CN106650422B - A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology - Google Patents
A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology Download PDFInfo
- Publication number
- CN106650422B CN106650422B CN201610892087.7A CN201610892087A CN106650422B CN 106650422 B CN106650422 B CN 106650422B CN 201610892087 A CN201610892087 A CN 201610892087A CN 106650422 B CN106650422 B CN 106650422B
- Authority
- CN
- China
- Prior art keywords
- data
- input method
- party
- module
- sensitive
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Mathematical Physics (AREA)
- Input From Keyboards Or The Like (AREA)
Abstract
The present invention relates to a kind of System and method fors for preventing third party's input method sensitive data from revealing using TrustZone technology, characterized by comprising: the blocking module in common performing environment;Safety keyboard module, data analysis module, playback module and the safe return module of sensitive data in credible performing environment;Combined data analysis module protects the local protecting sensitive data module of sensitive data in common applications;The present invention effectively guarantees the safety of mobile terminal input system, has the advantages such as versatility, efficient and user friendly, strong security.
Description
Technical field
The present invention relates to a kind of system for preventing third party's input method sensitive data from revealing using TrustZone technology and sides
Method belongs to the data security arts of mobile terminal device.
Background technique
With the fast development of development of Mobile Internet technology and mobile intelligent terminal, the business of mobile terminal processing is from traditional
Communication, entertainment field extend to the high safeties such as mobile office, mobile payment, high sensitive traffic field.User needs mobile whole
It includes login user name and password, contact information, bank's card number etc. that end, which inputs more and more sensitive informations,.Research is found greatly
Part third party's input method software can send the information of input to remote server, in order to protect use during user inputs
Method service provider's malicious exploitation is not intercepted and captured or be entered to the sensitive information at family by third party's malice, needs a kind of effective method
The leakage for the sensitive information for preventing third party's input method from inputting to user.
Common practice is to be encrypted by Encryption Algorithm to sensitive data, but input method service provider can still obtain
Take the sensitive information of family input.It is currently to have obtained use in input method to the feasible solution of input method safety problem
The operation such as rollback or encryption is executed after the click at family, but cannot be taken action before the execution of the code of input method, therefore safety
Problem still has.
In order to better solve mobile terminal third party input method to the leakage problem of user's sensitive data, it is necessary to from bottom
The total solution of multiple ring layout software and hardware combinings such as hardware structure, operating system.ARM TrustZone hardware isolated
Technology constructs two independent running environment of common performing environment and credible performing environment in mobile terminal, and utilizes processor
Monitoring mode provides the switching of two environment and data are transmitted.Common performing environment and credible performing environment are mutually isolated, guarantee
Being isolated for application system high sensitive traffic and general service is effectively realized in the safety operated in credible performing environment.
Prevent the leakage of third party's input method sensitive data from need to solve the problems, such as using TrustZone technology following: how
Judge whether to need to be switched to credible performing environment;How to be operated in credible performing environment;How by the input data of user just
Really return to the common applications in common performing environment.
Summary of the invention
Technology of the invention solves the problems, such as: solving the safety problem for the sensitive data that user inputs in mobile terminal, provides
A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology, to effectively guarantee
The safety of the privacy information of user's input, has the advantages such as versatility, efficient and user friendly, strong security.
The technology of the present invention solution are as follows: a kind of to prevent third party's input method sensitive data from letting out using TrustZone technology
The System and method for of dew, is briefly described below the basic thought of lower this programme, and the present invention is drawing existing solution advantage
On basis, the design philosophy of oneself is proposed, specifically, the present invention prevents third party from inputting using TrustZone technology
The system of method sensitive data leakage includes following several aspects:
The blocking module of aspect one, touch event is located in common performing environment, intercepts user in common performing environment
Touch event and analyze event type, the safety keyboard for judging whether to be switched to credible performing environment is inputted for user.From touching
It touches after event-driven receives touch event, Hook Function of the blocking module using addition in the system service of input method frame
Judge event type, in the case where having intercepted keyboard & display event, and intercept key-press event, is then switched to credible hold
The safety keyboard of row environment;Otherwise, event is executed by third party's input method that input method frame is transmitted to common performing environment
The operation of response.
Aspect two, safety keyboard can allow user to input in credible performing environment, to prevent user from inputting
Information is obtained by third party's input method.In order to reduce the complexity of system design, safety keyboard is multiplexed currently common performing environment
The soft keyboard of third party's input method of middle display simultaneously verifies layout information, in the case where being verified by third party's input method
Soft keyboard is as the safety keyboard in credible performing environment.The present invention only considers the soft key of the Romance of third party's input method
Disk, the corresponding character of each key, when user touches a key, safety keyboard can obtain the coordinate of the key, so
After be converted into corresponding character, and give data analysis module.
Aspect three, data analysis module analyze the sensibility from the received character of safety keyboard.In order to verify the quick of character
Perception unidirectionally matches predefined sensitive data collection using AC prefix match algorithm, whether analyzes the character
The prefix for belonging to sensitive data, if not then giving the character to playback module;If it is the prefix is stored to one
In buffer area, wait user it is subsequent input and judge completely input whether with sensitive string matching, if mismatch if will
Character string gives playback module, gives sensitive data safe return module sensitive character string if matching.
Aspect four, playback module by the corresponding event of non-sensitive character by input method frame give third party's input method into
Row processing, and then data are submitted into common applications.The present invention devise operate in the system service of input method frame into
Daemon thread in journey imitates event generator, and the character coordinates for needing to reset are placed in credible performing environment and common execution ring
In the shared drive in border, then imitates event generator and be waken up and obtain character coordinates from shared drive, then construct word
The corresponding touch event of symbol coordinate gives the system service of input method frame, and the system service dispatch third party of input method frame is defeated
Enter method and handle the event, so that character is submitted to common applications.
Sensitive character string is passed through credible performing environment and common performing environment by aspect five, the safe return module of sensitive data
Shared drive submit to common applications, and without third party's input method.Data safety return module first will be sensitive
Data are placed in the shared drive of credible performing environment and common performing environment, then the present invention design safety return service from
Sensitive data is obtained in shared drive and gives data to common application journey using input connecting interface InputConnection
Sequence.
Aspect six, local protecting sensitive data module adds Hook Function in application programming interfaces prevents third party from inputting
Method obtains sensitive data from the buffer area of common applications.The data that submitted data are stored in common applications are slow
It rushes in area, it has been found that third party's input method can be its general-purpose interface for providing by input method frame again from common application
Program obtains these data, including sensitive data.The present invention adds in all application programming interfaces relevant to retrieving data
Hook Function triggers in credible performing environment when third party's input method obtains data from the buffer area of common applications
Whether data analysis module analysis data are sensitive, prevent acquisition of third party's input method to sensitive data if sensitive.
A method of it prevents third party's input method sensitive data from revealing using TrustZone technology, realizes that steps are as follows:
(1) blocking module intercepts touch event driving by Hook Function of the addition in the system service of input method frame
The corresponding event transmitted, by input method management service class InputMethodManagerService
Under the premise of showSoftInput () Hook Function intercepts keyboard & display event, class is handled further through touch input
When Hook Function sync () in TouchInputMapper intercepts key-press event, credible performing environment is switched to current
The soft keyboard for third party's input method that common performing environment is shown carries out integrity check, carries out corresponding setting then to multiple
Use the soft keyboard of third party's input method as the safety keyboard of credible performing environment, the button operation that user executes later occurs
On safety keyboard.
(2) user is converted into character by key coordinate in the input of safety keyboard, and character is given data analysis module.
Based on the predefined sensitive data collection of user, data analysis module distinguished using AC prefix match algorithm character whether belong to it is quick
Feel prefix data, if not then character coordinates are given to playback module, store if it is by the prefix into a buffer area,
Wait the complete input of user to judge whether the input of user is sensitive, once confirm that the prefix is nonsensitive data, then by it
The coordinate of each character gives playback module, if it is sensitive data, then gives character string to sensitive data and returns to mould safely
Block.
(3) in playback module, non-sensitive key coordinate is initially placed in being total to for credible performing environment and common performing environment
Memory is enjoyed, the daemon thread imitation event generator added in system service process is waken up and takes out touch from shared drive
Event coordinates.The event queue that event generator is placed on event with correct format input method frame system service is imitated, so
The input scheduling thread inputDispatcher in system service is waken up and takes event from queue afterwards, and selection scheduling is corresponding
Component or service, i.e. calling third party's input method handle corresponding event, input normal direction common application eventually by third party
Program submits character.
(4) major part of the safe return module of sensitive data is to return to service safely.Sensitive character string is stored in can
In the shared drive for believing performing environment and common performing environment, safety returns to service and is waken up and obtains character from shared drive
String, safety return to the input connecting interface InputConnection in service multiplexing input method frame, then common by calling
The basic input connecting interface BaseInputConnection of application program directly submits data to application program.
(5) it after common applications receive the data that playback module and the safe return module of sensitive data are submitted, will count
According to the buffer area for being stored in common applications.Third party's input method obtains quick from common applications buffer area in order to prevent
Feel data, the present invention adds Hook Function in input connecting interface BaseInputConnection substantially
GetTextBeforeCursor () and getSelectedText (), when third party's book input method is visited by application programming interfaces
When asking common applications buffer area, Hook Function notifies the data analysis module in credible performing environment to third party's input method
The data for attempting to obtain are analyzed, and acquisition of third party's input method to data is then prevented if it is sensitive data.
Compared with prior art, the present invention having the advantage that
(1) button operation is isolated in credible performing environment by the present invention using ARM TrustZone hardware isolated technology,
Hook Function is added in system service to intercept corresponding event and judge whether to credible performing environment and common execution ring
The switching in border makes user in the safety keyboard input data of credible performing environment, and in the form of services to common applications
Submit sensitive data.Due to preventing third party's input method sensitive data from revealing in system-level combination hardware technology, have stronger
Safety, while the present invention is suitable for all third party's input methods, that is, has versatility.
(2) soft keyboard of third party's input method of safety keyboard of the invention multiplexing normal operating system, reduces system
Complexity, and do not influence user experience, and by credible performing environment to the keyboard layout of third party's input method into
Row integrity verification guarantees that keyboard layout is unmodified, thus the attack for effectivelying prevent false keypad to be laid out.
(3) system service that the safe return module of sensitive data passes through addition --- safety returns to service directly by sensitive number
According to common applications are submitted to, not by third party's input method, therefore sensitive data will not be sent to by third party's input method
Cloud storage, ensure that the privacy of user sensitive information.
(4) when having been committed to the data of common applications and being accessed again by third party's input method, it is added to application
Hook Function in routine interface captures and the data analysis module in credible performing environment is notified to carry out data analysis, if point
Analysis obtains it is sensitive character string, then input method is prevented to obtain the data, to guarantee the sensitive data for being stored in mobile phone local
Safety.
Detailed description of the invention
Fig. 1 is general frame schematic diagram of the invention;
Fig. 2 is blocking module of the invention and the schematic diagram for being switched to safety keyboard;
Fig. 3 is the schematic diagram of data analysis module of the invention;
Fig. 4 is schematic diagram of the present invention to the playback module of non-sensitive character;
Fig. 5 is the realization side of the invention for preventing third party's input method from obtaining sensitive data from common applications buffer area
Method schematic diagram.
Specific embodiment
For the present invention using ARM TrustZone hardware isolated technology and credible performing environment as basic platform, realization can
With the system for effectivelying prevent third party's input method leakage sensitive data.Under the premise of guaranteeing to operating system minimal modifications, defeated
Enter in the system service of method frame and add Hook Function, capture the touch event of user, judges whether to be switched to credible execution ring
Border is inputted using safety keyboard.For the character that user inputs in safety keyboard, data analysis module utilizes AC mode
Sensibility with algorithm analysis character, the coordinate of non-sensitive character gives input method frame by playback module, then by third
Square input method processing;Sensitive character string directly gives common applications by the safe return module of sensitive data, thus around the
Leakage of tripartite's input method to sensitive data.Based on this, the present invention prevents third party's input method sensitive using TrustZone technology
The system and method for leaking data have the advantages such as versatility, efficient and user friendly, strong security.
To keep the purpose of the present invention, advantage and technical solution clearer, below by way of specific implementation, and combine attached
Figure, the present invention is described in more detail.
Fig. 1 describes the general frame of program implementation on the whole, mainly includes following five partial content:
One, the implementation method of the blocking module based on common performing environment
Hook Function capture touch event in blocking module 101 drives the touch event transmitted, is sentenced according to event type
The disconnected safety keyboard 105 for whether being switched to credible performing environment receives the input of user.It is made a concrete analysis of below with reference to Fig. 2 and intercepts mould
Block is how to play a role and be switched to safety keyboard:
(1) for user when common performing environment is executed and operated, touch event driving 100 generates corresponding touch event, blocks
Module 101 is cut first by the Hook Function in input method management service class InputMethodManagerService
ShowSoftInput () judges whether keyboard & display event 200, if not then continuing to operate in common performing environment 201;
(2) if it is keyboard & display event, and user touches soft keyboard 202, and blocking module 101 utilizes input method frame
Touch input handles the Hook Function sync () in class TouchInputMapper and intercepts corresponding event, notifies credible execution
The integrality of the keyboard layout for third party's input method that the currently common performing environment of environment measuring is shown, is then set accordingly
It sets, is multiplexed the soft keyboard of third party's input method as the safety keyboard 105 in credible performing environment.(3) above-mentioned soft keyboard is touched
The touch event touching event and generating on safety keyboard later, blocking module judges whether key-press event 203, if not just
Common performing environment 201 is switched back into, is, by key coordinate 204 by being converted into character 205.
Two, in credible performing environment data analysis module implementation method
User is given data analysis module 106 in the input of safety keyboard 105 and carries out sensitivity analysis, non-sensitive character
Playback module 107 is given, sensitive data gives sensitive data safe return module 108.Data point are specifically introduced below with reference to Fig. 3
Analyse the implementation of module 106:
(1) it is based on the customized sensitive data collection 300 of user, character 204 is carried out unidirectionally using AC prefix match algorithm
Matching, judges whether the character belongs to sensitive data prefix 301, is then if it is not, giving the character to playback module 107
Sensitive data prefix is stored in buffer area 302;
(2) wait that user continues input and repeat character (RPT) judge 303, if word when to certain character in discovery and buffer area
Symbol string constitutes sensitive data 304 together, then gives sensitive data safe return module 108 the sensitivity character string, once occur
Some character is not belonging to sensitive data prefix, i.e., sensitive data 304 will not be constituted together with character later, then will be in buffer area
The coordinate of each character give playback module 107.
Three, the implementation method of the playback module of nonsensitive data
Non-sensitive character coordinates are received from data analysis module 106, playback module 107 passes through in input method frame 102
System service in the imitation event generator thread and original input method frame of addition gives event to third party's input method
103 handle and submit respective symbols to common applications 104.The realization side of playback module 107 is specifically introduced below by Fig. 4
Method:
(1) character coordinates 400 that data analysis module 106 transmits are placed in credible performing environment and common performing environment
In shared drive 401;
(2) daemon thread that adds of the present invention imitate event generator 402 operate in the system service of input method frame into
Cheng Zhong, it is waken up and obtains character coordinates 400 from shared drive 401;
(3) it imitates event generator 402 and character coordinates is organized into event queue 403 in the system service of input method frame
Touch event is put into event queue 403 and wakes up the input scheduling thread in system service, i.e., by the event format needed
InputDispatcher thread 404;
(4) inputDispatcher thread 404 obtains event from event queue 403, and selection scheduling third party inputs
Method 103 carries out processing event and the corresponding character of key-press event is submitted to common applications 104.
Four, the implementation method of the safe return module of sensitive data
To the sensitive character string received from data analysis module 106, the safe return module 108 of sensitive data puts data
In the shared drive of credible performing environment and common performing environment, then safety returns to service and obtains number from shared drive
According to, and pass through the base of the input connecting interface InputConnection calling common applications in the input method frame of multiplexing
This input connecting interface BaseInputConnection directly submits data to application program.
Five, prevent third party's input method from obtaining the implementation method of sensitive data from common applications
The sensitive data received is stored in data buffer zone by common applications 104, and third party's input method 103 can be with
The function access buffer area provided by the basic input connecting interface BaseInputConnection in input method frame 102,
To cause local sensitive data to reveal.The method for preventing local sensitive data leakage is discussed in detail below by Fig. 5:
(1) third party's input method 103 is visited by the function that input connecting interface BaseInputConnection is provided substantially
When asking common application number of passes according to sequence buffer area 500, the hook in input connecting interface BaseInputConnection substantially is added
Subfunction 501getTextBeforeCursor () and getSelectedText () notifies the data in credible performing environment point
Analyse module;
(2) data analysis module 106 judges that third party's input method 103 attempts the data obtained using AC prefix match algorithm
Whether sensitivity 502, if non-sensitive, switch back into common performing environment 503 and continue to execute;If it is sensitive character string, then prevent
Sensitive data obtains 504.
Above embodiments are provided just for the sake of the description purpose of the present invention, and are not intended to limit the scope of the invention.This
The range of invention is defined by the following claims.It does not depart from spirit and principles of the present invention and the various equivalent replacements made and repairs
Change, should all cover within the scope of the present invention.
Claims (2)
1. a kind of system for preventing third party's input method sensitive data from revealing using TrustZone technology, characterized by comprising:
Blocking module in common performing environment;Safety keyboard module, playback module, data point in credible performing environment
Analyse module and the safe return module of sensitive data;Combined data analysis module protects the local of sensitive data in common applications
Protecting sensitive data module;Wherein:
Blocking module is located in common performing environment, intercepts touch event of the user in common performing environment and analyzes event
Type judges whether that the safety keyboard for being switched to credible performing environment is inputted for user;Touch is received from touch event driving
After event, blocking module judges event type using Hook Function of the addition in the system service of input method frame,
In the case where intercepting keyboard & display event, and key-press event is intercepted, is then switched to the safety keyboard of credible performing environment;
Safety keyboard allows user to input in credible performing environment, so that the information for preventing user from inputting is defeated by third party
Enter method acquisition, is multiplexed the soft keyboard of the third party's input method shown in currently common performing environment and verifies layout information;Complete
Integrity verification pass through in the case where using the soft keyboard of third party's input method as the safety keyboard in credible performing environment;Work as user
When touching a key, safety keyboard obtains the coordinate of the key, is then converted into corresponding character, and gives data analysis
Module;
Whether data analysis module judges the sensibility from the received character of safety keyboard, i.e., is sensitive character;User is fixed in advance
The good sensitive data collection of justice, when data analysis module receives the character that safety keyboard transmits, using AC prefix match algorithm into
Whether the unidirectional matching of row, analysis character belong to the prefix of sensitive data, if not then giving character to playback module;If
Be then by the prefix storage into a buffer area, wait user it is subsequent input and judge completely input whether with sensitive character
String matching gives character string to playback module if mismatching, and gives sensitive character string to sensitive data peace if matching
Full return module;Playback module is given the corresponding event of non-sensitive character to third party's input method by input method frame and is carried out
Processing, and then data are submitted into common applications;Operate in the mould of the daemon thread in the system service of input method frame
Imitative event generator will need the character coordinates reset to be placed in the shared drive of credible performing environment and common performing environment,
Then it imitates event generator to be waken up and obtain character coordinates from shared drive, then constructs the corresponding touch of character coordinates
Event gives the system service of input method frame, and system service dispatch third party's input method of input method frame handles the event,
To which character is submitted to common applications;
The safe return module of sensitive data, the shared drive that sensitive character string is passed through into credible performing environment and common performing environment
Common applications are submitted to, and without third party's input method;The safe return module of sensitive data first puts sensitive data
In the shared drive of credible performing environment and common performing environment, the safety then designed returns to service and obtains from shared drive
It takes sensitive data and gives data to common applications using input connecting interface InputConnection;
Local protecting sensitive data module, adding Hook Function in application programming interfaces prevents third party's input method from commonly answering
Sensitive data is obtained with the buffer area of program;Submitted data are stored in the data buffer zone of common applications, the
Tripartite's input method can be that the general-purpose interface that it is provided obtains these data from common applications again by input method frame,
Including sensitive data;Hook Function is added in all application programming interfaces relevant to retrieving data, when third party's input method
When obtaining data from the buffer area of common applications, whether the data analysis module triggered in credible performing environment analyzes data
Sensitivity prevents acquisition of third party's input method to sensitive data if sensitive.
2. a kind of method for preventing third party's input method sensitive data from revealing using TrustZone technology, it is characterised in that realize
Steps are as follows:
(1) blocking module intercepts touch event driving by Hook Function of the addition in the system service of input method frame and transmits
Corresponding event, passing through the showSoftInput in input method management service class InputMethodManagerService
Under the premise of () Hook Function intercepts keyboard & display event, further through in touch input processing class TouchInputMapper
Hook Function sync () when intercepting key-press event, be switched to what credible performing environment showed currently common performing environment
The soft keyboard of third party's input method carries out integrity check, carries out corresponding setting then to be multiplexed the soft of third party's input method
Safety keyboard of the keyboard as credible performing environment, the button operation that user executes later occur on safety keyboard;
(2) user is converted into character by key coordinate in the input of safety keyboard, and character is given data analysis module;It is based on
The predefined sensitive data collection of user, data analysis module distinguish whether character belongs to sensitive number using AC prefix match algorithm
It, into a buffer area, is waited if not then character coordinates are given to playback module if it is by prefix storage according to prefix
The complete input of user is to judge whether the input of user is sensitive, once confirm that the prefix is nonsensitive data, then it is its is each
The coordinate of a character gives playback module, if it is sensitive data, then gives sensitive data safe return module character string;
(3) in playback module, non-sensitive key coordinate be initially placed in credible performing environment and common performing environment it is shared in
It deposits, the daemon thread imitation event generator added in system service process is waken up and takes out touch event from shared drive
Coordinate imitates the event queue that event generator is placed on event with correct format input method frame system service, is then
Input scheduling thread inputDispatcher in system service is waken up and takes from queue event, and corresponding group of selection scheduling
Part or service, that is, call third party's input method to handle corresponding event, inputs normal direction common applications eventually by third party
Submit character;
(4) major function of the safe return module of sensitive data is to return to service safely, and sensitive character string is stored in credible hold
In row environment and the shared drive of common performing environment, safety returns to service and is waken up and obtains from shared drive character string,
Safety returns to the input connecting interface InputConnection in service multiplexing input method frame, is then commonly answered by calling
Data directly are submitted to application program with the basic input connecting interface BaseInputConnection of program;
(5) after common applications receive the data that playback module and the safe return module of sensitive data are submitted, data are deposited
It is placed on the buffer area of common applications;Third party's input method obtains sensitive number from common applications buffer area in order to prevent
According to addition Hook Function getTextBeforeCursor () in input connecting interface BaseInputConnection substantially
With getSelectedText (), when third party's input method by application programming interfaces access common applications buffer area when,
The data that Hook Function notifies the data analysis module in credible performing environment to attempt to obtain to third party's input method are analyzed,
Acquisition of third party's input method to data is then prevented if it is sensitive data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610892087.7A CN106650422B (en) | 2016-10-13 | 2016-10-13 | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610892087.7A CN106650422B (en) | 2016-10-13 | 2016-10-13 | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106650422A CN106650422A (en) | 2017-05-10 |
CN106650422B true CN106650422B (en) | 2019-06-04 |
Family
ID=58856933
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610892087.7A Expired - Fee Related CN106650422B (en) | 2016-10-13 | 2016-10-13 | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106650422B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11861017B2 (en) | 2019-09-20 | 2024-01-02 | The Toronto-Dominion Bank | Systems and methods for evaluating security of third-party applications |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109218260B (en) | 2017-07-03 | 2020-11-06 | 深圳市中兴微电子技术有限公司 | Trusted environment-based authentication protection system and method |
CN110119632B (en) * | 2018-02-05 | 2021-01-15 | 中国移动通信有限公司研究院 | Sensitive data request method, device, system and computer readable storage medium |
CN108614975A (en) * | 2018-04-27 | 2018-10-02 | 北京可信华泰信息技术有限公司 | A kind of safe verification method based on integrity detection |
US11436336B2 (en) | 2019-09-23 | 2022-09-06 | The Toronto-Dominion Bank | Systems and methods for evaluating data access signature of third-party applications |
CN112580066A (en) * | 2019-09-30 | 2021-03-30 | 北京国双科技有限公司 | Data protection method and device |
CN112231746B (en) * | 2020-09-10 | 2024-02-02 | 杭州锘崴信息科技有限公司 | Joint data analysis method, device, system and computer readable storage medium |
CN112511514A (en) * | 2020-11-19 | 2021-03-16 | 平安普惠企业管理有限公司 | HTTP encrypted transmission method and device, computer equipment and storage medium |
CN112948824B (en) * | 2021-03-31 | 2022-04-26 | 支付宝(杭州)信息技术有限公司 | Program communication method, device and equipment based on privacy protection |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101894232A (en) * | 2010-07-26 | 2010-11-24 | 深圳市永达电子股份有限公司 | Safe input method applied to identity authentication and input terminal |
CN103853993A (en) * | 2014-03-26 | 2014-06-11 | 联想(北京)有限公司 | Information processing method and electronic equipment |
-
2016
- 2016-10-13 CN CN201610892087.7A patent/CN106650422B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101894232A (en) * | 2010-07-26 | 2010-11-24 | 深圳市永达电子股份有限公司 | Safe input method applied to identity authentication and input terminal |
CN103853993A (en) * | 2014-03-26 | 2014-06-11 | 联想(北京)有限公司 | Information processing method and electronic equipment |
Non-Patent Citations (1)
Title |
---|
Android操作系统安全机制研究与实现;任飞;《中国优秀硕士学位论文全文数据库 信息科技辑》;20160315(第3期);第I138-136页 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11861017B2 (en) | 2019-09-20 | 2024-01-02 | The Toronto-Dominion Bank | Systems and methods for evaluating security of third-party applications |
Also Published As
Publication number | Publication date |
---|---|
CN106650422A (en) | 2017-05-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106650422B (en) | A kind of System and method for for preventing third party's input method sensitive data from revealing using TrustZone technology | |
Barkadehi et al. | Authentication systems: A literature review and classification | |
CN106650514B (en) | A kind of safe input system and method based on TrustZone technology | |
CN107273736B (en) | Cipher-code input method, device, computer equipment and storage medium | |
CN101794365B (en) | The method of safely inputting information and mobile terminal on mobile terminals | |
CN105610810A (en) | Data processing method, client and servers | |
CN109389727A (en) | Method for unlocking, system and computer readable storage medium | |
CN103002445A (en) | Safe mobile electronic equipment for providing application services | |
CN109923544A (en) | Method for authenticating and electronic equipment | |
CN104361281B (en) | A kind of solution of Android platform phishing attack | |
CN105447378A (en) | Password generation method and device | |
CN106657166B (en) | A kind of method of authentication, terminal device and server | |
CN110311857A (en) | A kind of college association online interaction platform | |
Alluhaybi et al. | A survey: agent-based software technology under the eyes of cyber security, security controls, attacks and challenges | |
CN107666469A (en) | The processing method and terminal of identifying code short message | |
CN104683290A (en) | Method and device for monitoring phishing and terminal | |
CN107657187A (en) | A kind of keyboard and input method and system applied to android system | |
CN102984044A (en) | Method and device based on virtual private network (VPN) to achieve data transmission security | |
CN104955043B (en) | A kind of intelligent terminal security protection system | |
CN112260983B (en) | Identity authentication method, device, equipment and computer readable storage medium | |
CN108959868A (en) | A kind of booting computer method, apparatus and computer | |
CN108566389A (en) | A kind of fingerprint identity validation method and device across application | |
CN206133573U (en) | Credible execution systems of software based on ARM framework | |
US20230177142A1 (en) | Detecting sharing of passwords | |
Chen et al. | Security and usability |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190604 Termination date: 20191013 |