WO2018001277A1 - 一种系统级芯片和终端 - Google Patents
一种系统级芯片和终端 Download PDFInfo
- Publication number
- WO2018001277A1 WO2018001277A1 PCT/CN2017/090591 CN2017090591W WO2018001277A1 WO 2018001277 A1 WO2018001277 A1 WO 2018001277A1 CN 2017090591 W CN2017090591 W CN 2017090591W WO 2018001277 A1 WO2018001277 A1 WO 2018001277A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- bus interface
- scenario
- security
- soc
- data
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/76—Architectures of general purpose stored program computers
- G06F15/78—Architectures of general purpose stored program computers comprising a single central processing unit
- G06F15/7807—System on chip, i.e. computer system on a single chip; System in package, i.e. computer system on one or more chips in a single package
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/14—Handling requests for interconnection or transfer
- G06F13/20—Handling requests for interconnection or transfer for access to input/output bus
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/40—Bus structure
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/40—Bus structure
- G06F13/4004—Coupling between buses
- G06F13/4022—Coupling between buses using switching circuits, e.g. switching matrix, connection or expansion network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/76—Architectures of general purpose stored program computers
- G06F15/78—Architectures of general purpose stored program computers comprising a single central processing unit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2213/00—Indexing scheme relating to interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F2213/0038—System on Chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/321—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wearable devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/326—Payment applications installed on the mobile devices
Definitions
- the present application relates to the field of information technology, and more particularly, to a system on chip (SOC) and a terminal.
- SOC system on chip
- Mobile payment also known as mobile payment, refers to a service that allows mobile users to use their mobile terminals (usually mobile phones) to pay for goods or services they consume.
- mobile terminals usually mobile phones
- An all-in-one solution is implemented by an embedded Secure Element (eSE).
- the eSE is also called an external security component. It is a combination of a Secure Element (SE) chip on a mobile phone product board to complete financial and other application services.
- SE Secure Element
- the all-terminal solution is that the mobile phone and the Point of Sales (POS) machine perform contactless card swiping, and NFC and SE (pre-bank application and data) work together to complete the payment transaction.
- POS Point of Sales
- the touch screen is the only device that allows users to easily enter passwords or other data.
- the data input by the user to the touch screen is not a truly secure input.
- the input touch points and the data of the screen are theoretically intercepted by malicious applications. To obtain security sensitive data such as the user's bank password.
- the SOC chip and the touch screen are directly connected through an Inter-Integrated Circuit (I2C) or other bus, and the input touch screen data and the displayed position data are firstly on the SOC.
- I2C Inter-Integrated Circuit
- the Application Processor (AP) knows that the security level is low.
- the embodiment of the present application provides a system-level chip and a terminal, which can improve the security of the input.
- a system-on-chip SOC including: a bus interface integrated in the SOC, a secure element SE, and a first component; the bus interface for connecting an input/output I/O device; the SE, For accessing the I/O device through the bus interface, acquiring the first data input by the I/O device, performing security processing on the first data, and controlling the first component in a common scenario.
- the access to the I/O device wherein the security scenario represents a scenario that requires secure input, the common scenario represents a scenario that does not require secure input; the first component is used to control by the SE, in the normal scenario Obtaining the second data input by the I/O device.
- the SE can directly access the bus interface, so that the input data in the security scenario is directly obtained by the SE and does not pass through the first component, thereby improving the security of the input.
- the SE is further configured to control the I/O device to display a data input interface in the security scenario.
- the SE is also used to send the securely processed data to the server.
- the SE displays an interface for inputting a password to the user through the bus interface; the user inputs a password on the interface; the SE acquires the password data input by the user through the bus interface, and encrypts the password data with the PIN key saved in the SE.
- the encrypted data is sent to the verification server of the financial industry for verification, which can improve the security of payment.
- the SE is further configured to determine, according to an application currently accessing the I/O device, that the current application environment is the security scenario or the common scenario.
- the SE is configured to access the I/O device through the bus interface, acquire the second data, and send the second data to the first component in the normal scenario.
- the bus interface is disposed in the SE.
- the bus interface is controlled by system software running in the SE.
- the SE is configured to configure the access mode of the bus interface to be only the SE access in the security scenario, and the access mode of the bus interface is configured to be accessed by the first component in the normal scenario.
- the SE can configure an access mode of the bus interface, and the first component cannot configure an access mode of the bus interface.
- the access mode of the bus interface includes only the SE access and access by the first component.
- the bus interface includes a first bus interface and a second bus interface; the SE is configured to control the second bus interface to connect with the I/O device in the security scenario, and pass the first The second bus interface accesses the I/O device; in the non-secure scenario, the first bus interface is controlled to be connected to the I/O device such that the first component accesses the I/O device through the first bus interface.
- the SOC further includes a multiplexer; the SE is configured to control the multiplexer switch in the security scenario, so that the second bus interface is connected to the I/O device in the common scenario.
- the multiplexer switch is controlled such that the first bus interface is connected to the I/O device.
- the multiplexer is disposed in the SE.
- the second bus interface is disposed in the SE.
- the SE is further configured to send a security indication to the user when determining to enter the security scenario.
- the SE may determine that a security input is required for the application in the SE according to an application that needs to be input, that is, determine to enter the security scenario.
- the SE is specifically configured to control the lighting of the security indicator when determining to enter the security scenario.
- the I/O device includes a data acquisition sensor, a touch screen, or a display.
- the bus interface includes an inter-integrated circuit bus I2C interface or a mobile industry processor interface MIPI.
- the first component comprises an application processor, a processor core in a trusted environment TEE, a digital signal processor, or an application specific integrated circuit.
- the SOC of the embodiment of the present application can achieve SE level security.
- the mobile phone or other mobile terminal open platform adopting the SOC of the embodiment of the present application has the security input capability of the POS machine, in other words, the mobile phone or other mobile terminal device may have the POS function.
- a terminal comprising the SOC of the first aspect or any of the possible implementations of the first aspect, and an I/O device.
- FIG. 1a is an application architecture diagram of an embodiment of the present application.
- FIG. 1b is a schematic block diagram of an SOC of an embodiment of the present application.
- FIG. 2 is a schematic block diagram of an SOC of another embodiment of the present application.
- FIG. 3 is a schematic structural diagram of an SOC according to still another embodiment of the present application.
- FIG. 4 is a schematic structural diagram of an SOC according to still another embodiment of the present application.
- FIG. 5 is a schematic block diagram of a SOC of still another embodiment of the present application.
- FIG. 6a is a schematic structural diagram of a SOC according to still another embodiment of the present application.
- FIG. 6b is a schematic structural diagram of an SOC according to still another embodiment of the present application.
- FIG. 7 is a schematic block diagram of a terminal according to an embodiment of the present application.
- FIG. 8 is a schematic structural diagram of a terminal according to another embodiment of the present application.
- the SOC chip of the embodiment of the present application can be applied to a terminal (for example, a mobile phone) supporting mobile payment for improving the security of input or output of the terminal.
- a terminal for example, a mobile phone
- the Secure Element is a tamper-proof chip that ensures that data is stored in a safe place and that the information is only open to authorized applications and personnel. It is similar to the user's personal and device. Its own identity card. For example, in secure payment, the SE stores the bank's applications and data.
- eSE embedded Secure Element
- eSEs also known as external SEs
- eSE can be more convenient and secure to implement management and control of financial applications in mobile payment products.
- the SE is built in the SOC chip, which is called an integrated secure element (inSE), that is, the SE subsystem is integrated in the SOC instead of the embedded SE (eSE).
- inSE can also be expressed as In-SOC SE.
- the SE may include at least one processor for performing various operations of the SE, such as data access, data processing, control, etc., to implement the corresponding SE in the embodiment of the present application.
- the SE may further include: a memory for storing data or instructions, and the like; and a communication interface for communicating with other components. It should be understood that the above is only a specific implementation form of the SE, which is not limited in this application. That is to say, the SE may also adopt other possible implementation forms that can implement the corresponding functions of the SE in the embodiment of the present application.
- the first component is a processing component other than the SE in the chip, for example, the first component may be an application processor, or a processor running in a Trust Execute Environment (TEE). Core, Digital Signal Processor (DSP), Application Specific Integrated Circuit (ASIC), etc.
- TEE Trust Execute Environment
- DSP Digital Signal Processor
- ASIC Application Specific Integrated Circuit
- FIG. 1a is an application architecture diagram of an embodiment of the present application.
- the SE is integrated in the SOC chip instead of using the eSE.
- the processing elements other than SE in the SOC chip are referred to as first elements.
- the processor and the memory are illustrated in Figure 1a, but this application is not limited thereto. That is, more or fewer components or modules may be included in the SE and the first component, ie the number and type of components or modules therein may be set according to actual needs.
- the bus interface that interfaces with an input/output (I/O) device is set in the SE or controlled by the SE, thereby Can achieve true SE level security.
- I/O input/output
- FIG. 1b shows a schematic block diagram of a SOC 100 in accordance with an embodiment of the present application.
- the SOC 100 includes a bus interface 110, an SE 120, and a first component 130 integrated within the SOC 100.
- the SE 120 is integrated in the SOC 100.
- the tamper-resistant data is stored in the SE 120.
- the SE stores the bank's application and data, such as a Personal Identification Number (PIN) key.
- PIN Personal Identification Number
- the bus interface 110 is used to connect I/O devices.
- the I/O device is a terminal input/output device, for example, the I/O device can be a data acquisition sensor, a touch screen or a display.
- the data acquisition sensor is a sensor having a data acquisition function, and includes a sensor that collects data through an interactive manner such as a body sense, an iris, and an electroencephalogram, such as a touch sensor.
- the touch screen may include a touch sensor and a liquid crystal display (LCD).
- LCD liquid crystal display
- the display may include an LCD, an Organic Light-Emitting Diode (OLED) screen, an electronic ink screen, a Plasma Display Panel (PDP), and the like.
- LCD Organic Light-Emitting Diode
- OLED Organic Light-Emitting Diode
- PDP Plasma Display Panel
- the bus interface 110 can be an I2C interface, a Mobile Industry Processor Interface (MIPI) or other bus interface that can be connected to an I/O device.
- MIPI Mobile Industry Processor Interface
- I/O device and the bus interface 110 is only for the purpose of helping the person skilled in the art to better understand the embodiments of the present application, and does not limit the scope of the embodiments of the present application.
- an I/O device is used as a touch sensor
- a bus interface 110 is an I2C interface as an example.
- the SE 120 is configured to access the I/O device through the bus interface 110 in a security scenario, acquire the first data input by the I/O device, perform security processing on the first data, and control the first component 130 to be in a normal scenario. Access to I/O devices.
- a security scenario indicates a scenario that requires secure input, such as a scenario that requires secure input and display during secure payment; a normal scenario represents a scenario that does not require secure input.
- the SE 120 may determine that the current application environment is a security scenario or a common scenario according to an application that currently accesses the I/O device. For example, an application that needs to input data of the I/O device is an application in the SE 120, and the SE 120 can determine that a security input is required, that is, the current application environment is a security scenario, otherwise it is a normal scenario.
- the SE 120 accesses the I/O device through the bus interface 110 in a security scenario, that is, the SE 120 can directly access the bus interface 110 in a security scenario, thereby accessing the I/O device and acquiring the I/O.
- the first data does not pass through the first component 130, thereby improving the security of the input in a security scenario.
- the SE 120 is further configured to control the I/O device to display a data input interface in a security scenario.
- the SE 120 determines that a security input is required for an application in the SE 120 according to an application that is currently required to be input, and the SE 120 accesses the I/O device through the bus interface 110, and first outputs a display interface to the user; The user inputs the first data according to the display interface; the SE 120 acquires the first data input by the user through the bus interface 110.
- the SE 120 is further configured to perform security processing on the first data, and send the security processed data to the verification server.
- the SE 120 displays an interface for inputting a password to the user through the bus interface 110; the user inputs a password at the interface; the SE 120 acquires the password data input by the user through the bus interface 110, and uses the PIN key saved in the SE 120.
- the password data is encrypted, and the encrypted data is sent to the verification server of the financial industry for verification, which can improve the security of payment.
- operations such as data access, data processing, and control may be implemented by a processor in the SE, and data transmission may be implemented through a communication interface in the SE, but the present application does not limit this. .
- the first component 130 is configured to acquire the second data input by the I/O device in a normal scenario by the control of the SE 120.
- the first component 130 can acquire the second data input by the I/O device under the control of the SE 120.
- the location and connection relationship between the SE 120 and the bus interface 110 may be in various manners. Accordingly, the SE 120 may have multiple control modes, which are separately described below.
- the SE 120 accesses the I/O device through the bus interface 110 in a common scenario, acquires the second data, and sends the second data to the first component 130.
- the SE 120 can directly access the bus interface 110, while the first component 130 cannot directly access the bus interface 110.
- the bus interface 110 is disposed in the SE 120. Since the SE 120 is integrated within the SOC 100, the performance and delay response of the SE 120 can be better.
- the bus interface 110 is placed directly into the integrated SE 120 and is controlled by the SE 120 (e.g., system software running in the SE 120).
- access to the bus interface 110 by the first component 130 is forwarded by the SE 120 for a normal scenario, ie, a scenario that does not require secure input.
- a security scenario that is, a scenario requiring secure input
- the SE 120 no longer forwards data, that is, only the SE 120 can acquire data input by the user through the bus interface 110, thereby improving the security of the input.
- the SE 120 may also send a security indication to the user when determining to enter the security scenario.
- the control lights the security indicator and the user is prompted to enter the security scene by illuminating the security indicator.
- the SE 120 determines that a security input is required for the application in the SE 120 according to the application currently required to be input, that is, determines to enter the security scenario.
- FIG. 3 is an example of a SOC of an embodiment of the present application.
- the I2C interface 310 is disposed in the SE 320.
- the SE 320 corresponds to the foregoing SE 120.
- the SE 320 may specifically include a processor 321 for performing various operations of the SE 320, a memory 322, a General Purpose Input Output (GPIO) 323, etc., and the GPIO 323 is connected securely.
- Indicator light 340 It should be understood that other modules may be included in the SE 320, and the number and types of the modules in the SE 320 may be set according to actual needs, which is not limited in this application.
- the AP 330 corresponds to the front
- the first component 130, the AP 330 may specifically include a processor 331, a memory 332, and the like. It should be understood that other modules may be included in the AP 330, and the number and types of the modules in the AP 330 may be set according to actual needs, which is not limited in this application.
- the I2C interface 310 is connected to the touch sensor 350, and the MIPI 360 is connected to the LCD 370.
- the message and data of the touch sensor 350 are forwarded by the SE 320's Chip Operation System (COS) (for example, by mailbox communication) to the primary AP 330; when the COS system software determines that security input is required
- COS Chip Operation System
- the security indicator 340 is illuminated (or other security indication that can notify the user, the application is not limited to the security indicator)
- the message and data of the touch sensor 350 are no longer forwarded to the primary AP 330 until the user input is completed.
- the I2C interface 310 is set in the SE 320 and the MIPI 360 is not in the SE 320. It should be understood that the MIPI 360 of the docking LCD 370 can also be placed in the SE 320. In other words, the I2C interface 310 and the MIPI 360 can both be disposed in the SE 320, which is not limited in this application.
- the SE 120 configures the access mode of the bus interface 110 to be only the SE 120 access in the security scenario, and configures the access mode of the bus interface 110 to be accessed by the first component 130 in the normal scenario.
- SE 120 can configure the access mode of bus interface 110, while first component 130 cannot configure the access mode of bus interface 110.
- the access mode of the SE 120 configuration bus interface 110 is only SE120 access. In this scenario, only the SE 120 accesses the bus interface 110, the first component 130 cannot access the bus interface 110; when exiting the security scenario, the SE 120 is configured.
- the access mode of the bus interface 110 is accessed by the first component 130, in which case the first component 130 can access the bus interface 110.
- the SE 120 may also send a security indication to the user when determining to enter the security scenario.
- the control lights the security indicator and the user is prompted to enter the security scene by illuminating the security indicator.
- FIG. 4 is another example of a chip of an embodiment of the present application.
- SE 420 configures the access mode of I2C interface 410.
- the SE 420 corresponds to the foregoing SE 120.
- the SE 420 may specifically include a processor 421 for performing various operations of the SE 420, a memory 422, a GPIO 423, etc., and the GPIO 423 is connected to the security indicator 440. It should be understood that other modules may be included in the SE 420, and the number and types of the modules in the SE 420 may be set according to actual needs, which is not limited in this application.
- the AP 430 corresponds to the foregoing first component 130.
- the AP 430 may specifically include a processor 431, a memory 432, and the like. It should be understood that other modules may be included in the AP 430, and the number and types of the modules in the AP 430 may be set according to actual needs, which is not limited in this application.
- the I2C interface 410 is connected to the touch sensor 450, and the MIPI 460 is connected to the LCD 470.
- the SE 420 configures the I2C interface 410 of the docked touch sensor 450 to be SE Access Only, that is, only the processor 421 of the SE 420 can access, and any other processor, such as the processor 431, cannot access.
- the SE 420 can configure the I2C interface 410 to exit the SE Access Only mode.
- the processor of the first component for example, the processor 431, can access the I2C interface 410.
- SE 420 configures the access mode of I2C interface 410, and SE 420 does not configure the access mode of MIPI 460. It should be understood that the SE 420 can also configure the access mode of the MIPI 460. In other words, both the I2C interface 410 and the MIPI 460 can control the access mode by the SE 420, which is not limited in this application.
- the bus interface 110 may include a first bus interface 111 and a second bus interface 112.
- the SE 120 accesses the second bus interface 112.
- the second bus interface 112 can be disposed in the SE 120.
- the first component 130 accesses the first bus interface 111.
- the SE 120 controls the second bus interface 112 to connect with the I/O device in a security scenario, and accesses the I/O device through the second bus interface 112; controls the first bus interface 111 and I in a normal scenario.
- the /O device is connected such that the first component 130 accesses the I/O device through the first bus interface 111.
- the pins of the docking I/O device are internally multiplexed, and the first bus interface 111 and the second bus interface 112 are respectively switched to be connected to the I/O device, wherein the switching is controlled by the SE 120.
- the SE 120 controls the second bus interface 112 to connect with the I/O device in a security scenario, such that the SE 120 accesses the I/O device through the second bus interface 112; the SE 120 controls the first bus interface 111 in a normal scenario.
- the I/O device is connected such that the first component 130 accesses the I/O device through the first bus interface 111.
- switching can be accomplished by multiplexer 140.
- the SE 120 controls the multiplexer 140 to switch in a security scenario such that the second bus interface 112 is connected to the I/O device, such that the SE 120 accesses the I/O device through the second bus interface 112; the SE 120 is in a normal scenario.
- the lower control multiplexer 140 switches such that the first bus interface 111 is connected to the I/O device such that the first component 130 accesses the I/O device through the first bus interface 111.
- the multiplexer 140 can be disposed in the SE 120.
- the SE 120 may also send a security indication to the user when determining to enter the security scenario.
- the control lights the security indicator and the user is prompted to enter the security scene by illuminating the security indicator.
- Figure 6a is another example of a chip of an embodiment of the present application.
- SE 620 controls multiplexer 680 to switch I2C interface 611 and I2C interface 612 to touch sensor 650, respectively.
- the SE 620 corresponds to the foregoing SE 120.
- the SE 620 may specifically include a processor 621 for performing various operations of the SE 620, a memory 622, a GPIO 623, etc., and the GPIO 623 is connected to the security indicator 640.
- the SE 620 can also control the multiplexer 680 via the GPIO 623.
- the SE 620 can also control the multiplexer 680 by other means, such as by controlling the multiplexer 680 via the set register logic.
- the AP 630 corresponds to the foregoing first component 130.
- the AP 630 may specifically include a processor 631, a memory 632, and the like. It should be understood that other modules may be included in the AP 630, and the number and types of the modules in the AP 630 may be set according to actual needs, which is not limited in this application.
- the MIPI 660 is connected to the LCD 670.
- the SE 620 controls the multiplexer 680 to switch to the I2C interface 611 to connect with the touch sensor 650, and the data input by the user is directly sent to the I2C interface 611 for access by the AP 630; when the COS system software determines that it needs to be performed
- the security indicator 640 is illuminated (or other safety indication that can notify the user, the application is not limited to the security indicator), and the control multiplexer 680 is switched to the I2C interface 612 to be connected to the touch sensor 650, and the I2C interface 611
- the data of the touch sensor 650 can no longer be obtained until the user input is completed, and the user clicks OK to turn off the security indicator 640, and then the multiplexer 680 can be controlled to switch to the I2C interface 611 to connect with the touch sensor 650 to continue working.
- MIPI 660 can also be designed with a dual interface and controlled by the SE 620, which is not limited in this application.
- Figure 6b is another example of a chip of an embodiment of the present application.
- multiplexer 680 is placed in SE 620 and is directly controlled by SE 620.
- the specific working process of the chip in FIG. 6b is similar to that of FIG. 6a, and details are not described herein again.
- the SE can directly access the bus interface, so that the input data in the security scenario is directly obtained by the SE, does not pass through the first component, and thus is not intercepted by the malicious application software, thereby being able to High input security.
- the SOC of the embodiment of the present application can achieve SE level security.
- the mobile phone or other mobile terminal open platform adopting the SOC of the embodiment of the present application has the security input capability of the POS machine, in other words, the mobile phone or other mobile terminal device may have the POS function.
- FIG. 7 shows a schematic block diagram of a terminal 700 in accordance with an embodiment of the present application.
- the terminal 700 may include the SOC 100 of the foregoing embodiment of the present application, and the I/O device 710.
- the I/O device 710 may be the I/O device described in the foregoing embodiment of the present application.
- the terminal 700 can support the mobile payment.
- the SOC of the embodiment of the present application can implement the security of the SE level and has the security input capability of the POS machine, that is, can be used as a POS machine.
- the terminal 700 may further include other components not shown in FIG. 7.
- the terminal 700 when the terminal 700 is used as a mobile phone, the terminal 700 may further include a radio frequency (RF) circuit and the like. .
- RF radio frequency
- FIG. 8 shows a schematic structural diagram of a terminal 800 according to an embodiment of the present application.
- terminal 800 can include a processor 810, an I/O device 820, a transceiver 830, and an antenna 840.
- the processor 810 may be the SOC of the foregoing embodiment of the present application, and is not described herein for brevity.
- the I/O device 820 can be the I/O device described in the foregoing embodiments of the present application.
- Transceiver 830 communicates with other devices via antenna 840. It will be understood by those skilled in the art that the terminal structure shown in FIG. 8 does not constitute a limitation on the terminal, and the terminal may include more or less components than those illustrated, or combine some components, or split some components. Or different parts arrangement.
- the disclosed apparatus may be implemented in other manners.
- the device embodiments described above are merely illustrative.
- the division of the unit is only a logical function division.
- there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
- the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, or an electrical, mechanical or other form of connection.
- the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the embodiments of the present application.
- each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
- the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
- the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, It can be stored on a computer readable storage medium. Based on such understanding, the technical solution of the present application may be in essence or part of the contribution to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium.
- a number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application.
- the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .
Abstract
Description
Claims (16)
- 一种系统级芯片SOC,其特征在于,包括集成在所述SOC内的总线接口、安全元件SE以及第一元件;所述总线接口,用于连接输入/输出I/O设备;所述SE,用于在安全场景下,通过所述总线接口访问所述I/O设备,获取所述I/O设备输入的第一数据,并对所述第一数据进行安全处理,以及控制所述第一元件在普通场景下对所述I/O设备的访问,其中,所述安全场景表示需要安全输入的场景,所述普通场景表示不需要安全输入的场景;所述第一元件,用于通过所述SE的控制,在所述普通场景下,获取所述I/O设备输入的第二数据。
- 根据权利要求1所述的SOC,其特征在于,所述SE还用于在所述安全场景下,控制所述I/O设备显示数据输入界面。
- 根据权利要求1或2所述的SOC,其特征在于,所述SE还用于将安全处理后的数据发送给服务器。
- 根据权利要求1至3中任一项所述的SOC,其特征在于,所述SE还用于根据当前访问所述I/O设备的应用,确定当前的应用环境为所述安全场景或所述普通场景。
- 根据权利要求1至4中任一项所述的SOC,其特征在于,所述SE用于在所述普通场景下,通过所述总线接口访问所述I/O设备,获取所述第二数据,并将所述第二数据发送给所述第一元件。
- 根据权利要求5所述的SOC,其特征在于,所述总线接口设置于所述SE中。
- 根据权利要求1至4中任一项所述的SOC,其特征在于,所述SE用于在所述安全场景下配置所述总线接口的访问模式为仅所述SE访问,在所述普通场景下配置所述总线接口的访问模式为所述第一元件访问。
- 根据权利要求1至4中任一项所述的SOC,其特征在于,所述总线接口包括第一总线接口和第二总线接口;所述SE用于,在所述安全场景下控制所述第二总线接口与所述I/O设备连接,并通过所述第二总线接口访问所述I/O设备;在所述非安全场景下控制所述第一总线接口与所述I/O设备连接,以使所述第一元件通过所述第一总线接口访问所述I/O设备。
- 根据权利要求8所述的SOC,其特征在于,所述SOC还包括多路开关;所述SE用于在所述安全场景下控制所述多路开关切换,使得所述第二总线接口与所述I/O设备连接,在所述普通场景下控制所述多路开关切换,使得所述第一总线接口与所述I/O设备连接。
- 根据权利要求9所述的SOC,其特征在于,所述多路开关设置于所述SE中。
- 根据权利要求8至10中任一项所述的SOC,其特征在于,所述第二总线接口设置于所述SE中。
- 根据权利要求1至11中任一项所述的SOC,其特征在于,所述SE还用于在确定进入所述安全场景时,向所述用户发送安全指示。
- 根据权利要求1至12中任一项所述的SOC,其特征在于,所述I/O设备包括数据采集传感器、触摸屏或显示器。
- 根据权利要求1至13中任一项所述的SOC,其特征在于,所述总线接口包括集成电路间总线I2C接口或移动产业处理器接口MIPI。
- 根据权利要求1至14中任一项所述的SOC,其特征在于,所述第一元件包括应用处理器、可信环境TEE中的处理器核、数字信号处理器或专用集成电路。
- 一种终端,其特征在于,包括根据权利要求1至15中任一项所述的系统级芯片SOC,以及输入/输出I/O设备。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020197001334A KR20190018506A (ko) | 2016-07-01 | 2017-06-28 | 시스템 온 칩 및 단말기 |
JP2018566878A JP2019520653A (ja) | 2016-07-01 | 2017-06-28 | システムオンチップおよび端末 |
EP17819274.6A EP3467667B1 (en) | 2016-07-01 | 2017-06-28 | System-on-chip and terminal |
US16/234,980 US20190138702A1 (en) | 2016-07-01 | 2018-12-28 | System on chip and terminal |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610512240.9A CN107562689A (zh) | 2016-07-01 | 2016-07-01 | 一种系统级芯片和终端 |
CN201610512240.9 | 2016-07-01 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/234,980 Continuation US20190138702A1 (en) | 2016-07-01 | 2018-12-28 | System on chip and terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2018001277A1 true WO2018001277A1 (zh) | 2018-01-04 |
Family
ID=60785951
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/090591 WO2018001277A1 (zh) | 2016-07-01 | 2017-06-28 | 一种系统级芯片和终端 |
Country Status (6)
Country | Link |
---|---|
US (1) | US20190138702A1 (zh) |
EP (1) | EP3467667B1 (zh) |
JP (1) | JP2019520653A (zh) |
KR (1) | KR20190018506A (zh) |
CN (1) | CN107562689A (zh) |
WO (1) | WO2018001277A1 (zh) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10775890B2 (en) | 2017-09-27 | 2020-09-15 | Apple Inc. | Electronic device having a piezoelectric body for friction haptics |
WO2019144267A1 (zh) * | 2018-01-23 | 2019-08-01 | 深圳市大疆创新科技有限公司 | 芯片、处理器、计算机系统和可移动设备 |
CN109347791B (zh) * | 2018-09-02 | 2021-04-20 | 黄策 | 双i/o总线sim卡 |
WO2020132962A1 (zh) * | 2018-12-26 | 2020-07-02 | 华为技术有限公司 | 安全元件、数据处理装置及数据处理方法 |
CN110321317B (zh) * | 2019-06-28 | 2021-10-01 | 兆讯恒达科技股份有限公司 | 一种多接口和多协处理器的芯片 |
WO2024069088A1 (fr) * | 2022-09-30 | 2024-04-04 | Ledger | Smartphone intégrant un portefeuille matériel de stockage de clés cryptographiques mettant en œuvre un multiplexage logiciel de l'afficheur du smartphone |
FR3140463A1 (fr) * | 2022-09-30 | 2024-04-05 | Ledger | Smartphone intégrant un portefeuille matériel de stockage de clés cryptographiques mettant en œuvre un multiplexage matériel de l'afficheur du smartphone |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201917963U (zh) * | 2010-12-21 | 2011-08-03 | 北京同方微电子有限公司 | 用于移动支付的安全终端装置 |
CN104471586A (zh) * | 2012-07-13 | 2015-03-25 | 高通股份有限公司 | 用于将一部分安全单元组件集成在片上系统上的方法和装置 |
US20150186879A1 (en) * | 2012-10-17 | 2015-07-02 | Edison U. ORTIZ | Virtualization and secure processing of data |
CN104778401A (zh) * | 2014-01-13 | 2015-07-15 | 恩智浦有限公司 | 数据处理设备和用于执行应用程序的方法 |
US20160078223A1 (en) * | 2012-12-05 | 2016-03-17 | Broadcom Corporation | Hardware Isolated Secure Processing System Within A Secure Element |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8559921B2 (en) * | 2005-08-17 | 2013-10-15 | Freescale Semiconductor, Inc. | Management of security features in a communication network |
US20110016310A1 (en) * | 2009-07-20 | 2011-01-20 | Infineon Technologies Ag | Secure serial interface with trusted platform module |
WO2013081406A1 (en) * | 2011-12-02 | 2013-06-06 | Samsung Electronics Co., Ltd. | Method and apparatus for securing touch input |
CA3118235A1 (en) * | 2012-04-13 | 2013-10-17 | Ologn Technologies Ag | Apparatuses, methods and systems for computer-based secure transactions |
US9436940B2 (en) * | 2012-07-09 | 2016-09-06 | Maxim Integrated Products, Inc. | Embedded secure element for authentication, storage and transaction within a mobile terminal |
US8955039B2 (en) * | 2012-09-12 | 2015-02-10 | Intel Corporation | Mobile platform with sensor data security |
US20140244513A1 (en) * | 2013-02-22 | 2014-08-28 | Miguel Ballesteros | Data protection in near field communications (nfc) transactions |
US9594917B2 (en) * | 2013-06-28 | 2017-03-14 | Nxp B.V. | Secured multi-directional, multi-interface transaction processing |
US9704355B2 (en) * | 2014-10-29 | 2017-07-11 | Clover Network, Inc. | Secure point of sale terminal and associated methods |
KR20170077943A (ko) * | 2015-12-28 | 2017-07-07 | 삼성전자주식회사 | 접근 제어 유닛을 포함하는 시스템 온 칩 및 시스템 온 칩을 포함하는 모바일 장치 |
US20170325088A1 (en) * | 2016-05-05 | 2017-11-09 | Qualcomm Incorporated | Securing sensor status by leveraging always-on processor and host-based trusted execution |
-
2016
- 2016-07-01 CN CN201610512240.9A patent/CN107562689A/zh active Pending
-
2017
- 2017-06-28 KR KR1020197001334A patent/KR20190018506A/ko not_active Application Discontinuation
- 2017-06-28 JP JP2018566878A patent/JP2019520653A/ja not_active Abandoned
- 2017-06-28 EP EP17819274.6A patent/EP3467667B1/en active Active
- 2017-06-28 WO PCT/CN2017/090591 patent/WO2018001277A1/zh unknown
-
2018
- 2018-12-28 US US16/234,980 patent/US20190138702A1/en not_active Abandoned
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201917963U (zh) * | 2010-12-21 | 2011-08-03 | 北京同方微电子有限公司 | 用于移动支付的安全终端装置 |
CN104471586A (zh) * | 2012-07-13 | 2015-03-25 | 高通股份有限公司 | 用于将一部分安全单元组件集成在片上系统上的方法和装置 |
US20150186879A1 (en) * | 2012-10-17 | 2015-07-02 | Edison U. ORTIZ | Virtualization and secure processing of data |
US20160078223A1 (en) * | 2012-12-05 | 2016-03-17 | Broadcom Corporation | Hardware Isolated Secure Processing System Within A Secure Element |
CN104778401A (zh) * | 2014-01-13 | 2015-07-15 | 恩智浦有限公司 | 数据处理设备和用于执行应用程序的方法 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3467667A4 * |
Also Published As
Publication number | Publication date |
---|---|
US20190138702A1 (en) | 2019-05-09 |
EP3467667A4 (en) | 2019-05-01 |
EP3467667A1 (en) | 2019-04-10 |
KR20190018506A (ko) | 2019-02-22 |
JP2019520653A (ja) | 2019-07-18 |
CN107562689A (zh) | 2018-01-09 |
EP3467667B1 (en) | 2022-06-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2018001277A1 (zh) | 一种系统级芯片和终端 | |
TWI576778B (zh) | 針對遺失的電子裝置停用行動付款 | |
KR102660519B1 (ko) | 외부 장치를 인식하는 방법 및 이를 지원하는 전자 장치 | |
CN106605233B (zh) | 使用处理器提供可信执行环境 | |
CN105684009B (zh) | 针对基于nfc的支付使用生物特征认证 | |
US9495524B2 (en) | Secure user authentication using a master secure element | |
TWI605397B (zh) | 用於金融交易之安全元件及攜帶型電子裝置 | |
US10194318B2 (en) | Systems and methods for NFC access control in a secure element centric NFC architecture | |
EP2648129B1 (en) | Method and apparatus for securing touch input | |
EP2706699B1 (en) | User terminal and payment system | |
US20130145475A1 (en) | Method and apparatus for securing touch input | |
EP3291126A1 (en) | Data verification via independent processors of a device | |
US10496975B2 (en) | Point of sale system with secure and unsecure modes | |
JP6552714B2 (ja) | データ処理方法およびシステム、ならびにウェアラブル電子デバイス | |
KR20160100151A (ko) | 보안 정보의 처리 | |
US11250421B2 (en) | Storing secure credential information in different regions | |
US20240015156A1 (en) | Electronic device for controlling access to device resource and operation method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17819274 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2018566878 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20197001334 Country of ref document: KR Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2017819274 Country of ref document: EP Effective date: 20190103 |