CN106650422A - System and method for using TrustZone technology to prevent leakage of sensitive data of third-party input method - Google Patents
System and method for using TrustZone technology to prevent leakage of sensitive data of third-party input method Download PDFInfo
- Publication number
- CN106650422A CN106650422A CN201610892087.7A CN201610892087A CN106650422A CN 106650422 A CN106650422 A CN 106650422A CN 201610892087 A CN201610892087 A CN 201610892087A CN 106650422 A CN106650422 A CN 106650422A
- Authority
- CN
- China
- Prior art keywords
- data
- input method
- module
- party
- sensitive
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Mathematical Physics (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
The invention relates to a system and method for using a TrustZone technology to prevent leakage of sensitive data of a third-party input method. The system and method are characterized by comprising an intercepting module which is located in a common execution environment; a safe keyboard module, a data analysis module, a reset module, and a sensitive data safe returning module which are located in a credible execution environment; a local sensitive data protecting module which combines with the data analysis module to protect the sensitive data in a common application program. According to the system and method for using the TrustZone technology to prevent leakage of sensitive data of the third-party input method, the safety of an input system of a mobile terminal can be effectively guaranteed, and the system and method for using a TrustZone technology to prevent leakage of sensitive data of the third-party input method have the advantages of having universality, being efficient, user-friendly, strong in safety and the like.
Description
Technical field
The present invention relates to a kind of utilization TrustZone technologies prevent the system of third party's input method sensitive data leakage and side
Method, belongs to the data security arts of mobile terminal device.
Background technology
With the fast development of development of Mobile Internet technology and mobile intelligent terminal, the business of mobile terminal process is from traditional
Communication, entertainment field extend to the high safeties such as mobile office, mobile payment, high sensitive traffic field.User is needed mobile whole
Input increasing sensitive information in end includes login user name and password, associated person information, bank's card number etc..Research finds big
Part third party's input method software can send the information of input to remote server during user input, in order to protect use
Method service provider's malicious exploitation is not intercepted and captured or be transfused to the sensitive information at family by third party's malice, needs a kind of effective method
Prevent leakage of third party's input method to the sensitive information of user input.
Common practice is that sensitive data is encrypted by AES, but input method service provider still can obtain
Take the sensitive information of user input.The current feasible solution to input method safety problem is to have obtained use in input method
The operation such as rollback or encryption is performed after the click at family, but can not be taken action before the code of input method is performed, therefore safety
Problem is yet suffered from.
In order to preferably solve leakage problem of the mobile terminal third party input method to user's sensitive data, it is necessary to from bottom
The total solution of multiple ring layout software and hardware combinings such as hardware structure, operating system.ARM TrustZone hardware isolateds
Technology builds two independent running environment of common performing environment and credible performing environment in mobile terminal, and using processor
Monitoring mode provides the switching of two environment and data transfer.Common performing environment is mutually isolated with credible performing environment, it is ensured that
The security operated in credible performing environment, effectively realizes isolating for application system high sensitive traffic and general service.
Preventing third party's input method sensitive data from revealing using TrustZone technologies need to solve following problem:How
Judge whether to need to be switched to credible performing environment;How in the operation of credible performing environment;How by the input data of user just
Really return to the common applications in common performing environment.
The content of the invention
The technology solve problem of the present invention:Solve the safety problem of the sensitive data that user is input into mobile terminal, there is provided
A kind of utilization TrustZone technologies prevent the System and method for that third party's input method sensitive data is revealed, so as to effectively ensure
The security of the privacy information of user input, with advantages such as versatility, efficient and user friendly, strong securities.
The technology of the present invention solution is:One kind prevents third party's input method sensitive data from letting out using TrustZone technologies
The System and method for of dew, is briefly described below the basic thought of lower this programme, and the present invention is drawing existing solution advantage
On basis, it is proposed that the design philosophy of oneself, specifically, the present invention prevents third party to be input into using TrustZone technologies
The system that method sensitive data is revealed includes following several aspects:
Aspect one, the blocking module of touch event is located in common performing environment, and user is in common performing environment for interception
Touch event and analyze event type, judge whether that the safety keyboard for being switched to credible performing environment supplies user input.From touch
Touch event-driven to receive after touch event, blocking module is using the Hook Function being added in the system service of input method framework
Judge event type, in the case where keyboard & display event has been intercepted, key-press event is intercepted again, be then switched to credible holding
The safety keyboard of row environment;Otherwise, event is performed by third party's input method that input method framework passes to common performing environment
The operation of response.
Aspect two, safety keyboard can allow user to be input into credible performing environment, so as to prevent user input
Information is obtained by third party's input method.In order to reduce the complexity of system design, safety keyboard is multiplexed currently common performing environment
The soft keyboard of third party's input method of middle display simultaneously verifies layout information, in the case where being verified by third party's input method
Soft keyboard is used as the safety keyboard in credible performing environment.The present invention only considers the soft key of the Romance of third party's input method
Disk, each button one character of correspondence, when user touches a button, safety keyboard can obtain the coordinate of the button, so
After be converted into corresponding character, and give data analysis module.
Aspect three, data analysis module analyzes the sensitiveness of the character received from safety keyboard.In order to verify the quick of character
Perception, the sensitive data collection good for predefined, is unidirectionally matched using AC prefix match algorithms, whether analyzes the character
Belong to the prefix of sensitive data, if not then by the character giving playback module;If it is the prefix is stored to one
In buffering area, wait the follow-up input of user and judge complete input whether with sensitive string matching, will if mismatching
Character string gives playback module, gives sensitive data by sensitive character string if matching and returns module safely.
Aspect four, the corresponding event of non-sensitive character is given third party's input method and is entered by playback module by input method framework
Row is processed, and then data are submitted into common applications.The present invention devises and operates in the system service of input method framework and enter
Daemon thread in journey imitates event generator, needs the character coordinates reset to be placed in credible performing environment and commonly perform ring
In the shared drive in border, then imitate event generator and be waken up and character coordinates are obtained from shared drive, then construct word
The corresponding touch event of symbol coordinate gives the system service of input method framework, and the system service dispatch third party of input method framework is defeated
Enter method and process the event, so as to character is submitted into common applications.
Aspect five, sensitive data returns safely module by sensitive character string by credible performing environment and common performing environment
Shared drive submit to common applications, and without third party's input method.Data safety returns module first by sensitivity
Data are placed in the shared drive of credible performing environment and common performing environment, then the present invention design safety return service from
Sensitive data is obtained in shared drive and common application journey is given by data using input connecting interface InputConnection
Sequence.
Aspect six, local protecting sensitive data module adds Hook Function in application programming interfaces prevents third party to be input into
Method obtains sensitive data from the buffering area of common applications.Submitted data are stored in the data of common applications and delay
In rushing area, it has been found that the general-purpose interface that third party's input method can be provided for it by input method framework is again from common application
Program obtains these data, including sensitive data.The present invention adds in all application programming interfaces related to retrieving data
Hook Function, when third party's input method obtains data from the buffering area of common applications, in triggering credible performing environment
Whether data analysis module analyze data is sensitive, and acquisition of third party's input method to sensitive data is prevented if sensitivity.
A kind of utilization TrustZone technologies prevent the method that third party's input method sensitive data is revealed, and realize that step is as follows:
(1) Hook Function during blocking module is by being added on the system service of input method framework intercepts touch event and drives
The corresponding event for transmitting, in by input method management service class InputMethodManagerService
On the premise of showSoftInput () Hook Function intercepts keyboard & display event, further through touch input class is processed
When Hook Function sync () in TouchInputMapper intercepts key-press event, credible performing environment is switched to current
The soft keyboard of third party's input method that common performing environment shows carries out integrity check, then carries out corresponding setting so as to multiple
With the soft keyboard of third party's input method as credible performing environment safety keyboard, the button operation that afterwards user performs occurs to exist
On safety keyboard.
(2) user passes through button Coordinate Conversion into character in the input of safety keyboard, and character is given data analysis module.
Based on the predefined sensitive data collection of user, data analysis module distinguishes whether character belongs to quick using AC prefix match algorithms
Sense prefix data, if not then by character coordinates playback module is given, if the prefix is stored in a buffering area,
Wait the complete input of user whether sensitive with the input for judging user, once confirm that the prefix is nonsensitive data, then by it
The coordinate of each character gives playback module, if sensitive data, then gives sensitive data by character string and returns mould safely
Block.
(3) in playback module, non-sensitive button coordinate is initially placed in being total to for credible performing environment and common performing environment
Internal memory is enjoyed, the daemon thread being added in system service process imitates event generator and is waken up and takes out touch from shared drive
Event coordinates.The event queue that event generator is placed on event with correct form the service of input method frame system is imitated, so
Afterwards the input scheduling thread inputDispatcher in system service is waken up and event is taken from queue, and selection scheduling is corresponding
Component or service, that is, call third party's input method to process corresponding event, eventually through third party be input into normal direction common application
Program submits character to.
(4) major part that sensitive data returns safely module is that safety returns service.Sensitive character string is stored in can
In the shared drive of letter performing environment and common performing environment, safe return service is waken up and obtains from shared drive character
String, safety returns input connecting interface InputConnection in service multiplexing input method framework, then common by calling
Basic input connecting interface BaseInputConnection of application program directly submits data to application program.
(5) common applications receive playback module and sensitive data is returned safely after the data that module is submitted to, by number
According to the buffering area for being stored in common applications.In order to prevent third party's input method from obtaining quick from common applications buffering area
Sense data, the present invention adds Hook Function in basic input connecting interface BaseInputConnection
GetTextBeforeCursor () and getSelectedText (), when third party's book input method is visited by application programming interfaces
When asking common applications buffering area, Hook Function notifies the data analysis module in credible performing environment to third party's input method
The data for attempting to obtain are analyzed, if sensitive data then prevents acquisition of third party's input method to data.
The present invention compared with prior art, with advantages below:
(1) present invention is isolated in button operation in credible performing environment using ARM TrustZone hardware isolateds technologies,
Add Hook Function in system service to intercept corresponding event and judge whether to credible performing environment and common execution ring
The switching in border, makes user in the safety keyboard input data of credible performing environment, and in the form of services to common applications
Submit sensitive data to.Due to preventing third party's input method sensitive data from revealing in system-level combined with hardware technology, with stronger
Security, while the present invention is applied to all of third party's input method, i.e., with versatility.
(2) soft keyboard of third party's input method of safety keyboard of the invention multiplexing normal operating system, reduces system
Complexity, and do not affect Consumer's Experience, and by entering to the keyboard layout of third party's input method in credible performing environment
Row integrity verification is unmodified to ensure keyboard layout, so as to effectively prevent the attack of false keypad layout.
(3) sensitive data returns safely system service of the module by addition --- and safety returns service directly by sensitive number
According to common applications are submitted to, not by third party's input method, therefore sensitive data will not be sent to by third party's input method
High in the clouds stores, it is ensured that the privacy of user sensitive information.
(4) when the data for having been committed to common applications are accessed again by third party's input method, it is added to application
Hook Function in routine interface is captured and notifies that the data analysis module in credible performing environment carries out data analysis, if point
Analysis draws it is sensitive character string, then prevent input method from obtaining the data, so as to ensure to be stored in the local sensitive data of mobile phone
Security.
Description of the drawings
Fig. 1 is the general frame schematic diagram of the present invention;
Fig. 2 is the blocking module of the present invention and the schematic diagram for being switched to safety keyboard;
Fig. 3 is the schematic diagram of the data analysis module of the present invention;
Fig. 4 is schematic diagram of the present invention to the playback module of non-sensitive character;
Fig. 5 is that the present invention prevents third party's input method from the realization side of sensitive data is obtained from common applications buffering area
Method schematic diagram.
Specific embodiment
, using platform based on ARM TrustZone hardware isolateds technologies and credible performing environment, realization can for the present invention
System effectively to prevent third party's input method from revealing sensitive data.On the premise of ensureing to operating system minimal modifications, defeated
Add Hook Function in the system service for entering method framework, capture the touch event of user, judge whether to be switched to credible execution ring
Border is input into using safety keyboard.For the character that user is input into safety keyboard, data analysis module utilizes AC patterns
Sensitiveness with Algorithm Analysis character, the coordinate of non-sensitive character gives input method framework by playback module, then by the 3rd
Square input method is processed;Sensitive character string directly returns safely module and gives common applications by sensitive data, so as to bypass the
Leakage of tripartite's input method to sensitive data.Based on this, the present invention prevents third party's input method sensitive using TrustZone technologies
The system and method for leaking data have the advantages such as versatility, efficient and user friendly, strong security.
To make the purpose of the present invention, advantage and technical scheme clearer, below by way of being embodied as, and with reference to attached
Figure, the present invention is described in more detail.
Fig. 1 describes on the whole the general frame of program enforcement, mainly including following five partial content:
First, based on common performing environment blocking module implementation method
Hook Function capture touch event in blocking module 101 drives the touch event for transmitting, and is sentenced according to event type
The input of the disconnected receive user of safety keyboard 105 for whether being switched to credible performing environment.Mould is intercepted with reference to Fig. 2 concrete analyses
Block is how to play a role and be switched to safety keyboard:
(1) user when common performing environment is performed and operated, touch event drives 100 to produce corresponding touch event, blocks
Module 101 is cut first by the Hook Function in input method management service class InputMethodManagerService
ShowSoftInput () judges whether keyboard & display event 200, if not then in the continuation operation of common performing environment 201;
(2) if keyboard & display event, and user touches soft keyboard 202, and blocking module 101 is using input method framework
Hook Function sync () that touch input is processed in class TouchInputMapper intercepts corresponding event, notifies credible execution
The integrality of the keyboard layout of third party's input method that the currently common performing environment of environment measuring shows, is then set accordingly
Put, be multiplexed the soft keyboard of third party's input method as the safety keyboard 105 in credible performing environment.(3) above-mentioned soft keyboard is touched
Event and the touch event for producing on safety keyboard afterwards are touched, blocking module judges whether key-press event 203, if not just
Common performing environment 201 is switched back into, is, by button coordinate 204 by being converted into character 205.
2nd, in credible performing environment data analysis module implementation method
User is given data analysis module 106 and is carried out sensitivity analysis, non-sensitive character in the input of safety keyboard 105
Playback module 107 is given, sensitive data gives sensitive data and returns module 108 safely.Data point are specifically introduced with reference to Fig. 3
The implementation of analysis module 106:
(1) based on user-defined sensitive data collection 300, character 204 is carried out unidirectionally using AC prefix match algorithms
Matching, judges whether the character belongs to sensitive data prefix 301, is then if it is not, giving playback module 107 by the character
Sensitive data prefix is stored in into buffering area 302;
(2) wait user continues to be input into and repeat character (RPT) judges 303, if to the word in discovery and buffering area during certain character
Symbol string constitutes together sensitive data 304, then give sensitive data by the sensitive character string and return module 108 safely, once occur
Certain character is not belonging to sensitive data prefix, i.e., sensitive data 304 will not be constituted together with character afterwards, then by buffering area
The coordinate of each character give playback module 107.
3rd, the implementation method of the playback module of nonsensitive data
Non-sensitive character coordinates are received from data analysis module 106, playback module 107 is by input method framework 102
Event is given third party input method by the system service in the imitation event generator thread of addition and original input method framework
103 process and submit respective symbols to common applications 104.The realization side of playback module 107 is specifically introduced below by Fig. 4
Method:
(1) character coordinates 400 that data analysis module 106 is transmitted are placed in credible performing environment and common performing environment
In shared drive 401;
(2) the daemon thread imitation event generator 402 that the present invention adds operates in the system service of input method framework and enters
Cheng Zhong, it is waken up and obtains character coordinates 400 from shared drive 401;
(3) imitate event generator 402 and character coordinates are organized into event queue 403 in the system service of input method framework
The event format of needs, is put into touch event event queue 403 and wakes up the input scheduling thread in system service, i.e.,
InputDispatcher threads 404;
(4) inputDispatcher threads 404 obtain event from event queue 403, and selection scheduling third party is input into
Method 103 carries out process event and the corresponding character of key-press event is submitted into common applications 104.
4th, sensitive data returns safely the implementation method of module
To the sensitive character string received from data analysis module 106, sensitive data returns safely module 108 and puts data
In the shared drive of credible performing environment and common performing environment, then safety returns service and number is obtained from shared drive
According to, and input connecting interface InputConnection in the input method framework for passing through multiplexing calls the base of common applications
This input connecting interface BaseInputConnection directly submits data to application program.
5th, prevent third party's input method from the implementation method of sensitive data is obtained from common applications
The sensitive data for receiving is stored in data buffer zone by common applications 104, and third party's input method 103 can be with
The function access buffer area that basic input connecting interface BaseInputConnection in by input method framework 102 is provided,
So as to cause local sensitive data to reveal.The method for preventing local sensitive data from revealing is discussed in detail below by Fig. 5:
(1) third party's input method 103 is visited by the function that basic input connecting interface BaseInputConnection is provided
When asking common application number of passes according to sequence buffering area 500, the hook being added in basic input connecting interface BaseInputConnection
Subfunction 501getTextBeforeCursor () and getSelectedText () notify the data point in credible performing environment
Analysis module;
(2) data analysis module 106 judges that third party's input method 103 attempts the data for obtaining using AC prefix match algorithms
Whether sensitive 502, if non-sensitive, switch back into common performing environment 503 and continue executing with;If sensitive character string, then prevent
Sensitive data obtains 504.
Above example is provided just for the sake of the description purpose of the present invention, and is not intended to limit the scope of the present invention.This
The scope of invention is defined by the following claims.The various equivalents made without departing from spirit and principles of the present invention and repair
Change, all should cover within the scope of the present invention.
Claims (2)
1. a kind of utilization TrustZone technologies prevent the system that third party's input method sensitive data is revealed, it is characterised in that include:
Blocking module in common performing environment;Safety keyboard module, playback module, data in credible performing environment point
Analysis module and sensitive data return safely module;With reference to data analysis module protect common applications in sensitive data it is local
Protecting sensitive data module;Wherein:
Blocking module, in common performing environment, intercepts touch event of the user in common performing environment and analyzes event
Type, judges whether that the safety keyboard for being switched to credible performing environment supplies user input;Drive from touch event and receive touch
After event, blocking module judges event type using the Hook Function being added in the system service of input method framework,
In the case of intercepting keyboard & display event, key-press event is intercepted again, then be switched to the safety keyboard of credible performing environment;
Safety keyboard, allows user to be input into credible performing environment, so as to prevent the information of user input defeated by third party
Enter method acquisition, be multiplexed the soft keyboard of the third party's input method shown in currently common performing environment and verify layout information;Complete
Integrity verification is by the case of using the soft keyboard of third party's input method as the safety keyboard in credible performing environment;Work as user
When touching a button, safety keyboard obtains the coordinate of the button, is then converted into corresponding character, and gives data analysis
Module;
Whether data analysis module, judges the sensitiveness of the character from safety keyboard reception, i.e., be sensitive character;User is fixed in advance
The good sensitive data collection of justice, when data analysis module receives the character that safety keyboard is transmitted, is entered using AC prefix match algorithms
Row unidirectional matching, analyzes the prefix whether character belongs to sensitive data, if not then by character giving playback module;If
Then the prefix to be stored in a buffering area, wait the follow-up input of user and judge complete input whether with sensitive character
String matching, playback module is given if mismatching by character string, and sensitive data peace is given by sensitive character string if matching
It is complete to return module;Playback module, giving third party's input method by input method framework by the corresponding event of non-sensitive character is carried out
Process, and then data are submitted into common applications;Operate in the mould of the daemon thread in the system service of input method framework
Imitative event generator is placed in the character coordinates for needing to reset in the shared drive of credible performing environment and common performing environment,
Then imitate event generator to be waken up and character coordinates are obtained from shared drive, then construct the corresponding touch of character coordinates
Event gives the system service of input method framework, and system service dispatch third party's input method of input method framework processes the event,
So as to character is submitted into common applications;
Sensitive data returns safely module, by sensitive character string by credible performing environment and the shared drive of common performing environment
Common applications are submitted to, and without third party's input method;Sensitive data returns safely module and first puts sensitive data
In the shared drive of credible performing environment and common performing environment, the safety for then designing returns service and obtains from shared drive
Take sensitive data and give common applications by data using input connecting interface InputConnection;
Local protecting sensitive data module, Hook Function is added in application programming interfaces prevents third party's input method from answering from common
Sensitive data is obtained with the buffering area of program;Submitted data are stored in the data buffer zone of common applications, the
Tripartite's input method can obtain these data from common applications again by input method framework for the general-purpose interface that it is provided,
Including sensitive data;Add Hook Function in all application programming interfaces related to retrieving data, when third party's input method
When obtaining data from the buffering area of common applications, whether the data analysis module analyze data in performing environment that triggering is credible
Sensitivity, prevents acquisition of third party's input method to sensitive data if sensitivity.
2. a kind of utilization TrustZone technologies prevent the method that third party's input method sensitive data is revealed, it is characterised in that realize
Step is as follows:
(1) Hook Function during blocking module is by being added on the system service of input method framework intercepts touch event driving and transmits
Corresponding event, by the showSoftInput in input method management service class InputMethodManagerService
On the premise of () Hook Function intercepts keyboard & display event, process in class TouchInputMapper further through touch input
Hook Function sync () when intercepting key-press event, be switched to what credible performing environment showed to currently common performing environment
The soft keyboard of third party's input method carries out integrity check, then carries out arranging so as to be multiplexed the soft of third party's input method accordingly
, used as the safety keyboard of credible performing environment, the button operation generation that afterwards user performs is on safety keyboard for keyboard;
(2) user passes through button Coordinate Conversion into character in the input of safety keyboard, and character is given data analysis module;It is based on
The predefined sensitive data collection of user, data analysis module distinguishes whether character belongs to sensitive number using AC prefix match algorithms
According to prefix, if not then by character coordinates playback module is given, if the prefix is stored in a buffering area, wait
Whether the complete input of user is sensitive with the input for judging user, once confirm that the prefix is nonsensitive data, then it is its is each
The coordinate of individual character gives playback module, if sensitive data, then gives sensitive data by character string and returns module safely;
(3) in playback module, non-sensitive button coordinate be initially placed in credible performing environment and common performing environment it is shared in
Deposit, the daemon thread being added in system service process imitates event generator and is waken up and takes out touch event from shared drive
Coordinate.The event queue that event generator is placed on event with correct form the service of input method frame system is imitated, is then
Input scheduling thread inputDispatcher in system service is waken up and takes from queue event, corresponding group of selection scheduling
Part or service, that is, call third party's input method to process corresponding event, and eventually through third party normal direction common applications are input into
Submit character to;
(4) major part that sensitive data returns safely module is that safety returns service, and sensitive character string is stored in credible holding
In the shared drive of row environment and common performing environment, safe return service is waken up and obtains from shared drive character string,
Safety returns input connecting interface InputConnection in service multiplexing input method framework, then by calling common answering
Directly data are submitted to basic input connecting interface BaseInputConnection of program to application program;
(5) common applications receive playback module and sensitive data is returned safely after the data that module is submitted to, and data are deposited
It is placed on the buffering area of common applications;In order to prevent third party's input method from sensitive number is obtained from common applications buffering area
According to addition Hook Function getTextBeforeCursor () in basic input connecting interface BaseInputConnection
With getSelectedText (), when third party's input method by application programming interfaces access common applications buffering area when,
Hook Function notifies that the data analysis module in credible performing environment is analyzed to the data that third party's input method attempts to obtain,
If sensitive data then prevents acquisition of third party's input method to data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610892087.7A CN106650422B (en) | 2016-10-13 | 2016-10-13 | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610892087.7A CN106650422B (en) | 2016-10-13 | 2016-10-13 | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106650422A true CN106650422A (en) | 2017-05-10 |
CN106650422B CN106650422B (en) | 2019-06-04 |
Family
ID=58856933
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610892087.7A Expired - Fee Related CN106650422B (en) | 2016-10-13 | 2016-10-13 | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106650422B (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108614975A (en) * | 2018-04-27 | 2018-10-02 | 北京可信华泰信息技术有限公司 | A kind of safe verification method based on integrity detection |
WO2019007028A1 (en) * | 2017-07-03 | 2019-01-10 | 深圳市中兴微电子技术有限公司 | Authentication protection system and method based on trusted environment, and storage medium |
CN110119632A (en) * | 2018-02-05 | 2019-08-13 | 中国移动通信有限公司研究院 | Sensitive data requesting method, device, system and computer readable storage medium |
CN112231746A (en) * | 2020-09-10 | 2021-01-15 | 杭州锘崴信息科技有限公司 | Joint data analysis method, device and system and computer readable storage medium |
CN112511514A (en) * | 2020-11-19 | 2021-03-16 | 平安普惠企业管理有限公司 | HTTP encrypted transmission method and device, computer equipment and storage medium |
CN112580066A (en) * | 2019-09-30 | 2021-03-30 | 北京国双科技有限公司 | Data protection method and device |
CN112948824A (en) * | 2021-03-31 | 2021-06-11 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
US11275842B2 (en) | 2019-09-20 | 2022-03-15 | The Toronto-Dominion Bank | Systems and methods for evaluating security of third-party applications |
US11436336B2 (en) | 2019-09-23 | 2022-09-06 | The Toronto-Dominion Bank | Systems and methods for evaluating data access signature of third-party applications |
WO2024103830A1 (en) * | 2022-11-15 | 2024-05-23 | 百富计算机技术(深圳)有限公司 | Secure input method and apparatus, and terminal device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101894232A (en) * | 2010-07-26 | 2010-11-24 | 深圳市永达电子股份有限公司 | Safe input method applied to identity authentication and input terminal |
CN103853993A (en) * | 2014-03-26 | 2014-06-11 | 联想(北京)有限公司 | Information processing method and electronic equipment |
-
2016
- 2016-10-13 CN CN201610892087.7A patent/CN106650422B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101894232A (en) * | 2010-07-26 | 2010-11-24 | 深圳市永达电子股份有限公司 | Safe input method applied to identity authentication and input terminal |
CN103853993A (en) * | 2014-03-26 | 2014-06-11 | 联想(北京)有限公司 | Information processing method and electronic equipment |
Non-Patent Citations (1)
Title |
---|
任飞: "Android操作系统安全机制研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019007028A1 (en) * | 2017-07-03 | 2019-01-10 | 深圳市中兴微电子技术有限公司 | Authentication protection system and method based on trusted environment, and storage medium |
US11620373B2 (en) | 2017-07-03 | 2023-04-04 | Sanechips Technology Co., Ltd. | Authentication protection system and method based on trusted environment, and storage medium |
CN110119632A (en) * | 2018-02-05 | 2019-08-13 | 中国移动通信有限公司研究院 | Sensitive data requesting method, device, system and computer readable storage medium |
CN110119632B (en) * | 2018-02-05 | 2021-01-15 | 中国移动通信有限公司研究院 | Sensitive data request method, device, system and computer readable storage medium |
CN108614975A (en) * | 2018-04-27 | 2018-10-02 | 北京可信华泰信息技术有限公司 | A kind of safe verification method based on integrity detection |
US11275842B2 (en) | 2019-09-20 | 2022-03-15 | The Toronto-Dominion Bank | Systems and methods for evaluating security of third-party applications |
US11947678B2 (en) | 2019-09-23 | 2024-04-02 | The Toronto-Dominion Bank | Systems and methods for evaluating data access signature of third-party applications |
US11436336B2 (en) | 2019-09-23 | 2022-09-06 | The Toronto-Dominion Bank | Systems and methods for evaluating data access signature of third-party applications |
CN112580066A (en) * | 2019-09-30 | 2021-03-30 | 北京国双科技有限公司 | Data protection method and device |
CN112231746B (en) * | 2020-09-10 | 2024-02-02 | 杭州锘崴信息科技有限公司 | Joint data analysis method, device, system and computer readable storage medium |
CN112231746A (en) * | 2020-09-10 | 2021-01-15 | 杭州锘崴信息科技有限公司 | Joint data analysis method, device and system and computer readable storage medium |
CN112511514A (en) * | 2020-11-19 | 2021-03-16 | 平安普惠企业管理有限公司 | HTTP encrypted transmission method and device, computer equipment and storage medium |
CN112948824B (en) * | 2021-03-31 | 2022-04-26 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
CN112948824A (en) * | 2021-03-31 | 2021-06-11 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
WO2024103830A1 (en) * | 2022-11-15 | 2024-05-23 | 百富计算机技术(深圳)有限公司 | Secure input method and apparatus, and terminal device |
Also Published As
Publication number | Publication date |
---|---|
CN106650422B (en) | 2019-06-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106650422B (en) | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology | |
CN101340281B (en) | Method and system for safe login input on network | |
WO2016110101A1 (en) | Fingerprint authentication method and device, intelligent terminal, and computer storage medium | |
CN101794365B (en) | The method of safely inputting information and mobile terminal on mobile terminals | |
CN105183307A (en) | Application message display control method and application message display control device | |
CN105701414B (en) | Method and device for multiplexing electronic equipment based on multiple accounts and electronic equipment | |
CN106650514B (en) | A kind of safe input system and method based on TrustZone technology | |
CN102842001B (en) | System and method for detecting computer security information based on U disc authentication | |
CN101483658B (en) | System and method for input content protection of browser | |
CN106341381A (en) | Method and system of key management for rack server system | |
CN104361281B (en) | A kind of solution of Android platform phishing attack | |
CN109923544A (en) | Method for authenticating and electronic equipment | |
CN104700007A (en) | Gesture impression password setting and application method | |
CN104901805B (en) | A kind of identification authentication methods, devices and systems | |
CN108536783A (en) | Data processing method and device, terminal, computer readable storage medium | |
WO2017147890A1 (en) | Verification code short message display method and mobile terminal | |
CN110378097A (en) | Ensure sensing data safety | |
US20190377863A1 (en) | Password input method, computer device and storage medium | |
CN110311857A (en) | A kind of college association online interaction platform | |
CN102195940A (en) | Virtual-machine-technology-based data security input and submission method and system | |
CN112131564A (en) | Encrypted data communication method, apparatus, device, and medium | |
CN102984044B (en) | The method and apparatus realizing data transmission security based on VPN (virtual private network) | |
CN104580197A (en) | Code detection method and code detection system | |
CN112632605A (en) | Method and device for preventing unauthorized access, computer equipment and storage medium | |
CN109981891A (en) | A kind of terminal control method, device and terminal device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190604 Termination date: 20191013 |
|
CF01 | Termination of patent right due to non-payment of annual fee |