KR20140117164A - Financial service system and method thereof, and apparatus applied to the same - Google Patents
Financial service system and method thereof, and apparatus applied to the same Download PDFInfo
- Publication number
- KR20140117164A KR20140117164A KR1020130032254A KR20130032254A KR20140117164A KR 20140117164 A KR20140117164 A KR 20140117164A KR 1020130032254 A KR1020130032254 A KR 1020130032254A KR 20130032254 A KR20130032254 A KR 20130032254A KR 20140117164 A KR20140117164 A KR 20140117164A
- Authority
- KR
- South Korea
- Prior art keywords
- function
- execution
- user device
- operating area
- execution restriction
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6281—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Abstract
The present invention discloses a lost processing system and method, and an apparatus applied thereto. That is, it is determined whether the user equipment based on the trust zone (TrustZone) technology requires execution restriction on the function installed in the first operation area, and as a result of the determination, the execution restriction on the function loaded in the first operation area The at least a part of the functions installed in the first operating area in the second operating area can be prevented from being executed irrespective of whether or not the execution request is received so that the isolated execution environment which is not exposed from the security threat and the hardware security Technology, it is possible to prevent illegal use through initialization (routing) of the user device as well as prevention of the risk of leakage of personal information due to loss.
Description
The present invention relates to a method for restricting execution of some of the functions mounted on a user device that receives a lost notification based on TrustZone technology.
In recent years, smartphones have been expanding explosively due to the development of hardware such as application processors and displays, the emergence of mobile operating systems, and the revitalization of the open market.
However, in the case of mobile terminals such as smart phones, the openness of the operating system, the risk of leakage of personal information (eg address book, text messages, financial information, certificates, etc.) due to the open market ecosystem that anyone can develop and participate in, In addition to being able to reproduce security threats on existing PCs, such as terminal malfunctions, excessive charging, and possible attacks on mobile networks, new types of security threats exist in wireless communication environments.
Particularly, when a smartphone is lost, the risk of leakage of personal information out of the above-mentioned security threat elements may be doubled, and further problems such as illegal use through initialization of a smart phone may occur.
Accordingly, there is a need for a security platform technology capable of providing reliability in a mobile environment in order to protect users and network assets from security threats caused by the loss of a smartphone.
SUMMARY OF THE INVENTION The present invention has been made in view of the above circumstances, and an object of the present invention is to determine whether a user equipment based on TrustZone technology is required to perform an execution restriction on a function installed in a first operation area If it is determined that the execution restriction of the function installed in the first operation region is required as a result of the determination, the function of at least a part of the functions installed in the first operation region in the second operation region, By preventing unauthorized use through initialization (routing) of the user device as well as preventing the risk of leakage of personal information due to loss through the combination of isolated execution environment that is not exposed from security threats and hardware security technology .
According to a first aspect of the present invention, there is provided a user apparatus comprising: a determination unit determining whether an execution restriction is required for a function installed in a first operation region; And if it is determined that the execution restriction of the function installed in the first operation region is required as a result of the determination, the function of at least a part of the functions installed in the first operation region in the second operation region, And a control unit for causing the control unit not to execute the program.
More specifically, the control unit verifies an execution request for a function loaded in the first operation region, or determines whether or not to block the execution request, and determines at least a part of functions installed in the first operation region Is not executed.
More specifically, the user device may further include a sensing unit operable to sense that a function mounted on the first operating area is executed in response to the execution request, wherein the determining unit determines, in the sensing unit, When it is detected that the specified specific function is executed, it is determined whether execution restriction is required for the function loaded in the first operation region.
More specifically, the user device further includes an interlocking unit that interlocks with a management apparatus that manages a lost-processing object in a state where a lost-report has been received, and the determination unit determines that the user apparatus is the loss- It is determined that execution restriction on a function mounted on the first operation region is required.
More specifically, the user device may further include a first operating system mounted on the first operating area and a second operating system mounted on the second operating area, and the first operating system may be mounted on the first operating area, Wherein the second operating system comprises an API for supporting the execution of a function installed in the second operating area, (Application Programmer Interface).
More specifically, the specific function designated in connection with the execution restriction includes at least one of a booting function and a security release function.
According to a second aspect of the present invention, there is provided a method of operating a user device, the method comprising: determining whether execution restriction is required for a function installed in a first operating area; And if it is determined that the execution restriction of the function installed in the first operation region is required as a result of the determination, the function of at least a part of the functions installed in the first operation region in the second operation region, And a control step of causing the computer not to execute the program.
More specifically, the controlling step includes the steps of: verifying an execution request for a function loaded in the first operating area, or determining whether to block the execution request; So that the function is not executed.
More specifically, the method may further include a detecting step of detecting, before the determining step, that a function mounted on the first operating area is executed according to the execution request, And determines whether an execution restriction is required for a function loaded in the first operation region when it is detected that a predetermined function previously designated in connection with the execution restriction is executed.
More specifically, the method may further include an interlocking step of interlocking with a management apparatus that manages a loss processing object in a state in which a lost notification has been received prior to the determination step, When it is determined that the device is the object of the loss processing, it is determined that execution restriction on the function loaded in the first operation region is required.
More specifically, the specific function designated in connection with the execution restriction includes at least one of a booting function and a security release function.
According to the lost processing system and method of the present invention, and the apparatus applied thereto, it is possible to determine whether a user device based on TrustZone technology requires execution restriction on a function installed in the first operation area, If it is determined that the execution restriction of the function installed in the first operation region is required as a result of the determination, execution of at least a part of the functions installed in the first operation region in the second operation region The combination of the isolated execution environment that is not exposed from the security threats and the hardware security technology prevents the leakage of personal information due to the loss and prevents illegal use through the initialization (routing) of the user device .
1 is a schematic configuration diagram of a lost processing system according to an embodiment of the present invention;
2 is a configuration diagram of a user apparatus according to an embodiment of the present invention;
FIG. 3 is a block diagram of a user apparatus employing a TrustZone technology according to an embodiment of the present invention. FIG.
FIG. 4 is a schematic flowchart for explaining an operation flow in a loss processing system according to an embodiment of the present invention; FIG.
5 is a schematic flow diagram illustrating operation of a user device according to an embodiment of the present invention;
Hereinafter, an embodiment of the present invention will be described with reference to the accompanying drawings.
1 is a diagram illustrating a lost processing system according to an embodiment of the present invention.
1, the loss processing system according to an embodiment of the present invention includes a
Herein, the
The
Meanwhile, according to one embodiment of the present invention, a hardware security solution is adopted as a security platform technology for providing high security from a security threat component due to loss of the
In this regard, there are UICC (Universal Integrated Circuit Card), Mobile TPM (Trusted Platform Module), and the like as a hardware security solution that provides high security in a mobile terminal such as the
Here, the UICC is a smart card for storing personal information such as messages, e-mail and address book as well as subscriber, network and authentication information in 3G mobile network, and is generally called a 'Universal Subscriber Identity Module (USIM) card'.
The Mobile TPM is a Mobile TPM that enables the TPM (Trusted Platform Module) defined by TCG (Trusted Computing Group), a standardization organization developing business standards for hardware-based trusted computing and security technologies, to be used in mobile terminals as well. Algorithm, and provides user, terminal authentication and terminal integrity verification, and user data protection.
UICC, however, can not satisfy the Trusted Execution Environment (TEE), which defines security hardware and software functions that provide a secure execution environment for security-related applications on mobile terminals due to limited performance processors and low transfer rates.
In addition, in the case of Mobile TPM, it has a disadvantage that cost increase due to the use of a separate chip and application code protection are difficult.
Therefore, in an embodiment of the present invention, a TrustZone technology that provides a hardware isolated environment from security threats, rather than using a separate hardware security chip such as the UICC and the Mobile TPM, I want to apply.
3, the trust zone is divided into a 'Normal World' (hereinafter, referred to as a 'first operating region') and a 'Secure World' (hereinafter referred to as a 'second operating region' The general application provides an execution environment that operates in the first operating area and the application that requires security is operated in the second operating area.
That is, the first operating region and the second operating region are isolated from each other in hardware and operate only by respective operating systems (first operating system and second operating system), and the first operating region is attacked from malicious code The applet and the stored data in the second operating area are ensured to be securely managed and executed from malicious code.
In other words, in the case of the first operating area, security can not be assured against various security threats by operating on a general-purpose operating system (first operating system) disclosed to others, but in the case of the second operating area, (Second operating system), which is not disclosed to a third party differently from the first operating region, in a hardware-isolated environment, and thus various security You will be assured of security from threats.
As described above, in the embodiment of the present invention, the trust zone technique is applied as described above. Hereinafter, a method for restricting execution of some functions among the functions installed in the
The
More specifically, when the
At this time, the
Herein, in the case of inducing the connection of the
The
More specifically, the
At this time, the
Of course, the
That is, referring to FIG. 3, it is determined whether execution restriction is required for a loaded function by executing an application (APP) installed in the first operating area. If it is determined that the application is to be lost , It is determined that the execution restriction on the function installed in the first operation area is required.
In addition, the
More specifically, when it is confirmed that the
At this time, when the execution request for the mounted function is received, the
Here, in the case of the execution request verification, when an execution request for all or some of the mounted functions is received, the user is prompted to input a predetermined password. Only when the password input from the user is confirmed to be valid, Or by allowing execution to occur.
That is, referring to FIG. 3, by executing an applet related to a loss process installed in the second operation region, it is firstly confirmed that an execution request for a function loaded in the first operation region is received, A method of inducing a user to input a password set in advance and verifying an execution request, or blocking a confirmed execution request.
Hereinafter, the configuration of the
That is, the
In addition to the above-described configuration, the
Here, the
The first operating system includes an Open Application Program Interface (API) for supporting the operation of each of the
On the other hand, in the case of the
Here, the second operating system refers to a dedicated operating system that provides an API for supporting only the operation of the
The
More specifically, the
At this time, if the
That is, the
The determining
On the other hand, when a message (e.g., Push, OTA, SMS) for notifying the loss of the lost object is received from the
The
More specifically, when the
At this time, if an execution request for the mounted function is received, the
Here, in the case of the execution request verification, when an execution request for all or some of the mounted functions is received, the user is prompted to input a predetermined password. Only when the password input from the user is confirmed to be valid, Or by allowing execution to occur.
That is, when the determination result of the execution restriction request is received from the
When the execution request received from the first operating area is confirmed, the
In other words, when the
As described above, according to the lost processing system according to the embodiment of the present invention, when the
Hereinafter, an advertisement service method according to an embodiment of the present invention will be described with reference to FIGS. 4 and 5. FIG. Here, for convenience of description, the components shown in FIGS. 1 to 3 will be described with reference to corresponding reference numerals.
First, the operation flow in the lost processing system according to an embodiment of the present invention will be described with reference to FIG.
First, when the
At this time, the
Then, when it is confirmed that the
At this time, when the execution request for all or a part of the installed functions is received, the
Hereinafter, the operation of the
First, when the
At this time, the
The determining
Then, if it is determined that the target function is to be executed and the execution restriction of the mounted function is requested, the
In this case, when a determination result that the execution restriction is requested is received from the
When the execution request received in the first operating area is confirmed, the
As described above, according to the lost processing method according to an embodiment of the present invention, when the
Meanwhile, the steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, or may be embodied in a computer readable medium, in the form of a program instruction, which may be carried out through various computer means. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the medium may be those specially designed and constructed for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
According to the loss processing system and method of the present invention, and the device applied thereto, it is possible to prevent the occurrence of a loss notification based on the trust zone (TrustZone) It is an invention that is industrially applicable because it is beyond the limit of the existing technology, and it is not only the use of the related technology, but also the possibility of commercialization or operation of the applied device is sufficient and practically possible.
100: management device
200: User device
210: determination unit 220:
230: sensing unit 240:
Claims (11)
If it is determined that the execution restriction of the function installed in the first operation region is required as a result of the determination, execution of at least a part of the functions installed in the first operation region in the second operation region And a control unit for controlling the operation of the user device.
Wherein,
A function of at least a part of functions installed in the first operating area is not executed by verifying an execution request for the function loaded in the first operating area or by determining whether to block the execution request. Lt; / RTI >
The user device comprising:
And a sensing unit for sensing that a function mounted on the first operating area is executed according to the execution request,
Wherein,
Wherein the detecting unit determines whether execution restriction is required for a function loaded in the first operating area when it is detected that a predetermined function previously designated in connection with the execution restriction is executed.
The user device comprising:
Further comprising an interlocking unit that interlocks with a management apparatus that manages a lost processing object in a state in which a lost report has been received,
Wherein,
And determines that execution restriction on a function mounted on the first operation area is required when the user apparatus is confirmed to be the loss processing object from the management apparatus.
The user device comprising:
Further comprising a first operating system mounted on the first operating area and a second operating system mounted on the second operating area,
Wherein the first operating system comprises:
A general-purpose operating system that provides an open application program interface (API) for supporting the execution of functions installed in the first operating area,
Wherein the second operating system comprises:
And an application program interface (API) for supporting the execution of a function installed in the second operation area.
The particular function designated in connection with the execution restriction,
A booting function, and a security release function.
If it is determined that the execution restriction of the function installed in the first operation region is required as a result of the determination, execution of at least a part of the functions installed in the first operation region in the second operation region And a control step of controlling the operation of the user device.
Wherein the control step comprises:
A function of at least a part of functions installed in the first operating area is not executed by verifying an execution request for the function loaded in the first operating area or by determining whether to block the execution request. Lt; / RTI >
The method comprises:
Further comprising a detecting step of detecting, before the determining step, that a function mounted on the first operating area is executed in accordance with the execution request,
Wherein,
Wherein if it is detected in the detecting step that a predetermined function previously designated in connection with the execution restriction is detected, it is determined whether execution restriction is required for the function loaded in the first operation region Way.
The method comprises:
Further comprising an interlocking step of interlocking with a management apparatus for managing a loss processing object in a state in which a lost notification has been received,
Wherein,
Wherein the control unit determines that an execution restriction on a function mounted on the first operation area is required when the user apparatus is confirmed to be the object of the loss processing from the management apparatus.
The particular function designated in connection with the execution restriction,
A booting function, and a security release function.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130032254A KR20140117164A (en) | 2013-03-26 | 2013-03-26 | Financial service system and method thereof, and apparatus applied to the same |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020130032254A KR20140117164A (en) | 2013-03-26 | 2013-03-26 | Financial service system and method thereof, and apparatus applied to the same |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20140117164A true KR20140117164A (en) | 2014-10-07 |
Family
ID=51990604
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020130032254A KR20140117164A (en) | 2013-03-26 | 2013-03-26 | Financial service system and method thereof, and apparatus applied to the same |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20140117164A (en) |
-
2013
- 2013-03-26 KR KR1020130032254A patent/KR20140117164A/en not_active Application Discontinuation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9787681B2 (en) | Systems and methods for enforcing access control policies on privileged accesses for mobile devices | |
US9609020B2 (en) | Systems and methods to enforce security policies on the loading, linking, and execution of native code by mobile applications running inside of virtual machines | |
US9773107B2 (en) | Systems and methods for enforcing security in mobile computing | |
Jeon et al. | A practical analysis of smartphone security | |
Rhee et al. | Security requirements of a mobile device management system | |
KR101700552B1 (en) | Context based switching to a secure operating system environment | |
US20130312058A1 (en) | Systems and methods for enhancing mobile security via aspect oriented programming | |
US20140157355A1 (en) | Systems and methods for enhancing mobile device security with a processor trusted zone | |
KR20070099200A (en) | Apparatus for restricting access to application module in mobile wireless device and method of restricting access to application module using the same | |
KR20140074252A (en) | Secure execution of unsecured apps on a device | |
KR101403626B1 (en) | Method of integrated smart terminal security management in cloud computing environment | |
KR20140023606A (en) | Device and method for processing transaction request in processing environment of trust zone | |
KR20160039234A (en) | Systems and methods for enhancing mobile security via aspect oriented programming | |
US20150106871A1 (en) | System and method for controlling access to security engine of mobile terminal | |
KR20140112785A (en) | Financial service system and method thereof, and apparatus applied to the same | |
WO2015138931A1 (en) | Systems and methods for enforcing security in mobile computing | |
Zhao et al. | An overview of mobile devices security issues and countermeasures | |
Gupta et al. | A risk-driven model to minimize the effects of human factors on smart devices | |
EP2884786B1 (en) | Restricting software to authorized wireless environments | |
KR101591503B1 (en) | Method of operating package application including self-defense security module and computer readable medium | |
Jeong et al. | SafeGuard: a behavior based real-time malware detection scheme for mobile multimedia applications in android platform | |
CN111209561B (en) | Application calling method and device of terminal equipment and terminal equipment | |
KR102201218B1 (en) | Access control system and method to security engine of mobile terminal | |
KR20140117164A (en) | Financial service system and method thereof, and apparatus applied to the same | |
KR101775515B1 (en) | Apparatus and method for security check |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |