CN110462620A - 分解敏感数据存储在不同应用环境中 - Google Patents

分解敏感数据存储在不同应用环境中 Download PDF

Info

Publication number
CN110462620A
CN110462620A CN201880020094.5A CN201880020094A CN110462620A CN 110462620 A CN110462620 A CN 110462620A CN 201880020094 A CN201880020094 A CN 201880020094A CN 110462620 A CN110462620 A CN 110462620A
Authority
CN
China
Prior art keywords
file
terminal
storage
tee
storage space
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201880020094.5A
Other languages
English (en)
Inventor
李卓斐
李辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN110462620A publication Critical patent/CN110462620A/zh
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices

Abstract

一种终端中数据存储的方法及终端,涉及通信技术领域,有利于提高终端中数据的安全性。该方法运用于终端,该终端的应用环境包括富执行环境REE,还包括可信执行环境TEE和安全元件SE中的任一项或两项,其中,SE的安全性高于TEE的安全性,TEE的安全性高于REE的安全性,该方法具体包括:终端将敏感数据拆分为两个文件,并将拆分后的两个文件分别存储在不同的应用环境的存储空间中。

Description

PCT国内申请,说明书已公开。

Claims (21)

  1. PCT国内申请,权利要求书已公开。
CN201880020094.5A 2018-01-31 2018-01-31 分解敏感数据存储在不同应用环境中 Pending CN110462620A (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/074833 WO2019148397A1 (zh) 2018-01-31 2018-01-31 分解敏感数据存储在不同应用环境中

Publications (1)

Publication Number Publication Date
CN110462620A true CN110462620A (zh) 2019-11-15

Family

ID=67479123

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880020094.5A Pending CN110462620A (zh) 2018-01-31 2018-01-31 分解敏感数据存储在不同应用环境中

Country Status (3)

Country Link
US (1) US20210034763A1 (zh)
CN (1) CN110462620A (zh)
WO (1) WO2019148397A1 (zh)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109960582B (zh) * 2018-06-19 2020-04-28 华为技术有限公司 在tee侧实现多核并行的方法、装置及系统
EP3830733A4 (en) * 2018-07-27 2022-04-27 BicDroid Inc. PERSONALIZED AND CRYPTOGRAPHICALLY SECURE ACCESS CONTROL IN A TRUSTED EXECUTION ENVIRONMENT
US11436343B2 (en) * 2019-12-31 2022-09-06 Arm Limited Device, system, and method of policy enforcement for rich execution environment
CN117009971A (zh) * 2022-04-29 2023-11-07 华为技术有限公司 数据处理方法及装置
CN116049913B (zh) * 2022-05-24 2023-11-03 荣耀终端有限公司 数据保存方法、装置、电子设备及计算机可读存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060146057A1 (en) * 2004-12-30 2006-07-06 Microsoft Corporation Systems and methods for virtualizing graphics subsystems
CN107092834A (zh) * 2017-03-09 2017-08-25 深圳市金立通信设备有限公司 一种指纹数据管理方法及终端
CN107113170A (zh) * 2017-03-13 2017-08-29 深圳市汇顶科技股份有限公司 生物特征模板保存、验证方法及生物特征识别装置、终端

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102485830B1 (ko) * 2015-02-13 2023-01-09 삼성전자주식회사 보안 정보의 처리
CN106909851A (zh) * 2017-02-27 2017-06-30 努比亚技术有限公司 一种数据安全存储方法及装置
CN107292177A (zh) * 2017-05-05 2017-10-24 深圳市金立通信设备有限公司 一种安全控制方法、及终端设备

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060146057A1 (en) * 2004-12-30 2006-07-06 Microsoft Corporation Systems and methods for virtualizing graphics subsystems
CN107092834A (zh) * 2017-03-09 2017-08-25 深圳市金立通信设备有限公司 一种指纹数据管理方法及终端
CN107113170A (zh) * 2017-03-13 2017-08-29 深圳市汇顶科技股份有限公司 生物特征模板保存、验证方法及生物特征识别装置、终端

Also Published As

Publication number Publication date
US20210034763A1 (en) 2021-02-04
WO2019148397A1 (zh) 2019-08-08

Similar Documents

Publication Publication Date Title
CN109472166B (zh) 一种电子签章方法、装置、设备及介质
EP3605989B1 (en) Information sending method, information receiving method, apparatus, and system
US11934505B2 (en) Information content viewing method and terminal
CN110462620A (zh) 分解敏感数据存储在不同应用环境中
CN113821835B (zh) 密钥管理方法、密钥管理装置和计算设备
CN111563251B (zh) 一种终端设备中私密信息的加密方法和相关装置
CN111475832B (zh) 一种数据管理的方法以及相关装置
CN113259301B (zh) 一种账号数据共享方法及电子设备
CN111357255B (zh) 构建多个应用通用的可信应用
JP4962237B2 (ja) 携帯装置の位置に関する情報とファイル用暗号鍵とを管理するためのプログラムおよび方法
CN111181909B (zh) 一种身份信息的获取方法及相关装置
EP3957089A1 (en) Sharing keys for a wireless accessory
EP4187422A1 (en) Security architecture system, cryptographic operation method for security architecture system, and computing device
KR20150128081A (ko) 키 관리 방법 및 그 방법을 이용하는 전자 장치
CN114697007B (zh) 一种密钥管理的方法、相应装置及系统
CN113923005B (zh) 一种写入数据的方法及系统
US20220209940A1 (en) Method for providing encrypted object and electronic device for supporting the same
CN115495765A (zh) 数据处理方法、装置、计算机设备及存储介质
CN110140124B (zh) 分组应用使用同一密钥共享数据
CN115438345A (zh) 日志加密、解密方法、装置、设备及存储介质
CN114372801A (zh) 一种生物特征信息的识别方法以及相关装置
KR102657388B1 (ko) 암호화될 데이터의 정보량에 기반하여 암호화에 사용될 키를 선택하는 전자 장치 및 전자 장치의 동작 방법
CN111090894B (zh) 一种锁卡数据重建的方法和装置
US11775657B2 (en) Systems and methods for enhancing security of device-internal encryption with externally generated entropy
US20220103350A1 (en) Electronic device for selecting key to be used for encryption on basis of amount of information of data to be encrypted, and operation method of electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20191115

RJ01 Rejection of invention patent application after publication