CN104392188A - Security data storage method and system - Google Patents

Security data storage method and system Download PDF

Info

Publication number
CN104392188A
CN104392188A CN201410619453.2A CN201410619453A CN104392188A CN 104392188 A CN104392188 A CN 104392188A CN 201410619453 A CN201410619453 A CN 201410619453A CN 104392188 A CN104392188 A CN 104392188A
Authority
CN
China
Prior art keywords
untrusted
data objects
characterized
storage service
rpmb
Prior art date
Application number
CN201410619453.2A
Other languages
Chinese (zh)
Other versions
CN104392188B (en
Inventor
成亮
叶建隆
张健康
Original Assignee
三星电子(中国)研发中心
三星电子株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 三星电子(中国)研发中心, 三星电子株式会社 filed Critical 三星电子(中国)研发中心
Priority to CN201410619453.2A priority Critical patent/CN104392188B/en
Publication of CN104392188A publication Critical patent/CN104392188A/en
Application granted granted Critical
Publication of CN104392188B publication Critical patent/CN104392188B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Abstract

The invention provides a security data storage method and system, which are applicable to processors supporting ARM TrustZone technology, and use an eMMC (Embeded Multi Media Card) supporting an RPMB (Replay Protected Memory Block) partition as a storage medium. The method comprises the following steps that trusted application programs, secure storage service programs and produced security data objects are protected by a trusted execution environment; the secure storage service programs provide set and access of the security data objects for the trusted application programs, and call an encryption and decryption module to encrypt and decrypt the security data objects; the encrypted security data objects are shared with eMMC RPMB drive programs in a non-trusted execution environment through a shared memory page; the eMMC RPMB drive programs in the non-trusted execution environment complete access and storage on the eMMC RPMB partition. According to the security data storage method and the system, the security data objects can be enabled to be stored reliably.

Description

A kind of secure data store method and system

Technical field

The present invention relates to technical field of data storage, particularly relate to a kind of secure data store method and system.

Background technology

Embedded device, comprises mobile phone, TV,, there is the demand of sensitive data being carried out to safe storage in panel computers etc., such as, on non-volatile memory medium, preserves the accounts information of user, through the key of authorizing, and various multimedia copyright information and license passport etc.

Existing secure data store method is generally at untrusted execution environment, as being encrypted in normal operating system.Encryption and decryption program and computation process, and clear data and encryption and decryption key, be all in untrusted environment; The file system interface that data storage method generally uses operating system to provide, data object after encryption is saved in non-volatile memory medium, as on embedded multi-media card (eMMC, embeddedMulti Media Card) or flash memory (Flash).

Fig. 1 is the brief block diagram of existing secure data storage system, mainly comprises four functional entitys: application program, encryption/decryption module, normal operating system, flash storage medium.Common flow process is: application call encryption/decryption module is encrypted secured data objects, calls normal operating system file system interface, and the data object after encryption is stored on eMMC subregion; When application program needs visit data object, call operation system file system interface, again reads data object from eMMC subregion, and calls encryption/decryption module and be decrypted process.On non-volatile memory medium, data object is saved with the form of encryption, therefore ensure that basic data security.

To the storage means of secure data in prior art, be generally be saved on non-volatile memory medium by generic file system interface, as in eMMC or Flash.But the data content be stored in Flash partition likely can be distorted by hacker, or even carry out pressure erasing by physical block.As improvement; eMMC specification provides for replay protection storage block (RPMB; Replay Protect Memory Block) subregion mandate write-protect mechanism; use preset key to carry out Hash calculation to data object by RPMB data packet format and obtain its message authentication code (MAC); eMMC card carries out reruning and comparison, to resist illegal write.But RPMB driver needs first to obtain preset key, and leave in the common memory page, therefore exist by the risk intercepted equally, and once preset key is revealed, so just can regenerate MAC, the inspection of read operation to MAC of out-tricking by using replacement data.

In prior art, secure data is carried out to the process of encryption and decryption, be generally carry out in the normal operating system environment of untrusted, its computation process likely can be intercepted and captured by hacker, the Key that encryption and decryption uses, or the clear data that computing uses, likely can be read and replace.In prior art, a kind of method of improvement is, for the equipment of the ARM trust region (TrustZone) of support An Mou company, key and encryption process can be placed in credible execution environment, then the data after encryption be returned to untrusted execution environment by shared drive.This computation process can use the TEE API of Global Platform organizational standard to realize communication and believable reciprocal process, but the follow-up storage of its encrypted data, still need to have been come by the file system interface of normal operating system, so still there is the risk being replaced or walking around.

Summary of the invention

The invention provides a kind of secure data store method, the reliable memory of secured data objects can be ensured.

Present invention also offers a kind of secure data storage system, the reliable memory of secured data objects can be ensured.

Technical scheme of the present invention is achieved in that

A kind of secure data store method, is applicable to the processor supporting ARM TrustZone technology, and uses the eMMC of support RPMB subregion as storage medium, and described method comprises:

Trusted application program, the secured data objects of safe storage service routine and generation thereof is protected by trusted execution environments;

Safe storage service routine provides foundation and the access of secured data objects to trusted application program, and calls encryption/decryption module and encrypt and decrypt process to secured data objects;

Secured data objects after encryption appoints the eMMCRPMB driver in execution environment to share by the shared drive page and untrusted;

Untrusted appoints the eMMC RPMB driver in execution environment to complete access to eMMC RPMB subregion and storage.

A kind of secure data storage system, operate on the processor of support ARM trust region (TrustZone) technology, and use the embedded multi-media card (eMMC) of replay protection storage block (RPMB) subregion as storage medium, described system comprises trusted application program, encryption/decryption module, safe storage service routine, communication module, untrusted appoints operating system and eMMC RPMB driver;

Described trusted application program operates in trusted execution environments, through the user program of security context certification, and access security data object;

Described encryption/decryption module operates in trusted execution environments, adopts and drives hardware engine or software algorithm to realize encryption and decryption functions;

Described safe storage service routine operates in trusted execution environments, provides the function of the establishment of secured data objects, reading, amendment, deletion or storage to trusted application program;

Described eMMC RPMB driver operates in untrusted and appoints in execution environment, completes the read-write to eMMCRPMB subregion.

Visible, the secure data store method that the present invention proposes and system, controlled the generation of plaintext secure data object and access by the credible execution environment of ARM TrustZone, prevent from being read by untrusted program or distorting; The key of encryption process and use thereof is isolated in trusted execution environments, execution environment can not be appointed to obtain by untrusted; Secured data objects after encryption passes to the eMMC RPMB driver in untrusted execution environment by shared drive, drive journey to complete access to eMMC RPMB subregion and storage, thus ensure the safety of data object by eMMC RPMB.

Accompanying drawing explanation

Fig. 1 is existing secure data storage system and method block diagram;

Fig. 2 is the embodiment of the present invention one secure data storage system block diagram;

Fig. 3 is the secured data objects Stored Procedure figure in the embodiment of the present invention two;

Fig. 4 is that the secured data objects in the embodiment of the present invention two reads process flow diagram.

Embodiment

The embodiment of the invention discloses a kind of secure data store method based on ARM TrustZone and system, be applicable to the embedded device of eMMC as storage medium that there is ARM TrustZone processor He comprise RPMB subregion, include but are not limited to smart mobile phone, panel computer, intelligent television, top box of digital machine, Internet video player etc.Described system comprises trusted execution environments and untrusted appoints execution environment.

Wherein, described trusted execution environments comprises communication module, trusted application program, safe storage service routine and encryption/decryption module.Trusted execution environments and untrusted appoint the execution environment share processor time, and its operating instruction and data are placed in safe memory headroom, are subject to the insulation blocking of TrustZone IP, avoid being appointed execution environment program malicious attack by untrusted.

Wherein, described untrusted is appointed execution environment to comprise untrusted and is appointed operating system, and untrusted appoints application program, eMMC RPMB driver.Untrusted appoints execution environment to be easily subject to various attack, and the superuser comprised by having root authority performs illegal operation, as modify instruction and reading user program memory pages.

Preferably, described communication module operates in the privileged mode of trusted execution environments, accept request and the Message Transmission of appointing execution environment from untrusted, and complete untrusted and appoint contextual processing between execution environment and trusted execution environments, simultaneously by the mapping to the shared drive page, support that untrusted appoints the data sharing between execution environment and trusted execution environments.

Further, communication module can also complete untrusted and appoint the interruption between execution environment and trusted execution environments to forward, the impact that avoidance breakout operating lag causes respective running environment.

Preferably, described trusted application program, comprises executable ELF file and digital signature information, execution environment can be appointed to send into trusted execution environments by shared drive from untrusted, by trusted execution environments, signature inspection is carried out to it, after being verified, carry out load and execution again.

Preferably, described safe storage service routine, runs on the user model in trusted execution environments or privileged mode.

Preferably, described safe storage service routine, when receiving the establishment data object request of trusted application program, specific works step comprises:

1) create secured data objects expressly, and be kept in trusted execution environments.

2) call encryption/decryption module, use symmetric cryptography mode to be encrypted secured data objects.

3) use software interrupt mode, notice untrusted appoints the eMMC RPMB driver in execution environment, and reads the block address of current available eMMC RPMB subregion and write count value.

4) according to RPMB data packet format, padding data content, random value and write count value, and use preset key, calculate message authentication code (MAC) by HMAC SHA256.

5) the RPMB packet comprising the secured data objects after encryption and MAC value is inserted shared drive, and use software interrupt mode, notice untrusted appoints the eMMC RPMB driver in execution environment.

Preferably, described safe storage service routine, when receiving the Update Table object requests of trusted application program, specific works step comprises:

1) in trusted execution environments, search this plaintext secure data object, and modify.

2) call encryption/decryption module, use symmetric cryptography mode to be encrypted amended secured data objects.

3) use software interrupt mode, notice untrusted appoints the eMMC RPMB driver in execution environment, and reads the block address of current available eMMC RPMB subregion and write count value.

4) according to RPMB data packet format, padding data content, random value and write count value, and use preset key, calculate message authentication code (MAC) by HMAC SHA256.

5) the RPMB packet comprising the secured data objects after encryption and MAC value is inserted shared drive, and use software interrupt mode, notice untrusted appoints the eMMC RPMB driver in execution environment.

Preferably, described safe storage service routine, when receiving the deletion data object request of trusted application program, specific works step comprises:

1) in trusted execution environments, search this plaintext secure data object, mark according to it block address finding it in eMMC RPMB subregion.

2) use software interrupt mode, notice untrusted appoints eMMC RPMB driver in execution environment, and read this eMMC RPMB subregion write count value.

3) according to RPMB data packet format, fill empty data content, random value and write count value, and use preset key, message authentication code (MAC) is calculated by Hash operation message authentication code (Hash-based Message Authentication Code, HMAC) SHA256.

4) the RPMB packet comprising empty data and MAC value is inserted shared drive, and use software interrupt mode, notice untrusted appoints the eMMC RPMB driver in execution environment.

5) this plaintext secure data object in trusted execution environments is deleted.

Preferably, described safe storage service routine, when receiving the reading data object request of trusted application program, specific works step comprises:

1) in trusted execution environments, search this plaintext secure data object, if found, then directly return its data object content.

2) if this data object content is empty, then use software interrupt mode, the message authentication code MAC that secured data objects after notice untrusted appoints the encryption in the reading of the eMMC RPMB driver in execution environment eMMC RPMB blockette and eMMC RPMB subregion return, and insert shared drive.

3) according to RPMB data packet format, use preset key, recalculate message authentication code MAC by HMAC SHA256, and compare with the MAC in shared drive, if inconsistent, then abandon these data, error result is returned trusted application program.

4) if consistent, then call encryption/decryption module, symmetry deciphering is carried out to the secured data objects in shared drive.

5) secured data objects after deciphering, adds the data object list in trusted execution environments to, and data object content is returned trusted application program.

Preferably, described safe storage service routine, can also be when system starts, the eMMC RPMB driver in execution environment is appointed by software interrupt mode notice untrusted, read in disposable for the secured data objects on RPMB blockette, and complete the inspection of message authentication code MAC value in trusted execution environments after, be decrypted one by one, and add data object list to.

Preferably, in above-mentioned steps, searching plaintext secure data object in trusted execution environments, can be search from buffer memory or the datarams page.

Preferably, software interrupt mode in above-mentioned steps, can by carrying out programming realization to universal interrupt controller GIC, on monokaryon or multi-core platform, all by the interruption forwarding effect of communication module, untrusted can be completed and appoints execution environment operating system to the quick response of this interruption.

Preferably, described encryption/decryption module, can by driving encryption and decryption hardware engine, or use software algorithm to realize encryption and decryption functions.Encryption/decryption module runs in trusted execution environments, simultaneously its key used, data buffer storage and memory pages, and all by trusted execution environments insulation blocking, untrusted appoints execution environment to access.

Preferably, described embedded device, before dispatching from the factory, needs to carry out the programming of SHA 256 key to eMMC RPMB and injects; Key injection programming is that single is effective, follow-uply can not modify again.

Preferably, described eMMC RPMB driver, operate in untrusted and appoint in execution environment, its job step comprises:

1) when receiving credible execution environment software interruption, its request type is checked.

2) when needs write secured data objects, read the RPMB packet comprising encrypted secured data objects and MAC value from the shared drive page, and write eMMC RPMB blockette address.

3) when needs read secured data objects, from eMMC PRMB blockette address, read in the RPMB packet comprising encrypted secured data objects and MAC value, and write shared drive.

Wherein, described eMMC RPMB driver self not managing keys, also cannot obtain the key injected, more can not obtain preset same key from trusted execution environments from eMMCRPMB subregion; Therefore, described eMMC RPMB driver cannot use replacement data to produce the MAC value of forgery, can avoid like this being cheated eMMC or trusted execution environments by the mode of man-in-the-middle attack, ensure that the nonvolatile safe of data object stores.

Preferably, described untrusted appoints operating system and untrusted to appoint application program, operate in untrusted execution environment, be subject to the buffer action of TrustZone IP, the execution instruction in any trusted execution environments, data content or memory pages can not be accessed, therefore cannot access or revise perhaps any key information in secured data objects expressly; And all secured data objects in shared drive, its content is encrypted state, can not be exposed to untrusted and appoint malicious application in execution environment, ensure that the Secure isolation of run duration data object.

Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.

Embodiment one:

Present embodiments provide a kind of secure data storage system based on ARM TrustZone.Described system uses the processor supporting ARM TrustZone, and uses the eMMC of support RPMB as storer, is applicable to as various consumer electronics embedded platforms such as mobile phone, panel computer, Digital Television.Shown in Figure 2, described system software execution environment is isolated into untrusted by ARM TrustZone technology and appoints execution environment and trusted execution environments; Wherein, untrusted is appointed execution environment to comprise untrusted and is appointed operating system (i.e. normal operating system) and eMMC RPMB driver; Trusted execution environments comprises communication module, trusted application program, and safe storage service routine and encryption/decryption module, specifically comprise:

Normal operating system in the present embodiment is responsible for providing necessary system interface support to various application program, and its kernel can process various external device interrupt and software interruption, and according to interrupt type, calls registered driver.The present embodiment is Linux, also can be Android or other general-purpose operating systems.

EMMC RPMB driver in the present embodiment operates in normal operating system kernel spacing, and its function mainly comprises:

1) in the communication module in trusted execution environments, shared drive is registered.

2) the normal operating system kernel registration software interrupt handler in execution environment is appointed to untrusted.

3) break in handling procedure in software, carry out reading or writing process according to the requirement of trusted execution environments.

4) effectively write count value from the reading of eMMC RPMB subregion is current, and notify the safe storage service routine in trusted execution environments.

5) access shared drive, read or write the RPMB bag data of the data object after comprising encryption and MAC value.

6) complete the read-write operation to eMMC RPMB blockette data, perform order and the response flow process of the RPMB defined in eMMC specification, complete various error handle etc.

Trusted application program in the present embodiment is the application program through safety certification, operates in trusted execution environments, includes but are not limited to digital copyright management drm service, the functions such as subscriber authorisation certificate management.Described trusted application program is at run duration, and the function of use safety stores service program, in order to create, to revise, to delete and to preserve the inner various secured data objects used.

Safe storage service routine in the present embodiment operates in trusted execution environments, provides service interface to trusted application program, and its function mainly comprises:

1) managed data object list, provides searching specified data object, inserts, the functions such as deletion.

2) accept the request to create of trusted application program to secured data objects, and join data object list.

3) accept the amendment request of trusted application program to secured data objects, and upgrade data object list.

4) accept the data removal request of trusted application program to secured data objects, and remove from data object list.

5) call encryption/decryption module, the data object to be stored in data object list is encrypted.

6) write count value according to what read in from eMMC RPMB, structure RPMB packet, calculates message authentication code MAC.

7) the RPMB packet comprising the secured data objects after encryption and MAC value is inserted shared drive, by software interrupt mode, notice untrusted execution environment eMMC RPMB driver stores.

8) data object after the encryption eMMC RPMB subregion and MAC is read from shared drive, according to RPMB data packet format, from newly calculating and check that whether its MAC is effective.

9) secured data objects after encryption is decrypted, and adds data object list to.

Encryption/decryption module in the present embodiment is hardware enciphering and deciphering engine and the driver thereof of SOC (system on a chip), supports as symmetrical encryption and decryption functions such as AES ECB/CTR/CBC, supports that HMAC_SHA256 calculates message authentication code simultaneously.Real system also can be software algorithm module.

Communication module in this enforcement, its running environment is privileged mode trusty, and its function mainly comprises:

1) receive the request that untrusted appoints execution environment, resolve the various command parameters that general-purpose register transmits.

2) carry out untrusted and appoint the execution environment shared drive page mapping again to trusted execution environments, carry out data sharing.

3) appoint various hardware or software interruption in execution environment to forward to trusted execution environments and untrusted, and the execution environment being switched to this interruption correspondence carry out interrupt processing.

Embodiment two

Present embodiments provide a kind of method of the secure data storage based on ARM TrustZone.

Fig. 3 is the process flow diagram that in this example, secured data objects creates and stores, and described step comprises:

Step 301: in trusted execution environments, trusted application program sends the establishment of secured data objects, amendment, the requests such as deletion.

Step 302: safe storage service routine carries out the process responded according to the request type of trusted application program, specifically comprise:

For request to create, search secured data objects, if there is no, so create new secured data objects, otherwise return failure;

For amendment request, search secured data objects, if existed, so revise corresponding secured data objects, otherwise return failure;

For removal request, search secured data objects, if existed, so delete corresponding secured data objects, otherwise return failure;

Upgrade data object list, and result is returned trusted application program.

Step 303: periodically, safe storage service routine uses AES key, carry out symmetric cryptography to the secured data objects occurring to change, and can select the different masses patterns such as CBC/CTR/ECB as required, after completing, transmission software interruption is to untrusted execution environment eMMC RPMB driver.

Step 304: software interruption is forwarded to untrusted by communication module and appoints the untrusted in execution environment to appoint in operating system nucleus, thus calls eMMC RPMB driver, reads RPMB and writes count value, and insert shared drive.

Step 305: safe storage service routine, according to RPMB data packet format, to secured data objects, the random value after encryption with write count value, and uses preset key, calculates message authentication code (MAC) by HMAC SHA256.

Step 306: safe storage service routine, according to RPMB data packet format, inserts shared drive complete packet, and send software interruption and appoint eMMC RPMB driver in execution environment to untrusted.

Step 307:eMMC RPMB driver reads RPMB packet from shared drive, wherein comprises the secured data objects after encryption and MAC value, then writes RPMB subregion.

Fig. 4 is the process flow diagram read secured data objects, and described step comprises:

Step 401: in trusted execution environments, trusted application program sends the read requests of secured data objects.

Step 402: safe storage service routine searches secured data objects, if existed, so directly returns this secured data objects.

Step 403: if there is no, so safe storage service routine transmission software interruption appoints the eMMC RPMB driver in execution environment to untrusted.

Step 404:eMMC RPMB driver reads in packet from eMMC RPMB subregion, wherein comprises the data object content after encryption and message authentication code MAC, and inserts shared drive.

Step 405: safe storage service routine, to the data object content after encryption, uses preset key to recalculate message authentication code MAC, and checks whether coupling, if do not mated, data exception is described, error result is returned trusted application program.

After step 406:MAC checks and fits through, safe storage service routine needs to resolve RPMB packet, after using AES key to be decrypted process, is updated to data object list to the data object wherein encrypted.

Step 407: safe storage service routine returns the plaintext secure data object after deciphering to trusted application program.

The idiographic flow of RPMB data packet format and calculating message authentication code, please refer to the description to eMMC RPMB in eMMC specification.

Compared with prior art; the invention has the beneficial effects as follows: by utilizing ARM TrustZone technology, being separated of execution environment is appointed to trusted and untrusted; the encryption and decryption computation process of secured data objects is isolated in trusted execution environments; and the key that encryption process uses and clear data content are protected in believable memory pages, the risk of being appointed execution environment illegally to steal by untrusted when avoiding operation.Simultaneously when needs storage security data object, safe storage service routine uses preset key in trusted execution environments, calculates and provides eMMC RPMB message authentication code MAC, to ensure the legal write to eMMC RPMB subregion; When reading secured data objects, safe storage service routine recalculates the message authentication code MAC with comparison eMMC RPMB, avoids data illegally to be replaced.

The foregoing is only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.Apply specific case herein to have carried out lock to principle of the present invention and embodiment and state, the explanation of above embodiment just understands method of the present invention and core concept thereof for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications.In sum, this description should not be construed as limitation of the present invention.All any amendments done within the spirit and principles in the present invention, equivalent replacement, improvement etc., be all included in protection scope of the present invention.

Claims (27)

1. a secure data store method, is characterized in that, is applicable to the processor supporting ARM trust region TrustZone technology, and uses the embedded multi-media card eMMC of support replay protection storage block RPMB subregion as storage medium, and described method comprises:
Trusted application program, the secured data objects of safe storage service routine and generation thereof is protected by trusted execution environments;
Safe storage service routine provides foundation and the access of secured data objects to trusted application program, and calls encryption/decryption module and encrypt and decrypt process to secured data objects;
Secured data objects after encryption appoints the eMMCRPMB driver in execution environment to share by the shared drive page and untrusted;
Untrusted appoints the eMMC RPMB driver in execution environment to complete access to eMMC RPMB subregion and storage.
2. method according to claim 1; it is characterized in that; described trusted application program and safe storage service routine are operationally protected by trusted execution environments, and it performs instruction and the untrusted in execution environment can not be appointed to appoint application program to read or amendment by untrusted.
3. method according to claim 1; it is characterized in that; described secured data objects is operationally protected in the memory pages of Secure isolation by trusted execution environments, and its clear data content can not be appointed the untrusted in execution environment to appoint application program to read or amendment by untrusted.
4. method according to claim 1, is characterized in that, described safe storage service routine provides the foundation of secured data objects and the mode of access to be to trusted application program:
Trusted application program calls the interface of safe storage service routine in trusted execution environments, dynamic creation secured data objects, amendment or deleting history secured data objects.
5. method according to claim 1, is characterized in that, described safe storage service routine calls encryption/decryption module and to the mode that secured data objects is encrypted is:
Safe storage service routine carries out object encapsulation to secure data content, uses the key protected by trusted execution environments, and calls encryption/decryption module and be encrypted.
6. method according to claim 5, is characterized in that, the mode of described encryption is symmetric cryptography mode.
7. method according to claim 6, is characterized in that, the key that the key that described symmetric cryptography uses is the unsolicited key of described trusted application program, described safe storage service routine inside uses or the private cipher key of equipment solidification.
8. method according to claim 1, is characterized in that, described safe storage service routine appoints the eMMC RPMB driver in execution environment to read by software interrupt mode notice untrusted currently to write count value.
9. method according to claim 1, it is characterized in that, described safe storage service routine is the Security Object data after encryption and write count value according to RPMB packets fields form, use preset key, and calculate its message authentication code MAC by Hash operation message authentication code HMAC SHA256 algorithm, and construct complete RPMB packet.
10. method according to claim 9, is characterized in that, the safe storage service routine that described preset key is kept in trusted execution environments is inner, execution environment can not be appointed to obtain by untrusted.
11. methods according to claim 9, is characterized in that, described safe storage service routine inserts shared drive complete RPMB packet, and appoint the untrusted in execution environment to appoint operating system by software interruption notice untrusted.
12. methods according to claim 11, it is characterized in that, described untrusted calls eMMC RPMB driver after appointing the untrusted in execution environment to appoint operating system to check software interruption, and the RPMB packet copied in shared drive, by RPMB packet write eMMC RPMB subregion.
13. methods according to claim 12, is characterized in that, described eMMC RPMB driver does not allow the preset key knowing to produce MAC.
14. methods according to claim 13, is characterized in that, eMMC equipment has needed the injection of preset key when dispatching from the factory, described in be injected to single effective, follow-uply can not to rewrite.
15. methods according to claim 4, is characterized in that, trusted application program provides secured data objects to mark in trusted execution environments, calls the interface of safe storage service routine, access the secured data objects produced.
16. methods according to claim 15, is characterized in that, described safe storage service routine according to the local data object list buffer memory in secured data objects mark retrieval trusted execution environments, and carries out subsequent treatment according to result.
17. methods according to claim 16, it is characterized in that, safe storage service routine retrieves the secured data objects corresponding to this secured data objects mark in local data object list buffer memory, and this secured data objects is not when being invalid data, return to the data content required for trusted application program.
18. methods according to claim 16, is characterized in that, safe storage service routine is retrieved less than the secured data objects corresponding to this secured data objects mark in local cache; Or the secured data objects that can retrieve corresponding to this secured data objects mark, but when its state is invalid data, notify that untrusted appoints the untrusted in execution environment to appoint operating system by weaken rock mode.
19. methods according to claim 18, it is characterized in that, after described untrusted appoints the untrusted in execution environment to appoint operating system to receive weaken rock, call eMMC RPMB driver, the MAC value that data object after reading encryption from eMMCRPMB subregion and eMMC RPMB subregion return, inserts shared drive.
20. methods according to claim 16, it is characterized in that, safe storage service routine reads the data object of encryption from shared drive, and calls encryption/decryption module and be decrypted process, and the plaintext secure data object after deciphering leaves the memory pages in trusted execution environments in.
21. methods according to claim 16, it is characterized in that, safe storage service routine returns to the plaintext secure data object that trusted application program needs, and trusted application program needs to guarantee that this plaintext secure data object content can not be exposed to untrusted and appoint the untrusted in execution environment to appoint operating system or untrusted to appoint application program.
22. 1 kinds of secure data storage system, it is characterized in that, described system cloud gray model is on the processor supporting ARM trust region TrustZone technology, and use the embedded multi-media card eMMC of replay protection storage block RPMB subregion as storage medium, described system comprises trusted application program, encryption/decryption module, safe storage service routine, communication module, untrusted appoints operating system and eMMC RPMB driver;
Described trusted application program operates in trusted execution environments, through the user program of security context certification, and access security data object;
Described encryption/decryption module operates in trusted execution environments, adopts and drives hardware engine or software algorithm to realize encryption and decryption functions;
Described safe storage service routine operates in trusted execution environments, provides the function of the establishment of secured data objects, reading, amendment, deletion or storage to trusted application program;
Described eMMC RPMB driver operates in untrusted and appoints in execution environment, completes the read-write to eMMCRPMB subregion.
23. systems according to claim 22, it is characterized in that, described communication module, complete trusted execution environments appoint the switching of execution environment, context preservation to untrusted and recover, the mapping of the process shared drive page, and interruption appoints the forwarding between execution environment and trusted execution environments at untrusted.
24. systems according to claim 22, is characterized in that, described safe storage service routine safeguards trusted execution environments local security data object list buffer memory, provides the quick-searching function to secured data objects.
25. systems according to claim 22, it is characterized in that, described safe storage service routine is responsible for calling encryption/decryption module, completes the function to the encrypted data objects deciphering in shared drive, and is saved in the local security data object list in trusted execution environments.
26. systems according to claim 22, is characterized in that, described safe storage service routine is responsible for calling encryption/decryption module, complete the function of the clear data object encryption to trusted execution environments memory pages, and insert in shared drive.
27. systems according to claim 22, is characterized in that, described untrusted appoints operating system to appoint in execution environment at untrusted, provide untrusted to appoint the basic running environment of application program, the interrupt processing that response safe storage service routine produces.
CN201410619453.2A 2014-11-06 2014-11-06 A kind of secure data store method and system CN104392188B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410619453.2A CN104392188B (en) 2014-11-06 2014-11-06 A kind of secure data store method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410619453.2A CN104392188B (en) 2014-11-06 2014-11-06 A kind of secure data store method and system

Publications (2)

Publication Number Publication Date
CN104392188A true CN104392188A (en) 2015-03-04
CN104392188B CN104392188B (en) 2017-10-27

Family

ID=52610090

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410619453.2A CN104392188B (en) 2014-11-06 2014-11-06 A kind of secure data store method and system

Country Status (1)

Country Link
CN (1) CN104392188B (en)

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980338A (en) * 2015-05-12 2015-10-14 上海斐讯数据通信技术有限公司 Enterprise instant messaging security application system based on mobile intelligent terminal
CN105138904A (en) * 2015-08-25 2015-12-09 华为技术有限公司 Access control method and device
CN105138930A (en) * 2015-08-12 2015-12-09 山东超越数控电子有限公司 Encryption system and encryption method based on TrustZone
CN105260663A (en) * 2015-09-15 2016-01-20 中国科学院信息工程研究所 Secure storage service system and method based on TrustZone technology
CN105447406A (en) * 2015-11-10 2016-03-30 华为技术有限公司 Method and apparatus for accessing storage space
CN105468980A (en) * 2015-11-16 2016-04-06 华为技术有限公司 Security control method, device and system
CN106056380A (en) * 2016-05-27 2016-10-26 深圳市雪球科技有限公司 Mobile payment risk control system and mobile payment risk control method
CN106156229A (en) * 2015-04-27 2016-11-23 宇龙计算机通信科技(深圳)有限公司 The processing method of file, device and terminal in a kind of multiple operating system terminal
CN106354687A (en) * 2016-08-29 2017-01-25 珠海市魅族科技有限公司 Data transmission method and system
WO2017016231A1 (en) * 2015-07-27 2017-02-02 深圳市中兴微电子技术有限公司 Policy management method, system and computer storage medium
CN106384042A (en) * 2016-09-13 2017-02-08 北京豆荚科技有限公司 Electronic device and security system
CN106453398A (en) * 2016-11-22 2017-02-22 北京奇虎科技有限公司 Data encryption system and method
CN106845174A (en) * 2015-12-03 2017-06-13 福州瑞芯微电子股份有限公司 A kind of application rights management method and system under security system
CN106897584A (en) * 2015-12-21 2017-06-27 上海交通大学 Onboard system digital copyright management method and system based on architectural feature
CN106936774A (en) * 2015-12-29 2017-07-07 中国电信股份有限公司 Authentication method and system in credible performing environment
CN107103257A (en) * 2017-05-16 2017-08-29 成都鼎智汇科技有限公司 computer intrusion prevention method
CN107305607A (en) * 2016-04-18 2017-10-31 大唐半导体设计有限公司 A kind of method and apparatus for preventing backstage rogue program independent operating
CN107426192A (en) * 2017-06-29 2017-12-01 环球智达科技(北京)有限公司 Method of data synchronization for multi-process
CN107545185A (en) * 2017-08-24 2018-01-05 上海与德科技有限公司 Android mobile terminal administration authority detection method, device, terminal and storage medium
CN108429719A (en) * 2017-02-14 2018-08-21 华为技术有限公司 Cryptographic key protection method and device
CN109558743A (en) * 2018-11-27 2019-04-02 广州供电局有限公司 Data guard method, device, computer equipment and the storage medium of mobile terminal
WO2019110000A1 (en) * 2017-12-08 2019-06-13 阿里巴巴集团控股有限公司 Device data processing method and system
WO2020000491A1 (en) * 2018-06-30 2020-01-02 华为技术有限公司 File storage method and apparatus, and storage medium
EP3376425B1 (en) * 2015-11-30 2020-01-08 Huawei Technologies Co., Ltd. User interface switching method and terminal

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8775824B2 (en) * 2008-01-02 2014-07-08 Arm Limited Protecting the security of secure data sent from a central processor for processing by a further processing device
CN104091135A (en) * 2014-02-24 2014-10-08 电子科技大学 Safety system and safety storage method of intelligent terminal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王熙友: "ARM TrustZone安全隔离技术研究与应用", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106156229A (en) * 2015-04-27 2016-11-23 宇龙计算机通信科技(深圳)有限公司 The processing method of file, device and terminal in a kind of multiple operating system terminal
CN104980338A (en) * 2015-05-12 2015-10-14 上海斐讯数据通信技术有限公司 Enterprise instant messaging security application system based on mobile intelligent terminal
WO2017016231A1 (en) * 2015-07-27 2017-02-02 深圳市中兴微电子技术有限公司 Policy management method, system and computer storage medium
CN106411814A (en) * 2015-07-27 2017-02-15 深圳市中兴微电子技术有限公司 Strategy management method and system
CN105138930A (en) * 2015-08-12 2015-12-09 山东超越数控电子有限公司 Encryption system and encryption method based on TrustZone
CN105138904A (en) * 2015-08-25 2015-12-09 华为技术有限公司 Access control method and device
CN105138904B (en) * 2015-08-25 2018-06-15 华为技术有限公司 A kind of access control method and device
CN105260663B (en) * 2015-09-15 2017-12-01 中国科学院信息工程研究所 A kind of safe storage service system and method based on TrustZone technologies
CN105260663A (en) * 2015-09-15 2016-01-20 中国科学院信息工程研究所 Secure storage service system and method based on TrustZone technology
CN105447406A (en) * 2015-11-10 2016-03-30 华为技术有限公司 Method and apparatus for accessing storage space
CN105447406B (en) * 2015-11-10 2018-10-19 华为技术有限公司 A kind of method and apparatus for accessing memory space
CN105468980B (en) * 2015-11-16 2018-07-03 华为技术有限公司 The method, apparatus and system of a kind of security management and control
CN105468980A (en) * 2015-11-16 2016-04-06 华为技术有限公司 Security control method, device and system
EP3376425B1 (en) * 2015-11-30 2020-01-08 Huawei Technologies Co., Ltd. User interface switching method and terminal
CN106845174A (en) * 2015-12-03 2017-06-13 福州瑞芯微电子股份有限公司 A kind of application rights management method and system under security system
CN106897584A (en) * 2015-12-21 2017-06-27 上海交通大学 Onboard system digital copyright management method and system based on architectural feature
CN106936774A (en) * 2015-12-29 2017-07-07 中国电信股份有限公司 Authentication method and system in credible performing environment
CN107305607B (en) * 2016-04-18 2019-12-03 大唐半导体设计有限公司 One kind preventing the independently operated method and apparatus of backstage rogue program
CN107305607A (en) * 2016-04-18 2017-10-31 大唐半导体设计有限公司 A kind of method and apparatus for preventing backstage rogue program independent operating
CN106056380A (en) * 2016-05-27 2016-10-26 深圳市雪球科技有限公司 Mobile payment risk control system and mobile payment risk control method
CN106354687A (en) * 2016-08-29 2017-01-25 珠海市魅族科技有限公司 Data transmission method and system
CN106384042B (en) * 2016-09-13 2019-06-04 北京豆荚科技有限公司 A kind of electronic equipment and security system
CN106384042A (en) * 2016-09-13 2017-02-08 北京豆荚科技有限公司 Electronic device and security system
CN106453398A (en) * 2016-11-22 2017-02-22 北京奇虎科技有限公司 Data encryption system and method
CN106453398B (en) * 2016-11-22 2019-07-09 北京安云世纪科技有限公司 A kind of data encryption system and method
CN108429719A (en) * 2017-02-14 2018-08-21 华为技术有限公司 Cryptographic key protection method and device
CN107103257A (en) * 2017-05-16 2017-08-29 成都鼎智汇科技有限公司 computer intrusion prevention method
CN107426192A (en) * 2017-06-29 2017-12-01 环球智达科技(北京)有限公司 Method of data synchronization for multi-process
CN107545185A (en) * 2017-08-24 2018-01-05 上海与德科技有限公司 Android mobile terminal administration authority detection method, device, terminal and storage medium
WO2019110000A1 (en) * 2017-12-08 2019-06-13 阿里巴巴集团控股有限公司 Device data processing method and system
WO2020000491A1 (en) * 2018-06-30 2020-01-02 华为技术有限公司 File storage method and apparatus, and storage medium
CN109558743A (en) * 2018-11-27 2019-04-02 广州供电局有限公司 Data guard method, device, computer equipment and the storage medium of mobile terminal

Also Published As

Publication number Publication date
CN104392188B (en) 2017-10-27

Similar Documents

Publication Publication Date Title
JP4689945B2 (en) Resource access method
EP2630608B1 (en) Method and apparatus including architecture for protecting multi-user sensitive code and data
EP2577543B1 (en) Secure virtual machine bootstrap in untrusted cloud infrastructures
JP4668619B2 (en) Device key
US7392415B2 (en) Sleep protection
US8751818B2 (en) Method and apparatus for a trust processor
JP5314016B2 (en) Information processing apparatus, encryption key management method, computer program, and integrated circuit
JP4795812B2 (en) Secure processor
KR100611687B1 (en) Multi-token seal and unseal
RU2295834C2 (en) Initialization, maintenance, renewal and restoration of protected mode of operation of integrated system, using device for controlling access to data
US7874009B2 (en) Data processing device
DE60214640T2 (en) Microprocessor with improved task management and table management devices
JP6067449B2 (en) Information processing apparatus and information processing program
TWI393148B (en) Secure co-processing memory controller integrated into an embedded memory subsystem and method of optimizing processor utilization and creating a heightened level of security
KR101712784B1 (en) System and method for key management for issuer security domain using global platform specifications
US20040093505A1 (en) Open generic tamper resistant CPU and application system thereof
US9411970B2 (en) Sealing secret data with a policy that includes a sensor-based constraint
US20080162947A1 (en) Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications
US7805375B2 (en) Digital license migration from first platform to second platform
CN101661544B (en) Method and apparatus for providing a secure display window inside the primary display
KR101067399B1 (en) Saving and retrieving data based on symmetric key encryption
US20050289311A1 (en) System and method for secure inter-platform and intra-platform communications
US8391494B1 (en) Systems and methods for protecting enterprise rights management keys
US7788487B2 (en) Data processing apparatus
US8555089B2 (en) Program execution apparatus, control method, control program, and integrated circuit

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant