KR102180529B1 - Application access control method and electronic device implementing the same - Google Patents

Abstract

A method of controlling access to an application and an electronic device implementing the same are disclosed. According to various embodiments, a method of operating an electronic device includes a first method of controlling the volatile memory by a processor of an electronic device including a volatile memory. An operation of setting a region and a second region, wherein the second region is an operation with more enhanced security than the first region. The processor temporarily stores first information fetched from hardware or firmware in the second region. Storing, by the processor, temporarily storing second information in the second area, by the processor, to recognize a request for access to the second information of an application program temporarily stored in the first area And authenticating, by the processor, using at least a part of the application program in the second area. Other embodiments are possible.

Description

Application access control method and electronic device implementing it {APPLICATION ACCESS CONTROL METHOD AND ELECTRONIC DEVICE IMPLEMENTING THE SAME}

The present disclosure relates to a method of controlling an application's access to a computing asset and an electronic device implementing the same.

Electronic devices such as a smart phone and a tablet PC are equipped with a memory, a processor, and an operating system (OS) and can execute various applications accordingly. The electronic device can perform online commerce and financial transactions. In the execution of functions such as online commerce or financial transactions, a common concern is security. For this security, the electronic device may control an application's access to, for example, a computing asset.

According to the prior art, the access control method may include an access control method based on a public key infrastructure, a password based access control method, and a local access control method.

A system to which an access control method based on a public key infrastructure is applied is complicated to install and maintain. In addition, when the validity period of the certificate has expired, a new certificate must be issued. In addition, there is a risk of loss or damage of the certificate, making it difficult to guarantee its integrity. Also, in the case of an accredited certificate, it may cost money to issue.

In the password-based access control method, there is a significant risk of hacking or loss of passwords, and there are actually incidents that cause security problems in portals and online service companies.

The electronic device to which the local access control method is applied may not request a password from the user. However, data stored in a local storage of the electronic device may be forged or hacked. Therefore, data requiring security needs a secure storage.

The present disclosure can provide a method for safely protecting a computing resource by controlling an application's access to a computing resource, and an electronic device implementing the same.

A method of operating an electronic device according to an embodiment of the present disclosure is an operation of setting the volatile memory as a first region and a second region by a processor of an electronic device including a volatile memory, wherein the second region is An operation with enhanced security than the first region, an operation of temporarily storing first information fetched from hardware or firmware in the second region by the processor, and a second operation in the second region by the processor An operation of temporarily storing information, an operation of recognizing, by the processor, an access request to the second information of an application program temporarily stored in the first area, and

The processor may include an operation of authenticating by using at least a part of the application program in the second area.

In a method of operating an electronic device according to an embodiment of the present disclosure, an operation of setting the volatile memory as a first region and a second region by a processor of an electronic device including a volatile memory, wherein the second region Is an operation with more enhanced security than the first region, an operation of temporarily storing first information fetched from hardware or firmware in the second region by the processor, and temporarily in the first region by the processor Acquiring data representing the application program in the second area using at least a portion of the stored application program, encrypting data representing the application program in the second area using the first information An operation, and storing the encrypted data representing the application program in a nonvolatile storage device of the electronic device.

An electronic device according to an embodiment of the present disclosure includes a volatile memory, a nonvolatile storage device, a hardware storage device, and a processor, wherein the processor sets the volatile memory as a first region and a second region, and Temporarily storing first information fetched from the hardware storage device in a second area. Temporarily stores second information in the second area, recognizes a request for access to the second information of an application program temporarily stored in the first area, and stores at least a part of the application program in the second area It may be configured to perform authentication using software.

An access control method and an electronic device according to various embodiments of the present disclosure may safely protect a computing resource by controlling an application's access to a computing resource.

1 is a block diagram of an electronic device according to an embodiment of the present disclosure.
2 is a block diagram of hardware 200 according to an embodiment of the present disclosure.
3 is a block diagram of a programming module 300 according to an embodiment of the present disclosure.
4 shows an arrangement of products according to an embodiment of the present disclosure.
5 illustrates a block diagram of hardware 500 according to an embodiment of the present disclosure.
6 is a block diagram of a programming module 600 according to an embodiment of the present disclosure.
7 is a block diagram of a programming module 700 according to an embodiment of the present disclosure.
8 is a diagram for describing an example of a hash value calculation process.
9 illustrates access control tables according to an embodiment of the present disclosure.
10 is a flowchart illustrating an application registration method according to an embodiment of the present disclosure.
11 is a flowchart illustrating an application registration method according to another embodiment of the present disclosure.
12 is a flowchart illustrating an application authentication method according to an embodiment of the present disclosure.
13 is a flowchart illustrating an application authentication method according to another embodiment of the present disclosure.
14 is a diagram for describing an application registration and authentication method according to an embodiment of the present disclosure.

Hereinafter, various embodiments will be described in detail with reference to the accompanying drawings. In this case, it should be noted that the same components in the accompanying drawings are indicated by the same reference numerals as possible. In addition, detailed descriptions of known functions and configurations that may obscure the subject matter of the present disclosure will be omitted. In the following description, it should be noted that only parts necessary to understand the operation according to various embodiments of the present disclosure will be described, and descriptions of other parts will be omitted so as not to obscure the gist of the present disclosure.

The electronic device according to the present disclosure may be a device including a communication function. For example, a smart phone (smartphone), a tablet PC (tablet personal computer), a mobile phone (mobile phone), a videophone, an e-book reader (e-book reader), a desktop PC (desktop personal computer), a laptop PC (laptop PC) personal computer), netbook computer, personal digital assistant (PDA), portable multimedia player (PMP), MP3 player, mobile medical device, electronic bracelet, electronic necklace, electronic appcessory, camera, Wearable devices, electronic clocks, wrist watches, home appliances (e.g. refrigerators, air conditioners, vacuum cleaners, ovens, microwaves, washing machines, air purifiers, etc.), artificial intelligence Robots, TVs, DVD (digital video disk) players, audio, various medical devices (e.g. MRA (magnetic resonance angiography), MRI (magnetic resonance imaging), CT (computed tomography), camera, ultrasound, etc.), navigation Device, global positioning system receiver, event data recorder (EDR), flight data recorder (FDR), set-top box, TV box (e.g., Samsung HomeSyncTM, App TVTM, or Google TVTM) ), electronic dictionaries, automobile infotainment devices, electronic equipment for ships (e.g., navigation devices for ships, gyro compasses, etc.), avionics, security devices, electronic clothing, electronic keys, Camcorder, crab Game consoles, head-mounted displays (HMDs), flat panel display devices, electronic frames, electronic albums, furniture or parts of buildings/structures including communication functions, electronic boards It may be a combination of one or more of various devices such as a board, an electronic signature receiving device, or a projector. It is obvious to those skilled in the art that the electronic device according to the present disclosure is not limited to the above-described devices.

The electronic device according to the present disclosure may be classified into various environments according to which functions, operations, etc. are executed or computed in which environment. For example, the electronic device may include a trusted environment and a non-trusted environment. The trusted environment may be referred to as a trusted world, trusted region, or trusted area. The untrusted environment may also be referred to as a non-trusted world, non-trusted region or non-trusted area.

The untrusted environment may include a general operating system (OS), drivers, middleware, and applications. An example of such a system could be Android. Android may include a Linux kernel, device drivers, Android middleware, and applications.

The trusted environment may include security critical components. Security elements can be accessed by components (eg, applications) in an untrusted environment on run time. Specific security related operations can be executed by this approach. In general, the trusted environment may include a security OS, security drivers, security middleware, and trusted applications (TA). Also, the trust environment may contain special modules. These special modules (eg, monitors) can mediate or control communication between a trusted environment and an untrusted environment. The untrusted environment cannot directly access the trusted environment, and can be configured to allow access to the trusted environment only through a monitor. To this end, the monitor may employ, for example, the TrustZone technology of Advance RISC Machine (ARM).

1 is a block diagram of 100 of an electronic device according to an embodiment of the present disclosure.

Referring to FIG. 1, the electronic device 100 may include a bus 110, a processor 120, a memory 130, a user input module 140, a display module 150, or a communication module 160.

The bus 110 may be a circuit that connects the above-described components to each other and transmits communication (eg, a control message) between the above-described components.

The processor 120, for example, receives a command from the above-described other components (eg, memory 130, user input module 140, display module 150, communication module 160, etc.) through the bus 110, decrypts the received command, and , Operations or data processing according to the decoded instruction can be executed.

The memory 130 may store instructions or data received from the processor 120 or other components (eg, user input module 140, display module 150, communication module 160, etc.) or generated by the processor 120 or other components. The memory 130 may include programming modules such as a kernel 131, a middleware 132, an application programming interface (API) 133 or an application 134, for example. Each of the above-described programming modules may be composed of software, firmware, hardware, or a combination of at least two or more of them.

Kernel 131 controls other programming modules, for example, middleware 132, API 133, or system resources (eg, bus 110, processor 120, memory 130, etc.) used to execute operations or functions implemented in application 134. Or you can manage. In addition, the kernel 131 may provide an interface through which the middleware 132, the API 133, or the application 134 can access and control or manage individual components of the electronic device 100.

The middleware 132 may play an intermediary role so that the API 133 or the application 134 communicates with the kernel 131 to exchange data. In addition, the middleware 132 relates to the work requests received from the (multiple) applications 134, for example, the system resource (eg, bus) of the electronic device 100 to at least one application among the (multiple) applications 134 110, processor 120, memory 130, etc.) may be used to perform load balancing for work requests.

API 133 is an interface through which the application 134 can control functions provided by the kernel 131 or the middleware 132, and may include at least one interface or function for, for example, file control, window control, image processing, or character control. I can.

The user input module 140 may receive a command or data from a user and transmit it to the processor 120 or the memory 130 through the bus 110. The display module 150 may display an image, an image, or data to a user.

The communication module 160 may connect communication between the other electronic device 102 and the electronic device 100. The communication module 160 includes a predetermined short-range communication protocol (e.g., Wifi (wireless fidelity), BT (Bluetooth), NFC (near field communication)) or a predetermined network communication (e.g. Internet, LAN (local area network), WAN (wire area network)). network), a telecommunication network, a cellular network, a satellite network, or a plain old telephone service (POTS), etc.) 162. Each of the electronic devices 102 and 104 is the same (eg, the same type) as the electronic device 100, or It may be a different (eg different type) device.

2 is a block diagram of hardware 200 according to various embodiments of the present disclosure.

The hardware 200 may be, for example, the electronic device 100 illustrated in FIG. 1. Referring to FIG. 2, the hardware 200 includes one or more processors 210, a subscriber identification module (SIM) card 214, a memory 220, a communication module 230, a sensor module 240, a user input module 250, a display module 260, an interface 270, an audio codec 280, and A camera module 291, a power management module 295, a battery 296, an indicator 297, or a motor 298 may be included.

The processor 210 (eg, processor 120) may include one or more application processors (AP) 211 or one or more communication processors (CP) 213. The processor 210 may be, for example, the processor 120 shown in FIG. 1. In FIG. 2, the AP 211 and CP 213 are shown to be included in the processor 210, but the AP 211 and CP 213 may be included in different IC packages, respectively. According to some embodiments, the AP 211 and CP 213 may be included in one IC package.

The AP 211 may drive an operating system or an application program to control a plurality of hardware or software components connected to the AP 211, and perform various data processing and operations including multimedia data. The AP 211 may be implemented with, for example, a system on chip (SoC). According to some embodiments, the processor 210 may further include a Graphic Processing Unit (GPU) (not shown).

The CP 213 may perform a function of managing a data link and converting a communication protocol in communication between an electronic device including the hardware 200 (eg, electronic device 100) and other electronic devices connected through a network. CP 213 may be implemented as an SoC, for example. According to some embodiments, the CP 213 may perform at least part of a multimedia control function. CP 213, for example, by using a subscriber identification module (for example, SIM card 214) can perform the identification and authentication of the terminal in the communication network. In addition, the CP 213 may provide services such as a voice call, a video call, a text message, or packet data to a user.

In addition, the CP 213 may control data transmission/reception of the communication module 230. In FIG. 2, components such as a CP 213, a power management module 295, or a memory 220 are shown as separate components from the AP 211, but according to some embodiments, at least some of the aforementioned components (eg: CP 213) may be implemented.

According to some embodiments, the AP 211 or CP 213 may load and process commands or data received from at least one of a nonvolatile memory or other components connected to each of the volatile memory. Further, the AP 211 or CP 213 may store data received from at least one of the other components or generated by at least one of the other components in a nonvolatile memory.

The SIM card 214 may be a card implementing a subscriber identification module, and may be inserted into a slot formed at a specific location of an electronic device. The SIM card 214 may include unique identification information (eg, integrated circuit card identifier (ICCID)) or subscriber information (eg, international mobile subscriber identity (IMSI)).

The memory 220 may include an internal memory 222 or an external memory 224. The memory 220 may be, for example, the memory 130 shown in FIG. 1. The built-in memory 222 may be, for example, a volatile memory (e.g., dynamic RAM (DRAM), static RAM (SRAM), synchronous dynamic RAM (SDRAM), etc.)) or a non-volatile memory, for example, At least one of OTPROM (one time programmable ROM), PROM (programmable ROM), EPROM (erasable and programmable ROM), EEPROM (electrically erasable and programmable ROM), mask ROM, flash ROM, NAND flash memory, NOR flash memory, etc.) Can include. According to an embodiment, the internal memory 222 may take the form of a solid state drive (SSD). External memory 224 is a flash drive, for example, CF (compact flash), SD (secure digital), Micro-SD (micro secure digital), Mini-SD (mini secure digital), xD (extreme digital) or MemoryStick, etc. It may contain more.

The communication module 230 may include a wireless communication module 231 or an RF module 234. The communication module 230 may be, for example, the communication module 160 shown in FIG. 1. The wireless communication module 231 may include, for example, a WiFi module 233, a BT (bluetooth) module 235, a GPS receiving module 237, or a near field communication (NFC) module 239. For example, the wireless communication module 231 may provide a wireless communication function using a radio frequency. Additionally or alternatively, the wireless communication module 231 connects the hardware 200 to a network (eg, Internet, local area network (LAN), wire area network (WAN), telecommunication network, cellular network, satellite network, or plain old telephone service (POTS)). ) And may include a network interface (eg, LAN card) or modem. The NFC module 233 may include a connection terminal for connection with an NFC antenna.

The RF module 234 may transmit and receive data, for example, transmit and receive an RF signal or a called electronic signal. Although not shown, the RF module 234 may include, for example, a transceiver, a power amp module (PAM), a frequency filter, or a low noise amplifier (LNA). In addition, the RF module 234 may further include a component for transmitting and receiving electromagnetic waves in free space in wireless communication, for example, a conductor or a conducting wire.

The sensor module 240 is, for example, a gesture sensor 240A, a gyro sensor 240B, an atmospheric pressure sensor 240C, a magnetic sensor 240D, an acceleration sensor 240E, a grip sensor 240F, a proximity sensor 240G, an RGB (red, green, blue) sensor 240H, a biometric sensor. It may include at least one of 240I, a temperature/humidity sensor 240J, an illuminance sensor 240K, or an ultra violet (UV) sensor 240M. The sensor module 240 may measure a physical quantity or detect an operation state of an electronic device, and convert the measured or detected information into an electric signal. Additionally/alternatively, the sensor module 240 includes, for example, an olfactory sensor (E-nose sensor, not shown), an EMG sensor (electromyography sensor, not shown), an EEG sensor (electroencephalogram sensor, not shown), and an ECG sensor (electrocardiogram). sensor, not shown) or a fingerprint sensor. The sensor module 240 may further include a control circuit for controlling at least one or more sensors included therein.

The user input module 250 may include a touch panel 252, a (digital) pen sensor 254, a key 256, or an ultrasonic input device 258. The user input module 250 may be, for example, the user input module 140 shown in FIG. 1. The touch panel 252 may recognize a touch input in at least one of, for example, a capacitive type, a pressure sensitive type, an infrared type, or an ultrasonic type. In addition, the touch panel 252 may further include a controller (not shown). In the case of capacitive type, not only direct touch but also indirect touch can be recognized. The "direct touch method" may mean a method in which a conductive object (eg, a finger or a stylus pen) directly contacts the touch screen. According to some embodiments, the "indirect touch method" means that a conductive object (eg, a gloved finger) surrounded by a non-conductive object is adjacent to the touch screen or a non-conductive object (eg, a finger is worn). Glove) may refer to a method of contacting the touch screen. According to some embodiments, the "indirect touch method" refers to a method in which a finger touches a non-conductive object while a non-conductive object (eg, a cover for protecting the touch screen) is in contact with the touch screen. It could mean. According to some embodiments, the "indirect touch method" refers to a method of generating an event by adjoining the touch screen within a preset distance without a finger contacting the touch screen, commonly referred to as "hovering". It could mean. The touch panel 252 may further include a tactile layer. In this case, the touch panel 252 may provide a tactile reaction to the user. The touch panel 252 may be installed on a screen (ie, a touch screen) of the display module 260. For example, the touch panel 252 may be implemented as an add-on type positioned on the touch screen or an on-cell type or an in-cell type inserted into the display module 260. have.

The (digital) pen sensor 254 may be implemented using, for example, the same or similar method as receiving a user's touch input or a separate sheet for recognition. As the key 256, a keypad or a touch key may be used, for example. The ultrasonic input device 258 is a device that can check data by detecting sound waves with a microphone (eg, a microphone 288) in a terminal through a pen that generates an ultrasonic signal, and is capable of wireless recognition. According to some embodiments, the hardware 200 may receive a user input from an external device (eg, a network, a computer, or a server) connected thereto by using the communication module 230.

The display module 260 may include a panel 262 or a hologram 264. The display module 260 may be, for example, the display module 150 shown in FIG. 1. The panel 262 may be, for example, a liquid-crystal display (LCD) or an active-matrix organic light-emitting diode (AM-OLED). The panel 262 may be implemented, for example, to be flexible, transparent or wearable. The panel 262 may be configured with the touch panel 252 as a single module. The hologram 264 can show a three-dimensional image in the air using interference of light. According to an embodiment, the display module 260 may further include a control circuit for controlling the panel 262 or the hologram 264.

The interface 270 may include, for example, a high-definition multimedia interface (HDMI) 272, a universal serial bus (USB) 274, a projector 276, or a D-subminiature (D-sub) 278. Additionally or alternatively, the interface 270 may include, for example, a secure digital (SD)/multi-media card (MMC) (not shown) or an infrared data association (IrDA) (not shown).

The audio codec 280 can convert voice and electric signals bidirectionally. The audio codec 280 may convert voice information input or output through, for example, a speaker 282, a receiver 284, an earphone 286, or a microphone 288.

The camera module 291 is a device capable of capturing images and moving pictures, and according to an embodiment, one or more image sensors (eg, a front lens or a rear lens), an image signal processor (ISP), or a flash LED (flash LED), (Not shown) may be included.

The power management module 295 can manage power of the hardware 200. Although not shown, the power management module 295 may include, for example, a power management integrated circuit (PMIC), a charger integrated circuit (IC), or a battery fuel gauge.

The PMIC can be mounted in an integrated circuit or SoC semiconductor, for example. Charging methods can be divided into wired and wireless. The charger IC can charge the battery and prevent overvoltage or overcurrent from flowing from the charger. According to an embodiment, the charger IC may include a charger IC for at least one of a wired charging method or a wireless charging method. The wireless charging method includes, for example, a magnetic resonance method, a magnetic induction method, or an electromagnetic wave method, and additional circuits for wireless charging, such as a coil loop, a resonance circuit, and a rectifier, may be added. have.

The battery gauge may measure, for example, the remaining amount of the battery 296, voltage, current, or temperature during charging. The battery 296 may generate electricity to supply power, and may be, for example, a rechargeable battery.

The indicator 297 may display a specific state of the hardware 200 or a portion thereof (eg, the AP 211), for example, a boot state, a message state, or a charging state. Motor 298 may convert electrical signals into mechanical vibrations. The MCU 299 can control the sensor module 240.

Although not shown, the hardware 200 may include a processing device (eg, a GPU) for supporting mobile TV. A processing device for supporting mobile TV may process media data according to standards such as digital multimedia broadcasting (DMB), digital video broadcasting (DVB), or media flow. Each of the aforementioned components of the hardware according to the present disclosure may be composed of one or more components, and the name of the corresponding component may vary depending on the type of electronic device. The hardware according to the present disclosure may be configured to include at least one of the above-described components, and some components may be omitted or additional other components may be further included. In addition, some of the components of the hardware according to the present disclosure are combined to form a single entity, so that functions of the corresponding components before the combination can be performed in the same manner.

The term "module" used in the present disclosure may mean, for example, a unit including one of hardware, software, or firmware, or a combination of two or more. “Module” may be used interchangeably with terms such as unit, logic, logical block, component, or circuit. The "module" may be a minimum unit or a part of an integrally configured component. The "module" may be a minimum unit or a part of one or more functions. The "module" can be implemented mechanically or electronically. For example, the "module" according to the present disclosure is known or will be developed in the future, application-specific integrated circuit (ASIC) chips, field-programmable gate arrays (FPGAs) or programmable logic devices that perform certain operations. logic device).

3 is a block diagram of a programming module 300 according to various embodiments of the present disclosure.

Referring to FIG. 3, the programming module 300 may be included (eg, stored) in the electronic device 100 (eg, memory 130) illustrated in FIG. 1. At least a portion of the programming module 300 may be composed of software, firmware, hardware, or a combination of at least two or more of them. The programming module 300 is implemented in hardware (eg, hardware 200) to provide an operating system (OS) that controls resources related to an electronic device (eg, electronic device 100) or various applications (eg, application 370) running on the operating system. Can include. For example, the operating system may be Android, iOS, Windows, Symbian, Tizen, or Bada. Referring to FIG. 3, the programming module 300 may include a kernel 310, a middleware 330, an application programming interface (API) 360, or an application 370.

The kernel 310 (eg, the kernel 131) may include a system resource manager 311 or a device driver 312. The system resource manager 311 may include, for example, a process management unit 313, a memory management unit 315, a file system management unit 317, or the like. The system resource manager 311 may control, allocate, or recover system resources. The device driver 312 may include, for example, a display driver 314, a camera driver 316, a Bluetooth driver 318, a shared memory driver 320, a USB driver 322, a keypad driver 324, a WiFi driver 326, or an audio driver 328. In addition, according to an embodiment, the device driver 312 may include an IPC (inter-process communication, not shown) driver.

The middleware 330 may include a plurality of modules implemented in advance to provide functions commonly required by the application 370. In addition, the middleware 330 may provide a function through API 360 so that the application 370 can efficiently use limited system resources inside the electronic device. For example, as shown in FIG. 3, the middleware 330 (eg, middleware 132) is a runtime library 335, an application manager 341, a window manager 342, a multimedia manager 343, and a resource. Resource manager 344, power manager 345, database manager 346, package manager 347, connectivity manager 348, notification manager 349, location manager 350 , At least one of a graphic manager 351 and a security manager 352 may be included.

The runtime library 335 may include, for example, a library module used by a compiler to add a new function through a programming language while the application 370 is being executed. According to an embodiment, the runtime library 335 may perform input/output, memory management, or functions for arithmetic functions.

The application manager 341 may manage, for example, a life cycle of at least one application among the applications 370. The window manager 342 may manage GUI resources used on the screen. The multimedia manager 343 may grasp a format required for reproduction of various media files, and may perform encoding or decoding of a media file using a codec suitable for the corresponding format. The resource manager 344 may manage resources such as source code, memory, or storage space of at least one of the applications 370.

The power manager 345 may operate together with a basic input/output system (BIOS) to manage a battery or power supply, and provide power information necessary for operation. The database manager 346 may manage to create, search, or change a database to be used by at least one of the applications 370. The package manager 347 may manage installation or update of an application distributed in the form of a package file.

The connection manager 348 may manage a wireless connection such as WiFi or Bluetooth. The notification manager 349 may display or notify an event such as an arrival message, an appointment, and a proximity notification in a manner that does not interfere with the user. The location manager 350 may manage location information of an electronic device. The graphic manager 351 may manage a graphic effect to be provided to a user or a user interface related thereto. The security manager 352 may provide all security functions necessary for system security or user authentication. According to an embodiment, when the electronic device (eg, the electronic device 100) has a phone function, the middleware 330 further includes a telephony manager (not shown) for managing the voice or video call function of the electronic device. Can include.

The middleware 330 may create and use a new middleware module through a combination of various functions of the aforementioned internal component modules. The middleware 330 may provide a module specialized for each type of operating system in order to provide differentiated functions. In addition, the middleware 330 may dynamically delete some of the existing components or add new components. Accordingly, some of the components described in the embodiments of the present disclosure may be omitted, other components may be further provided, or components having different names performing similar functions may be substituted.

API 360 (eg, API 133) is a set of API programming functions and may be provided in different configurations depending on the operating system. For example, in the case of Android or iOS, for example, one API set may be provided for each platform, and in the case of Tizen, for example, two or more API sets may be provided.

The application 370 (eg, the application 134) may include, for example, a preloaded application or a third party application.

At least a part of the programming module 300 may be implemented as a command stored in a computer-readable storage medium. When an instruction is executed by one or more processors (eg, processor 210), one or more processors may perform a function corresponding to the instruction. The computer-readable storage medium may be, for example, the memory 260. At least a part of the programming module 300 may be implemented (eg, executed) by, for example, the processor 210. At least a portion of the programming module 300 may include, for example, a module, a program, a routine, a set of instructions, and/or a process for performing one or more functions.

Names of components of a programming module (eg, programming module 300) according to the present disclosure may vary depending on the type of operating system. The programming module according to the present disclosure may further include at least one or more of the above-described components, some of which are omitted, or additional other components. Operations performed by the programming module or other components according to the present disclosure may be processed in a sequential, parallel, repetitive or heuristic method, and some operations may be omitted or other operations may be added.

4 shows an arrangement of a configuration according to an embodiment of the present disclosure.

Referring to FIG. 4, certain private applications 410 may request access to system resources or application resources in hardware 420 (eg, trusted storage) of the trusted environment from the trusted environment. Here, the application resource may mean, for example, a key (eg, a security key), sensitive data, or access to a certain place. System resources may refer to memory, processor, bus, and the like. The hash-based application access control 440 on the trusted platform 430 enables the management of independent access of applications to their resources while maintaining the confidentiality of each application. While achieving a high (hardware level) level of security, no user interaction (password input) is required.

5 illustrates a block diagram of hardware 500 according to an embodiment of the present disclosure.

The hardware 500 may be, for example, the electronic device 100 illustrated in FIG. 1. Referring to FIG. 5, the hardware 500 may include a first memory 510, a second memory 520, a third memory 530, and a processor 540.

The first memory 510 may be logically or physically set by the processor 540 into an untrusted environment 511 (a first region) and a trusted environment 512 (a second region). Also, the first memory 510 may be a volatile memory (eg, DRAM).

The second memory 520 may include an access control module 521, an access control table 522, and applications 523_1 to 523_N. The second memory 520 may be a nonvolatile memory (eg, flash memory).

The third memory 530 may include a secret key (eg, secret key 531). The third memory 520 may be a nonvolatile memory (eg, ROM). In FIG. 5, the third memory 530 is shown as a separate component from the processor 500, but according to some embodiments, the third memory 530 may be entirely or partially included in the processor 500.

The processor 510 may be an application processor 211 shown in FIG. 2. When power from the battery is supplied to the processor 510, the booting program is loaded from the second memory 520 (or the third memory 530) to the first memory 510. The processor 540 may access the boot program loaded into the first memory 510, decrypt the command, and execute functions (eg, environment classification, operating system loading operation) according to the decryption result. The processor 540 classifies all or part of the first memory 510 into an untrusted environment 511 and a trusted environment 512, and loads the operating system from the second memory 520 (or third memory 530) into the trusted environment 512 of the first memory 510. have. The processor 540 may access the operating system loaded into the first memory 510 and execute its functions (eg, an access control module and a table loading operation). The processor 540 may load the access control module 521 and the secret key 530 into the trusted environment 512. According to some embodiments, the secret key 531 may not be loaded into the trusted environment 512. In addition, the processor 540 may load the access control table 522 (eg, the access control table 612) into the untrusted environment 511, and at least one of the applications 523_1 to 523_N may be loaded into the untrusted environment 511. According to some embodiments, the access control table 522 (eg, the access control table 722 shown in FIG. 7) may be loaded into the trusted environment 512. The processor 540 may access the access control module 521 and execute its function.

According to another embodiment, the electronic device includes a volatile memory (first memory 510), a nonvolatile storage device (eg, second memory 520), a hardware storage device (eg, third memory 530), and a processor, and the processor Is, the volatile memory is set to a first area (eg, untrusted environment 511) and a second area (eg, trusted environment 512), and in the second area, first information fetched from the hardware storage device (eg: Temporarily store the secret key). Second information (e.g., additional files, static content, application code, UI strings), animation instructions, application data, contact information in the second area (contact), image, password, text, video, content) is temporarily stored, and by recognizing an access request for the second information of the application program temporarily stored in the first area, the second area It may be configured to perform authentication using at least a part of the application program in software. The processor may be configured to map at least some data of the application program to data of a fixed length for the authentication. The processor may be configured to compare and authenticate a first hash value generated using at least a part of the application program and a second hash value that has already been calculated. The processor may be configured to obtain the second hash value by using the first information. The processor may be configured to generate the first hash value by using the application code and/or static data. The processor may be configured to temporarily retrieve data including the second hash value from the nonvolatile storage device to the second area. The processor may be configured to perform the authentication using the identification information of the application. The processor may be configured to perform the authentication using data that encrypts at least a portion of the application stored together and an authentication tag that encrypts the hash value of the data. The processor includes the application program based on the authentication. May be configured to allow access to the second information. The processor sets the volatile memory to a first area and a second area, temporarily stores first information fetched from the hardware storage device in the second area, and temporarily stores an application program in the first area Acquire data representing the application program in the second area by using at least a part of, encrypt data representing the application program in the second area by using the first information, and the encrypted application It may be configured to store data representing a program in the nonvolatile storage device. The processor may be configured to compare data acquired by using at least a part of the application program and a second hash value that has already been calculated. The processor may be configured to encrypt and store identification information of the application program. The processor may be configured to store together data obtained by encrypting at least a portion of the application program in the second area and an authentication tag obtained by encrypting a hash value of the data.

6 is a block diagram of a programming module 600 according to an embodiment of the present disclosure.

Referring to FIG. 6, the programming module 600 may be included (eg, stored) in the electronic device 100 (eg, memory 130) illustrated in FIG. 1. At least a portion of the programming module 600 may be composed of software, firmware, hardware, or a combination of at least two or more of them.

The programming module 600 may include an untrusted environment 610 and a trusted environment 620. The untrusted environment 610 may include applications 611_1 to N and an access control table 612. The trusted environment 620 may include an access control module 621. All functions of the access control module 621 can be executed in the trusted environment 620. The access control module 621 may be one of hardware, software, or firmware, or a combination of two or more.

The applications 611_1 to N may be components of the application 370 shown in FIG. 3, for example. Each of the applications 611_1 to N may request access to a resource from the access control module 621. Each of the applications 611_1 to N may include application code, static data, and dynamic data. When the application is, for example, an address book application (contact 378), static data may be a background image and contacts, and dynamic data may be a number numbered for each contact. The access control table 612 may include records corresponding to applications 611_1 to N, respectively. These records can be encrypted.

When an application (eg, application 611_1) requests registration, the access control module 621 may calculate a hash value and identification information (ID) of the application. The access control module 621 may check whether a record corresponding to the calculated hash value and identification information exists in the access control table 612. If there is no test result, the access control module 621 may put the calculated hash value and identification information into the access control table 612 as a new record. This means successful registration for the application. Additionally, the access control module 621 may generate an application token and provide it to a corresponding application. If the hash value and ID of the application are already in the access control table 612, since the application is already registered, the access control module 621 may reject the request for registration. Additionally, the access control module 621 may perform an operation of outputting a registration rejection message to the user. Here, the output may include at least one of visual feedback of the display module, auditory feedback using a speaker, and tactile feedback using a motor.

The application (eg, application 611_1) may request access to certain resources (key, data, access to some place or other resource) from the access control module 621. In response to this request, the access control module 621 may calculate a hash value and ID of the application. The access control module 621 can calculate the hash in several ways. For example, the access control module 621 obtains part or all of the binary path of the application from the operating system (eg, the operating system of the trusted environment 620 or the operating system of the untrusted environment 610), and hashing the obtained binary. Value can be calculated. Alternatively, the access control module 621 may calculate a hash for a part or all of the code of the application in memory (eg, a secure storage managed by the trusted environment 620 or a general storage managed by the untrusted environment 610).

The access control module 621 may obtain part or all of the binary path of the application from the operating system and calculate an ID using the obtained binary. Additionally or alternatively, the access control module 621 may calculate the ID by using the name of the application stored in the memory. Alternatively, the access control module 621 may generate an ID using various information (eg, application name, operating system name, version information, etc.) of an application stored in the memory. Alternatively, the access control module 621 may set at least one of various information of an application stored in the memory as an application ID.

The access control module 621 may allow access because if the record corresponding to the "calculated hash value and ID" is in the access control table 612, authentication of the application has been successful. Accordingly, the application can access resources and perform tasks (eg, reading data, writing data, changing data, using hardware, accessing other applications, etc.).

If the corresponding record is not in the access control table 612, the access control module 621 may prohibit access because authentication of the application has failed. Additionally, when authentication fails, the access control module 621 may perform an operation of outputting a warning message to the user. Here, the output may include at least one of visual feedback of the display module, auditory feedback using a speaker, and tactile feedback using a motor.

According to an embodiment, when authentication fails, the access control module 621 may generate and log an "application upgrade" event. Application upgrade can request user approval. When the application upgrade is approved by the user, the access control module 621 upgrades the application, calculates the ID and hash value of the upgraded application, and stores the corresponding record in the access control table 612 as "calculated ID and hash value". I can update. Thereafter, when the upgraded application requests access, the access control module 621 may allow access.

The access control table 612 may be stored in the untrusted environment 610. In this case, each record of the access control table 612 may be encrypted by an authenticated encryption method. As the encryption method, "AES (Advanced Encryption Standard)-GCM (Galois Counter Mode; for example, the process shown in FIG. 8)" may be used, or other means may be used. Encryption of records in a table may be performed in a trusted environment 620. For example, the access control module 621 may encrypt a record and register it in the access control table 612. The decryption of encrypted records can also be performed in the trusted environment 620. For example, the access control module 621 reads the access control table 612 from the untrusted environment 610, and uses a decryption key (eg, a secret trusted environment key) to read the records of the access control table. Can be deciphered. The access control module 621 may compare the decrypted records with a hash value and ID of an application, respectively, and determine whether a record corresponding to the hash value and the ID exists in the access control table.

The "authenticated encryption process" operating in the trusted environment 620 may guarantee confidentiality of the access control table 612. Also, the "authenticated encryption process" can guarantee the detection of an integrity violation in the access control table 612. This guarantee means that it is impossible (computationally) to tamper with any record in the access control table 612, and that any unauthorized change of the access control table 612 can be detected by the access control module 621. Guaranteeing the detection of an integrity violation in the access control table 612 means guaranteeing correct access control decisions.

According to some embodiments, the "application requesting access to resources" to the access control module 621 may be an application operating in the trusted environment 620.

According to some embodiments, a resource requiring access approval may be a resource included in the trusted environment 620. These resources may include at least one of system resources (eg, memory, processor, bus, etc.) and application resources (eg, keys, data, other applications, etc.).

7 is a block diagram of a programming module 700 according to an embodiment of the present disclosure.

Referring to FIG. 7, the programming module 700 may be included (eg, stored) in the electronic device 100 (eg, memory 130) illustrated in FIG. 1. The programming module 700 may include an untrusted environment 710 and a trusted environment 720. The unreliable environment 710 may include applications 711_1 to N. The trusted environment 720 may include an access control module 721 and an access control table 722. In this way, when the access control table 722 is included in the secure trusted environment 720, each record of the access control table 722 may not be encrypted.

8 is a diagram for describing an example of a hash value calculation process.

Referring to FIG. 8, the access control module (eg, access control module 621) may read all or part of the application 810 (eg, code and static data). The access control module may calculate a hash value 830 of all or part of the read application 810 by using the designated hash function 820. For example, if the size of all or part of the read application 810 is 1 GB, and the hash function 820 is SHA (Secure Hash Algorithm)-256, the size of the hash value 830 is 256 bits.

9 illustrates access control tables according to an embodiment of the present disclosure.

Referring to FIG. 9A, records 910_1 to 910_N in the access control table 910 may each include an encrypted "application ID (App_ID)" and an encrypted "application hash value (App_Hash)". The application ID may be configured from at least one of the full binary path and name of the application. Of course, it can be configured in other ways. The integrity of each record is guaranteed by the "authenticated encryption process", and the integrity of the entire table can also be guaranteed.

According to some embodiments, the hash value in the record may be included in a trusted environment (eg, trusted environment 620 or 720) by some means (eg, access control module 621, MAC, etc.). Other values (eg, application ID) in the record may be included in an untrusted environment (eg, untrusted environment 610 or 710). The access control table 910 may be included in an untrusted environment (eg, an untrusted environment 610). Alternatively, the access control table 910 may be included in a trusted environment (eg, a trusted environment 722).

9(b), records 920_1 to 920_N in the access control table 920 are, respectively, an encrypted "application hash value (App_Hash)", an encrypted "application-related resource (App_Asset)", and a corresponding application It may include authentication information (Auth _k ) for verifying whether or not to tamper with. The authentication information (Auth _k ) may be generated using a corresponding application or information related thereto. The access control table 920 may be included in an untrusted environment (eg, an untrusted environment 610). Alternatively, the access control table 920 may be included in a trusted environment (eg, a trusted environment 722).

9(c), records 930_1 to 930_N in the access control table 930 are, respectively, encrypted authentication information (App_Auth_Info), encrypted “application ID (App_ID)”, and encrypted “application data (Data )" and an authentication tag (Auth_Tag _K ). The access control table 930 may be included in an untrusted environment (eg, an untrusted environment 610). Alternatively, the access control table 930 may be included in a trusted environment (eg, a trusted environment 722).

10 is a flowchart illustrating an application registration method according to an embodiment of the present disclosure.

Referring to FIG. 10, in operation 1010, the processor 120 of the electronic device (eg, the electronic device 100) may recognize a request for registration of an application. In response to the registration request, in operation 1020, the processor 120 may calculate a hash and an ID of the application. In operation 1030, the processor 120 may determine whether a record corresponding to the calculated values (eg, App1_ID, App1_hash) exists in the access control table. If the corresponding record does not exist in the access control table, in operation 1040, the processor 120 may register the calculated values in the access control table. If the corresponding record exists in the access control table, in operation 1050, the processor 120 may reject the request for registration.

11 is a flowchart illustrating a method of registering an application according to another embodiment of the present disclosure.

Referring to FIG. 11, in operation 1110, a processor 110 of an electronic device (eg, electronic device 100) may recognize a request for registration of an application. In response to the registration request, in operation 1120, the processor 120 may calculate a hash and an ID of the application. In operation 1130, the processor 120 may decode each record of the access control table. In operation 1140, the processor 120 may determine whether a record corresponding to the calculated values (eg, App1_ID, App1_hash) exists in the access control table. If the corresponding record does not exist in the access control table, in operation 1150, the processor 120 may encrypt the calculated values. In operation 1160, the processor 120 may register encrypted values in the access control table as a record for a corresponding application. If the corresponding record exists in the access control table, in operation 1170, the processor 120 may reject the request for registration.

12 is a flowchart illustrating an application authentication method according to an embodiment of the present disclosure.

Referring to FIG. 12, in operation 1210, the processor 120 may recognize an application access request for a resource. In response to the access request, in operation 1220, the processor 120 may calculate the hash and ID of the application. In operation 1230, the processor 120 may determine whether a record corresponding to the calculated values (eg, App1_ID, App1_hash) exists in the access control table. If the corresponding record exists in the access control table, in operation 1240, the processor 120 may allow access. If the corresponding record does not exist in the access control table, in operation 1250, the processor 120 may warn of security.

13 is a flowchart illustrating an application authentication method according to another embodiment of the present disclosure.

Referring to FIG. 13, in operation 1310, the processor 120 may recognize an application access request for a resource. In response to the access request, in operation 1320, the processor 120 may calculate a hash and an ID of the application. In operation 1330, the processor 120 may decode each record of the access control table. In operation 1340, the processor 120 may determine whether a record corresponding to the calculated values (eg, App1_ID, App1_hash) exists in the access control table. If the corresponding record exists in the access control table, in operation 1350, the processor 120 may allow access. If the corresponding record does not exist in the access control table, in operation 1360, the processor 120 may warn of security.

14 is a diagram for describing an application registration and authentication method according to an embodiment of the present disclosure.

Referring to FIG. 14, the access control module (eg, the access control module 521) may read all or part of the application 1410, eg, data 1411. The access control module may encrypt 1413 the data 1411 using the secret key 1412. The access control module may store the encrypted data 1414 as a record of the application 1410 in the memory 1415.

The access control module may obtain a hash value of data 1411 by using the designated hash function 1416 and encrypt the hash value by using the secret key 1412 (1417). The access control module may store the encrypted hash value (authentication tag 1418) as a record of the application 1410 in the memory 1415.

The access control module may check whether the application is tampered with by using the authentication tag 1418. Specifically, the access control module may read the encrypted data 1414 from the memory 1415 and decrypt (1419) using the secret key 1412. In addition, the access control module may read the authentication tag 1418 from the memory 1415 and decrypt 1420 using the secret key 1412. As is well known, encryption and decryption methods include a symmetric key method and an asymmetric key method. If the data 1411 and the hash value are encrypted using an asymmetric key method, the encrypted data 1414 and the authentication tag 1418 may be decrypted with a specific decryption key instead of the secret key 1412.

The access control module may calculate a hash value of the decrypted data 1421 using the hash function 1416. The access control module may compare the calculated hash value with the decrypted authentication tag 1418 to determine whether they are the same (1422). If they are the same, the access control module may recognize that the decoded data 1421 is normal. If they are not the same, the access control module may recognize that the decoded data 1421 has been modulated.

According to another embodiment, a method of authenticating through an electronic device includes a first area (eg, an untrusted environment) and a second area (eg, a trusted environment) of the volatile memory by a processor of an electronic device including a volatile memory. The second area (eg, a trusted environment) is an operation that has more security than the first area, and the first information (eg, the second area) fetched from hardware or firmware in the second area by the processor : Temporarily storing a secret key), by the processor, second information (e.g., additional files, static content), application code (code), UI string ( user interface strings), animation instructions, application data, contacts, images, passwords, text, video, and content) temporarily stored in the first area by the processor Recognizing a request for access to the second information of the temporarily stored application program, and authenticating by the processor using at least a part of the application program in the second area. The authenticating operation may include mapping at least some data of the application program to data of a fixed length. The authenticating operation may include an operation of comparing and authenticating a first hash value generated using at least a part of the application program and a second hash value that has already been calculated. The authenticating operation may include obtaining the second hash value by using the first information. The operation of generating the first hash value of the application program may include an operation of generating using the code and/or static data of the application program. The authenticating operation may include an operation of temporarily fetching data including the second hash value from a nonvolatile storage device to the second area. The authentication operation may include an operation of using identification information of the application. The authenticating operation may include using data obtained by encrypting at least a portion of the application program and an authentication tag obtained by encrypting a hash value of the data. Based on the authentication operation, an operation of allowing access to the second information of the application program may be included.

According to another embodiment, in a method of registering through an electronic device, by a processor of an electronic device including a volatile memory, the volatile memory is assigned to a first area (eg, an unreliable environment) and a second area (eg, a trusted environment). The second area is an operation with more enhanced security than the first area, and the processor temporarily stores first information (eg, a secret key) fetched from hardware or firmware in the second area. Storing, by the processor, acquiring data representing the application program in the second area using at least a part of the application program temporarily stored in the first area, using the first information Thereby encrypting data representing the application program in the second area; The operation of storing data representing the encrypted application program in a nonvolatile storage device of the electronic device may be included. The operation of obtaining data representing the application program may include mapping at least some data of the application program to data of a fixed length. In addition, the operation of comparing data representing the application program acquired by using at least a part of the application program and an already calculated second hash value may be further included. The comparing operation may include obtaining the second hash value by using the first information. The comparing operation may include an operation of temporarily fetching data including the second hash value from the nonvolatile storage device to the second area. The operation of obtaining data representing the application program may include an operation of generating data representing the application program by using the code and/or static data of the application program. The storing operation may include an operation of encrypting and storing identification information of the application program. The storing operation may include storing data obtained by encrypting at least a portion of the application program and an authentication tag obtained by encrypting a hash value of the data in the second area.

The method according to the present disclosure as described above may be implemented as program instructions that can be executed through various computers and recorded in a computer-readable recording medium. Here, the recording medium may include program commands, data files, and data structures. In addition, the program instructions may be specially designed and configured for the present disclosure, or may be known and usable to those skilled in computer software. In addition, the recording medium includes magnetic media such as hard disks, floppy disks, and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic-optical disks such as floptical disks. Hardware such as Magneto-Optical Media, ROM, RAM, and flash memory may be included. In addition, the program instructions may include not only machine language codes generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.

In addition, the embodiments disclosed in the present specification and the drawings are merely provided with specific examples for easy explanation and understanding of the contents of the present disclosure, and are not intended to limit the scope of the present disclosure. Therefore, the scope of the present disclosure should be construed that all changes or modified forms derived based on the technical idea of the present disclosure in addition to the embodiments disclosed herein are included in the scope of the present disclosure.

100, 102, 104: electronic device 110: bus
120: processor 130: memory
131, 310: kernel 132, 330: middleware
133, 360: Application programming interface (API)
134, 370: application 140: user input module
150: display module 160: communication module
162: network 164: server
200: hardware 210: processor
211: application processor (AP)
213: Communication Processor (CP)
214: SIM card 220: memory
222: internal memory 224: external memory
230: communication module 231: wireless communication module
233: Wi-Fi 234: RF module
235: BT 237: GPS
239: NFC 240: sensor module
240A: gesture sensor 240B: gyro sensor
240C: barometric pressure sensor 240D: magnetic sensor
240E: acceleration sensor 240F: grip sensor
240G: proximity sensor 240H: RGB sensor
240I: biometric sensor 240J: temperature/humidity sensor
240K: illuminance sensor 240M: UV sensor
250: user module 252: touch panel
254: pen sensor 256: key
258: ultra sonic 260: display module
262: panel 264: hologram
270: interface 272: HDMI
274: USB 276: projector
278: D-SUB 280: Audio codec
282: speaker 284: receiver
286: earphone 288: microphone
291: camera module 295: power management module
296: battery 297: indicator
298: motor 300: programming module
311: System Resource Manager 312: Device Driver
335: runtime library 341: application manager
342: window manager 343: multimedia manager
344: resource manager 345: power manager
346: database manager 347: package manager
348: connection manager 349: notification manager
350: location manager 351: graphic manager
352: Security Manager 371: Home
372: Dialer 373: SMS/MMS
374: IM 375: Browser
376: camera 377: alarm
378: contact 379: voice dial
380: Email 381: Calendar
382: Media Player 383: Album
384: clock

Claims (53)

In the method of controlling access in an electronic device,
Recognizing, by a processor of the electronic device, an access request for a resource from an application included in a first area of the memory;
In response to the access request, calculating, by the processor, a hash value of the application by executing an access control module included in the second area of the memory;
Determining, by the processor, whether a record corresponding to the hash value and the identification information of the application exists in a memory by executing the access control module; And
And allowing, by the processor, access to the resource when the corresponding record exists in the memory,
The determining operation is,
Decrypting the encrypted record stored in the first area with a designated key included in the second area; And
Determining whether the decrypted record corresponds to the hash value and the identification information,
The second area is an area requiring authentication of access by the processor. delete The method of claim 1,
The method of the memory is a volatile memory. The method of claim 1,
The operation of allowing access to the resource,
Decrypting the encrypted resources stored in the second area with a designated key included in the second area; And
Including the operation of transferring the resource to the application,
The second area is an area requiring authentication of access by the processor. The method of claim 1,
Encrypting the resource;
Calculating a first hash value of the resource and encrypting it with a designated key; And
Further comprising the operation of storing the encrypted resource and the encrypted first hash value,
The operation of allowing access to the resource,
Calculating a second hash value by decrypting the encrypted resource with the key,
Decrypting the encrypted first hash value with the key,
When the second hash value is the same as the first hash value, including allowing access to the resource,
The key is stored in an area of memory that requires authentication of access by the processor. The method of claim 1,
The operation of calculating the hash value,
And calculating at least one hash value of the binary path of the application, the code of the application, and static data of the application. The method of claim 1,
The identification information,
A method comprising at least one of the binary path of the application and information stored in connection with the application. The method of claim 1,
And outputting a warning message when the corresponding record does not exist in the memory. The method of claim 1,
Recognizing, by the processor, a registration request from a second application;
Calculating a second hash value of the second application in response to the registration request;
Determining whether a record corresponding to the second hash value and the identification information of the second application exists in the memory; And
The method further comprising storing the second hash value and the identification information of the second application when a record corresponding to the second hash value and the identification information of the second application does not exist in the memory. A first memory divided into a first area and a second area;
A second memory for storing an access control table including an application hash value and identification information, and a record for controlling access of the application to resources;
And a processor for loading the access control module into the first area and loading the record into the first area,
The access control module loaded into the first area, by the processor,
In response to a request for access to a resource from the application, calculating a hash value of the application and determining whether a record corresponding to the hash value and identification information of the application exists in the first memory; And when the corresponding record exists in the first memory, it is set to perform an operation of allowing access to the resource,
The operation of the processor to make the determination,
Decrypting the encrypted record stored in the first area with a designated key included in the second area; And
Determining whether the decrypted record corresponds to the hash value and the identification information,
The second area is an area in which access authentication is required. delete The method of claim 10,
The electronic device, wherein the first memory is a volatile memory. The method of claim 10,
The operation of allowing access to the resource,
Decrypting the encrypted resource stored in the first area with a designated key included in the second area; And
Including the operation of transferring the resource to the application,
The second area is an area in which access authentication is required. The method of claim 10,
The processor,
Classify the first memory into a first area and a second area,
Loading a key for decryption stored in a third memory into the second area,
Electronic device. The method of claim 10,
The access control module,
Encrypting the resource;
Calculating a first hash value of the resource and encrypting it with a designated key; And
It is further configured to perform an operation of storing the encrypted resource and the encrypted first hash value,
The operation of allowing access to the resource,
Calculating a second hash value by decrypting the encrypted resource with the key,
Decrypting the encrypted first hash value with the key,
When the second hash value is the same as the first hash value, including allowing access to the resource,
The electronic device, wherein the key is stored in an area in which access authentication is required among areas of the first memory. The method of claim 10,
The operation of calculating the hash value,
And calculating at least one hash value of the binary path of the application, the code of the application, and static data of the application. The method of claim 10,
The identification information,
The electronic device configured from at least one of a binary path of the application and information stored in connection with the application. The method of claim 10,
The access control module,
The electronic device configured to further perform an operation of outputting a warning message when the corresponding record does not exist in the first memory. The method of claim 10,
The access control module,
Recognizing a registration request from the second application;
Calculating a second hash value of the second application in response to the registration request;
Determining whether a record corresponding to the second hash value and the identification information of the second application exists in the first memory; And
If a record corresponding to the second hash value and the identification information of the second application does not exist in the first memory, the second hash value and the identification information of the second application are further configured to be stored, Electronic device. delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete

Images