DE102011115135A1 - Mikroprozessorsystem mit gesicherter Laufzeitumgebung - Google Patents

Mikroprozessorsystem mit gesicherter Laufzeitumgebung Download PDF

Info

Publication number
DE102011115135A1
DE102011115135A1 DE102011115135A DE102011115135A DE102011115135A1 DE 102011115135 A1 DE102011115135 A1 DE 102011115135A1 DE 102011115135 A DE102011115135 A DE 102011115135A DE 102011115135 A DE102011115135 A DE 102011115135A DE 102011115135 A1 DE102011115135 A1 DE 102011115135A1
Authority
DE
Germany
Prior art keywords
runtime environment
operating system
driver
secure
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
DE102011115135A
Other languages
German (de)
English (en)
Inventor
Stephan Spitz
Markus Köhler
Ullrich Martini
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Trustonic Ltd
Original Assignee
Giesecke+Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke+Devrient GmbH filed Critical Giesecke+Devrient GmbH
Priority to DE102011115135A priority Critical patent/DE102011115135A1/de
Priority to PCT/EP2012/004159 priority patent/WO2013050154A1/de
Priority to EP12777857.9A priority patent/EP2764464B1/de
Priority to KR1020147006558A priority patent/KR101843730B1/ko
Priority to CN201280049509.4A priority patent/CN103858131B/zh
Priority to US14/346,811 priority patent/US9875366B2/en
Priority to JP2014533790A priority patent/JP2014533395A/ja
Priority to BR112014006543-8A priority patent/BR112014006543B1/pt
Publication of DE102011115135A1 publication Critical patent/DE102011115135A1/de
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
DE102011115135A 2011-10-07 2011-10-07 Mikroprozessorsystem mit gesicherter Laufzeitumgebung Withdrawn DE102011115135A1 (de)

Priority Applications (8)

Application Number Priority Date Filing Date Title
DE102011115135A DE102011115135A1 (de) 2011-10-07 2011-10-07 Mikroprozessorsystem mit gesicherter Laufzeitumgebung
PCT/EP2012/004159 WO2013050154A1 (de) 2011-10-07 2012-10-04 Mikroprozessorsystem mit gesicherter laufzeitumgebung
EP12777857.9A EP2764464B1 (de) 2011-10-07 2012-10-04 Mikroprozessorsystem mit gesicherter laufzeitumgebung
KR1020147006558A KR101843730B1 (ko) 2011-10-07 2012-10-04 보안 런타임 환경을 갖는 마이크로 프로세서 시스템
CN201280049509.4A CN103858131B (zh) 2011-10-07 2012-10-04 带有安全运行时环境的微控制器系统
US14/346,811 US9875366B2 (en) 2011-10-07 2012-10-04 Microprocessor system with secured runtime environment
JP2014533790A JP2014533395A (ja) 2011-10-07 2012-10-04 保証されたランタイム環境を有するマイクロプロセッサ・システム
BR112014006543-8A BR112014006543B1 (pt) 2011-10-07 2012-10-04 sistema de microprocessador com ambiente de tempo de execução seguro

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE102011115135A DE102011115135A1 (de) 2011-10-07 2011-10-07 Mikroprozessorsystem mit gesicherter Laufzeitumgebung

Publications (1)

Publication Number Publication Date
DE102011115135A1 true DE102011115135A1 (de) 2013-04-11

Family

ID=47073399

Family Applications (1)

Application Number Title Priority Date Filing Date
DE102011115135A Withdrawn DE102011115135A1 (de) 2011-10-07 2011-10-07 Mikroprozessorsystem mit gesicherter Laufzeitumgebung

Country Status (8)

Country Link
US (1) US9875366B2 (https=)
EP (1) EP2764464B1 (https=)
JP (1) JP2014533395A (https=)
KR (1) KR101843730B1 (https=)
CN (1) CN103858131B (https=)
BR (1) BR112014006543B1 (https=)
DE (1) DE102011115135A1 (https=)
WO (1) WO2013050154A1 (https=)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102011018431A1 (de) 2011-04-21 2012-10-25 Giesecke & Devrient Gmbh Verfahren zur Anzeige von Informationen auf einer Anzeigeeinrichtung eines Endgeräts
US9432348B2 (en) 2012-04-20 2016-08-30 Ologn Technologies Ag Secure zone for secure purchases
FR2998694B1 (fr) * 2012-11-27 2016-01-01 Oberthur Technologies Module electronique pour rendre un message accessible par un systeme d'exploitation vise
FR2998747B1 (fr) * 2012-11-27 2015-01-23 Oberthur Technologies Procede d'aiguillage d'un message
US20140281447A1 (en) * 2013-03-12 2014-09-18 Green Hills Software, Inc. Single-Chip Virtualizing and Obfuscating Communications System for Portable Computing Devices
CN104252388B (zh) * 2013-06-27 2018-10-23 中国银联股份有限公司 移动设备中的非可信环境与可信环境之间的切换
US10129242B2 (en) 2013-09-16 2018-11-13 Airwatch Llc Multi-persona devices and management
CN103945385B (zh) * 2014-03-27 2018-02-13 宇龙计算机通信科技(深圳)有限公司 移动终端防盗的方法及其装置
FR3019351A1 (fr) * 2014-03-31 2015-10-02 Orange Procede de configuration securisee d'une application dans un terminal utilisateur
CN104143065A (zh) * 2014-08-28 2014-11-12 北京握奇智能科技有限公司 安全智能终端设备、及信息处理方法
CN105592403B (zh) * 2014-12-29 2020-03-31 中国银联股份有限公司 一种基于nfc的通信装置和方法
CN104866782A (zh) * 2015-05-29 2015-08-26 宇龙计算机通信科技(深圳)有限公司 一种数据处理方法和装置
US10740496B2 (en) 2017-02-13 2020-08-11 Samsung Electronics Co., Ltd. Method and apparatus for operating multi-processor system in electronic device

Family Cites Families (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH01185734A (ja) 1988-01-20 1989-07-25 Fujitsu Ltd バッファメモリ管理方式
US5001742A (en) 1990-01-29 1991-03-19 At&T Bell Laboratories Baseband signal processing unit and method of operating the same
JPH05265779A (ja) 1992-03-23 1993-10-15 Nec Corp タスク間通信システム
US7089214B2 (en) 1998-04-27 2006-08-08 Esignx Corporation Method for utilizing a portable electronic authorization device to approve transactions between a user and an electronic transaction system
US6298446B1 (en) 1998-06-14 2001-10-02 Alchemedia Ltd. Method and system for copyright protection of digital images transmitted over networks
US6633984B2 (en) 1999-01-22 2003-10-14 Sun Microsystems, Inc. Techniques for permitting access across a context barrier on a small footprint device using an entry point object
SE515327C2 (sv) 1999-08-27 2001-07-16 Ericsson Telefon Ab L M Anordning för att utföra säkra transaktioner i en kommunikationsanordning
US6795905B1 (en) 2000-03-31 2004-09-21 Intel Corporation Controlling accesses to isolated memory using a memory controller for isolated execution
JP4812989B2 (ja) 2001-09-17 2011-11-09 株式会社リコー ディスプレイ装置、及びプログラム
EP1329787B1 (en) 2002-01-16 2019-08-28 Texas Instruments Incorporated Secure mode indicator for smart phone or PDA
RU2005115083A (ru) 2002-11-18 2006-01-20 Арм Лимитед (Gb) Переключение процессора между защищенным и незащищенным режимами
GB2396930B (en) 2002-11-18 2005-09-07 Advanced Risc Mach Ltd Apparatus and method for managing access to a memory
GB0226874D0 (en) 2002-11-18 2002-12-24 Advanced Risc Mach Ltd Switching between secure and non-secure processing modes
KR100950007B1 (ko) * 2003-06-27 2010-03-29 디즈니엔터프라이지즈,인크. 차세대 미디어 플레이어층에 대한 이중 가상 머신 및 신뢰플랫폼 모듈 아키텍쳐
CN100451983C (zh) 2003-06-27 2009-01-14 迪斯尼实业公司 下一代媒体播放器的双虚拟机以及信任平台
GB2406403B (en) 2003-09-26 2006-06-07 Advanced Risc Mach Ltd Data processing apparatus and method for merging secure and non-secure data into an output data stream
US8122361B2 (en) 2003-10-23 2012-02-21 Microsoft Corporation Providing a graphical user interface in a system with a high-assurance execution environment
ATE339742T1 (de) 2003-11-07 2006-10-15 Cit Alcatel Verfahren zur unterstützung bargeldloser zahlung
EP1870814B1 (en) * 2006-06-19 2014-08-13 Texas Instruments France Method and apparatus for secure demand paging for processor devices
JP2006018745A (ja) 2004-07-05 2006-01-19 Hitachi Ltd 電子データ認証システム、認証マーク偽造検証方法、認証マーク偽造検証プログラム、閲覧者用端末、及び認証マーク生成サーバ
JP4811271B2 (ja) 2004-08-25 2011-11-09 日本電気株式会社 情報通信装置及びプログラム実行環境制御方法
DE102005005378A1 (de) 2004-09-14 2006-03-30 Wincor Nixdorf International Gmbh Vorrichtung zur Eingabe und Übertragung von verschlüsselten Signalen
DE102004054571B4 (de) 2004-11-11 2007-01-25 Sysgo Ag Verfahren zur Verteilung von Rechenzeit in einem Rechnersystem
DE102004062203B4 (de) 2004-12-23 2007-03-08 Infineon Technologies Ag Datenverarbeitungseinrichtung, Telekommunikations-Endgerät und Verfahren zur Datenverarbeitung mittels einer Datenverarbeitungseinrichtung
US7627807B2 (en) 2005-04-26 2009-12-01 Arm Limited Monitoring a data processor to detect abnormal operation
US20070079111A1 (en) 2005-09-30 2007-04-05 Chiu-Fu Chen Activating method of computer multimedia function
JP2007188216A (ja) 2006-01-12 2007-07-26 Ntt Advanced Technology Corp 秘匿情報入力システムおよび秘匿情報入力方法
DE102006002824B4 (de) 2006-01-19 2008-10-09 Phoenix Contact Gmbh & Co. Kg Verfahren und Vorrichtung zur Umwandlung mehrkanalig vorliegender Nachrichten in eine einkanalige sichere Nachricht
US20070226795A1 (en) * 2006-02-09 2007-09-27 Texas Instruments Incorporated Virtual cores and hardware-supported hypervisor integrated circuits, systems, methods and processes of manufacture
US7765399B2 (en) 2006-02-22 2010-07-27 Harris Corporation Computer architecture for a handheld electronic device
US7950020B2 (en) 2006-03-16 2011-05-24 Ntt Docomo, Inc. Secure operating system switching
WO2007125911A1 (ja) 2006-04-24 2007-11-08 Panasonic Corporation データ処理装置、方法、プログラム、集積回路、プログラム生成装置
US7752658B2 (en) * 2006-06-30 2010-07-06 Microsoft Corporation Multi-session connection across a trust boundary
US8194088B1 (en) 2006-08-03 2012-06-05 Apple Inc. Selective composite rendering
EP2095345A4 (en) 2006-10-23 2011-04-27 Behruz Nader Daroga DIGITAL TRANSMISSION SYSTEM (DTS) FOR THE SECURITY OF BANK ATMOSPHERES (ATM)
US8190885B2 (en) 2006-12-21 2012-05-29 Spansion Llc Non-volatile memory sub-system integrated with security for storing near field transactions
US8996864B2 (en) * 2006-12-22 2015-03-31 Virtuallogix Sa System for enabling multiple execution environments to share a device
JP4358224B2 (ja) 2006-12-27 2009-11-04 株式会社東芝 ゲストosスケジューリング方法及び仮想計算機モニタ
JP2008211332A (ja) 2007-02-23 2008-09-11 Canon Inc 画像形成装置及びその制御方法、並びにプログラム及び記憶媒体
US8261064B2 (en) 2007-02-27 2012-09-04 L-3 Communications Corporation Integrated secure and non-secure display for a handheld communications device
US8190778B2 (en) * 2007-03-06 2012-05-29 Intel Corporation Method and apparatus for network filtering and firewall protection on a secure partition
FR2914457B1 (fr) 2007-03-30 2009-09-04 Ingenico Sa Procede et dispositif de visualisation securitaire
US8712474B2 (en) 2007-04-20 2014-04-29 Telefonaktiebolaget L M Ericsson (Publ) Secure soft SIM credential transfer
GB2453518A (en) 2007-08-31 2009-04-15 Vodafone Plc Telecommunications device security
DE102007052826A1 (de) 2007-11-06 2009-05-07 Giesecke & Devrient Gmbh Daten verarbeitende Vorrichtung und Verfahren zum Betreiben einer Daten verarbeitenden Vorrichtung
CN101868953A (zh) 2007-12-07 2010-10-20 诺基亚公司 事务处理认证
CN101299228B (zh) 2008-01-26 2010-09-01 青岛大学 一种基于单cpu双总线的安全网络终端
GB2459097B (en) 2008-04-08 2012-03-28 Advanced Risc Mach Ltd A method and apparatus for processing and displaying secure and non-secure data
US8522354B2 (en) 2008-05-24 2013-08-27 Via Technologies, Inc. Microprocessor apparatus for secure on-die real-time clock
US7809875B2 (en) 2008-06-30 2010-10-05 Wind River Systems, Inc. Method and system for secure communication between processor partitions
JP5157726B2 (ja) 2008-07-31 2013-03-06 富士通モバイルコミュニケーションズ株式会社 電子機器
JP2010062823A (ja) 2008-09-03 2010-03-18 Nippon Telegr & Teleph Corp <Ntt> 現金自動支払機のための認証システム
US8528041B1 (en) * 2008-11-07 2013-09-03 Sprint Communications Company L.P. Out-of-band network security management
US8595491B2 (en) 2008-11-14 2013-11-26 Microsoft Corporation Combining a mobile device and computer to create a secure personalized environment
KR101540798B1 (ko) 2008-11-21 2015-07-31 삼성전자 주식회사 가상화 환경에서 보안 정보를 제공하기 위한 장치 및 방법
JP4698724B2 (ja) 2008-12-01 2011-06-08 株式会社エヌ・ティ・ティ・ドコモ プログラム実行装置
US8490176B2 (en) 2009-04-07 2013-07-16 Juniper Networks, Inc. System and method for controlling a mobile device
US9003517B2 (en) 2009-10-28 2015-04-07 Microsoft Technology Licensing, Llc Isolation and presentation of untrusted data
US9207968B2 (en) 2009-11-03 2015-12-08 Mediatek Inc. Computing system using single operating system to provide normal security services and high security services, and methods thereof
AU2011202838B2 (en) 2010-12-21 2014-04-10 Lg Electronics Inc. Mobile terminal and method of controlling a mode screen display therein
DE102011012227A1 (de) 2011-02-24 2012-08-30 Giesecke & Devrient Gmbh Verfahren zum Datenaustausch in einer gesicherten Laufzeitumgebung
DE102011012226A1 (de) 2011-02-24 2012-08-30 Giesecke & Devrient Gmbh Verfahren zum Betrieb einer Mikroprozessoreinheit, insbesondere in einem mobilen Endgerät
US20130046697A1 (en) 2011-03-17 2013-02-21 Suridx, Inc. Using Mobile Device to Prevent Theft of User Credentials
DE102011018431A1 (de) 2011-04-21 2012-10-25 Giesecke & Devrient Gmbh Verfahren zur Anzeige von Informationen auf einer Anzeigeeinrichtung eines Endgeräts
US9183373B2 (en) 2011-05-27 2015-11-10 Qualcomm Incorporated Secure input via a touchscreen
DE102011116489A1 (de) 2011-10-20 2013-04-25 Giesecke & Devrient Gmbh Mobiles Endgerät, Transaktionsterminal und Verfahren zur Durchführung einer Transaktion an einem Transaktionsterminal mittels eines mobilen Endgeräts

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ARM: Securing the System with TrustZone® Ready Program. 2010, S. 1 - 22. *
SUH, S.: Secure Xen on ARM: Status and Driver Domain Separation. Samsung Electronics, 2007, 1 - 21. *

Also Published As

Publication number Publication date
CN103858131B (zh) 2017-03-29
BR112014006543A2 (pt) 2017-04-25
US20140237621A1 (en) 2014-08-21
EP2764464B1 (de) 2018-11-28
US9875366B2 (en) 2018-01-23
KR101843730B1 (ko) 2018-03-30
KR20140074296A (ko) 2014-06-17
BR112014006543B1 (pt) 2021-07-06
JP2014533395A (ja) 2014-12-11
EP2764464A1 (de) 2014-08-13
CN103858131A (zh) 2014-06-11
WO2013050154A1 (de) 2013-04-11

Similar Documents

Publication Publication Date Title
EP2764464B1 (de) Mikroprozessorsystem mit gesicherter laufzeitumgebung
DE102009013384B4 (de) System und Verfahren zur Bereitstellung einer sicheren Anwendungsfragmentierungsumgebung
DE112014006112T5 (de) Applet-Migration in einem sicheren Element
EP2987350B1 (de) Mobilstation umfassend sicherheitsressourcen mit unterschiedlichen sicherheitsniveaus
DE102004062203A1 (de) Datenverarbeitungseinrichtung, Telekommunikations-Endgerät und Verfahren zur Datenverarbeitung mittels einer Datenverarbeitungseinrichtung
EP2735129B1 (de) Verfahren zum absichern einer transaktion
DE102011081421A1 (de) System zur sicheren Übertragung von Daten und Verfahren
EP3563209B1 (de) Gesamtvorrichtung mit einer authentifizierungsanordnung und verfahren zur authentifizierung
WO2008046575A1 (de) Verfahren zum ausführen einer applikation mit hilfe eines tragbaren datenträgers
DE102009014981A1 (de) Vorrichtung, System und Verfahren für die Modifikation einer Pre-Boot-Vorschrift
EP2885907B1 (de) Verfahren zur installation von sicherheitsrelevanten anwendungen in einem sicherheitselement eines endgerät
DE602004011965T2 (de) Verfahren und schaltung zum identifizieren und/oder verifizieren von hardware und/oder software eines geräts und eines mit dem gerät arbeitenden datenträgers
EP2210241B1 (de) Daten verarbeitende vorrichtung und verfahren zum betreiben einer daten verarbeitenden vorrichtung
EP3248136B1 (de) Verfahren zum betreiben einer computereinheit mit einer sicheren laufzeitumgebung sowie eine solche computereinheit
DE102014018892A1 (de) Verfahren zum Betreiben einer Computereinheit sowie eine solche Computereinheit
EP2524333B1 (de) Verfahren zum bereitstellen eines sicheren zählers auf einem endgerät
DE102018129920A1 (de) Durchsetzen einer sicheren Anzeigeansicht für vertrauenswürdige Transktionen
EP3159821B1 (de) Prozessor-system mit applet security settings
EP4526791A1 (de) Anwendungsprogramm ausgebildet eine umgebungsinformation zu erstellen
DE102021126509B4 (de) Tragbare Chipvorrichtung und Verfahren zum Ausführen eines Softwaremodul-Updates in einer tragbaren Chipvorrichtung
DE102014209037B4 (de) Vorrichtung und Verfahren zum Schutz der Integrität von Betriebssysteminstanzen
DE10006062C2 (de) Tastaturschlüssel
WO2005073826A1 (de) System mit wenigstens einem computer und wenigstens einem tragbaren datenträger
DE102012022875A1 (de) Verfahren und System zur Applikationsinstallation
DE102007005637B4 (de) Computereinrichtung, Kommunikationseinrichtung und Verfahren zum Betreiben einer Computereinrichtung

Legal Events

Date Code Title Description
R163 Identified publications notified
R081 Change of applicant/patentee

Owner name: TRUSTONIC LTD., GB

Free format text: FORMER OWNER: GIESECKE & DEVRIENT GMBH, 81677 MUENCHEN, DE

Effective date: 20130912

R082 Change of representative

Representative=s name: KSNH PATENTANWAELTE KLUNKER/SCHMITT-NILSON/HIR, DE

Effective date: 20130912

Representative=s name: KLUNKER IP PATENTANWAELTE PARTG MBB, DE

Effective date: 20130912

R082 Change of representative

Representative=s name: KLUNKER IP PATENTANWAELTE PARTG MBB, DE

R119 Application deemed withdrawn, or ip right lapsed, due to non-payment of renewal fee