CN105391673A - Safe access method and device - Google Patents
Safe access method and device Download PDFInfo
- Publication number
- CN105391673A CN105391673A CN201410449035.3A CN201410449035A CN105391673A CN 105391673 A CN105391673 A CN 105391673A CN 201410449035 A CN201410449035 A CN 201410449035A CN 105391673 A CN105391673 A CN 105391673A
- Authority
- CN
- China
- Prior art keywords
- world
- rfb
- normal
- secure
- memory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
本发明是关于一种安全访问方法及装置,属于计算机安全领域。所述方法包括:在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据;从普通世界切换为安全世界,对加密数据进行解密得到显示数据;在安全世界下,根据显示数据进行显示。本发明通过在普通世界下,获取RFB服务端的加密数据,而后切换为安全世界,对加密数据进行解密得到显示数据,并在安全世界下,根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。
The invention relates to a safe access method and device, belonging to the field of computer safety. The method includes: in the normal world, obtain the encrypted data of the RFB server through the remote frame buffer RFB client; switch from the normal world to the safe world, decrypt the encrypted data to obtain the display data; show. The present invention obtains the encrypted data of the RFB server in the normal world, then switches to the secure world, decrypts the encrypted data to obtain display data, and displays according to the display data in the secure world, which solves the problem of security in the prior art. Running the RFB client in the world leads to the problem of increasing the code base in the secure world; under the premise of ensuring security, only a small part of the code base in the secure world needs to be added to access RFB safely through the RFB client server-side effects.
Description
技术领域technical field
本发明涉及计算机安全领域,特别涉及一种安全访问方法及装置。The invention relates to the field of computer security, in particular to a method and device for secure access.
背景技术Background technique
远程帧缓冲(英文:RemoteFrameBuffer,缩写:RFB)是一种用于远程访问图形用户界面的简单协议。根据该协议,RFB客户端可以远程访问RFB服务器的图形用户界面。远程帧缓冲被广泛应用于远程办公、远程控制等领域。Remote Frame Buffer (English: RemoteFrameBuffer, abbreviation: RFB) is a simple protocol for remote access to a graphical user interface. According to this protocol, the RFB client can remotely access the GUI of the RFB server. Remote frame buffer is widely used in remote office, remote control and other fields.
出于安全性的考虑,高级精简指令集机器(英文:AdvancedRISCMachines,缩写:ARM)公司提供信任区域(英文:TrustZone)硬件技术。在采用TrustZone硬件技术的终端中,终端可以运行在普通世界(英文:NormalWorld)或者安全世界(英文:SecureWorld)。其中,普通世界和安全世界的运行环境相互隔离。该终端在安全世界下运行RFB客户端时,可以保证远程访问过程的安全性。For the sake of security, Advanced RISC Machines (English: Advanced RISC Machines, abbreviation: ARM) company provides trust zone (English: TrustZone) hardware technology. In a terminal using the TrustZone hardware technology, the terminal can run in a normal world (English: NormalWorld) or a secure world (English: SecureWorld). Among them, the operating environments of the normal world and the safe world are isolated from each other. When the terminal runs the RFB client in a secure world, it can guarantee the security of the remote access process.
发明人发现现有技术至少存在以下问题:由于安全世界不会直接复用普通世界下的代码库,如果要使RFB客户端能够运行在安全世界,就需要在安全世界下重新实现一套支持RFB协议的代码库,不仅会使安全世界下的代码量剧增,而且因为代码量的增加而导致安全世界有可能会出现本不应该出现的漏洞。The inventor found at least the following problems in the existing technology: Since the secure world will not directly reuse the code base in the normal world, if you want to enable the RFB client to run in the secure world, you need to re-implement a set of supporting RFB in the secure world. The code base of the protocol will not only greatly increase the amount of code in the security world, but also cause loopholes that should not appear in the security world due to the increase in the amount of code.
发明内容Contents of the invention
本发明实施例提供了一种安全访问方法及装置,使用本发明实施例提供的安全访问方法及装置,可以解决在安全世界下运行RFB客户端所导致的安全世界下的代码库增加的问题。所述技术方案如下:The embodiment of the present invention provides a secure access method and device. Using the secure access method and device provided by the embodiment of the present invention can solve the problem of code base increase in the secure world caused by running the RFB client in the secure world. Described technical scheme is as follows:
第一方面,提供了一种安全访问方法,用于支持信任区域硬件技术的终端中,所述终端可以运行在普通世界或者安全世界,所述方法包括:In the first aspect, a secure access method is provided, which is used in a terminal supporting trust zone hardware technology, and the terminal can run in a normal world or a secure world, and the method includes:
在所述普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据;In the normal world, obtain the encrypted data of the RFB server through the remote frame buffer RFB client;
从所述普通世界切换为所述安全世界,对所述加密数据进行解密得到显示数据;switching from the normal world to the secure world, decrypting the encrypted data to obtain display data;
在所述安全世界下,根据所述显示数据进行显示。Under the safe world, it is displayed according to the display data.
结合第一方面,在第一方面的第一种可能的实施方式中,所述从所述普通世界切换为安全世界,对所述加密数据进行解密得到显示数据,包括:With reference to the first aspect, in a first possible implementation manner of the first aspect, the switching from the normal world to the secure world, and decrypting the encrypted data to obtain display data include:
在所述普通世界下,接收所述RFB客户端的写入请求,其中,所述写入请求是指将所述加密数据写入帧缓冲区内存的请求,所述帧缓冲区内存是仅在所述安全世界下能够访问的内存;In the normal world, the write request of the RFB client is received, wherein the write request refers to a request to write the encrypted data into the frame buffer memory, and the frame buffer memory is only in the The memory that can be accessed under the above security world;
在所述写入请求触发错误时,由所述普通世界切换为所述安全世界;When the write request triggers an error, switch from the normal world to the secure world;
在所述安全世界下,对所述加密数据进行解密得到显示数据;Under the secure world, decrypt the encrypted data to obtain display data;
所述在所述安全世界下,根据所述显示数据进行显示,包括:The displaying under the safe world according to the display data includes:
将所述显示数据写入所述帧缓冲区内存中,并由显示组件自动读取所述帧缓冲区内存中的所述显示数据进行显示。The display data is written into the frame buffer memory, and the display component automatically reads the display data in the frame buffer memory for display.
结合第一方面,在第一方面的第二种可能的实施方式中,所述在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据之前,还包括:With reference to the first aspect, in the second possible implementation manner of the first aspect, before obtaining the encrypted data of the RFB server through the remote frame buffer RFB client in the normal world, it also includes:
在所述普通世界下,通过所述RFB客户端登录所述RFB服务端;In the normal world, log in to the RFB server through the RFB client;
在登录所述RFB服务端成功时,将所述帧缓冲区内存设置为仅在所述安全世界下能够访问的内存。When the login to the RFB server is successful, the frame buffer memory is set as memory that can only be accessed under the security world.
结合第一方面的第二种可能的实施方式,在第一方面的第三种可能的实施方式中,所述在所述普通世界下,通过所述RFB客户端登录所述RFB服务端,包括:With reference to the second possible implementation manner of the first aspect, in a third possible implementation manner of the first aspect, the logging in to the RFB server through the RFB client in the normal world includes :
在所述普通世界下,通过所述RFB客户端获取所述RFB服务端的登录界面数据;In the normal world, obtain the login interface data of the RFB server through the RFB client;
根据所述登录界面数据显示登录界面;displaying a login interface according to the login interface data;
从所述普通世界切换为所述安全世界,接收在所述登录界面中输入的用户名和密码;switch from the normal world to the secure world, and receive the user name and password input in the login interface;
在所述普通世界下,将所述用户名和加密后的所述密码发送给所述RFB服务端,以使得所述RFB服务端根据所述用户名和所述加密后的所述密码进行验证。In the normal world, send the user name and the encrypted password to the RFB server, so that the RFB server performs verification according to the user name and the encrypted password.
结合第一方面的第三种可能的实施方式,在第一方面的第四种可能的实施方式中,所述在所述普通世界下,将所述用户名和加密后的所述密码发送给所述RFB服务端,包括:With reference to the third possible implementation manner of the first aspect, in a fourth possible implementation manner of the first aspect, in the ordinary world, sending the user name and the encrypted password to the The RFB server includes:
在所述安全世界下,将接收到的所述密码写入安全内存中,将接收到的所述用户名写入普通内存中,所述安全内存为仅在所述安全世界下能够访问的内存,所述普通内存是在所述普通世界和所述安全世界下均能访问的内存;Under the secure world, write the received password into a secure memory, write the received user name into a normal memory, and the secure memory is a memory that can only be accessed under the secure world , the normal memory is a memory that can be accessed under both the normal world and the secure world;
从所述安全世界切换为所述普通世界,并通过所述RFB客户端将所述用户名发送至所述RFB服务端;switch from the safe world to the normal world, and send the user name to the RFB server through the RFB client;
在所述用户名通过所述RFB服务端的验证时,接收所述RFB服务端产生的随机数;When the user name passes the verification of the RFB server, receive the random number generated by the RFB server;
从所述普通世界切换为所述安全世界,并利用预定哈希函数将所述随机数和密码转化为反馈信息,所述预定哈希函数为所述RFB客户端和所述RFB服务端预先约定的哈希函数;Switch from the normal world to the secure world, and convert the random number and password into feedback information using a predetermined hash function, the predetermined hash function is pre-agreed by the RFB client and the RFB server the hash function;
从所述安全世界切换为所述普通世界,并通过所述RFB客户端将所述反馈信息发送给所述RFB服务端。switch from the safe world to the normal world, and send the feedback information to the RFB server through the RFB client.
结合第一方面,或是第一方面的第一种可能的实施方式,或是第一方面的第二种可能的实施方式,或是第一方面的第三种可能的实施方式,或是第一方面的第四种可能的实施方式,在第一方面的第五种可能的实施方式中,所述在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据之前,还包括:In combination with the first aspect, or the first possible implementation manner of the first aspect, or the second possible implementation manner of the first aspect, or the third possible implementation manner of the first aspect, or the first possible implementation manner of the first aspect In the fourth possible implementation of the first aspect, in the fifth possible implementation of the first aspect, before obtaining the encrypted data of the RFB server through the remote frame buffer RFB client in the normal world, it also includes:
在启动后直接进入所述安全世界,并将安全世界提醒组件设置为仅在所述安全世界下能够使用,所述安全世界提醒组件用于提醒当前运行世界为所述普通世界和所述安全世界中的一种。Enter the safe world directly after startup, and set the safe world reminder component to be usable only in the safe world, the safe world reminder component is used to remind the current running world as the normal world and the safe world One of.
结合第一方面,或是第一方面的第一种可能的实施方式,或是第一方面的第二种可能的实施方式,或是第一方面的第三种可能的实施方式,或是第一方面的第四种可能的实施方式,在第一方面的第六种可能的实施方式中,,所述方法还包括:In combination with the first aspect, or the first possible implementation manner of the first aspect, or the second possible implementation manner of the first aspect, or the third possible implementation manner of the first aspect, or the first possible implementation manner of the first aspect In the fourth possible implementation manner of the first aspect, in the sixth possible implementation manner of the first aspect, the method further includes:
在所述安全世界下,获取外部输入设备接收到的输入信号,所述外部输入设备是仅在所述安全世界下能访问的外部输入设备;Under the secure world, acquire an input signal received by an external input device, where the external input device is an external input device that can only be accessed under the secure world;
将所述输入信号加密后写入普通内存,所述普通内存是在所述普通世界和所述安全世界下均能访问的内存;Encrypting the input signal and writing it into a normal memory, the normal memory is a memory that can be accessed in both the normal world and the secure world;
在所述普通世界下,通过所述RFB客户端将加密后的所述输入信号发送给所述RFB服务端。In the normal world, the encrypted input signal is sent to the RFB server through the RFB client.
结合第一方面的第六种可能的实施方式,在第一方面的第七种可能的实施方式中,所述在所述安全世界下,获取外部输入设备接收到的输入信号之前,还包括:With reference to the sixth possible implementation manner of the first aspect, in the seventh possible implementation manner of the first aspect, before acquiring the input signal received by the external input device under the secure world, further includes:
在所述RFB客户端启动时,将所述终端的外部输入设备设置为仅在所述安全世界下能访问的外部输入设备。When the RFB client is started, the external input device of the terminal is set as an external input device that can only be accessed in the secure world.
第二方面,提供了一种安全访问装置,用于支持信任区域硬件技术的终端中,所述终端可以运行在普通世界或者安全世界,所述装置包括:In the second aspect, a secure access device is provided, which is used in a terminal supporting trust zone hardware technology, the terminal can run in the normal world or the secure world, and the device includes:
数据获取模块,用于在所述普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据;The data acquisition module is used to obtain the encrypted data of the RFB service end through the remote frame buffer RFB client in the normal world;
数据解密模块,用于从所述普通世界切换为所述安全世界,对所述加密数据进行解密得到显示数据;A data decryption module, configured to switch from the normal world to the secure world, and decrypt the encrypted data to obtain display data;
数据显示模块,用于在所述安全世界下,根据所述显示数据进行显示。The data display module is configured to display according to the display data in the safe world.
结合第二方面,在第二方面的第一种可能的实施方式中,所述数据解密模块,包括:With reference to the second aspect, in a first possible implementation manner of the second aspect, the data decryption module includes:
请求接收单元,用于在所述普通世界下,接收所述RFB客户端的写入请求,其中,所述写入请求是指将所述加密数据写入帧缓冲区内存的请求,所述帧缓冲区内存是仅在所述安全世界下能够访问的内存;The request receiving unit is used to receive the write request of the RFB client in the normal world, wherein the write request refers to a request to write the encrypted data into the frame buffer memory, and the frame buffer Zone memory is memory that can only be accessed under the secure world;
安全切换单元,用于在所述写入请求触发错误时,由所述普通世界切换为所述安全世界;a security switching unit, configured to switch from the normal world to the secure world when the write request triggers an error;
数据解密单元,用于在所述安全世界下,对所述加密数据进行解密得到显示数据;A data decryption unit, configured to decrypt the encrypted data to obtain display data in the secure world;
所述数据显示模块,用于将所述显示数据写入所述帧缓冲区内存中,并由显示组件自动读取所述帧缓冲区内存中的所述显示数据进行显示。The data display module is used to write the display data into the frame buffer memory, and the display component automatically reads the display data in the frame buffer memory for display.
结合第二方面,在第二方面的第二种可能的实施方式中,所述装置,还包括:With reference to the second aspect, in a second possible implementation manner of the second aspect, the device further includes:
客户登陆模块,用于在所述普通世界下,通过所述RFB客户端登录所述RFB服务端;A client login module, configured to log in to the RFB server through the RFB client in the normal world;
安全内存模块,用于在登录所述RFB服务端成功时,将所述帧缓冲区内存设置为仅在所述安全世界下能够访问的内存。A secure memory module, configured to set the frame buffer memory as memory that can only be accessed under the secure world when the login to the RFB server is successful.
结合第二方面的第二种可能的实施方式,在第二方面的第三种可能的实施方式中,所述客户登陆模块,包括:With reference to the second possible implementation manner of the second aspect, in a third possible implementation manner of the second aspect, the client login module includes:
登录界面单元,用于在所述普通世界下,通过所述RFB客户端获取所述RFB服务端的登录界面数据;A login interface unit, configured to obtain the login interface data of the RFB server through the RFB client in the normal world;
界面显示单元,用于根据所述登录界面数据显示登录界面;an interface display unit, configured to display a login interface according to the login interface data;
输入接收单元,用于从所述普通世界切换为所述安全世界,接收在所述登录界面中输入的用户名和密码;an input receiving unit, configured to switch from the normal world to the secure world, and receive the user name and password input in the login interface;
输入发送单元,用于在所述普通世界下,将所述用户名和加密后的所述密码发送给所述RFB服务端,以使得所述RFB服务端根据所述用户名和所述加密后的所述密码进行验证。An input sending unit, configured to send the user name and the encrypted password to the RFB server in the normal world, so that the RFB server uses the user name and the encrypted password The above password is verified.
结合第二方面的第三种可能的实施方式,在第二方面的第四种可能的实施方式中,所述输入发送单元,包括:With reference to the third possible implementation manner of the second aspect, in a fourth possible implementation manner of the second aspect, the input sending unit includes:
输入写入子单元,用于在所述安全世界下,将接收到的所述密码写入安全内存中,将接收到的所述用户名写入普通内存中,所述安全内存为仅在所述安全世界下能够访问的内存,所述普通内存是在所述普通世界和所述安全世界下均能访问的内存;The input write subunit is used to write the received password into a secure memory and write the received user name into a common memory under the secure world, and the secure memory is only used in the secure world The memory that can be accessed under the security world, the normal memory is the memory that can be accessed in both the normal world and the security world;
用户名发送子单元,用于从所述安全世界切换为所述普通世界,并通过所述RFB客户端将所述用户名发送至所述RFB服务端;A username sending subunit, configured to switch from the secure world to the normal world, and send the username to the RFB server through the RFB client;
随机数接收子单元,在所述用户名通过所述RFB服务端的验证时,接收所述RFB服务端产生的随机数;The random number receiving subunit receives the random number generated by the RFB server when the user name is verified by the RFB server;
反馈生成子单元,用于从所述普通世界切换为所述安全世界,并利用预定哈希函数将所述随机数和密码转化为反馈信息,所述预定哈希函数为所述RFB客户端和所述RFB服务端预先约定的哈希函数;A feedback generating subunit, configured to switch from the normal world to the secure world, and convert the random number and password into feedback information using a predetermined hash function, the predetermined hash function is the RFB client and The hash function pre-agreed by the RFB server;
所述反馈发送子单元,用于从所述安全世界切换为所述普通世界,并通过所述RFB客户端将所述反馈信息发送给所述RFB服务端。The feedback sending subunit is configured to switch from the safe world to the normal world, and send the feedback information to the RFB server through the RFB client.
结合第二方面,或是第二方面的第一种可能的实施方式,或是第二方面的第二种可能的实施方式,或是第二方面的第三种可能的实施方式,或是第二方面的第四种可能的实施方式,在第二方面的第五种可能的实施方式中,所述装置,还包括:In combination with the second aspect, or the first possible implementation manner of the second aspect, or the second possible implementation manner of the second aspect, or the third possible implementation manner of the second aspect, or the first possible implementation manner of the second aspect In the fourth possible implementation manner of the second aspect, in the fifth possible implementation manner of the second aspect, the device further includes:
安全启动模块,用于在启动后直接进入所述安全世界,并将安全世界提醒组件设置为仅在所述安全世界下能够使用,所述安全世界提醒组件用于提醒当前运行世界为所述普通世界和所述安全世界中的一种。The safe start module is used to directly enter the safe world after startup, and set the safe world reminding component to be usable only in the safe world, and the safe world reminding component is used to remind the current running world as the normal One of the world and the secure world.
结合第二方面,或是第二方面的第一种可能的实施方式,或是第二方面的第二种可能的实施方式,或是第二方面的第三种可能的实施方式,或是第二方面的第四种可能的实施方式,在第二方面的第六种可能的实施方式中,所述装置还包括:In combination with the second aspect, or the first possible implementation manner of the second aspect, or the second possible implementation manner of the second aspect, or the third possible implementation manner of the second aspect, or the first possible implementation manner of the second aspect In the fourth possible implementation manner of the second aspect, in the sixth possible implementation manner of the second aspect, the device further includes:
输入获取模块,用于在所述安全世界下,获取外部输入设备接收到的输入信号,所述外部输入设备是仅在所述安全世界下能访问的外部输入设备;An input acquisition module, configured to acquire an input signal received by an external input device in the secure world, where the external input device is an external input device that can only be accessed in the secure world;
加密写入模块,用于将所述输入信号加密后写入普通内存,所述普通内存是在所述普通世界和所述安全世界下均能访问的内存;An encryption writing module, configured to encrypt the input signal and write it into a normal memory, where the normal memory is a memory that can be accessed in both the normal world and the secure world;
信号发送模块,用于在所述普通世界下,通过所述RFB客户端将加密后的所述输入信号发送给所述RFB服务端。A signal sending module, configured to send the encrypted input signal to the RFB server through the RFB client in the normal world.
结合第二方面的第六种可能的实施方式,在第二方面的第七种可能的实施方式中,所述装置,还包括:With reference to the sixth possible implementation manner of the second aspect, in a seventh possible implementation manner of the second aspect, the device further includes:
安全输入模块,用于在所述RFB客户端启动时,将所述终端的外部输入设备设置为仅在所述安全世界下能访问的外部输入设备。A secure input module, configured to set the external input device of the terminal as an external input device that can only be accessed in the secure world when the RFB client is started.
本发明实施例提供的技术方案带来的有益效果是:The beneficial effects brought by the technical solution provided by the embodiments of the present invention are:
通过在普通世界下利用远程帧缓冲RFB客户端获取RFB服务端的加密数据,从普通世界切换为安全世界对加密数据进行解密得到显示数据,并在安全世界下根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,RFB客户端仍然运行在普通世界,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。By using the remote frame buffer RFB client to obtain the encrypted data of the RFB server in the normal world, switch from the normal world to the secure world to decrypt the encrypted data to obtain the display data, and display it according to the display data in the secure world, which solves the existing problem In the technology, running the RFB client in the secure world leads to an increase in the code base in the secure world; under the premise of ensuring security, the RFB client still runs in the normal world, and only a small part of the secure world needs to be added The code library, you can safely access the effect of the RFB server through the RFB client.
进一步,通过在启动后直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种,达到了用户可以通过安全世界提醒组件来判断当前终端是否处于安全世界,从而决定是否进行保密性数据的输入,或判断当前的保密性数据的显示是否安全的效果。Further, by directly entering the safe world after startup, and setting the safe world reminder component to be used only in the safe world, the safe world reminder component is used to remind the current running world as one of the normal world and the safe world, achieving The user can judge whether the current terminal is in the safe world through the safe world reminder component, so as to decide whether to input confidential data, or judge whether the display of the current confidential data is safe or not.
进一步,通过在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备,之后将输入信号加密后写入普通内存,普通内存是在普通世界和安全世界下均能访问的内存,最后在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端,达到了既保证了用户的输入信号的安全性,又避免了RFB客户端运行于安全世界中需要增加代码库的效果。Further, by obtaining the input signal received by the external input device in the secure world, the external input device is an external input device that can only be accessed in the secure world, and then encrypt the input signal and write it into the ordinary memory. The ordinary memory is in the ordinary memory. The memory that can be accessed in both the world and the safe world, and finally in the normal world, the encrypted input signal is sent to the RFB server through the RFB client, which not only ensures the security of the user's input signal, but also avoids RFB Clients running in a secure world have the effect of increasing the codebase.
进一步,通过在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存,使得终端在普通世界下也能够继续进行保密性数据的显示,达到了终端在安全世界与普通世界的切换时用户也能够看到流畅的显示图像的效果。Furthermore, when the login to the RFB server is successful, the frame buffer memory is set as a memory that can only be accessed in the secure world, so that the terminal can continue to display confidential data in the normal world. Users can also see the effect of smooth display images when switching from the normal world.
进一步,通过在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数,之后从普通世界切换为安全世界,并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数,最后从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端,即反馈信息为一个动态信息,达到了使本发明实施例提供的技术方案可以有效的避免遭受重放攻击的效果。Further, by receiving the random number generated by the RFB server when the user name passes the verification of the RFB server, and then switching from the normal world to the secure world, and using a predetermined hash function to convert the random number and password into feedback information, the predetermined hash The function is the pre-agreed hash function between the RFB client and the RFB server, and finally switches from the safe world to the normal world, and sends the feedback information to the RFB server through the RFB client, that is, the feedback information is a dynamic information, which achieves the goal of using The technical solution provided by the embodiment of the present invention can effectively avoid the effect of replay attack.
附图说明Description of drawings
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained based on these drawings without creative effort.
图1是本发明实施例提供的安全访问方法的一种实施环境的示意图;FIG. 1 is a schematic diagram of an implementation environment of a secure access method provided by an embodiment of the present invention;
图2是本发明一个实施例提供的一种安全访问方法的方法流程图;Fig. 2 is a method flowchart of a secure access method provided by an embodiment of the present invention;
图3是本发明另一个实施例提供的一种安全访问方法的方法流程图;Fig. 3 is a method flowchart of a secure access method provided by another embodiment of the present invention;
图4是本发明一个实施例提供的一种安全访问装置的结构方框图;Fig. 4 is a structural block diagram of a security access device provided by an embodiment of the present invention;
图5A是本发明另一个实施例提供的一种安全访问装置的结构方框图;Fig. 5A is a structural block diagram of a security access device provided by another embodiment of the present invention;
图5B是图5A所示实施例提供的输入发送单元的结构方框图;Fig. 5B is a structural block diagram of the input sending unit provided by the embodiment shown in Fig. 5A;
图6是本发明一个实施例提供的终端的结构方框图。Fig. 6 is a structural block diagram of a terminal provided by an embodiment of the present invention.
具体实施方式detailed description
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本发明相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本发明的一些方面相一致的装置和方法的例子。Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the present invention. Rather, they are merely examples of apparatuses and methods consistent with aspects of the invention as recited in the appended claims.
图1是本发明实施例示出的安全访问方法的一种实施环境的示意图,该实施环境包括:终端110和服务器120;FIG. 1 is a schematic diagram of an implementation environment of a secure access method shown in an embodiment of the present invention, the implementation environment includes: a terminal 110 and a server 120;
终端110为具有连接网络功能的电子设备,如智能手机,平板电脑,电子计算机等等。终端110可以运行有RFB(英文:RemoteFrameBuffer,中文:远程帧缓冲)客户端。终端110包含有符合ARM(英文:AdvancedRISCMachines,中文:高级精简指令集机器)公司的TrustZone技术规范的硬件架构,该硬件架构可以支持本发明实施例示出的安全访问方法。换句话说,该终端110是支持以安全世界和普通世界两种模式择一运行的终端。The terminal 110 is an electronic device capable of connecting to a network, such as a smart phone, a tablet computer, an electronic computer, and the like. The terminal 110 may run an RFB (English: Remote Frame Buffer, Chinese: Remote Frame Buffer) client. The terminal 110 includes a hardware architecture conforming to the TrustZone technical specification of the ARM (English: Advanced RISCMachines, Chinese: Advanced Reduced Instruction Set Machine) company, and the hardware architecture can support the secure access method shown in the embodiment of the present invention. In other words, the terminal 110 is a terminal that supports to operate in one of two modes, the secure world and the normal world.
服务器120可以是一台服务器,或者由若干台服务器组成的服务器集群,或者是一个云计算服务中心。服务器120可以运行有RFB服务端。The server 120 may be one server, or a server cluster composed of several servers, or a cloud computing service center. The server 120 may run an RFB server.
终端110和服务器120之间可以建立网络连接。A network connection can be established between the terminal 110 and the server 120 .
下面对本发明实施例所涉及的若干术语进行描述:Several terms involved in the embodiments of the present invention are described below:
术语“普通世界”是指日常使用终端时终端的操作系统所运行的世界,该普通世界可以运行用户自己的应用程序。The term "ordinary world" refers to the world in which the operating system of the terminal runs when the terminal is used in daily life, and the ordinary world can run the user's own application program.
术语“安全世界”是与“普通世界”安全隔离的一种模式,该模式由终端的中央处理器(英文:CentralProcessingUnit,缩写:CPU)内核中开辟的可信代码区来支持,终端通过可信代码区可以实现安全世界与普通世界的代码隔离,即终端运行于安全世界下时,普通世界下的代码是无法访问安全世界中的数据的。从而用户可以在终端的安全世界中进行各种有关敏感数据的操作。The term "secure world" is a mode that is safely isolated from the "ordinary world". The code area can realize code isolation between the secure world and the normal world, that is, when the terminal runs in the secure world, the code in the normal world cannot access the data in the secure world. Thus, the user can perform various operations related to sensitive data in the secure world of the terminal.
请参考图2,其示出了本发明一个实施例提供的一种安全访问方法的方法流程图,本实施例以该安全访问方法应用于图1所示的实施环境中的终端110中来举例说明。该安全访问方法可以包括如下几个步骤:Please refer to FIG. 2 , which shows a method flow chart of a secure access method provided by an embodiment of the present invention. In this embodiment, the secure access method is applied to the terminal 110 in the implementation environment shown in FIG. 1 as an example illustrate. The secure access method may include the following steps:
步骤201,在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据。Step 201, in the normal world, obtain the encrypted data of the RFB server through the remote frame buffer RFB client.
步骤202,从普通世界切换为安全世界,对加密数据进行解密得到显示数据。Step 202, switch from the normal world to the secure world, and decrypt the encrypted data to obtain the display data.
步骤203,在安全世界下,根据显示数据进行显示。Step 203, in the safe world, display according to the display data.
综上所述,本实施例提供的安全访问方法,通过在普通世界下,利用远程帧缓冲RFB客户端获取RFB服务端的加密数据,而后从普通世界切换为安全世界,对加密数据进行解密得到显示数据,并在安全世界下,根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,RFB客户端仍然运行在普通世界,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。To sum up, the secure access method provided by this embodiment uses the remote frame buffer RFB client to obtain the encrypted data of the RFB server in the normal world, and then switches from the normal world to the secure world to decrypt the encrypted data to display Data, and in the safe world, display according to the displayed data, which solves the problem of running the RFB client in the safe world in the prior art, which leads to the increase of the code base in the safe world; it achieves the premise of ensuring security. The RFB client is still running in the normal world, and it only needs to add a small part of the code base in the secure world to access the effect of the RFB server safely through the RFB client.
请参考图3,其示出了本发明另一个实施例提供的一种安全访问方法的方法流程图,本实施例以该安全访问方法应用于图1所示的实施环境中来举例说明。该安全访问方法可以包括如下几个步骤:Please refer to FIG. 3 , which shows a method flowchart of a secure access method provided by another embodiment of the present invention. This embodiment is illustrated by taking the secure access method applied to the implementation environment shown in FIG. 1 . The secure access method may include the following steps:
步骤301,终端在启动时直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种。Step 301 , the terminal directly enters the secure world when starting up, and sets the secure world reminder component to be usable only in the secure world. The secure world reminder component is used to remind the current operating world as one of the normal world and the secure world.
终端在启动时就进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,这样可以确保该设置是安全有效的。The terminal enters the safe world when it is started, and the safe world reminder component is set to be used only in the safe world, so as to ensure that the setting is safe and effective.
安全世界提醒组件可以是指示灯,终端可以设置该指示灯在安全世界下点亮,而在普通世界下熄灭;或设置该指示灯在普通世界下点亮,在安全世界下熄灭。The safe world reminder component can be an indicator light, and the terminal can set the indicator light to be on in the safe world and off in the normal world; or set the indicator light to be on in the normal world and off in the safe world.
安全世界提醒组件也可以是发声装置,则终端可以设置该发声装置在安全世界下发出特定声音,而在普通世界下不工作;或设置该发声装置在普通世界下发出特定声音,而在安全世界下不工作。The safe world reminder component can also be a sounding device, then the terminal can set the sounding device to emit a specific sound in the safe world, but not work in the normal world; or set the sounding device to emit a specific sound in the normal world, The next does not work.
安全世界提醒组件还可以是振动提醒装置,终端可以设置该振动提醒装置在安全世界下振动,普通世界下不振动;或设置该振动提醒装置在普通世界下振动,安全世界下不震动。The safe world reminding component can also be a vibration reminding device, and the terminal can set the vibration reminding device to vibrate in the safe world and not vibrate in the normal world; or set the vibration reminding device to vibrate in the normal world and not vibrate in the safe world.
在设置完成后,指示灯、发声装置和振动提醒装置的不同提醒状态分别对应安全世界和普通世界,用户就可以通过安全世界提醒组件的提醒状态来判断当前终端是否处于安全世界,从而决定是否进行保密性数据的输入,或判断当前的保密性数据的显示是否安全,终端中可以包含上述三种安全世界提醒组件中的任意一种或多种。After the setting is completed, the different reminder states of the indicator light, sound device and vibration reminder device correspond to the safe world and the normal world respectively, and the user can judge whether the current terminal is in the safe world through the reminder status of the safe world reminder component, so as to decide whether to proceed For inputting confidential data, or judging whether the current display of confidential data is safe, the terminal may include any one or more of the above three safe world reminder components.
需要说明的是,本步骤一般只需要执行一次就能满足终端以后进行安全访问时的需要,比如,本步骤可以在出厂前就已完成,终端在出厂后就不需要再对安全世界提醒组件进行设置,但在用户有需要时,用户还是可以在终端启动时就控制终端进入安全世界对安全世界提醒组件进行设置。It should be noted that this step generally only needs to be executed once to meet the security access needs of the terminal in the future. For example, this step can be completed before leaving the factory, and the terminal does not need to update the safe world reminder component after leaving the factory. However, when the user needs it, the user can still control the terminal to enter the safe world and set the safe world reminder component when the terminal is started.
步骤302,终端在普通世界下,通过RFB客户端登录RFB服务端。In step 302, the terminal logs in to the RFB server through the RFB client in the normal world.
本步骤在执行时可以包括如下7个子步骤:This step may include the following 7 sub-steps during execution:
1)终端在普通世界下通过RFB客户端向RFB服务端发送安全访问请求。1) In the normal world, the terminal sends a security access request to the RFB server through the RFB client.
用户操作终端启动RFB客户端,并向RFB服务端发送安全访问请求。The user operates the terminal to start the RFB client, and sends a security access request to the RFB server.
此外,终端可以在用户将RFB客户端启动后,将终端的外部输入设备设置为仅在安全世界下能访问的外部输入设备,这样用户就无法在普通世界下进行输入操作,从而保证了用户的输入数据的安全性。In addition, after the user starts the RFB client, the terminal can set the external input device of the terminal as an external input device that can only be accessed in the secure world, so that the user cannot perform input operations in the normal world, thus ensuring the user's security. Security of input data.
需要说明的是,终端还可以将外部输入设备设置为用户对外部输入设备进行特定操作后切换为安全世界,比如用户通过触摸屏点击输入框后,终端切换为安全世界,又比如输入设备为实体按键,则在用户点击特定按键或特定按键组合后,终端进入安全世界。It should be noted that the terminal can also set the external input device to switch to the safe world after the user performs a specific operation on the external input device. For example, after the user clicks the input box on the touch screen, the terminal switches to the safe world. Another example is that the input device is a physical button. , after the user clicks a specific key or a specific key combination, the terminal enters the safe world.
2)服务器通过RFB服务端接收到安全访问请求后向RFB客户端提供RFB服务端的登录界面数据。2) After receiving the security access request through the RFB server, the server provides the login interface data of the RFB server to the RFB client.
因为该登录界面数据中并未包含有需要加密的数据,因而该登录界面数据可以是未加密的登录界面数据,同时也方便了RFB客户端在普通世界下对该登录界面数据进行显示。Because the login interface data does not contain data that needs to be encrypted, the login interface data can be unencrypted login interface data, and it is also convenient for the RFB client to display the login interface data in the normal world.
3)终端在普通世界下,通过RFB客户端获取RFB服务端的登录界面数据。3) In the normal world, the terminal obtains the login interface data of the RFB server through the RFB client.
终端在普通世界下通过RFB客户端接收RFB服务端发送的登录界面数据。In the normal world, the terminal receives the login interface data sent by the RFB server through the RFB client.
4)终端根据登录界面数据显示登录界面。4) The terminal displays the login interface according to the login interface data.
终端将登录界面数据写入帧缓冲区内存并进行显示。The terminal writes the login interface data into the frame buffer memory and displays it.
5)终端从普通世界切换为安全世界,接收在登录界面中输入的用户名和密码。5) The terminal switches from the normal world to the safe world, and receives the user name and password entered in the login interface.
终端从普通世界切换为安全世界后,用户通过外部输入设备在登录界面输入用户名和密码,终端接收该用户名和密码。After the terminal switches from the normal world to the secure world, the user enters the user name and password on the login interface through the external input device, and the terminal receives the user name and password.
其中,终端可以在显示登录界面数据后立刻切换为安全世界,也可以在用户想要进行输入操作时切换为安全世界,比如用户点击输入框后终端切换为安全世界;又比如输入设备为实体按键,则在用户点击特定按键后切换为安全世界,可以由1)中终端对外部输入设备的设置来决定终端切换为安全世界的方式。Among them, the terminal can switch to the safe world immediately after displaying the login interface data, or switch to the safe world when the user wants to perform an input operation, for example, the terminal switches to the safe world after the user clicks the input box; another example is that the input device is a physical button , then switch to the safe world after the user clicks a specific button, the way the terminal switches to the safe world can be determined by the setting of the terminal to the external input device in 1).
6)终端在普通世界下,将用户名和加密后的密码发送给RFB服务端,以使得RFB服务端根据用户名和加密后的密码进行验证。6) In the normal world, the terminal sends the user name and encrypted password to the RFB server, so that the RFB server performs verification according to the user name and encrypted password.
终端在普通世界下,可以将用户名和加密后的密码一起发送给RFB服务端,该加密后的密码是在安全世界下通过预定密钥加密的,该预定密钥可以是RFB客户端与RFB服务端预先约定的密钥或密码本身。RFB服务端接收到该用户名和加密后的密码后,将加密后的密码进行解密,并将解密后的密码进行验证。In the normal world, the terminal can send the user name and the encrypted password to the RFB server. The encrypted password is encrypted with a predetermined key in the safe world. The predetermined key can be used between the RFB client and the RFB service. The secret key or password itself pre-agreed by the client. After receiving the user name and the encrypted password, the RFB server decrypts the encrypted password and verifies the decrypted password.
可选的,本步骤可以包括下面6个子步骤:Optionally, this step may include the following 6 sub-steps:
(1)终端在安全世界下,将接收到的密码写入安全内存中,将接收到的用户名写入普通内存中,,安全内存为仅在安全世界下能够访问的内存,普通内存是在普通世界和安全世界下均能访问的内存。(1) In the secure world, the terminal writes the received password into the secure memory, and writes the received user name into the normal memory. The secure memory is the memory that can only be accessed in the secure world. The normal memory is in Memory that can be accessed by both the normal world and the secure world.
终端在接收到用户输入的密码后,将该密码存储于安全内存中,该用户名存储于普通内存中。After receiving the password input by the user, the terminal stores the password in the safe memory, and stores the user name in the common memory.
其中安全内存可以在步骤301中设置为仅在安全世界下能够访问的内存。The secure memory can be set in step 301 as a memory that can only be accessed under the secure world.
(2)终端从安全世界切换为普通世界,并通过RFB客户端将用户名发送至RFB服务端。(2) The terminal switches from the secure world to the normal world, and sends the user name to the RFB server through the RFB client.
由于用户名存储于普通内存中,普通内存是普通世界和安全世界均能访问的内存,因而终端从安全世界切换为普通世界后,可以从普通内存中获取用户名并,将该用户名通过RFB客户端发送至RFB服务端。Since the user name is stored in the normal memory, the normal memory can be accessed by both the normal world and the secure world, so after the terminal switches from the secure world to the normal world, it can obtain the user name from the normal memory and pass the user name through RFB The client sends to the RFB server.
(3)终端在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数。(3) When the user name passes the verification of the RFB server, the terminal receives the random number generated by the RFB server.
RFB服务端在获取用户名后,验证该用户名是否属于合法用户,若该用户名属于合法用户,则RFB服务端产生一个随机数,记录该随机数后将该随机数发送至RFB客户端。合法用户可以是服务器许可的可以访问该服务器的用户,合法用户的用户名可以存储与服务器中。After the RFB server obtains the user name, it verifies whether the user name belongs to a legal user. If the user name belongs to a legal user, the RFB server generates a random number, records the random number and sends the random number to the RFB client. The legal user may be a user permitted by the server to access the server, and the user name of the legal user may be stored in the server.
(4)终端从普通世界切换为安全世界并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数。(4) The terminal switches from the ordinary world to the secure world and converts random numbers and passwords into feedback information using a predetermined hash function, which is a pre-agreed hash function between the RFB client and the RFB server.
终端在接收到随机数后,利用预定哈希函数将随机数和密码转化为反馈信息。比如,可以通过消息摘要算法第五版(英文:MessageDigestAlgorithm5,缩写:MD5)将该随机数和安全内存中的密码作为一个整体转化为反馈信息。After receiving the random number, the terminal uses a predetermined hash function to convert the random number and password into feedback information. For example, the random number and the password in the secure memory can be converted into feedback information as a whole through the fifth edition of the Message Digest Algorithm (English: Message Digest Algorithm 5, abbreviation: MD5).
(5)终端从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端。(5) The terminal switches from the secure world to the normal world, and sends feedback information to the RFB server through the RFB client.
(6)服务器通过RFB服务端接收RFB客户端发送的反馈信息,并对反馈信息进行验证。(6) The server receives the feedback information sent by the RFB client through the RFB server, and verifies the feedback information.
服务器通过RFB服务端接收RFB客户端发送的反馈信息。The server receives the feedback information sent by the RFB client through the RFB server.
RFB服务端接收到该反馈信息后,通过预定哈希函数将保存于服务器中的发送给RFB客户端的随机数和接收到的用户名转化为验证信息,检测该验证信息和反馈信息是否一致,在该验证信息和反馈信息一致时,RFB客户端验证成功,在该验证信息和反馈信息不一致时,RFB客户端验证失败。After receiving the feedback information, the RFB server converts the random number sent to the RFB client stored in the server and the received user name into verification information through a predetermined hash function, and detects whether the verification information is consistent with the feedback information. When the verification information is consistent with the feedback information, the RFB client verification succeeds, and when the verification information is inconsistent with the feedback information, the RFB client verification fails.
需要说明的是,(1)至(6)可以在整个安全访问的过程中多次执行,或每过预定时间执行一次,从而提高本实施例安全访问方法的安全性。It should be noted that (1) to (6) may be executed multiple times during the whole security access process, or once every predetermined time, so as to improve the security of the security access method of this embodiment.
7)在验证成功时,服务器通过RFB服务端向RFB客户端发送成功登录提示。7) When the verification is successful, the server sends a successful login prompt to the RFB client through the RFB server.
在验证成功时,服务器通过RFB服务端与RFB客户端建立安全访问连接,并向RFB服务端发送成功登录提示。When the verification is successful, the server establishes a secure access connection with the RFB client through the RFB server, and sends a successful login prompt to the RFB server.
在验证失败时,服务器通过RFB服务端向RFB客户端发送登录失败提示。When the verification fails, the server sends a login failure prompt to the RFB client through the RFB server.
步骤303,终端在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存。Step 303, when the terminal successfully logs in to the RFB server, set the frame buffer memory as the memory that can only be accessed in the secure world.
终端在登录RFB服务端成功时,可以是接收到RFB服务端反馈的登录成功提示时,终端将帧缓冲区内存设置为仅在安全世界下能够访问的内存。帧缓冲区内存为终端用于存放屏幕图像内容的内存,此设置可以禁止终端在普通世界下进行远程用户图形界面的显示。When the terminal successfully logs in to the RFB server, the terminal may set the frame buffer memory as a memory that can only be accessed in a secure world when receiving a successful login prompt fed back by the RFB server. The frame buffer memory is the memory used by the terminal to store the content of the screen image. This setting can prohibit the terminal from displaying the remote user graphical interface in the normal world.
在RFB客户端登录RFB服务器成功后,RFB服务端向RFB客户端发送的显示数据有可能是保密性的数据,终端在此时将帧缓冲区内存设置为仅在安全世界下能够访问的内存,可以有效的避免保密性的数据在普通世界下进行显示。After the RFB client logs in to the RFB server successfully, the display data sent by the RFB server to the RFB client may be confidential data. At this time, the terminal sets the frame buffer memory as the memory that can only be accessed in the safe world. It can effectively prevent confidential data from being displayed in the normal world.
而终端在登录RFB服务端失败时,可以返回5)中重新接收在登录界面中输入的用户名和密码,即用户可以重新输入用户名和密码。When the terminal fails to log in to the RFB server, it can return to step 5) to re-receive the user name and password input in the login interface, that is, the user can re-enter the user name and password.
需要说明的是,将帧缓冲区内存设置为仅在安全世界下能够访问的内存这一操作也可以在用户打开RFB客户端时立即执行,对应的,终端会将登录界面数据显示于安全世界中,此时登录界面数据可以是加密的,也可以是未加密的,在登录界面数据是加密的时,加密密钥可以是预定密钥。It should be noted that the operation of setting the framebuffer memory to be accessible only in the secure world can also be executed immediately when the user opens the RFB client. Correspondingly, the terminal will display the login interface data in the secure world , at this time, the login interface data may be encrypted or unencrypted, and when the login interface data is encrypted, the encryption key may be a predetermined key.
步骤304,服务器通过RFB服务端向RFB客户端提供加密数据。Step 304, the server provides encrypted data to the RFB client through the RFB server.
在RFB客户端登录RFB服务器成功后,服务器通过RFB服务端向RFB客户端提供加密数据,该加密数据可以是RFB服务端默认在RFB客户端登录成功之后发送给RFB客户端的加密数据,也可以是RFB服务端接收到RFB客户端的请求后,根据该请求发送的加密数据。After the RFB client logs in to the RFB server successfully, the server provides encrypted data to the RFB client through the RFB server. The encrypted data can be the encrypted data that the RFB server sends to the RFB client by default after the RFB client successfully logs in, or it can be After the RFB server receives the request from the RFB client, it sends encrypted data according to the request.
此外,该加密数据的加密密钥可以是预定密钥,即RFB客户端和RFB服务端预先约定的密钥或是用户登录RFB服务端时所使用的密码本身。In addition, the encryption key of the encrypted data may be a predetermined key, that is, a pre-agreed key between the RFB client and the RFB server, or the password itself used when the user logs in to the RFB server.
步骤305,终端在普通世界下,通过RFB客户端获取RFB服务端的加密数据。Step 305, the terminal obtains the encrypted data of the RFB server through the RFB client in the normal world.
由于是RFB客户端与RFB服务端之间建立的安全访问连接,因而终端在普通世界下,需要通过RFB客户端获取RFB服务端发送的加密数据。Since it is a secure access connection established between the RFB client and the RFB server, the terminal needs to obtain the encrypted data sent by the RFB server through the RFB client in the normal world.
步骤306,终端在普通世界下,接收RFB客户端的写入请求,其中,写入请求是指将加密数据写入帧缓冲区内存的请求,帧缓冲区内存是仅在安全世界下能够访问的内存。Step 306, the terminal receives a write request from the RFB client in the normal world, wherein the write request refers to a request to write encrypted data into the frame buffer memory, and the frame buffer memory is a memory that can only be accessed in the secure world .
终端在普通世界下接收到RFB服务端发送的加密数据后,RFB客户端会向终端发送将该加密数据写入帧缓冲区内存的写入请求。After the terminal receives the encrypted data sent by the RFB server in the normal world, the RFB client will send a write request to the terminal to write the encrypted data into the frame buffer memory.
步骤307,终端在写入请求触发错误时,由普通世界切换为安全世界。Step 307, the terminal switches from the normal world to the secure world when the write request triggers an error.
由于此时的帧缓冲区内存被设置为仅在安全世界下能够访问的内存,因而终端在普通世界下接收到RFB客户端发送的将加密数据写入帧缓冲区内存的写入请求后,终端会触发错误并切换为安全世界。Since the frame buffer memory at this time is set as a memory that can only be accessed in the secure world, after the terminal receives a write request from the RFB client to write encrypted data into the frame buffer memory in the normal world, the terminal will trigger an error and switch to the safe world.
步骤308,终端在安全世界下,对加密数据进行解密得到显示数据。Step 308, the terminal decrypts the encrypted data in the secure world to obtain the display data.
终端切换为安全世界后,可以利用预定密钥对加密的显示数据解密。After the terminal is switched to the secure world, the encrypted display data can be decrypted using a predetermined key.
步骤309,终端在安全世界下,将显示数据写入帧缓冲区内存中,并由显示组件自动读取帧缓冲区内存中的显示数据进行显示。Step 309, the terminal writes the display data into the frame buffer memory in the secure world, and the display component automatically reads the display data in the frame buffer memory for display.
由于终端目前处于安全世界中,因而终端可以将显示数据写入帧缓冲区内存中并通过显示组件进行显示。其中,显示组件被设置为会自动地从帧缓冲区内存中读取显示数据进行显示。Since the terminal is currently in the secure world, the terminal can write display data into the frame buffer memory and display it through the display component. Wherein, the display component is set to automatically read display data from the frame buffer memory for display.
步骤310,终端在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备。Step 310, the terminal acquires the input signal received by the external input device under the secure world, and the external input device is an external input device that can only be accessed under the secure world.
终端在根据显示数据进行显示后,用户可以根据该显示数据通过外部输入设备进行输入操作,终端可以通过外部输入设备将用户的输入操作转换为输入信号,外部输入设备可以包括触摸屏、实体按键、麦克风和摄像头等等。After the terminal displays according to the display data, the user can perform an input operation through an external input device according to the display data, and the terminal can convert the user's input operation into an input signal through the external input device. The external input device can include a touch screen, physical buttons, and a microphone. and cameras and so on.
步骤311,终端将输入信号加密后写入普通内存,普通内存是普通世界和安全世界均能访问的内存。Step 311, the terminal encrypts the input signal and writes it into the normal memory, which is accessible to both the normal world and the secure world.
终端在通过外部输入设备获取用户的输入信号后,将该输入信号加密后写入普通内存,终端可以在普通世界下获取普通内存中加密的输入信号。After the terminal obtains the user's input signal through the external input device, it encrypts the input signal and writes it into the ordinary memory, and the terminal can obtain the encrypted input signal in the ordinary memory in the ordinary world.
步骤312,终端从安全世界切换为普通世界,在普通世界下,终端通过RFB客户端将加密后的输入信号发送给RFB服务端。Step 312, the terminal switches from the secure world to the normal world, and in the normal world, the terminal sends the encrypted input signal to the RFB server through the RFB client.
终端在普通内存中写入有加密的输入信号时,可以在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端。When the terminal writes the encrypted input signal in the ordinary memory, it can send the encrypted input signal to the RFB server through the RFB client in the ordinary world.
步骤313,终端在普通世界下继续接收RFB服务端发送的后续加密数据。Step 313, the terminal continues to receive subsequent encrypted data sent by the RFB server in the normal world.
终端在普通世界下继续接收RFB服务端发送的加密数据。即终端可以返回步骤304中继续进行安全访问。The terminal continues to receive encrypted data sent by the RFB server in the normal world. That is, the terminal can return to step 304 to continue security access.
其中,后续加密数据可以是RFB服务端将加密的输入信号解密并获取输入信号后,根据该输入信号发送的。Wherein, the subsequent encrypted data may be sent according to the input signal after the RFB server decrypts the encrypted input signal and obtains the input signal.
此外,RFB客户端在切换为普通世界后接收到RFB服务器发送的后续加密数据前,仍可以根据显示数据进行显示,因为此时的帧缓冲区内存仅在安全世界下能够访问,即普通世界下的终端无法读取帧缓冲区内存,因而将该显示数据显示于普通世界也是安全的。In addition, before the RFB client receives the subsequent encrypted data sent by the RFB server after switching to the normal world, it can still display according to the display data, because the frame buffer memory at this time can only be accessed in the secure world, that is, in the normal world The terminal cannot read framebuffer memory, so it is safe to display this display data to the normal world.
综上所述,本实施例提供的安全访问方法,通过在普通世界下,利用远程帧缓冲RFB客户端获取RFB服务端的加密数据,而后从普通世界切换为安全世界,对加密数据进行解密得到显示数据,并在安全世界下,根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,RFB客户端仍然运行在普通世界,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。To sum up, the secure access method provided by this embodiment uses the remote frame buffer RFB client to obtain the encrypted data of the RFB server in the normal world, and then switches from the normal world to the secure world to decrypt the encrypted data to display Data, and in the safe world, display according to the displayed data, which solves the problem of running the RFB client in the safe world in the prior art, which leads to the increase of the code base in the safe world; it achieves the premise of ensuring security. The RFB client is still running in the normal world, and it only needs to add a small part of the code base in the secure world to access the effect of the RFB server safely through the RFB client.
需要补充说明的是,本实施例提供的安全访问方法,还通过在启动后直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种,达到了用户可以通过安全世界提醒组件来判断当前终端是否处于安全世界,从而决定是否进行保密性数据的输入,或判断当前的保密性数据的显示是否安全的效果。It should be added that the security access method provided by this embodiment also directly enters the security world after startup, and sets the security world reminder component to be usable only in the security world. The security world reminder component is used to remind the currently running The world is one of the normal world and the safe world, so that the user can judge whether the current terminal is in the safe world through the safe world reminder component, so as to decide whether to input confidential data or judge whether the current confidential data is displayed. safe effect.
需要补充说明的是,本实施例提供的安全访问方法,还通过在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备,之后将输入信号加密后写入普通内存,普通内存是在普通世界和安全世界下均能访问的内存,最后在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端,达到了既保证了用户的输入信号的安全性,又避免了RFB客户端运行于安全世界中需要增加代码库的效果。It should be added that the secure access method provided in this embodiment also obtains the input signal received by the external input device in the secure world. The external input device is an external input device that can only be accessed in the secure world. The input signal is encrypted and written into the normal memory. The normal memory is a memory that can be accessed in both the normal world and the secure world. Finally, in the normal world, the encrypted input signal is sent to the RFB server through the RFB client, achieving both The safety of the user's input signal is guaranteed, and the effect of adding code bases is avoided when the RFB client runs in a safe world.
需要补充说明的是,本实施例提供的安全访问方法,还通过在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存,使得终端在普通世界下也能够继续进行保密性数据的显示,达到了终端在安全世界与普通世界的切换时用户也能够看到流畅的显示图像的效果。It should be added that the secure access method provided by this embodiment also sets the frame buffer memory as memory that can only be accessed in the secure world when the login to the RFB server is successful, so that the terminal can also access it in the normal world. Continuing to display confidential data achieves the effect that the user can also see smooth display images when the terminal switches between the secure world and the normal world.
需要补充说明的是,本实施例提供的安全访问方法,还通过在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数,之后从普通世界切换为安全世界,并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数,最后从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端,即反馈信息为一个动态信息,达到了使本发明实施例提供的技术方案可以有效的避免遭受重放攻击的效果。It should be added that the secure access method provided by this embodiment also receives the random number generated by the RFB server when the user name passes the verification of the RFB server, and then switches from the normal world to the secure world, and uses the predetermined hash The function converts random numbers and passwords into feedback information, and the predetermined hash function is the hash function pre-agreed by the RFB client and RFB server, and finally switches from the safe world to the normal world, and sends the feedback information to RFB through the RFB client The server, that is, the feedback information is dynamic information, so that the technical solution provided by the embodiment of the present invention can effectively avoid replay attacks.
请参考图4,其示出了本发明一个实施例提供的一种安全访问装置的结构方框图,该安全访问装置可以通过软件、硬件或者两者的结合实现成为图1所示的实施环境中的终端110的全部或部分。该安全访问装置包括:数据获取模块410、数据解密模块420和数据显示模块430;Please refer to FIG. 4 , which shows a structural block diagram of a security access device provided by an embodiment of the present invention. The security access device can be implemented as a device in the implementation environment shown in FIG. 1 through software, hardware or a combination of both. All or part of Terminal 110. The security access device includes: a data acquisition module 410, a data decryption module 420 and a data display module 430;
数据获取模块410,用于在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据。The data obtaining module 410 is used to obtain the encrypted data of the RFB server through the remote frame buffer RFB client in the normal world.
数据解密模块420,用于从普通世界切换为安全世界,对加密数据进行解密得到显示数据。The data decryption module 420 is configured to switch from the normal world to the secure world, and decrypt encrypted data to obtain display data.
数据显示模块430,用于在安全世界下,根据显示数据进行显示。The data display module 430 is configured to display according to the display data in a safe world.
综上所述,本实施例提供的安全访问装置,通过在普通世界下,利用远程帧缓冲RFB客户端获取RFB服务端的加密数据,而后从普通世界切换为安全世界,对加密数据进行解密得到显示数据,并在安全世界下,根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,RFB客户端仍然运行在普通世界,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。To sum up, the secure access device provided by this embodiment uses the remote frame buffer RFB client to obtain the encrypted data of the RFB server in the normal world, and then switches from the normal world to the secure world to decrypt the encrypted data to display Data, and in the safe world, display according to the displayed data, which solves the problem of running the RFB client in the safe world in the prior art, which leads to the increase of the code base in the safe world; it achieves the premise of ensuring security. The RFB client is still running in the normal world, and it only needs to add a small part of the code base in the secure world to access the effect of the RFB server safely through the RFB client.
请参考图5A,其示出了本发明另一个实施例提供的一种安全访问装置的结构方框图,该安全访问装置可以通过软件、硬件或者两者的结合实现成为图1所示的实施环境中的终端110的全部或部分。该安全访问装置包括:数据获取模块410、数据解密模块420和数据显示模块430;Please refer to FIG. 5A, which shows a structural block diagram of a security access device provided by another embodiment of the present invention. The security access device can be realized by software, hardware or a combination of the two in the implementation environment shown in FIG. 1. All or part of the terminal 110. The security access device includes: a data acquisition module 410, a data decryption module 420 and a data display module 430;
数据获取模块410,用于在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据。The data obtaining module 410 is used to obtain the encrypted data of the RFB server through the remote frame buffer RFB client in the normal world.
数据解密模块420,用于从普通世界切换为安全世界,对加密数据进行解密得到显示数据。The data decryption module 420 is configured to switch from the normal world to the secure world, and decrypt encrypted data to obtain display data.
数据显示模块430,用于在安全世界下,根据显示数据进行显示。The data display module 430 is configured to display according to the display data in a safe world.
在本实施例中,数据解密模块420,可以包括:In this embodiment, the data decryption module 420 may include:
请求接收单元421,用于在普通世界下,接收RFB客户端的写入请求,其中,写入请求是指将加密数据写入帧缓冲区内存的请求,帧缓冲区内存是仅在安全世界下能够访问的内存;The request receiving unit 421 is used to receive the write request of the RFB client in the normal world, wherein the write request refers to a request to write encrypted data into the frame buffer memory, and the frame buffer memory can only be used in the secure world. the memory accessed;
安全切换单元422,用于在写入请求触发错误时,由普通世界切换为安全世界;A security switching unit 422, configured to switch from the normal world to the secure world when the write request triggers an error;
数据解密单元423,用于在所述安全世界下,对加密数据进行解密得到显示数据;A data decryption unit 423, configured to decrypt encrypted data to obtain display data in the secure world;
数据显示模块430,用于将显示数据写入帧缓冲区内存中,并由显示组件自动读取帧缓冲区内存中的显示数据进行显示。The data display module 430 is used for writing the display data into the frame buffer memory, and the display component automatically reads the display data in the frame buffer memory for display.
在本实施例中,该安全访问装置,还可以包括:In this embodiment, the security access device may also include:
客户登陆模块440,用于在普通世界下,通过RFB客户端登录RFB服务端;The customer login module 440 is used to log in to the RFB server through the RFB client in the normal world;
安全内存模块450,用于在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存。The secure memory module 450 is configured to set the frame buffer memory as memory that can only be accessed under the secure world when the login to the RFB server is successful.
在本实施例中,客户登陆模块440,可以包括:In this embodiment, the client login module 440 may include:
登录界面单元441,用于在普通世界下,通过RFB客户端获取RFB服务端的登录界面数据;The login interface unit 441 is used to obtain the login interface data of the RFB server through the RFB client in the normal world;
界面显示单元442,用于根据登录界面数据显示登录界面;An interface display unit 442, configured to display the login interface according to the login interface data;
输入接收单元443,用于从普通世界切换为安全世界,接收在登录界面中输入的用户名和密码;The input receiving unit 443 is used to switch from the ordinary world to the safe world, and receive the user name and password input in the login interface;
输入发送单元444,用于在普通世界下,将用户名和加密后的密码发送给RFB服务端,以使得RFB服务端根据用户名和加密后的密码进行验证。The input sending unit 444 is used to send the user name and the encrypted password to the RFB server in the normal world, so that the RFB server performs verification according to the user name and the encrypted password.
结合图5B所示,输入发送单元444,可以包括:As shown in FIG. 5B, the input sending unit 444 may include:
输入写入子单元444a,用于在安全世界下,将接收到的密码写入安全内存中,将接收到的用户名写入普通内存中,安全内存为仅在安全世界下能够访问的内存,普通内存是在普通世界和安全世界下均能访问的内存;The input write subunit 444a is used to write the received password into the safe memory under the safe world, and write the received user name into the normal memory. The safe memory is the memory that can only be accessed under the safe world. Ordinary memory is memory that can be accessed in both the normal world and the secure world;
用户名发送子单元444b,用于从安全世界切换为普通世界,并通过RFB客户端将用户名发送至RFB服务端;The user name sending subunit 444b is used to switch from the safe world to the common world, and send the user name to the RFB server through the RFB client;
随机数接收子单元444c,在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数;The random number receiving subunit 444c receives the random number generated by the RFB server when the user name is verified by the RFB server;
反馈生成子单元444d,用于从普通世界切换为安全世界,并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数;The feedback generating subunit 444d is used to switch from the ordinary world to the secure world, and convert random numbers and passwords into feedback information by using a predetermined hash function, the predetermined hash function being the hash function pre-agreed by the RFB client and the RFB server ;
反馈发送子单元444e,用于从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端。The feedback sending subunit 444e is configured to switch from the safe world to the normal world, and send the feedback information to the RFB server through the RFB client.
在本实施例中,该安全访问装置还可以包括:In this embodiment, the security access device may also include:
安全启动模块460,用于在启动时直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种。The safe start module 460 is used to directly enter the safe world when starting, and set the safe world reminding component to be usable only under the safe world, and the safe world reminding component is used to remind that the current running world is one of the normal world and the safe world kind.
在本实施例中,该安全访问装置还可以包括:In this embodiment, the security access device may also include:
输入获取模块470,用于在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备;The input obtaining module 470 is used to obtain the input signal received by the external input device in the safe world, and the external input device is an external input device that can only be accessed in the safe world;
加密写入模块480,用于将输入信号加密后写入普通内存,普通内存是在普通世界和安全世界下均能访问的内存;The encryption writing module 480 is used to encrypt the input signal and write it into the ordinary memory, and the ordinary memory is the memory that can be accessed in both the ordinary world and the safe world;
信号发送模块490,用于在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端。The signal sending module 490 is configured to send the encrypted input signal to the RFB server through the RFB client in the normal world.
在本实施例中,该安全访问装置,还可以包括:In this embodiment, the security access device may also include:
安全输入模块500,用于在RFB客户端启动时,将终端的外部输入设备设置为仅在安全世界下能访问的外部输入设备。The secure input module 500 is configured to set the external input device of the terminal as an external input device that can only be accessed in a secure world when the RFB client is started.
综上所述,本实施例提供的安全访问装置,通过在普通世界下,利用远程帧缓冲RFB客户端获取RFB服务端的加密数据,而后从普通世界切换为安全世界,对加密数据进行解密得到显示数据,并在安全世界下,根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,RFB客户端仍然运行在普通世界,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。To sum up, the secure access device provided by this embodiment uses the remote frame buffer RFB client to obtain the encrypted data of the RFB server in the normal world, and then switches from the normal world to the secure world to decrypt the encrypted data to display Data, and in the safe world, display according to the displayed data, which solves the problem of running the RFB client in the safe world in the prior art, which leads to the increase of the code base in the safe world; it achieves the premise of ensuring security. The RFB client is still running in the normal world, and it only needs to add a small part of the code base in the secure world to access the effect of the RFB server safely through the RFB client.
本实施例提供的安全访问装置,还通过在启动后直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种,达到了用户可以通过安全世界提醒组件来判断当前终端是否处于安全世界,从而决定是否进行保密性数据的输入,或判断当前的保密性数据的显示是否安全的效果。The security access device provided by this embodiment also directly enters the security world after starting, and the security world reminder component is set to be usable only in the security world. One of the worlds, which achieves the effect that the user can judge whether the current terminal is in the safe world through the safe world reminder component, so as to decide whether to input confidential data, or judge whether the current confidential data display is safe.
本实施例提供的安全访问装置,还通过在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备,之后将输入信号加密后写入普通内存,普通内存是在普通世界和安全世界下均能访问的内存,最后在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端,达到了既保证了用户的输入信号的安全性,又避免了RFB客户端运行于安全世界中需要增加代码库的效果。The secure access device provided by this embodiment also obtains the input signal received by the external input device in the secure world, the external input device is an external input device that can only be accessed in the secure world, and then encrypts the input signal and writes it into Ordinary memory, ordinary memory is memory that can be accessed in both the normal world and the secure world. Finally, in the normal world, the encrypted input signal is sent to the RFB server through the RFB client, which ensures that the user's input signal security, and avoid the effect that the RFB client needs to increase the code base when running in a secure world.
本实施例提供的安全访问装置,还通过在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存,使得终端在普通世界下也能够继续进行保密性数据的显示,达到了终端在安全世界与普通世界的切换时用户也能够看到流畅的显示图像的效果。The secure access device provided by this embodiment also sets the frame buffer memory as a memory that can only be accessed in the secure world when the login to the RFB server is successful, so that the terminal can continue to perform confidential data in the normal world. The display achieves the effect that the user can also see smooth display images when the terminal switches between the secure world and the normal world.
本实施例提供的安全访问装置,还通过在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数,之后从普通世界切换为安全世界,并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数,最后从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端,即反馈信息为一个动态信息,达到了使本发明实施例提供的技术方案可以有效的避免遭受重放攻击的效果。The secure access device provided by this embodiment also receives the random number generated by the RFB server when the user name is verified by the RFB server, then switches from the normal world to the secure world, and uses a predetermined hash function to combine the random number and password Converted into feedback information, the predetermined hash function is the hash function pre-agreed between the RFB client and the RFB server, and finally switch from the safe world to the normal world, and send the feedback information to the RFB server through the RFB client, that is, the feedback information As a piece of dynamic information, the technical solution provided by the embodiment of the present invention can effectively avoid replay attacks.
请参考图6,其示出了本发明一个实施例提供的终端的结构方框图。该终端包括:处理器620和存储器640。Please refer to FIG. 6 , which shows a structural block diagram of a terminal provided by an embodiment of the present invention. The terminal includes: a processor 620 and a memory 640 .
处理器620,用于在普通世界下,通过远程帧缓冲RFB客户端获取RFB服务端的加密数据。The processor 620 is configured to obtain encrypted data of the RFB server through the remote frame buffer RFB client in the normal world.
处理器620,用于从普通世界切换为安全世界,对加密数据进行解密得到显示数据。The processor 620 is configured to switch from the normal world to the secure world, and decrypt encrypted data to obtain display data.
处理器620,用于在安全世界下,根据显示数据进行显示。The processor 620 is configured to display according to the display data in a safe world.
综上所述,本实施例提供的终端,通过在普通世界下,利用远程帧缓冲RFB客户端获取RFB服务端的加密数据,而后从普通世界切换为安全世界,对加密数据进行解密得到显示数据,并在安全世界下,根据显示数据进行显示,解决了现有技术中在安全世界下运行RFB客户端,导致安全世界下的代码库增加的问题;达到了在保证安全性的前提下,RFB客户端仍然运行在普通世界,只需要增加很小一部分安全世界下的代码库,就能通过RFB客户端安全访问RFB服务端的效果。To sum up, the terminal provided in this embodiment uses the remote frame buffer RFB client to obtain the encrypted data of the RFB server in the normal world, and then switches from the normal world to the secure world to decrypt the encrypted data to obtain the display data. And in the safe world, it is displayed according to the display data, which solves the problem of running the RFB client in the safe world in the prior art, which leads to the increase of the code base in the safe world; it achieves the premise of ensuring security, and the RFB client The end still runs in the normal world, only need to add a small part of the code base in the secure world, and you can safely access the RFB server through the RFB client.
在基于图6所示实施例提供的更为可选的实施例中:In a more optional embodiment provided based on the embodiment shown in FIG. 6:
可选的,存储器640包括帧缓冲区内存。Optionally, memory 640 includes frame buffer memory.
处理器620,用于在普通世界下,接收RFB客户端的写入请求,其中,写入请求是指将加密数据写入帧缓冲区内存的请求,帧缓冲区内存是仅在安全世界下能够访问的内存;The processor 620 is configured to receive a write request from the RFB client in the normal world, wherein the write request refers to a request to write encrypted data into the frame buffer memory, and the frame buffer memory can only be accessed in the secure world memory;
处理器620,用于在写入请求触发错误时,由普通世界切换为安全世界;Processor 620, configured to switch from the normal world to the safe world when the write request triggers an error;
处理器620,用于在安全世界下,对加密数据进行解密得到显示数据;Processor 620, configured to decrypt encrypted data to obtain display data in a secure world;
处理器620,用于将显示数据写入帧缓冲区内存中,并由显示组件自动读取帧缓冲区内存中的显示数据进行显示。The processor 620 is configured to write display data into the frame buffer memory, and the display component automatically reads the display data in the frame buffer memory for display.
处理器620,用于在普通世界下,通过RFB客户端登录RFB服务端;Processor 620, configured to log in to the RFB server through the RFB client in the normal world;
处理器620,用于在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存。The processor 620 is configured to set the frame buffer memory as a memory that can only be accessed under the security world when the login to the RFB server is successful.
处理器620,用于在普通世界下,通过RFB客户端获取RFB服务端的登录界面数据;The processor 620 is used to obtain the login interface data of the RFB server through the RFB client in the normal world;
处理器620,用于根据登录界面数据显示登录界面;A processor 620, configured to display a login interface according to the login interface data;
处理器620,用于从普通世界切换为安全世界,接收在登录界面中输入的用户名和密码;Processor 620, configured to switch from the common world to the safe world, and receive the user name and password input in the login interface;
处理器620,用于在普通世界下,将用户名和加密后的密码发送给RFB服务端,以使得RFB服务端根据用户名和加密后的密码进行验证。The processor 620 is configured to send the user name and the encrypted password to the RFB server in a normal world, so that the RFB server performs verification according to the user name and the encrypted password.
可选的,存储器640还包括安全内存和普通内存,安全内存可以包含有帧缓冲区内存。Optionally, the memory 640 also includes a secure memory and a common memory, and the secure memory may include a frame buffer memory.
处理器620,用于在安全世界下,将接收到的密码写入安全内存中,将接收到的用户名写入普通内存中,安全内存为仅在安全世界下能够访问的内存,普通内存是在普通世界和安全世界下均能访问的内存;The processor 620 is configured to write the received password into the secure memory in the secure world, and write the received user name into the common memory. The secure memory is a memory that can only be accessed in the secure world, and the common memory is memory accessible in both the normal world and the secure world;
处理器620,用于从安全世界切换为普通世界,并通过RFB客户端将用户名发送至RFB服务端;The processor 620 is used to switch from the safe world to the common world, and send the user name to the RFB server through the RFB client;
处理器620,在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数;Processor 620 receives the random number generated by the RFB server when the user name is verified by the RFB server;
处理器620,用于从普通世界切换为安全世界,并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数;The processor 620 is configured to switch from the ordinary world to the secure world, and convert random numbers and passwords into feedback information by using a predetermined hash function, the predetermined hash function being a pre-agreed hash function between the RFB client and the RFB server;
处理器620,用于从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端。The processor 620 is configured to switch from the safe world to the common world, and send feedback information to the RFB server through the RFB client.
处理器620,用于在启动时直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种。The processor 620 is configured to directly enter the safe world at startup, and set the safe world reminding component to be usable only in the safe world, and the safe world reminding component is used to remind that the current running world is one of the normal world and the safe world .
处理器620,用于在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备;The processor 620 is configured to obtain an input signal received by an external input device in a secure world, where the external input device is an external input device that can only be accessed in a secure world;
处理器620,用于将输入信号加密后写入普通内存,普通内存是在普通世界和安全世界下均能访问的内存;The processor 620 is used to encrypt the input signal and write it into the common memory, and the common memory is a memory that can be accessed in both the normal world and the safe world;
处理器620,用于在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端。The processor 620 is configured to send the encrypted input signal to the RFB server through the RFB client in a normal world.
处理器620,用于在RFB客户端启动时,将终端的外部输入设备设置为仅在安全世界下能访问的外部输入设备。The processor 620 is configured to set the external input device of the terminal as an external input device that can only be accessed in a secure world when the RFB client is started.
综上所述,本实施例提供的终端,还通过在启动后直接进入安全世界,并将安全世界提醒组件设置为仅在安全世界下能够使用,安全世界提醒组件用于提醒当前运行世界为普通世界和安全世界中的一种,达到了用户可以通过安全世界提醒组件来判断当前终端是否处于安全世界,从而决定是否进行保密性数据的输入,或判断当前的保密性数据的显示是否安全的效果。To sum up, the terminal provided by this embodiment also directly enters the safe world after startup, and sets the safe world reminder component to be usable only in the safe world. The safe world reminder component is used to remind the current running world to be normal One of the world and the safe world, the user can judge whether the current terminal is in the safe world through the safe world reminder component, so as to decide whether to input confidential data, or judge whether the display of the current confidential data is safe .
本实施例提供的终端,还通过在安全世界下,获取外部输入设备接收到的输入信号,外部输入设备是仅在安全世界下能访问的外部输入设备,之后将输入信号加密后写入普通内存,普通内存是在普通世界和安全世界下均能访问的内存,最后在普通世界下,通过RFB客户端将加密后的输入信号发送给RFB服务端,达到了既保证了用户的输入信号的安全性,又避免了RFB客户端运行于安全世界中需要增加代码库的效果。The terminal provided in this embodiment also obtains the input signal received by the external input device in the secure world. The external input device is an external input device that can only be accessed in the secure world, and then encrypts the input signal and writes it into the ordinary memory. , the normal memory is the memory that can be accessed in both the normal world and the secure world. Finally, in the normal world, the encrypted input signal is sent to the RFB server through the RFB client, which not only ensures the security of the user's input signal In addition, it avoids the effect that the RFB client needs to increase the code base when running in a secure world.
本实施例提供的终端,还通过在登录RFB服务端成功时,将帧缓冲区内存设置为仅在安全世界下能够访问的内存,使得终端在普通世界下也能够继续进行保密性数据的显示,达到了终端在安全世界与普通世界的切换时用户也能够看到流畅的显示图像的效果。In the terminal provided by this embodiment, when the login to the RFB server is successful, the frame buffer memory is set as a memory that can only be accessed in the secure world, so that the terminal can continue to display confidential data in the normal world, It achieves the effect that the user can also see smooth display images when the terminal switches between the secure world and the normal world.
本实施例提供的终端,还通过在用户名通过RFB服务端的验证时,接收RFB服务端产生的随机数,之后从普通世界切换为安全世界,并利用预定哈希函数将随机数和密码转化为反馈信息,预定哈希函数为RFB客户端和RFB服务端预先约定的哈希函数,最后从安全世界切换为普通世界,并通过RFB客户端将反馈信息发送给RFB服务端,即反馈信息为一个动态信息,达到了使本发明实施例提供的技术方案可以有效的避免遭受重放攻击的效果。The terminal provided by this embodiment also receives the random number generated by the RFB server when the user name passes the verification of the RFB server, then switches from the normal world to the secure world, and uses a predetermined hash function to convert the random number and password into Feedback information, the predetermined hash function is the hash function pre-agreed by the RFB client and RFB server, and finally switch from the safe world to the normal world, and send the feedback information to the RFB server through the RFB client, that is, the feedback information is a The dynamic information achieves the effect that the technical solutions provided by the embodiments of the present invention can effectively avoid replay attacks.
本领域技术人员在考虑说明书及实践这里发明的发明后,将容易想到本发明的其它实施方案。本申请旨在涵盖本发明的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本发明的一般性原理并包括本发明未发明的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的,本发明的真正范围和精神由下面的权利要求指出。Other embodiments of the invention will be readily apparent to those skilled in the art from consideration of the specification and practice of the invention invented herein. This application is intended to cover any modification, use or adaptation of the present invention, these modifications, uses or adaptations follow the general principles of the present invention and include common knowledge or conventional technical means in the technical field not invented by the present invention . The specification and examples are to be considered exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
应当理解的是,本发明并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。本发明的范围仅由所附的权利要求来限制。It should be understood that the present invention is not limited to the precise constructions which have been described above and shown in the accompanying drawings, and various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.
Claims (16)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410449035.3A CN105391673B (en) | 2014-09-04 | 2014-09-04 | Safety access method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410449035.3A CN105391673B (en) | 2014-09-04 | 2014-09-04 | Safety access method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105391673A true CN105391673A (en) | 2016-03-09 |
| CN105391673B CN105391673B (en) | 2018-12-28 |
Family
ID=55423514
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410449035.3A Active CN105391673B (en) | 2014-09-04 | 2014-09-04 | Safety access method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105391673B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107835185A (en) * | 2017-11-21 | 2018-03-23 | 广州大学 | A kind of mobile terminal safety method of servicing and device based on ARM TrustZone |
| CN110348252A (en) * | 2018-04-02 | 2019-10-18 | 华为技术有限公司 | Operating system and method based on trusted domain |
| CN111859416A (en) * | 2020-06-23 | 2020-10-30 | 天地融科技股份有限公司 | Method and device for controlling safety display |
| CN117744067A (en) * | 2024-02-21 | 2024-03-22 | 北京象帝先计算技术有限公司 | Access space switching method, device, processor, equipment and storage medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217544A (en) * | 2008-01-02 | 2008-07-09 | 浪潮电子信息产业股份有限公司 | A Remote Frame Buffer Protocol with Enhanced Security |
| CN103034788A (en) * | 2011-10-10 | 2013-04-10 | 上海无戒空间信息技术有限公司 | Verification method and system of electronic readings, server, client and terminal |
| CN102611711A (en) * | 2012-04-09 | 2012-07-25 | 中山爱科数字科技股份有限公司 | A cloud data security storage method |
| CN102868826B (en) * | 2012-09-25 | 2014-09-24 | 东莞宇龙通信科技有限公司 | Terminal and terminal data protection method |
-
2014
- 2014-09-04 CN CN201410449035.3A patent/CN105391673B/en active Active
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107835185A (en) * | 2017-11-21 | 2018-03-23 | 广州大学 | A kind of mobile terminal safety method of servicing and device based on ARM TrustZone |
| CN110348252A (en) * | 2018-04-02 | 2019-10-18 | 华为技术有限公司 | Operating system and method based on trusted domain |
| CN110348252B (en) * | 2018-04-02 | 2021-09-03 | 华为技术有限公司 | Trust zone based operating system and method |
| US11443034B2 (en) | 2018-04-02 | 2022-09-13 | Huawei Technologies Co., Ltd. | Trust zone-based operating system and method |
| CN111859416A (en) * | 2020-06-23 | 2020-10-30 | 天地融科技股份有限公司 | Method and device for controlling safety display |
| CN111859416B (en) * | 2020-06-23 | 2024-05-24 | 天地融科技股份有限公司 | Method and device for controlling safe display |
| CN117744067A (en) * | 2024-02-21 | 2024-03-22 | 北京象帝先计算技术有限公司 | Access space switching method, device, processor, equipment and storage medium |
| CN117744067B (en) * | 2024-02-21 | 2024-06-21 | 北京象帝先计算技术有限公司 | Access space switching method, device, processor, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105391673B (en) | 2018-12-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9846783B2 (en) | Multiscreen secure content access | |
| US11669465B1 (en) | Secure storage of data through a multifaceted security scheme | |
| CN111193695B (en) | Encryption method and device for third party account login and storage medium | |
| CN106716914B (en) | Secure key management for roaming protected content | |
| US10819687B2 (en) | Apparatus and method of encrypted communication | |
| WO2020019387A1 (en) | Method for acquiring video resource file, and management system | |
| CN110138749A (en) | Data security protection method and related equipment | |
| US20140173692A1 (en) | Bring your own device system using a mobile accessory device | |
| KR20150054828A (en) | Securely handling server certificate errors in synchronization communication | |
| JP2012164300A (en) | Information processor and program | |
| US12273328B2 (en) | Message transmitting system with hardware security module | |
| CN113992346A (en) | Implementation method of security cloud desktop based on state password reinforcement | |
| CN105391673B (en) | Safety access method and device | |
| CN103036852B (en) | A kind of method and device realizing network entry | |
| CN110826097A (en) | A data processing method and electronic device | |
| KR20130031435A (en) | Method and apparatus for generating and managing of encryption key portable terminal | |
| US10809915B2 (en) | Automatic credential input to a user interface of a remote mobile app | |
| CN113127844A (en) | Variable access method, device, system, equipment and medium | |
| US20100115584A1 (en) | Information processing system | |
| WO2024007719A1 (en) | Display device, and control method for display device | |
| CN113904830B (en) | SPA authentication method, SPA authentication device, electronic equipment and readable storage medium | |
| CN117714087A (en) | File encrypted transmission method, system, media and equipment | |
| CN114117404A (en) | User authentication method, device, equipment, system and storage medium | |
| JP2022039444A (en) | Information processing equipment, programs and information processing systems | |
| JP2015133016A (en) | Communication control server, communication control method and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |