EP3053082A1 - Method for securing a terminal - Google Patents
Method for securing a terminalInfo
- Publication number
- EP3053082A1 EP3053082A1 EP14787228.7A EP14787228A EP3053082A1 EP 3053082 A1 EP3053082 A1 EP 3053082A1 EP 14787228 A EP14787228 A EP 14787228A EP 3053082 A1 EP3053082 A1 EP 3053082A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- mem
- desc
- securing
- terminal
- meth
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
Definitions
- the present invention relates to the field of software, and more particularly to the securing of terminals, including mobile terminals of "Smartphone” type, including terminals operating under the Android operating system. More specifically, the invention relates to a method for securing a mobile terminal.
- a process that is, a program running on a terminal, uses resources that are allocated to it.
- the resources include areas of RAM and handles (in English "handle") of files or databases.
- the resources are vulnerable, that is, potentially accessible by an attacker.
- An attack is particularly difficult to detect when the terminal is locked (a lock is for example made manually by a user or automatically after a certain period of inactivity of the terminal).
- a lock is for example made manually by a user or automatically after a certain period of inactivity of the terminal.
- it is known to stop the processes.
- each process saves in a flash memory of the terminal the resources it uses, and ends.
- the data in the RAM areas used by the processes are erased.
- the processes are restarted and the data is restored using the data saved in the flash memory.
- the object of the invention offers a solution to the problem mentioned above, by proposing a method of securing the resources allocated to the processes executed on a terminal, when said terminal is in a locked state.
- the invention therefore essentially relates to a method of securing a terminal.
- the method comprises the following step: following a locking of the terminal, for each process of a list of processes executed by the terminal:
- the method is implemented by a kernel of an operating system installed on the terminal.
- the operating system is for example Android.
- the processes in the list are not stopped, but their execution is interrupted.
- the kernel scheduler has been modified to manage a new possible state for each process (named "frozen” later). As long as the process is in this new state, the scheduler does not give it a hand and the process does not run.
- the resources that the processes in the list use are secure. Thus, in case of attack, the attacker will not get any intelligible data.
- the security method according to the invention may have one or more additional characteristics among the following, considered individually or in any technically possible combination:
- resources allocated to a process include a RAM area, and the protection includes an encryption of said RAM area.
- the method comprises, following the encryption step: erase RAM an encryption key used during encryption.
- resources allocated to a process include a file or database descriptor, and the protection includes closing said descriptor.
- the databases and / or files used by the processes in the list are rendered inaccessible.
- the method comprises a preliminary step of updating the process list, comprising: following receipt of a notification of a process, adding said process to the list of processes.
- Process notifications are received by the kernel of the Android operating system.
- Process notifications are issued by a protection process named "Protection Manager" in English.
- the Protection Manager indicates to the kernel the processes on which the securing method according to the invention is to be implemented.
- issuing a notification of a process depends on an initial setting of said process. Indeed, not all processes are concerned by the security method according to the invention. By concern, one intends to be in the list of processes mentioned above. Only pre-configured processes for securing are concerned. At startup a process is not in the process list; if the Protection Manager detects that said process is configured to be concerned with the security method according to the invention, then the Protection Manager notifies the kernel, which will add it to the protection list. process.
- the method comprises: following an unlocking of the terminal: making said process eligible for execution and removing the protection on the previously protected resources.
- the resources allocated to a process comprise a RAM area
- the deletion of the protection includes a decryption of said RAM area
- the resources allocated to a process include a file or file descriptor database, and the removal of the protection includes an opening of said descriptor.
- Figure 1 is presented for guidance and in no way limitative of the invention.
- Figure 1 shows steps of a method of securing a terminal according to a non-limiting embodiment of the invention.
- FIG. 1 shows steps of a method METH for securing a terminal according to a non-limiting embodiment of the invention.
- the terminal is of the Smartphone type, and operates under the Android operating system, which includes a kernel.
- the kernel includes a scheduler (in English "scheduler"), choosing the order of execution of the processes of the terminal.
- the scheduler is adapted to manage process states, including:
- a PR process executed on the terminal is preconfigured to be concerned or not by the method of securing METH according to the invention. If the process PR is concerned with the method of securing METH, then following an LK lock of the terminal, resources MEM, DESC it uses are protected. A PR_PM configuration parameter is therefore associated with each PR process.
- the PR_PM configuration parameters of the PR processes can be analyzed by a Protection Manager protection process.
- the protection process analyzes the PR_PM configuration parameter associated with said PR process. If the configuration parameter PR_PM indicates that the process PR is concerned with the method of securing METH according to the invention, then the protection process sends a notification to the kernel. It will be said that the protection process tells the kernel that a protection mechanism must be activated on the PR process in question.
- the kernel On receipt of NO_REC notification on a PR process, the kernel adds the process to a LI_PR list. The list LI_PR is thus updated at each reception NO_REC notification. When the terminal changes from the unlocked state to the locked state, the list LI_PR contains all the started PR processes on which the protection mechanism must be activated.
- the scheduler places the processes (PR) in the list (LI_PR) in the "frozen” state. Then, the kernel activates a protection on the resources MEM, DESC of the processes PR of the list LI_PR. More precisely, areas of memory MEM fast allocated to the processes PR of the list LI_PR are encrypted MEM_ENC. In addition, the KM encryption key used is deleted KM_ERZ RAM at the end of encryption MEM_ENC. In addition, DESC descriptors of files or databases used by the PR processes of the list LI_PR are closed, that is to say erased. Thus, no sensitive data is accessible or exploitable. In the event of an attack, no intelligible data will be usable.
- the scheduler places the processes (PR) of the list (LI_PR) in the "idle" state: these processes are then again eligible for execution. Then, the protection on the PR process resources of the LI_PR list is removed by the kernel.
- the kernel decrypts MEM_DESENC MEM previously encrypted RAM areas and reopen DESC_OP DESC descriptors.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Telephone Function (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1359566A FR3011359B1 (en) | 2013-10-02 | 2013-10-02 | METHOD FOR SECURING A TERMINAL |
PCT/FR2014/052468 WO2015049458A1 (en) | 2013-10-02 | 2014-09-30 | Method for securing a terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3053082A1 true EP3053082A1 (en) | 2016-08-10 |
Family
ID=50289721
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP14787228.7A Ceased EP3053082A1 (en) | 2013-10-02 | 2014-09-30 | Method for securing a terminal |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP3053082A1 (en) |
FR (1) | FR3011359B1 (en) |
WO (1) | WO2015049458A1 (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100138189A1 (en) * | 2008-12-01 | 2010-06-03 | International Business Machines Corporation | Fast detection of process outages |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7299364B2 (en) * | 2002-04-09 | 2007-11-20 | The Regents Of The University Of Michigan | Method and system to maintain application data secure and authentication token for use therein |
-
2013
- 2013-10-02 FR FR1359566A patent/FR3011359B1/en active Active
-
2014
- 2014-09-30 WO PCT/FR2014/052468 patent/WO2015049458A1/en active Application Filing
- 2014-09-30 EP EP14787228.7A patent/EP3053082A1/en not_active Ceased
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100138189A1 (en) * | 2008-12-01 | 2010-06-03 | International Business Machines Corporation | Fast detection of process outages |
Non-Patent Citations (1)
Title |
---|
See also references of WO2015049458A1 * |
Also Published As
Publication number | Publication date |
---|---|
FR3011359B1 (en) | 2016-12-30 |
FR3011359A1 (en) | 2015-04-03 |
WO2015049458A1 (en) | 2015-04-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10789361B2 (en) | Ransomware attack remediation | |
EP3374922B1 (en) | Systems and methods for protecting backed-up data from ransomware attacks | |
EP3479280B1 (en) | Ransomware protection for cloud file storage | |
US10607027B1 (en) | Secretless secure data distribution and recovery process | |
US9258122B1 (en) | Systems and methods for securing data at third-party storage services | |
US10050982B1 (en) | Systems and methods for reverse-engineering malware protocols | |
EP2178016B1 (en) | Method of operating on-board equipment, associated equipment and aircraft containing such equipment | |
US10339304B2 (en) | Systems and methods for generating tripwire files | |
US20090220088A1 (en) | Autonomic defense for protecting data when data tampering is detected | |
US20190087278A1 (en) | Secure data protection and recovery | |
US10397216B2 (en) | Systems and methods for performing secure backup operations | |
EP3063693B1 (en) | Intrusion detection system in a device comprising a first operating system and a second operating system | |
WO2016045548A1 (en) | Data synchronization method and device | |
US9800610B1 (en) | Systems and methods for defeating relay attacks | |
EP2614458A2 (en) | Method of authentification for access to a website | |
US10318272B1 (en) | Systems and methods for managing application updates | |
EP3586258B1 (en) | Segmented key authentication system | |
US10447671B1 (en) | Systems and methods for recovering encrypted information | |
US10162962B1 (en) | Systems and methods for detecting credential theft | |
US11184169B1 (en) | Systems and methods for crowd-storing encrypiion keys | |
US20190116030A1 (en) | Storing data for ransomware recovery | |
Netto et al. | An integrated approach for detecting ransomware using static and dynamic analysis | |
EP3053082A1 (en) | Method for securing a terminal | |
Aggarwal | Ransomware Attack: An Evolving Targeted Threat | |
CN113868718A (en) | FPGA encryption method, device, equipment and medium based on BIOS |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20160422 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20170508 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: AVANTIX |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20200509 |