CN110837643B - Activation method and device of trusted execution environment - Google Patents
Activation method and device of trusted execution environment Download PDFInfo
- Publication number
- CN110837643B CN110837643B CN201810941457.0A CN201810941457A CN110837643B CN 110837643 B CN110837643 B CN 110837643B CN 201810941457 A CN201810941457 A CN 201810941457A CN 110837643 B CN110837643 B CN 110837643B
- Authority
- CN
- China
- Prior art keywords
- execution environment
- activation
- trusted
- activation file
- trusted execution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the application provides a method and a device for activating a trusted execution environment, wherein the trusted execution environment is configured in a device, and the device is further configured with a trusted application program running in the trusted execution environment, a rich execution environment and a client program running in the rich execution environment; the method comprises the following steps: the trusted execution environment acquires an activation file which is sent by the client program and is preset in the equipment; the trusted execution environment verifies whether the activation file is legal or not; if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run; and after the trusted execution environment is activated, storing the activation file into a trusted storage space of the equipment. In the embodiment of the application, the device can be activated without depending on a network.
Description
Technical Field
The present application relates to the field of electronic technologies, and in particular, to a method and an apparatus for activating a trusted execution environment.
Background
The foundry production refers to a way in which a brand Manufacturer commissions an OEM (Original Equipment Manufacturer) Manufacturer to perform manufacturing production.
In order to prevent illegal production by the OEM manufacturer, the manufacturer can perform authorized monitoring on the production equipment of the OEM manufacturer. The brand manufacturer can install production software which needs to be activated by the brand manufacturer on the production equipment of the OEM manufacturer, and the production process of the equipment is controlled by the production software.
Currently, the activation modes of the production equipment of the OEM manufacturer may include an online activation scheme and an offline activation scheme.
The online activation scheme requires that the production device have networking capabilities and the brander sends the activation code to the production device over the network. However, most of the production devices of the OEM manufacturers currently do not have networking function, so that the production devices cannot implement an online activation scheme.
In the off-line activation scheme, an OEM inputs an activation code provided by a brand manufacturer into a production device, but during the activation process, the activation code may be damaged or lost unexpectedly, which results in a problem that the production software cannot be used subsequently.
Disclosure of Invention
In view of the above, embodiments of the present application are proposed to provide a method for activating a trusted execution environment and a corresponding apparatus for activating a trusted execution environment, which overcome or at least partially solve the above problems.
In order to solve the above problem, an embodiment of the present application discloses a method for activating a trusted execution environment, where the trusted execution environment is configured in a device, and the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the method comprises the following steps:
the trusted execution environment acquires an activation file which is sent by the client program and is preset in the equipment;
the trusted execution environment verifies whether the activation file is legal or not;
if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run;
and after the trusted execution environment is activated, storing the activation file into a trusted storage space of the equipment.
Preferably, the method further comprises the following steps:
the trusted execution environment judges whether an activation file is stored in the trusted storage space;
if the trusted storage space stores an activation file, the trusted execution environment generates an activated message and sends the activated message to the client program;
and if the activation file is not stored in the trusted storage space, the trusted execution environment generates an inactivation message and sends the inactivation message to the client program.
Preferably, the method further comprises the following steps:
the trusted execution environment performs backup storage on the activation file stored in the trusted storage space;
and when the activation file of the trusted storage space is damaged or lost, the trusted execution environment performs recovery processing according to the backup stored activation file.
Preferably, the step of verifying, by the trusted execution environment, whether the activation file is legitimate includes:
the trusted execution environment acquires corresponding first verification information from the activation file;
the trusted execution environment acquires second check-up information of the current equipment;
and the trusted execution environment judges whether the first check information and the second check information are the same.
Preferably, the activation file is generated by:
activating a file generation program to acquire a unique identifier of equipment;
and the activation file generation program generates the activation file with the first verification information by adopting the unique identifier of the equipment.
Preferably, the step of the trusted execution environment obtaining the second check-up information of the current device includes:
the trusted execution environment acquires a unique identifier of the current device;
the trusted execution environment generates second check-up information using the unique identification of the current device.
Preferably, the step of generating, by the active file generating program, the active file having the first verification information by using the unique identifier includes:
the active file generation program calculates a hash value of the unique identifier of the acquired device, and takes the hash value as first check information;
the activation file generation program generates an activation file having the first check information.
Preferably, the step of generating, by the trusted execution environment, second check-up information using the unique identifier of the current device includes:
the trusted execution environment calculates a hash value of the unique identification of the current device and uses the hash value as second check-up information.
Preferably, the step of the activation file generation program generating the activation file having the first verification information includes:
the activation file generation program encrypts the first check information;
the activation file generation program generates an activation file having the encrypted first verification information.
Preferably, the step of acquiring, by the trusted execution environment, the corresponding first verification information from the activation file includes:
the trusted execution environment obtains encrypted first verification information from the activation file;
and the trusted execution environment decrypts the encrypted first verification information to obtain first verification information.
The embodiment of the application also discloses an activation method of the trusted execution environment, which comprises the following steps:
the trusted execution environment acquires an activation file which is sent by a client program and is preset in equipment;
the trusted execution environment verifies whether the activation file meets an activation condition;
and if the activation file meets the activation condition, activating the trusted execution environment and allowing the trusted application program to normally run.
The embodiment of the application further discloses an activation device of the trusted execution environment, wherein the trusted execution environment is configured in the device, and the device is further configured with a trusted application program running in the trusted execution environment, a rich execution environment and a client program running in the rich execution environment; the device comprises:
the activation file acquisition module is positioned in the trusted execution environment and used for acquiring an activation file which is sent by the client program and is preset in the equipment;
the verification module is positioned in the trusted execution environment and used for verifying whether the activation file is legal or not;
the activation module is positioned in the trusted execution environment and used for activating and allowing the trusted application program to normally run if the activation file is legal;
and the storage module is positioned in the trusted execution environment and used for storing the activation file to the trusted storage space of the equipment after activation.
Preferably, the method further comprises the following steps:
the storage judgment module is positioned in the trusted execution environment and used for judging whether the trusted storage space stores the activation file or not;
a first activation result notification module located in the trusted execution environment, configured to generate an activated message and send the activated message to the client program if an activation file is stored in the trusted storage space;
and the second activation result notification module is positioned in the trusted execution environment and used for generating an inactivated message and sending the inactivated message to the client program if the activation file is not stored in the trusted storage space.
Preferably, the method further comprises the following steps:
the backup storage module is positioned in the trusted execution environment and used for performing backup storage on the activated file stored in the trusted storage space;
and the backup recovery module is positioned in the trusted execution environment and used for performing recovery processing according to the backup stored active file when the active file in the trusted storage space is damaged or lost.
Preferably, the verification module includes:
the first verification information acquisition sub-module is used for acquiring corresponding first verification information from the activation file;
the second check information acquisition submodule is used for acquiring second check information of the current equipment;
and the check information judgment submodule is used for judging whether the first check information and the second check information are the same or not.
Preferably, the activation file is generated by the following modules:
the unique identification acquisition module is positioned in the activated file generation program and used for acquiring the unique identification of the equipment;
and the activation file generation module is positioned in the activation file generation program and used for generating the activation file with the first verification information by adopting the unique identifier of the equipment.
Preferably, the second verification information obtaining sub-module includes:
the unique identifier acquisition unit is used for acquiring the unique identifier of the current equipment;
and the second check information generating unit is used for generating second check information by adopting the unique identifier of the current equipment.
Preferably, the activation file generating module includes:
the first check information generation submodule is used for calculating a hash value of the unique identifier of the acquired equipment and taking the hash value as first check information;
and the activation file generation submodule is used for generating an activation file with the first check information by a program.
Preferably, the second verification information generating unit includes:
and the second check information generating subunit is used for calculating a hash value of the unique identifier of the current device, and using the hash value as the second check information.
Preferably, the activation file generation sub-module includes:
a first verification information encryption unit configured to encrypt the first verification information;
and the activation file generating unit is used for generating an activation file with the encrypted first verification information by a program.
Preferably, the first verification information obtaining sub-module includes:
an encrypted verification information acquisition unit configured to acquire encrypted first verification information from the activation file;
and the first verification information decryption unit is used for decrypting the encrypted first verification information to obtain first verification information.
The embodiment of the present application further discloses an activation device for a trusted execution environment, including:
the activation file acquisition module is positioned in the trusted execution environment and used for acquiring an activation file which is sent by a client program and is preset in equipment;
the activation condition judgment module is positioned in the trusted execution environment and used for verifying whether the activation file meets the activation condition;
and the activation module is positioned in the trusted execution environment and used for activating and allowing the trusted application program to normally run if the activation file accords with the activation condition.
The embodiment of the application also discloses a device, including:
one or more processors; and
one or more machine readable media having instructions stored thereon that, when executed by the one or more processors, cause the apparatus to perform one or more methods as described above.
Embodiments of the present application also disclose one or more machine-readable media having instructions stored thereon, which when executed by one or more processors, cause the processors to perform one or more of the methods described above.
The embodiment of the application has the following advantages:
in this embodiment of the application, the device may obtain the activation file in an offline manner, the client program may obtain the activation file from a storage space accessible by the rich execution environment, and the client program sends the activation file to the trusted execution environment. The trusted execution environment verifies whether the activation file is legal, and if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run and use, so that the equipment can be activated without depending on a network.
And after the trusted execution environment is activated, the activation file can be stored in the trusted storage space. When the activation file in the storage space which can be accessed by the rich execution environment is damaged or lost, the activation file in the trusted storage space can be used for activation, so that the situation that the trusted application program cannot be used is avoided.
Drawings
FIG. 1 is a flowchart illustrating steps of a first embodiment of a method for activating a trusted execution environment according to the present application;
FIG. 2 is a flowchart illustrating steps of a second embodiment of a method for activating a trusted execution environment according to the present application;
FIG. 3 is a flowchart illustrating steps of a third embodiment of a method for activating a trusted execution environment;
FIG. 4 is a flow chart of generating an activation file in an embodiment of the present application;
FIG. 5 is a flow diagram of activation of a trusted execution environment in an embodiment of the present application;
FIG. 6 is a block diagram of an embodiment of an activation device for a trusted execution environment.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, the present application is described in further detail with reference to the accompanying drawings and the detailed description.
Referring to fig. 1, a flowchart illustrating steps of a first embodiment of a method for activating a trusted execution environment according to the present application is shown, where the trusted execution environment is configured in a device, and the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the method specifically comprises the following steps:
the trusted Execution environment tee (trusted Execution environment) and the rich Execution environment ree (rich Execution environment) are concurrent Execution environments on the device, and the trusted Execution environment can provide security services for the rich Execution environment. The trusted execution environment has its own execution space, with a higher level of security than the rich execution environment.
The software and hardware resources accessible by the trusted execution environment are separate from the rich execution environment. The trusted execution environment provides a secure execution environment for trusted applications ta (trusted application) while also protecting the confidentiality, integrity and access rights of the resources and data of the trusted applications.
The Rich execution environment provides a running environment for the Rich operating system (Rich OS) to execute and manage, which is outside of the trusted execution environment where applications executing are considered untrusted.
To ensure the root of trust of the trusted execution environment itself, the trusted execution environment is activated by authentication and isolated from the rich operating system during the secure boot process.
The client program ca (client application) running in the rich execution environment can be used without depending on the trusted execution environment. The client program may communicate with the trusted application and call an interface api (application Programming interface) of the trusted application.
In the foundry production, various devices on the production line of the OEM vendor may be installed with a trusted execution environment, a trusted application running in the trusted execution environment, a rich execution environment, and a client program running in the rich execution environment.
The trusted application may include a plurality of applications provided by the brand for controlling the production of the device, and the trusted application may provide interfaces for controlling the production of the device, and the client program may call these interfaces to implement the production process of the device. The trusted application may also collect information during the manufacturing process and report the information during the manufacturing process to the brander.
The trusted execution environment needs to be validated for activation by the activation file before it can be used normally. The activation file for the trusted execution environment may be provided by the brand vendor to the OEM vendor, who inputs the activation file into the device. The activation file imported by the OEM vendor into the device can only be stored in the memory space accessible by the rich execution environment and not in the trusted memory space of the trusted execution environment.
In the embodiment of the application, the activation file can be preset in the storage space which can be accessed by the rich execution environment of the device. When activation of the trusted execution environment is required, the client program may retrieve the activation file from the storage space accessible to the rich execution environment and then send the activation file to the trusted execution environment.
102, the trusted execution environment verifies whether the activation file is legal or not;
the trusted execution environment can judge whether the activation file meets a preset condition or not so as to verify whether the activation file is legal or not.
In this embodiment of the present application, the activation files may correspond to the devices one to one, and the trusted execution environment installed in the device may be activated only by the activation file corresponding to the device. In the process of production, a corresponding activation file can be generated for each device by a brand manufacturer, so that the activation condition of the device of an OEM manufacturer can be effectively controlled.
103, if the activation file is legal, activating the trusted execution environment and allowing the trusted application program to normally run;
if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run, so that the OEM manufacturer can normally use the trusted application program.
If the activation file is illegal, the trusted execution environment may activate to return an activation failure message that informs the OEM that the activation failed.
And 104, after the trusted execution environment is activated, storing the activation file into a trusted storage space of the equipment.
Upon activation of the trusted execution environment, the trusted execution environment activates storage of the activation file to a trusted storage space of the device. The trusted memory space is a space that can only be accessed by the trusted execution environment, and the trusted memory space may be in a specified folder or a separate partition.
Specifically, the trusted execution environment provides a secure storage function, which is a file encryption and decryption service mechanism provided by the trusted execution environment itself. With the secure storage function, the trusted execution environment may encrypt the file and then store it in the trusted storage space.
In this embodiment of the application, the device may obtain the activation file in an offline manner, the client program may obtain the activation file from a storage space accessible by the rich execution environment, and the client program sends the activation file to the trusted execution environment. The trusted execution environment verifies whether the activation file is legal, and if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run and use, so that the equipment can be activated without depending on a network.
And after the trusted execution environment is activated, the activation file can be stored in the trusted storage space. When the activation file in the storage space which can be accessed by the rich execution environment is damaged or lost, the activation file in the trusted storage space can be used for activation, so that the situation that the trusted application program cannot be used is avoided.
Referring to fig. 2, a flowchart illustrating steps of a second embodiment of a method for activating a trusted execution environment according to the present application is shown, where the trusted execution environment is configured in a device, and the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the method specifically comprises the following steps:
in an embodiment of the present application, the client program may send an activation query command to the trusted execution environment for querying whether it has been activated. And after receiving the query command, the trusted execution environment judges whether the activation file is stored in the trusted storage space.
if the activation file is stored in the trusted storage space, it indicates that the trusted execution environment has been activated, and the trusted execution environment may generate an activated message and send the activated message to the client program to notify that the client program has been activated.
If the activation file is not stored in the trusted storage space, it indicates that the trusted execution environment is not activated yet, and the trusted execution environment may generate an inactivated message and send the inactivated message to the client program to notify that the client program is not activated.
in the embodiment of the application, the activation file can be preset in the storage space which can be accessed by the rich execution environment of the device. After receiving the non-activation message, the client program may obtain the activation file from the storage space accessible by the rich execution environment, and then send the activation file to the trusted execution environment.
in this embodiment of the present application, the activation files may correspond to the devices one to one, and the trusted execution environment installed in the device may be activated only by the activation file corresponding to the device.
In this embodiment of the present application, the activation file may be generated by an activation file generating program, and the specific manner may include:
step 301, activating a file generation program to acquire a unique identifier of a device;
the activation file generation program is not a program installed on the device. In the foundry production, the activation file generating program is an application program provided by a brand provider for generating an activation file. The OEM manufacturer may provide a unique identification of each device on the production line to the brand manufacturer's activation file generation program.
The unique identifier of the device may be a media Access control (mac) address, a unique standard code uid (unique id) of the chip, an international Mobile Equipment identity (imei) of the Mobile phone, and so on.
Step 302, the activation file generation program generates an activation file with the first verification information by using the unique identifier of the device.
The activation file generation program may generate the activation file with the first verification information using the unique identification of the device.
Further, the step 302 may include the following sub-steps:
a substep S11, the activation file generating program calculating a hash value of the unique identifier of the acquired device and using the hash value as first check information;
and a sub-step S12, the activation file generation program generating an activation file having the first verification information.
And the activation file generation program generates first verification information by adopting the unique identifier of the equipment, and then adds the first verification information to the file with the appointed suffix name to obtain the activation file. By specifying the suffix name of the activation file, the trusted execution environment may be facilitated to identify the activation file.
In an embodiment of the present application, the sub-step S12 may further include:
a substep S121, in which the activation file generation program encrypts the first check information;
and a substep S122, the activation file generation program generates an activation file having the encrypted first verification information.
For example, the activation file generator may encrypt the first verification information using a preset key according to an advanced Encryption standard aes (advanced Encryption standard) algorithm.
In the embodiment of the present application, the step 205 may include the following sub-steps:
substep S21, the trusted execution environment obtaining corresponding first verification information from the activation file;
the activation file comprises first verification information, and the trusted execution environment acquires the first verification information corresponding to the activation file from the activation file;
in this embodiment of the present application, if the activation file is encrypted, the sub-step S21 may include: the trusted execution environment acquires encrypted first verification information from the activation file; and the trusted execution environment decrypts the encrypted first verification information to obtain first verification information.
For example, if the active file generation program encrypts the first check information using the preset key according to the AES algorithm, the trusted execution environment may decrypt the encrypted first check information using the same preset key to obtain the first check information.
A substep S22, the trusted execution environment obtaining second check-up information of the current device;
the device may have pre-set therein second check-up information of the device.
In an embodiment of the present application, the sub-step S22 may further include:
a substep S221, the trusted execution environment obtains a unique identifier of the current device;
sub-step S222, the trusted execution environment generating second check-up information using the unique identification of the current device.
In this embodiment of the present application, the activation file may be generated by an activation file generation program, and the activation file generation program generates the first verification information by using the unique identifier of the device.
The trusted execution environment may obtain the unique identification of the current device and then generate second check-up information using the unique identification of the current device.
In one example, the activation file generation program may take the obtained unique identifier of the device as the first verification information; at the same time, the trusted execution environment may use the unique identification of the current device as the second verification information.
In another example, the activation file generation program may calculate the obtained unique identifier of the device according to a preset algorithm to obtain the first verification information. For example, a hash value of the unique identification of the computing device is calculated by the file generation program, and the hash value is used as the first check information.
Meanwhile, the trusted execution environment can calculate the unique identifier of the current device according to the same preset method to obtain second check-up information. For example, the trusted execution environment calculates a hash value of the unique identification of the current device as the second check-up information.
In sub-step S13, the trusted execution environment determines whether the first check information and the second check information are the same.
If the first check information is the same as the second check information, the activation file is legal; and if the first check information is different from the second check information, the file is represented to be activated illegally.
In this embodiment of the application, both the first verification information and the second verification information may be generated through the unique identifier of the device, which ensures that the trusted execution environment of the device can only be activated through the verification information corresponding to the unique identifier of the device. In the process of production of a substitute, the brand manufacturer can be ensured to effectively control the activation condition of the equipment of the OEM manufacturer.
in particular, the trusted execution environment provides a backup recovery function for secure storage. Through the backup recovery function, the trusted execution environment performs backup storage on the active file stored in the trusted storage space, and performs integrity check on the active file.
If the integrity check of the activation file of the trusted storage space fails (e.g., the activation file is damaged or lost), the trusted execution environment recovers the activation file of the trusted storage space according to the backup stored activation file.
And step 209, when the active file in the trusted storage space is damaged or lost, the trusted execution environment performs recovery processing according to the backup stored active file.
In the embodiment of the application, when the activation file in the trusted storage space is damaged or lost, the activation file in the trusted storage space can still be recovered through the backup recovery function of the trusted execution environment, so that the trusted execution environment can be enabled to be normally activated.
In this embodiment of the application, the device may obtain the activation file in an offline manner, the client program may obtain the activation file from a storage space accessible by the rich execution environment, and the client program sends the activation file to the trusted execution environment. The trusted execution environment verifies whether the activation file is legal, and if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run and use, so that the equipment can be activated without depending on a network.
And after the trusted execution environment is activated, the activation file can be stored in the trusted storage space. When the activation file in the storage space which can be accessed by the rich execution environment is damaged or lost, the activation file in the trusted storage space can be used for activation, so that the situation that the trusted application program cannot be used is avoided.
Referring to fig. 3, a flowchart illustrating steps of a third embodiment of a method for activating a trusted execution environment according to the present application is shown, where the method specifically includes the following steps:
in the embodiment of the application, the trusted execution environment is configured in the device, and the device is further configured with a trusted application program running in the trusted execution environment, a rich execution environment and a client program running in the rich execution environment;
in the embodiment of the application, the activation file can be preset in the storage space which can be accessed by the rich execution environment of the device. When activation of the trusted execution environment is required, the client program may retrieve an activation file from a storage space accessible by the rich execution environment and then send the activation file to the trusted execution environment.
the trusted execution environment may determine whether the activation file meets the activation condition, thereby verifying whether the activation file is legitimate.
In step 403, if the activation file meets the activation condition, the trusted execution environment activates and allows the trusted application program to operate normally.
And if the activation file meets the activation condition, the trusted execution environment is activated and allows the trusted application program to normally run.
In this embodiment, the device may obtain the activation file in an offline manner, the client program may obtain the activation file from a storage space accessible to the rich execution environment, and the client program sends the activation file to the trusted execution environment. The trusted execution environment verifies whether the activation file is legal, and if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run and use, so that the equipment can be activated without depending on a network.
In order to enable those skilled in the art to better understand the embodiments of the present application, the following description is given by way of example:
referring to fig. 4, a flowchart of generating an activation file in the embodiment of the present application is shown.
First, the OEM vendor obtains the unique identifications of all devices and generates a list of unique identifications. The OEM vendor sends the list of unique identifications to the activation file generation program.
And the activation file generation program acquires each unique identifier in the unique identifier list, generates first verification information by adopting the unique identifier, and stores the first verification information into activation files, wherein each activation file corresponds to one device. The manner of generating the first verification information using the unique identifier may include: and calculating a hash value of the unique identifier, and then using the hash value as the first check information, or directly using the unique identifier as the first check information. The manner of storing the first verification information in the activation file may include: and encrypting the first verification information by adopting a preset secret key according to an AES (advanced encryption standard) algorithm. The encrypted first check-up information is then stored to the activation file specifying the suffix name,
and after the activation file generating program generates the activation files corresponding to the equipment, the activation files are sent to an OEM manufacturer, and the OEM manufacturer inputs the activation files into the corresponding equipment according to the unique identification of the equipment.
Referring to fig. 5, a flowchart illustrating activation of a trusted execution environment in an embodiment of the present application is shown.
The device has installed therein a trusted execution environment, a trusted application running in the trusted execution environment, a rich execution environment, and a client program running in the rich execution environment.
First, the client program sends an activation inquiry command for inquiring whether or not it has been activated to the trusted execution environment.
After receiving an activation inquiry command, the trusted execution environment judges whether an activation file is stored in the trusted storage space; if the activation file is stored in the trusted storage space, the trusted execution environment generates an activated message and sends the activated message to the client program; and if the activation file is not stored in the trusted storage space, the trusted execution environment generates an inactivation message and sends the inactivation message to the client program.
If the activation inquiry result is not activated, the client program reads the activation file;
if the reading is successful, the client program sends an activation file to the trusted execution environment; if the reading fails, the client program generates an activation failure message.
After the trusted execution environment acquires the activation file, first check information is acquired from the activation file, then the unique identifier of the current device is acquired, and second check information is generated by adopting the unique identifier of the current device. The trusted execution environment compares whether the first check information and the second check information are the same; if the activation file is the same as the trusted file, the activation is successful, and the activation file is stored in the trusted storage space; if not, the activation fails.
The trusted execution environment returns an activation result (activation success or activation failure) to the client program.
If the activation is successful, the trusted execution environment starts normal functions, and the trusted application program is allowed to be normally used.
It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required of the embodiments described herein.
Referring to fig. 6, a block diagram illustrating an embodiment of an activation apparatus for a trusted execution environment according to the present application is shown, where the trusted execution environment is configured in a device, and the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the device may specifically include the following modules:
an active file obtaining module 501 located in the trusted execution environment, configured to obtain an active file preset in the device and sent by the client program;
a verification module 502 located in the trusted execution environment, configured to verify whether the activation file is legal;
an activation module 503 located in the trusted execution environment, configured to activate and allow the trusted application to run normally if the activation file is legal;
a storage module 504 at the trusted execution environment, configured to store the activation file to a trusted storage space of the device after activation.
In an embodiment of the present application, the apparatus may further include:
the storage judgment module is positioned in the trusted execution environment and used for judging whether the trusted storage space stores the activation file or not;
a first activation result notification module located in the trusted execution environment, configured to generate an activated message and send the activated message to the client program if an activation file is stored in the trusted storage space;
and the second activation result notification module is positioned in the trusted execution environment and used for generating an inactivated message and sending the inactivated message to the client program if the activation file is not stored in the trusted storage space.
In this embodiment, the apparatus may further include:
the backup storage module is positioned in the trusted execution environment and used for performing backup storage on the activated file stored in the trusted storage space;
and the backup recovery module is positioned in the trusted execution environment and used for performing recovery processing according to the backup stored active file when the active file in the trusted storage space is damaged or lost.
In this embodiment, the verification module 502 may include:
the first verification information acquisition submodule is used for acquiring corresponding first verification information from the activation file;
the second check information acquisition submodule is used for acquiring second check information of the current equipment;
and the checking information judging submodule is used for judging whether the first checking information and the second checking information are the same or not.
In this embodiment of the present application, the activation file may be generated by:
the unique identifier acquisition module is positioned in the activated file generation program and used for acquiring the unique identifier of the equipment;
and the activation file generation module is positioned in the activation file generation program and used for generating the activation file with the first verification information by adopting the unique identifier of the equipment.
In this embodiment of the application, the second verification information obtaining sub-module may include:
the unique identifier acquisition unit is used for acquiring the unique identifier of the current equipment;
and the second check information generating unit is used for generating second check information by adopting the unique identifier of the current equipment.
In this embodiment of the present application, the activation file generating module may include:
the first check information generation submodule is used for calculating a hash value of the unique identifier of the acquired equipment and taking the hash value as first check information;
and the activation file generation submodule is used for generating an activation file with the first check information by a program.
In an embodiment of the present application, the second verification information generating unit may include:
and the second check information generating subunit is used for calculating a hash value of the unique identifier of the current device, and using the hash value as the second check information.
In this embodiment, the activation file generating sub-module may include:
a first verification information encryption unit configured to encrypt the first verification information;
and the activation file generating unit is used for generating an activation file with the encrypted first verification information by a program.
In this embodiment of the application, the first verification information obtaining sub-module may include:
an encrypted verification information acquisition unit configured to acquire encrypted first verification information from the activation file;
and the first verification information decryption unit is used for decrypting the encrypted first verification information to obtain first verification information.
The application also discloses an embodiment of an activation device for a trusted execution environment, which includes:
the activation file acquisition module is positioned in the trusted execution environment and used for acquiring an activation file which is sent by a client program and is preset in the equipment;
the activation condition judgment module is positioned in the trusted execution environment and used for verifying whether the activation file meets the activation condition;
and the activation module is positioned in the trusted execution environment and used for activating and allowing the trusted application program to normally run if the activation file meets the activation condition.
For the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and reference may be made to the partial description of the method embodiment for relevant points.
An embodiment of the present application further provides a device, including:
one or more processors; and
one or more machine-readable media having instructions stored thereon, which when executed by the one or more processors, cause the apparatus to perform the methods of embodiments of the present application.
Embodiments of the present application also provide one or more machine-readable media having instructions stored thereon, which when executed by one or more processors, cause the processors to perform the methods of embodiments of the present application.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts in the embodiments are referred to each other.
As will be appreciated by one of skill in the art, embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing terminal to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including the preferred embodiment and all changes and modifications that fall within the true scope of the embodiments of the present application.
Finally, it should also be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.
The above detailed description is given to a method and a device for activating a trusted execution environment, and a specific example is applied in the present disclosure to explain the principle and the implementation of the present disclosure, and the description of the above embodiment is only used to help understand the method and the core idea of the present disclosure; meanwhile, for a person skilled in the art, according to the idea of the present application, the specific embodiments and the application scope may be changed, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (24)
1. A method of activating a trusted execution environment, wherein the trusted execution environment is configured in a device, and wherein the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the method comprises the following steps:
when the activation file is not stored in the trusted storage space of the equipment, the trusted execution environment acquires the activation file which is sent by the client program and is preset in the equipment;
the trusted execution environment verifies whether the activation file is legal or not;
if the activation file is legal, the trusted execution environment is activated and allows the trusted application program to normally run;
after the trusted execution environment is activated, storing the activation file into a trusted storage space of the device;
the activation file comprises first verification information used for verifying whether the activation file is legal or not, and the first verification information is generated according to a unique identifier of equipment.
2. The method of claim 1, further comprising:
the trusted execution environment judges whether an activation file is stored in the trusted storage space;
if the trusted storage space stores an activation file, the trusted execution environment generates an activated message and sends the activated message to the client program;
and if the activation file is not stored in the trusted storage space, the trusted execution environment generates an inactivation message and sends the inactivation message to the client program.
3. The method of claim 2, further comprising:
the trusted execution environment performs backup storage on the activation file stored in the trusted storage space;
and when the activation file of the trusted storage space is damaged or lost, the trusted execution environment performs recovery processing according to the backup stored activation file.
4. The method of any of claims 1-3, wherein the step of the trusted execution environment verifying that the activation file is legitimate comprises:
the trusted execution environment acquires corresponding first verification information from the activation file;
the trusted execution environment acquires second check-up information of the current device;
and the trusted execution environment judges whether the first check information and the second check information are the same.
5. The method of claim 4, wherein the activation file is generated by:
activating a file generation program to acquire a unique identifier of equipment;
and the activation file generation program generates the activation file with the first verification information by adopting the unique identifier of the equipment.
6. The method of claim 5, wherein the step of the trusted execution environment obtaining the second check-up information of the current device comprises:
the trusted execution environment acquires a unique identifier of the current device;
the trusted execution environment generates second check-up information using the unique identifier of the current device.
7. The method of claim 6, wherein the step of the activation-file-generation program generating the activation file with the first verification information using the unique identifier comprises:
the activation file generation program calculates a hash value of the unique identifier of the acquired device, and takes the hash value as first check information;
the activation file generation program generates an activation file having the first check information.
8. The method of claim 7,
the step of the trusted execution environment generating second check-up information using the unique identification of the current device comprises:
the trusted execution environment calculates a hash value of the unique identification of the current device and uses the hash value as second check-up information.
9. The method of claim 8,
the step of the activation file generation program generating the activation file having the first verification information includes:
the activation file generation program encrypts the first check information;
the activation file generation program generates an activation file having the encrypted first verification information.
10. The method of claim 9,
the step of acquiring, by the trusted execution environment, the corresponding first verification information from the activation file includes:
the trusted execution environment obtains encrypted first verification information from the activation file;
and the trusted execution environment decrypts the encrypted first verification information to obtain first verification information.
11. A method of activating a trusted execution environment, wherein the trusted execution environment is configured in a device, and wherein the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the method comprises the following steps:
when the activation file is not stored in the trusted storage space of the equipment, the trusted execution environment acquires the activation file which is sent by a client program and is preset in the equipment;
the trusted execution environment verifies whether the activation file meets an activation condition;
if the activation file meets the activation condition, the trusted execution environment is activated and allows the trusted application program to normally run;
the activation file comprises first verification information used for verifying whether the activation file meets an activation condition, and the first verification information is generated according to a unique identifier of equipment.
12. An apparatus for activating a trusted execution environment, wherein the trusted execution environment is configured in a device, and wherein the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the device comprises:
an activation file obtaining module located in the trusted execution environment, configured to obtain, when an activation file is not stored in a trusted storage space of the device, the activation file preset in the device and sent by the client program;
the verification module is positioned in the trusted execution environment and used for verifying whether the activation file is legal or not;
the activation module is positioned in the trusted execution environment and used for activating and allowing the trusted application program to normally run if the activation file is legal;
a storage module located in the trusted execution environment, configured to store the activation file in a trusted storage space of the device after activation;
the activation file comprises first verification information used for verifying whether the activation file is legal or not, and the first verification information is generated according to a unique identifier of equipment.
13. The apparatus of claim 12, further comprising:
the storage judgment module is positioned in the trusted execution environment and used for judging whether the trusted storage space stores the activation file or not;
a first activation result notification module located in the trusted execution environment, configured to generate an activated message and send the activated message to the client program if an activation file is stored in the trusted storage space;
and the second activation result notification module is positioned in the trusted execution environment and is used for generating an inactivated message and sending the inactivated message to the client program if the activation file is not stored in the trusted storage space.
14. The apparatus of claim 13, further comprising:
the backup storage module is positioned in the trusted execution environment and used for performing backup storage on the activated file stored in the trusted storage space;
and the backup recovery module is positioned in the trusted execution environment and used for performing recovery processing according to the backup stored active file when the active file in the trusted storage space is damaged or lost.
15. The apparatus of any of claims 12-14, wherein the verification module comprises:
the first verification information acquisition submodule is used for acquiring corresponding first verification information from the activation file;
the second check information acquisition submodule is used for acquiring second check information of the current equipment;
and the checking information judging submodule is used for judging whether the first checking information and the second checking information are the same or not.
16. The apparatus of claim 15, wherein the activation file is generated by:
the unique identifier acquisition module is positioned in the activated file generation program and used for acquiring the unique identifier of the equipment;
and the activation file generation module is positioned in the activation file generation program and used for generating the activation file with the first verification information by adopting the unique identifier of the equipment.
17. The apparatus of claim 16, wherein the second check-up information obtaining sub-module comprises:
the unique identifier acquisition unit is used for acquiring the unique identifier of the current equipment;
and the second check information generating unit is used for generating second check information by adopting the unique identifier of the current equipment.
18. The apparatus of claim 17, wherein the activation file generation module comprises:
the first check information generation submodule is used for calculating a hash value of the unique identifier of the acquired equipment and taking the hash value as first check information;
and the activation file generation submodule is used for generating an activation file with the first check information by a program.
19. The apparatus according to claim 18, wherein the second check-up information generating unit includes:
and the second check information generating subunit is used for calculating a hash value of the unique identifier of the current device, and taking the hash value as the second check information.
20. The apparatus of claim 19, wherein the activation file generation submodule comprises:
a first verification information encryption unit configured to encrypt the first verification information;
and the activation file generating unit is used for generating an activation file with the encrypted first verification information by a program.
21. The apparatus of claim 20, wherein the first verification information obtaining sub-module comprises:
an encrypted verification information acquisition unit configured to acquire encrypted first verification information from the activation file;
and the first verification information decryption unit is used for decrypting the encrypted first verification information to obtain first verification information.
22. An apparatus for activating a trusted execution environment, wherein the trusted execution environment is configured in a device, and wherein the device is further configured with a trusted application running in the trusted execution environment, a rich execution environment, and a client running in the rich execution environment; the method comprises the following steps:
the activation file acquisition module is positioned in the trusted execution environment and used for acquiring an activation file which is sent by a client program and is preset in the equipment when the activation file is not stored in the trusted storage space of the equipment;
the activation condition judgment module is positioned in the trusted execution environment and used for verifying whether the activation file meets the activation condition;
the activation module is positioned in the trusted execution environment and used for activating and allowing the trusted application program to normally run if the activation file meets the activation condition;
the activation file comprises first verification information used for verifying whether the activation file meets an activation condition or not, and the first verification information is generated according to a unique identifier of equipment.
23. An apparatus for activating a trusted execution environment, comprising:
one or more processors; and
one or more machine-readable media having instructions stored thereon that, when executed by the one or more processors, cause the apparatus to perform the method of any of claims 1-10 or 11.
24. One or more machine readable media having instructions stored thereon that, when executed by one or more processors, cause the processors to perform the method of any of claims 1-10 or 11.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810941457.0A CN110837643B (en) | 2018-08-17 | 2018-08-17 | Activation method and device of trusted execution environment |
| TW108122773A TW202009773A (en) | 2018-08-17 | 2019-06-28 | Method and apparatus for activating trusted execution environment |
| PCT/CN2019/099553 WO2020034881A1 (en) | 2018-08-17 | 2019-08-07 | Method and apparatus for activating trusted execution environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810941457.0A CN110837643B (en) | 2018-08-17 | 2018-08-17 | Activation method and device of trusted execution environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110837643A CN110837643A (en) | 2020-02-25 |
| CN110837643B true CN110837643B (en) | 2022-09-23 |
Family
ID=69524694
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810941457.0A Active CN110837643B (en) | 2018-08-17 | 2018-08-17 | Activation method and device of trusted execution environment |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN110837643B (en) |
| TW (1) | TW202009773A (en) |
| WO (1) | WO2020034881A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257059B (en) * | 2020-10-12 | 2023-03-28 | 麒麟软件有限公司 | Dynamic trusted file execution control method and system |
| CN115640567B (en) * | 2022-09-28 | 2024-02-27 | 北京瑞莱智慧科技有限公司 | TEE integrity authentication method, device, system and storage medium |
| CN117725572A (en) * | 2024-02-07 | 2024-03-19 | 支付宝(杭州)信息技术有限公司 | SDK integrity checking method, device, medium and equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104010044A (en) * | 2014-06-12 | 2014-08-27 | 北京握奇数据系统有限公司 | Application limitation installing method, manager and terminal based on trusted execution environment technology |
| CN104754552A (en) * | 2013-12-25 | 2015-07-01 | 中国移动通信集团公司 | Trusted execution environment (TEE) initialization method and equipment |
| CN104765612A (en) * | 2015-04-10 | 2015-07-08 | 武汉天喻信息产业股份有限公司 | System and method for having access to credible execution environment and credible application |
| CN106934257A (en) * | 2015-12-30 | 2017-07-07 | 航天信息软件技术有限公司 | A kind of program encryption methods and procedures encryption device |
| CN107888589A (en) * | 2017-11-10 | 2018-04-06 | 恒宝股份有限公司 | A kind of method and its system for calling trusted application |
| CN107992729A (en) * | 2016-10-26 | 2018-05-04 | 中国移动通信有限公司研究院 | A kind of control method, terminal and subscriber identification module card |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7877744B2 (en) * | 2004-11-05 | 2011-01-25 | Qualcomm Incorporated | Method, software and apparatus for activating resident applications |
| CN105574723A (en) * | 2015-12-14 | 2016-05-11 | 联想(北京)有限公司 | Information security processing method and security processing apparatus |
| US20170337390A1 (en) * | 2016-05-18 | 2017-11-23 | Qualcomm Incorporated | Data protection at factory reset |
-
2018
- 2018-08-17 CN CN201810941457.0A patent/CN110837643B/en active Active
-
2019
- 2019-06-28 TW TW108122773A patent/TW202009773A/en unknown
- 2019-08-07 WO PCT/CN2019/099553 patent/WO2020034881A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104754552A (en) * | 2013-12-25 | 2015-07-01 | 中国移动通信集团公司 | Trusted execution environment (TEE) initialization method and equipment |
| CN104010044A (en) * | 2014-06-12 | 2014-08-27 | 北京握奇数据系统有限公司 | Application limitation installing method, manager and terminal based on trusted execution environment technology |
| CN104765612A (en) * | 2015-04-10 | 2015-07-08 | 武汉天喻信息产业股份有限公司 | System and method for having access to credible execution environment and credible application |
| CN106934257A (en) * | 2015-12-30 | 2017-07-07 | 航天信息软件技术有限公司 | A kind of program encryption methods and procedures encryption device |
| CN107992729A (en) * | 2016-10-26 | 2018-05-04 | 中国移动通信有限公司研究院 | A kind of control method, terminal and subscriber identification module card |
| CN107888589A (en) * | 2017-11-10 | 2018-04-06 | 恒宝股份有限公司 | A kind of method and its system for calling trusted application |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020034881A1 (en) | 2020-02-20 |
| CN110837643A (en) | 2020-02-25 |
| TW202009773A (en) | 2020-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6197000B2 (en) | System, vehicle, and software distribution processing method | |
| US8925055B2 (en) | Device using secure processing zone to establish trust for digital rights management | |
| CN110597538B (en) | Software upgrading method and OTA upgrading system based on OTA upgrading system | |
| CN106230784B (en) | Equipment verification method and device | |
| US9954834B2 (en) | Method of operating a computing device, computing device and computer program | |
| TW202109320A (en) | Trusted execution environment-based application activation method and apparatus | |
| US11101984B2 (en) | Onboarding software on secure devices to generate device identities for authentication with remote servers | |
| CN110688660B (en) | Method and device for safely starting terminal and storage medium | |
| CN110837643B (en) | Activation method and device of trusted execution environment | |
| CN110414248B (en) | Method for debugging microprocessor and microprocessor | |
| GB2543096A (en) | Data Processing Device | |
| CN114637987B (en) | Security chip firmware downloading method and system based on platform verification | |
| CN112596740A (en) | Program deployment method and device | |
| CN113014381B (en) | Secret key processing method and device of vehicle-mounted terminal, electronic equipment and medium | |
| CN107066346B (en) | Data backup method, data recovery method and device | |
| US11516194B2 (en) | Apparatus and method for in-vehicle network communication | |
| JP2015104020A (en) | Communication terminal device, communication terminal association system, communication terminal association method and computer program | |
| CN112118209B (en) | Account operation method and device of vehicle equipment | |
| CN110287725B (en) | Equipment, authority control method thereof and computer readable storage medium | |
| CN117353920B (en) | Key derivation method, processor and related equipment | |
| CN114650175B (en) | Verification method and device | |
| CN116566744B (en) | Data processing method and security verification system | |
| CN115437673A (en) | Vehicle-mounted MCU (microprogrammed control Unit) upgrading method, vehicle-mounted MCU upgrading system and server group | |
| CN116578315A (en) | Method and device for safely brushing vehicle ECU | |
| CN117009948A (en) | Identity credential sharing method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40024801 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |