CN107835185B - 一种基于ARM TrustZone的移动终端安全服务方法及装置 - Google Patents
一种基于ARM TrustZone的移动终端安全服务方法及装置 Download PDFInfo
- Publication number
- CN107835185B CN107835185B CN201711172709.XA CN201711172709A CN107835185B CN 107835185 B CN107835185 B CN 107835185B CN 201711172709 A CN201711172709 A CN 201711172709A CN 107835185 B CN107835185 B CN 107835185B
- Authority
- CN
- China
- Prior art keywords
- application program
- world
- hash value
- normal world
- normal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 21
- 238000004891 communication Methods 0.000 claims abstract description 18
- 230000007246 mechanism Effects 0.000 claims abstract description 15
- 238000012795 verification Methods 0.000 claims description 41
- 238000005516 engineering process Methods 0.000 claims description 15
- 230000015654 memory Effects 0.000 claims description 14
- 238000002955 isolation Methods 0.000 claims description 8
- 238000001514 detection method Methods 0.000 claims description 7
- 230000006870 function Effects 0.000 description 18
- 238000010586 diagram Methods 0.000 description 14
- 230000008569 process Effects 0.000 description 11
- 239000003795 chemical substances by application Substances 0.000 description 10
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000003993 interaction Effects 0.000 description 4
- 201000007023 Thrombotic Thrombocytopenic Purpura Diseases 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000011217 control strategy Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000003698 anagen phase Effects 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000002790 cross-validation Methods 0.000 description 1
- 230000008260 defense mechanism Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711172709.XA CN107835185B (zh) | 2017-11-21 | 2017-11-21 | 一种基于ARM TrustZone的移动终端安全服务方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711172709.XA CN107835185B (zh) | 2017-11-21 | 2017-11-21 | 一种基于ARM TrustZone的移动终端安全服务方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107835185A CN107835185A (zh) | 2018-03-23 |
CN107835185B true CN107835185B (zh) | 2020-10-02 |
Family
ID=61652373
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711172709.XA Active CN107835185B (zh) | 2017-11-21 | 2017-11-21 | 一种基于ARM TrustZone的移动终端安全服务方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107835185B (zh) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108881486A (zh) * | 2018-08-01 | 2018-11-23 | 北京航空航天大学 | 基于可信技术的智能网联汽车远程通信方法及系统 |
CN110677388B (zh) * | 2019-09-03 | 2023-04-18 | 东南大学 | 一种基于TrustZone的物联网终端进程完整性度量方法 |
CN113536387B (zh) * | 2020-04-15 | 2024-06-04 | 青岛海信移动通信技术有限公司 | 一种检测内核数据完整性的终端和方法 |
CN113239347B (zh) * | 2021-06-18 | 2022-06-28 | 上海交通大学 | 一种适用于tee安全应用实例的启动方法及装置 |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101897605B1 (ko) * | 2012-02-24 | 2018-09-12 | 삼성전자 주식회사 | 휴대 단말기의 무결성 보호 방법 및 장치 |
CN103023922B (zh) * | 2012-12-05 | 2014-07-02 | 清华大学 | 基于控制流模型行为的动态远程证明方法 |
CN105391673B (zh) * | 2014-09-04 | 2018-12-28 | 华为技术有限公司 | 安全访问方法及装置 |
DE102015000656A1 (de) * | 2015-01-20 | 2016-07-21 | Giesecke & Devrient Gmbh | Laufzeitumgebung für mobiles Endgerät, die ein Bereitstellen eines Sicherheits-Dienstes ermöglicht |
CN106200891B (zh) * | 2015-05-08 | 2019-09-06 | 阿里巴巴集团控股有限公司 | 显示用户界面的方法、装置及系统 |
KR102327782B1 (ko) * | 2015-05-29 | 2021-11-18 | 한국과학기술원 | 전자 장치 및 커널 데이터 접근 방법 |
CN105282169B (zh) * | 2015-11-04 | 2018-08-24 | 中国电子科技集团公司第四十一研究所 | 基于SDN控制器阈值的DDoS攻击预警方法及其系统 |
CN107066331B (zh) * | 2016-12-20 | 2021-05-18 | 华为技术有限公司 | 一种基于TrustZone的资源分配方法及设备 |
CN106657161B (zh) * | 2017-02-28 | 2020-10-09 | 杭州迪普科技股份有限公司 | 数据包过滤的实现方法和装置 |
CN107194284A (zh) * | 2017-06-22 | 2017-09-22 | 济南浪潮高新科技投资发展有限公司 | 一种基于TrustZone隔离用户数据的方法及系统 |
CN107277073A (zh) * | 2017-08-16 | 2017-10-20 | 北京新网数码信息技术有限公司 | 一种网络监控方法及装置 |
KR102514062B1 (ko) * | 2018-02-27 | 2023-03-24 | 삼성전자주식회사 | 트러스트존 그래픽 렌더링 방법 및 그에 따른 디스플레이 장치 |
-
2017
- 2017-11-21 CN CN201711172709.XA patent/CN107835185B/zh active Active
Also Published As
Publication number | Publication date |
---|---|
CN107835185A (zh) | 2018-03-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11477036B2 (en) | Devices and methods for application attestation | |
Wazid et al. | Uniting cyber security and machine learning: Advantages, challenges and future research | |
CN109858265B (zh) | 一种加密方法、装置及相关设备 | |
US10997808B2 (en) | Secure smart unlocking | |
US10565378B1 (en) | Exploit of privilege detection framework | |
CN107835185B (zh) | 一种基于ARM TrustZone的移动终端安全服务方法及装置 | |
Liu et al. | Veriui: Attested login for mobile devices | |
CN105718807B (zh) | 基于软tcm和可信软件栈的安卓系统及其可信认证系统与方法 | |
WO2019218919A1 (zh) | 区块链场景下的私钥管理方法、装置及系统 | |
KR102218572B1 (ko) | 복제 공격을 방지하기 위한 처리 방법, 및 서버 및 클라이언트 | |
US10867049B2 (en) | Dynamic security module terminal device and method of operating same | |
WO2016029595A1 (zh) | 开放平台的调用方法、装置、设备及非易失性计算机存储介质 | |
Xu et al. | Data-provenance verification for secure hosts | |
CN108335105B (zh) | 数据处理方法及相关设备 | |
KR102134491B1 (ko) | 보호된 데이터 세트의 네트워크 기반 관리 기법 | |
US8832813B1 (en) | Voice authentication via trusted device | |
US10339307B2 (en) | Intrusion detection system in a device comprising a first operating system and a second operating system | |
Ritzdorf | Analyzing covert channels on mobile devices | |
Jiang et al. | An effective authentication for client application using ARM trustzone | |
CN115550002B (zh) | 一种基于tee的智能家居远程控制方法及相关装置 | |
CN111310173A (zh) | 一种可信芯片的终端虚拟机身份认证方法及系统 | |
CN111046440B (zh) | 一种安全区域内容的篡改验证方法及系统 | |
Dyer et al. | Security issues relating to inadequate authentication in MapReduce applications | |
Niemi et al. | Platform attestation in consumer devices | |
Girtler et al. | Component integrity guarantees in software-defined networking infrastructure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180323 Assignee: GUANGZHOU DAWEI COMMUNICATION CO.,LTD. Assignor: Guangzhou University Contract record no.: X2022980024622 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221202 |
|
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180323 Assignee: Shenzhen aoyi Technology Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980024959 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221207 Application publication date: 20180323 Assignee: Shenzhen sichuangyou Technology Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980024992 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221207 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180323 Assignee: SHENZHEN COMSTAR TECHNOLOGY CO.,LTD. Assignor: Guangzhou University Contract record no.: X2022980025172 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221208 Application publication date: 20180323 Assignee: Shenzhen Barium Rhenium Technology Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980025124 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221208 Application publication date: 20180323 Assignee: Shenzhen Yuxin IOT Technology Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980025161 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221208 Application publication date: 20180323 Assignee: Shenzhen Qiuzhiyu Information Technology Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980025042 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221207 Application publication date: 20180323 Assignee: SHENZHEN RUITONG TECHNOLOGY Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980025199 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221208 Application publication date: 20180323 Assignee: Shenzhen junmeiyi e-commerce Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980025037 Denomination of invention: A Mobile Terminal Security Service Method and Device Based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20221207 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180323 Assignee: SHENZHEN HUAHUI DATA SERVICE Co.,Ltd. Assignor: Guangzhou University Contract record no.: X2022980026331 Denomination of invention: A mobile terminal security service method and device based on ARM TrustZone Granted publication date: 20201002 License type: Common License Record date: 20230103 |
|
EE01 | Entry into force of recordation of patent licensing contract |