit 130 and the storage unit 140, and the software layer 20 including an OS program and various application programs may be divided into two groups. .

In this case, the software layer 20 operates independently from each other on the hardware layer 10 to implement each execution environment, and an open OS for controlling and accessing a plurality of hardware devices of the hardware layer 10. Operating on the program 21 and the security OS program 23 and the execution environment implemented by the open OS program 21, through the open OS program 21 to a plurality of hardware devices of the hardware layer 10 Operating on a plurality of application programs 22 to access or use, and the execution environment implemented by the security OS program 23, through the security OS program 23 to a plurality of hardware devices of the hardware layer 10 And a number of security applications 24 that access or use them. The security application 24 may be implemented, for example, in the form of an applet.

The open OS program 21 and the application program 22 constitute a non-secure area 151, and the security OS program 22 and the security application 24 constitute a security area 152.

4 is a block diagram illustrating a configuration for secure input processing in an online service according to the present invention in the terminal device 100 having the above-described hierarchical structure, and illustrates a detailed configuration of the controller 151.

Referring to FIG. 4, in the terminal device 100 according to the present invention, the controller 150 is executed on the non-secure area 151, and at least one application that interworks with the service device 200 through the communication network 300. 151a, a security input module 152b and an encryption module 152 which are implemented on the security area 152 and located in the security area 152 by request from any application 151a located in the non-security area 151. And a service API (Application Program Interface) module 152a that returns the result to the application 151a, and is installed in the security area 151 and operates according to a request through the service API module 152. A security input module 152b that receives data from a user through the input unit 120 and a data input from the security input module 152b by operating in response to a request through the service API module 152a. An encryption module 152c encrypts the data using a predetermined encryption scheme.

The service API module 152a, the security input module 152b, and the encryption module 152c correspond to the software layer 23 shown in FIG. 3, and are a security application program operating on the security OS program 23. Can be implemented.

In addition, as shown in FIG. 5, the service device 200 interworking with the terminal device 100 through the communication network 300 may be linked with an arbitrary application 151a installed in the terminal device 100. The application server 210 that performs a function or a service, and when a security input is made while performing a specific function or service by the application server 210, decrypts the encrypted data transmitted from the terminal device 100 to the application. It may include a security input server unit 220 provided to the server unit 210.

Next, the security input procedure in the online service made between the terminal apparatus 100 and the service apparatus 200 having the above-described configuration will be described with reference to FIG. 5.

1 to 5, any application 151a installed in the non-secure area 151 of the terminal device 100 operates based on the open OS program 21 to perform any service or any function. . In this case, the application 151a may interoperate with the service device 200 connected through the communication network 300. In particular, the application server 210 of the service device 200 may have a specific function according to a preset algorithm. While performing a service, a user may request data input from the application 151a (①).

The application 151a receiving the data input request from the application server 210 calls the service API module 152a of the security area 152 and requests to perform security input (②).

The service API module 152a drives the security input module 152b according to the call of the application 151a, and the security input module 152b controls the input unit 120 to receive user data (③). ). That is, the input unit 120 that is accessed and controlled through the open OS program 21 of the non-secure area 151 through the secure OS program 23 of the secure area 152 according to the driving of the secure input module 152b. By access control, it is impossible to access third parties or other hacking programs during the data input or to the input data, and thus the data can be safely input.

In addition, the data input by the security input module 152b is encrypted (④) by the encryption method defined with the service device 200 through the encryption module 152c of the security area 152.

The service API module 152a returns the data encrypted by the encryption module 152c to the application 151a of the non-secure area 151 (⑤). In this case, the service API module 152a may return an encrypted seed value used for encrypting the data together with the encrypted data.

Accordingly, the application 151a transmits the returned encrypted data (and encryption seed value) to the application server unit 210 of the service device 200 (6). At this time, since the input data is transmitted in an encrypted state, the third party cannot know the actual input data even if it is exposed to another third party during transmission.

The application server unit 210 of the service device 200 transmits the received encrypted data (and the encryption seed value) to the security input server unit 220 (⑦), thereby transmitting the security input server unit 220. After decryption, the original input data is obtained (8).

The application server 210 processes the obtained input data according to a preset procedure to perform a specific function or service.

For example, when the application 151a logs in to perform a user-specific specific service provided by the service device 200, the application server 210 may input an ID and a password for logging in the application ( 151a).

In this case, the application 151a may request the security input by calling the service API module 152a instead of accessing the input unit 120 and receiving data through the open OS program 21 that may be hacked. In this case, the security input module 152b of the security area 150 is driven to access the input unit 120 through the security OS program 23, which is difficult to access externally, to receive user data, and encrypt the input data. The module 152c securely encrypts the secure area 152.

Since the data is input and encrypted through the secure area 152 which is difficult to access from the outside, the data can be secured.

In addition, the application 151a transmits the encrypted data obtained through the security area 152 to the application server 210 as it is, and the application server 210 decrypts the received encrypted data so that the user The login procedure may be completed by extracting the input ID and password and authenticating the ID and password.

 Meanwhile, the above-described terminal device 100 may further include various additional modules according to its provision form. That is, when the terminal device 100 is a communication terminal device, a short-range communication module for short-range communication, an interface for data transmission and reception by a wired or wireless communication method of the terminal device 100, and an internet network to communicate with an Internet function. It may further include components not mentioned above, such as an internet communication module to perform and a digital broadcasting module to perform a digital broadcast reception and playback function. These components can not be enumerated because of a wide variety of variations depending on the convergence trend of the digital device, but it is also possible that components having the same level as the above-mentioned components are further included in the device have. In addition, the terminal device 100 of the present invention may be excluded from the above configuration or replaced by another configuration, depending on the form of the present invention. Which will be readily apparent to those skilled in the art.

In addition, the terminal device 100 according to an embodiment of the present invention may include all devices equipped with the controller 150 in which the non-security module 161 and the security module 163 are physically divided. For example, the terminal device 100 includes all mobile communication terminals operating based on communication protocols corresponding to various communication systems, and includes a portable multimedia player (PMP). All information and communication devices such as digital broadcasting players, PDAs (Personal Digital Assistants), music players (eg MP3 players), mobile game terminals, smart phones, notebooks and handheld PCs, It may include an application for.

6 is a flowchart sequentially illustrating a security input method in an online service of a terminal device according to the present invention.

Referring to FIG. 6, the security input method of the online service will be described again. An application installed in the non-secure area 151 of the terminal device 100 and operating based on an open operating system may be a service device (eg, a communication device 300). While communicating with the mobile terminal 200, a data input may be requested from the service device 200 (S110).

The application receiving the data input request of the service device 200 may request a security input to the security area 152 through a service API supported by the security area 152 of the terminal device 100 (S120).

Accordingly, the security input module 152b implemented in the security area 152 of the terminal device 100 is driven to control the input unit 120 to receive user data (S130). At this time, the input unit 120 that has been accessed and controlled through the open OS program 21 of the non-secure area 151 is driven by the secure OS program 23 of the secure area 152 according to the driving of the secure input module 152b. By access control, it is impossible to access third parties or other hacking programs during the data input or to the input data, and thus the data can be safely input.

Subsequently, the encryption module 152 provided in the security area 152 of the terminal device 100 is driven to encrypt data received by the security input module 152b (S140).

The encrypted input data is returned to the application of the non-secure area 151 through the service API of the secure area 152 (S150). In this case, an encryption seed value used for encrypting the data may be further returned together with the encrypted data.

Accordingly, the application 151a transmits the encrypted data (and the encryption seed value) returned from the security area 152 to the service device 200 (S160). At this time, since the input data is transmitted in an encrypted state, the third party cannot know the actual input data even if it is exposed to another third party during transmission.

7 is a flowchart illustrating a security input method in an online service performed by the service apparatus 200 of the present invention.

Referring to FIG. 7, the service device 200 executes in the non-secure area 151 of the terminal device 100 in which the non-secure area operating based on the open operating system and the secure area operating based on the security operating system are physically separated. In order to communicate with the application to perform a specific function or service, the application may request input of user data (S210).

Thus, as described above with reference to FIG. 6, the application that receives the input request requests a security input to the security area 152 through the service API, thereby providing a security input module 152b and an encryption module installed in the security area 152. 152c is driven to receive and encrypt the user's data under a trusted environment, and return the encrypted data and the encryption seed value to the application.

At this time, the service device 200 receives the encrypted data returned to the application through the above process from the application (S220).

In addition, an encryption seed value is also received from the application of the terminal device 100 to generate a decryption key necessary for decryption (S230).

Here, the encrypted data and the encryption seed value may be received together.

The service device 200 may decrypt the encrypted data based on the generated decryption key, and perform a specific service or function based on the decrypted data (S240).

In addition, the above-described security input method in the online service of the present invention may be implemented in a software form readable through various computer means and recorded in a computer readable recording medium. For example, a program implemented to execute a secure input method in an online service according to the present invention may be configured to execute a security input based on an operating system for security in response to a request of an application running based on an open operating system in an unsecured area. It may be implemented to perform a function of receiving user data, a function of encrypting data input through a security area, and a function of returning encrypted data to the application.

Here, the recording medium may include program commands, data files, data structures, and the like, alone or in combination. Program instructions to be recorded on a recording medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. For example, the recording medium may be an optical recording medium such as a magnetic medium such as a hard disk, a floppy disk and a magnetic tape, a compact disk read only memory (CD-ROM), a digital video disk (DVD) Includes a hardware device that is specially configured to store and execute program instructions such as a magneto-optical medium such as a floppy disk and a ROM, a random access memory (RAM), a flash memory, do. Examples of program instructions may include machine language code such as those generated by a compiler, as well as high-level language code that may be executed by a computer using an interpreter or the like. Such hardware devices may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

As described above, preferred embodiments of the present invention have been described through the specification and drawings, although specific terms have been used, these are merely used in a general sense to easily explain the technical contents of the present invention and to help understanding of the present invention. It is only intended to limit the scope of the present invention. It will be apparent to those skilled in the art that other modifications based on the technical idea of the present invention may be practiced without departing from the scope of the invention disclosed herein.

The present invention can be applied to various types of user terminal devices having a communication function, and when any application installed in the terminal device operates in connection with a service device connected through a communication network, a non-security area that operates on a general open operating system and Through the isolation environment technology in which the security area operated by the security operating system is physically separated, data requested by the service device can be securely delivered.

In particular, the present invention, by driving the security input module installed in the security area in response to the request of any application installed in the non-security area, it is possible to securely receive data required to perform the service from the user, and also by driving the encryption module installed in the security area The data is encrypted and returned to an application operating in the non-secure area, so that the data can be securely transferred to the service device through the application.

In particular, in transmitting the encrypted data to the service device, by transmitting the encryption seed value, it is possible to securely obtain the original data by decrypting the encrypted data using the encryption seed value received at the service device.

100: terminal device 110: communication unit 120: input unit
130: output unit 140: storage unit 150: control unit
151: non-security area 152: security area 200: service device
210: application server unit 220: secure input server unit 300: communication network

Claims (12)

A service device for requesting data input to an application installed in a terminal device and performing a specific service or function by using the received data according to the request; And
A non-secure area operating based on an open operating system and a security area operating based on a security operating system have a physically separated isolation environment, and while executing the application through the non-secure area, the security is requested at the request of the application. And a terminal device for receiving and encrypting user data through an area, and then transmitting the encrypted data to the service device through the application in an insecure area. A communication unit for transmitting and receiving data by accessing a service device through a communication network;
An input unit to receive data from a user; And
The non-secure area operating based on the open operating system and the secure area operating based on the security operating system are physically separated, and executing an application that performs a specific service or function through interworking with the service device through the non-secure area. And a control unit which controls the input unit through the secure area according to a request of the application, receives data from a user, encrypts the data, and transmits the encrypted data to the service device through an application in the non-secure area. Terminal device for secure input in the online service. 3. The apparatus of claim 2, wherein the control unit
A security input module installed in the security area and receiving data from a user by accessing an input unit based on the security operating system;
An encryption module installed in the security area and operating based on the security operating system to encrypt data input from the security input module; And
A service API module installed in the secure area to execute the secure input module and the encryption module in response to a request from an application installed in the non-secure area, and return the encrypted data to the application as a result; Terminal device for secure input in the online service comprising a. 3. The method of claim 2,
And the control unit further transmits an encryption seed value used for encrypting the data to the service device. A non-secure area operating based on an open operating system and a secure area operating based on a security operating system are applications running in the non-secure area of a physically separated terminal device, requesting input of user data and encrypting the data in response. An application server unit configured to perform a specific service or function based on the data obtained through decryption of the encrypted data after receiving from the application; And
And a security input server unit for decrypting the encrypted data. 6. The method of claim 5,
The application server unit further receives an encryption seed value together with the encrypted data from the application of the terminal device,
And the security input server unit generates a decryption key using the encryption seed value, and decrypts the encrypted data by using the generated decryption key. Terminal device,
Executing an application that performs a specific service or function in association with a service based on an open operating system in an insecure area;
Receiving user data through a security area based on a security operating system according to a request of the application;
Encrypting data received through the security area;
Transmitting encrypted data to a service device via an application in the non-secure area. The method of claim 7, wherein prior to the step of receiving user data through the security area,
And receiving, by the application, a data input request from a service device, and requesting data input to a security zone through a service application program interface (API) configured for a security input service of the security zone. Method for secure input in services. The method of claim 7, wherein the transmitting to the service device
Returning the encrypted data to the application in the secure area; And
And sending, by the application, the returned encrypted data to a service device. Requesting, by the service device, input of user data to an application running in an insecure area of a terminal device in which a non-secure area operating based on an open operating system and a secure area operating based on a security operating system are physically separated;
Receiving encrypted data from the application in response to the request; And
Decrypting the encrypted data and performing a specific service or function based on the decrypted data. 11. The method of claim 10,
Receiving an encryption seed value from the application, and generating a decryption key to be applied to the encrypted data through the encryption seed value. Computer,
A function of receiving user data through a security zone based on a security operating system according to a request of an application running on an open operating system in an insecure zone;
Encrypting data received through the security area; And
A computer-readable recording medium storing a program implemented to perform a function of returning encrypted data to the application.
KR1020120074041A 2012-07-06 2012-07-06 Method for secure input in on-line service, apparatus and storage medium therefor KR20140027580A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020120074041A KR20140027580A (en) 2012-07-06 2012-07-06 Method for secure input in on-line service, apparatus and storage medium therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020120074041A KR20140027580A (en) 2012-07-06 2012-07-06 Method for secure input in on-line service, apparatus and storage medium therefor

Publications (1)

Publication Number Publication Date
KR20140027580A true KR20140027580A (en) 2014-03-07

Family

ID=50641390

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020120074041A KR20140027580A (en) 2012-07-06 2012-07-06 Method for secure input in on-line service, apparatus and storage medium therefor

Country Status (1)

Country Link
KR (1) KR20140027580A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017018719A1 (en) * 2015-07-27 2017-02-02 삼성전자 주식회사 Security network system and data processing method therefor

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017018719A1 (en) * 2015-07-27 2017-02-02 삼성전자 주식회사 Security network system and data processing method therefor
KR20170012957A (en) * 2015-07-27 2017-02-06 삼성전자주식회사 system for secure network and data processing method thereof
US10637827B2 (en) 2015-07-27 2020-04-28 Samsung Electronics Co., Ltd. Security network system and data processing method therefor

Similar Documents

Publication Publication Date Title
CN112733107B (en) Information verification method, related device, equipment and storage medium
US20220247739A1 (en) Multifactor Contextual Authentication and Entropy from Device or Device Input or Gesture Authentication
US11669465B1 (en) Secure storage of data through a multifaceted security scheme
KR101878149B1 (en) Device, system, and method of secure entry and handling of passwords
CN107222485B (en) Authorization method and related equipment
KR101671351B1 (en) Privacy enhanced key management for a web service provider using a converged security engine
US9356922B2 (en) Operation of mobile device as trusted mobile web client or trusted mobile web server
CN108769027B (en) Secure communication method, device, mobile terminal and storage medium
US9165128B1 (en) System and method of securing content from public display on a mobile communication device
CN109600223A (en) Verification method, Activiation method, device, equipment and storage medium
US20150039908A1 (en) System and Method for Securing A Credential Vault On A Trusted Computing Base
US11943368B2 (en) Provisioning trusted execution environment based on chain of trust including platform
JP2015506153A (en) Method and system for distributed off-line logon using one-time password
US20140090041A1 (en) Method, apparatus and system for authenticating open identification based on trusted platform
US10645077B2 (en) System and method for securing offline usage of a certificate by OTP system
CN109672523A (en) Information ciphering method, device, equipment and readable storage medium storing program for executing based on filter
AU2015218632A1 (en) Universal authenticator across web and mobile
WO2017071296A1 (en) Vpn-based secure data access method, device and system
KR20100023635A (en) Secutiry method using virtual keyboard
CN103250162B (en) For the protection of method, communication facilities, the server of the voucher in remote warehouse
KR101570773B1 (en) Cloud authentication method for securing mobile service
KR20140027580A (en) Method for secure input in on-line service, apparatus and storage medium therefor
KR20140123353A (en) Secure message transmission system, apparatus therefor and secure message processing method thereof
KR20130048508A (en) Generating method for root key and system, device, and mobile terminal supporting the same
KR100648709B1 (en) Portable device including smart card integrated circuit chip and method for issuing application by the device

Legal Events

Date Code Title Description
E902 Notification of reason for refusal
E902 Notification of reason for refusal
E601 Decision to refuse application