WO2019105290A1 - 数据处理方法、可信用户界面资源数据的应用方法及装置 - Google Patents
数据处理方法、可信用户界面资源数据的应用方法及装置 Download PDFInfo
- Publication number
- WO2019105290A1 WO2019105290A1 PCT/CN2018/117106 CN2018117106W WO2019105290A1 WO 2019105290 A1 WO2019105290 A1 WO 2019105290A1 CN 2018117106 W CN2018117106 W CN 2018117106W WO 2019105290 A1 WO2019105290 A1 WO 2019105290A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user interface
- resource data
- trusted user
- encrypted
- trusted
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/84—Protecting input, output or interconnection devices output devices, e.g. displays or monitors
Definitions
- the present invention relates to the field of computer technologies, and in particular, to a data processing method, an application method and apparatus for trusted user interface resource data.
- the display of the Trusted User Interface requires the use of TUI resource data, and by using these resources, a graphical user interface can be displayed in a Trusted Execution Environment (TEE).
- TEE Trusted Execution Environment
- the user is provided with a secure and trusted graphical interactive interface to protect the security of user information (eg, account information, password information, etc.).
- TUI resource data is generally stored on a trusted memory of the terminal device.
- the terminal device cannot use the relatively expensive trusted memory due to cost considerations or cannot provide the trusted memory due to the hardware design defect of the terminal device, the terminal device cannot provide the secure storage function.
- the terminal device cannot provide the secure storage function.
- how to store the TUI resource data To ensure the security and integrity of TUI resource data, no effective solution has been proposed yet.
- the present application is intended to solve the above technical problems in the related art.
- the present application provides a data processing method, an application method and device for trusted user interface resource data, which can at least ensure the security and integrity of resource data when the terminal device cannot provide a secure storage function.
- a method for applying trusted user interface resource data includes:
- the encrypted trusted user interface resource data is decrypted in a trusted execution environment and a trusted user interface is displayed based on the decrypted trusted user interface resource data.
- the method further includes: generating the encrypted trusted user interface resource data before acquiring the encrypted trusted user interface resource data from the rich execution environment and providing the data to the trusted execution environment;
- the generating the encrypted trusted user interface resource data includes one of the following:
- Generating a trusted user interface resource data packet generating a digital signature of the trusted user interface resource data packet by using a secure hash algorithm and an asymmetric encryption algorithm, and appending the digital signature to the trusted user interface resource data packet And obtaining the encrypted trusted user interface resource data;
- the trusted user interface resource data is directly encrypted by the advanced encryption standard AES encryption algorithm to generate the encrypted trusted user interface resource data.
- Decrypting the encrypted trusted user interface resource data in a trusted execution environment comprising: decrypting the encrypted trusted user interface resource data by using a preset trusted user interface resource key .
- the decrypting the encrypted trusted user interface resource data in the trusted execution environment includes one of the following:
- the encrypted trusted user interface resource data is decrypted using an AES decryption algorithm.
- the method further includes: storing the encrypted trusted user interface resource data in the rich execution environment before acquiring the encrypted trusted user interface resource data from the rich execution environment and providing the data to the trusted execution environment.
- the storing the encrypted trusted user interface resource data in the rich execution environment includes: storing the encrypted trusted user interface resource data in an untrusted storage space in the rich execution environment.
- the device triggers the startup of the trusted user interface on the non-trusted user interface, and obtains the encrypted trusted user interface resource data from the rich execution environment and provides the data to the trusted execution environment, including: the user on the non-trusted user interface.
- the encrypted trusted user interface resource data is loaded in the rich execution environment and sent to the shared memory; the encrypted trusted user interface resource data is from the trusted execution environment The shared memory is copied to the protected memory of the trusted execution environment.
- the obtaining the encrypted trusted user interface resource data from the rich execution environment and providing the data to the trusted execution environment includes: sending a request for the trusted user interface resource data to the rich execution environment through the trusted user interface program, based on the Requesting to load the encrypted trusted user interface resource data in a rich execution environment and sending it to shared memory; copying the encrypted trusted user interface resource data from the shared memory to the trusted user interface program Protected memory for trusted execution environments.
- the request for the trusted user interface resource data carries the trusted user interface identifier; in the rich execution environment, the corresponding encrypted trusted user interface resource is loaded based on the trusted user interface identifier carried in the request
- the data is sent to shared memory.
- the method further includes: clearing the trusted user interface in the protected memory of the trusted execution environment after exiting the trusted user interface program or exiting the trusted user interface program Resource data.
- the method further includes: after the trusted user interface program exits, clearing the encrypted trusted user interface resource data in the shared memory.
- the displaying the trusted user interface based on the decrypted trusted user interface resource data includes: displaying the graphical trusted user interface based on the decrypted trusted user interface resource data.
- An application device for trusted user interface resource data comprising:
- a trusted user interface module configured to decrypt the encrypted trusted user interface resource data in a trusted execution environment, and display a trusted user interface based on the decrypted trusted user interface resource data.
- a generating module configured to generate the encrypted trusted user interface resource data by one of:
- Generating a trusted user interface resource data packet generating a digital signature of the trusted user interface resource data packet by using a secure hash algorithm and an asymmetric encryption algorithm, and appending the digital signature to the trusted user interface resource data packet And obtaining the encrypted trusted user interface resource data;
- the trusted user interface resource data is directly encrypted by the advanced encryption standard AES encryption algorithm to generate the encrypted trusted user interface resource data.
- the providing module is configured to load the encrypted trusted user interface resource data in a rich execution environment and send the data to the shared memory when the user operation on the non-trusted user interface triggers the startup of the trusted user interface;
- the trusted user interface module is configured to copy the encrypted trusted user interface resource data from the shared memory into a protected memory of a trusted execution environment.
- the method further includes: a storage module disposed in the rich execution environment, configured to store the encrypted trusted user interface resource data.
- An application device for trusted user interface resource data comprising:
- a processor configured to read the computer program to perform an operation of the application method of the trusted user interface resource data described above.
- a computer readable storage medium having stored thereon a computer program, the computer program being executed by a processor to implement the steps of the application method of the trusted user interface resource data.
- a data processing method comprising:
- the decrypted resource data is processed.
- the REE when the TUI needs to be displayed, the REE can obtain the encrypted TUI resource data from the REE and provide it to the TEE, and the TEE decrypts the TUI resource data to display the TUI, so that not only the integrity of the TUI resource data but also the TUI resource data can be guaranteed. Confidentiality, and the TUI resource data can be saved in the untrusted memory, avoiding the limitation that the trusted memory must be used to store the TUI resource data, and the TUI resource data cannot be secured because some terminal devices cannot provide the secure memory. The problem of saving can effectively reduce the hardware cost of using mobile security technology for terminal devices.
- FIG. 1 is a schematic diagram of a system architecture of a related art
- FIG. 2 is a schematic flowchart of a method for applying TUI resource data in Embodiment 1;
- FIG. 3 is a diagram showing an example of a system structure applied to the TUI resource data application method in the first embodiment
- FIG. 4 is a diagram showing another example of a system structure applied to the TUI resource data application method in the first embodiment
- FIG. 5 is a schematic flowchart diagram of an application method of TUI resource data according to an embodiment
- FIG. 6 is a schematic structural diagram of a TUI resource data application apparatus in Embodiment 2;
- FIG. 7 is a schematic structural diagram of a TUI resource data application apparatus in Embodiment 3.
- Example 8 is a schematic diagram of an application environment and an internal system architecture of a two-dimensional code payment device in Example 1;
- FIG. 9 is a schematic flowchart of displaying a two-dimensional code through a TUI by a two-dimensional code payment device in Embodiment 1;
- Example 10 is a diagram showing an example of TUI display of a two-dimensional code payment device in Example 1;
- FIG. 11 is a schematic flowchart of the two-dimensional code payment device exiting the TUI in the example 1.
- a computing device of a client or server may include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
- processors CPUs
- input/output interfaces network interfaces
- memory volatile and non-volatile memory
- the memory may include non-persistent memory, random access memory (RAM), and/or non-volatile memory in a computer readable medium, such as read only memory (ROM) or flash memory.
- RAM random access memory
- ROM read only memory
- Memory is an example of a computer readable medium.
- the memory may include module 1, module 2, ..., module N (N is an integer greater than 2).
- Computer readable media includes both permanent and non-permanent, removable and non-removable storage media.
- the storage medium can be stored by any method or technique.
- the information can be computer readable instructions, data structures, modules of programs, or other data.
- Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory. (ROM), electrically erasable programmable read only memory (EEPROM), flash memory or other memory technology, compact disk read only memory (CD-ROM), digital versatile disk (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape storage or other magnetic storage devices or any other non-transportable media can be used to store information that can be accessed by a computing device.
- computer readable media does not include non-transitory computer readable media, such as modulated data signals and carrier waves.
- the terminal device described in this application may be a mobile phone, a tablet, a mobile internet device, a wearable device, or other hardware entity or virtual device that can deploy a CPU.
- TEE Trusted Execution Environment: Provides an execution environment that is isolated from REE, providing code protection and execution, data confidentiality, and privacy management functions.
- Rich Execution Environment An operating environment that is provided to a rich operating system for execution and management. It is outside the trusted execution environment, and applications executed in that environment are considered to be untrustworthy.
- Rich Operating System Executed in REE, the rich operating system will provide more rich functions than the operating system executed in the TEE. It is more open to the installation and use of the application than the trusted operating system. .
- Trusted OS Execute in TEE, use TEE security features related hardware, software or a combination of both technologies to protect executed code and data, and provide functions such as loading, executing and managing TA. .
- TUI Trusted User Interface
- TEE Provides a trusted user interface in the TEE to protect sensitive information such as passwords and identities from being detected by programs other than TEE.
- TUI Agent A TUI agent running on the REE side, responsible for receiving application requests from the application to the TUI and forwarding to the TUI, and loading TUI resource data.
- Platform Hardware A complete system with hardware and companion software that can run TEE.
- the ARM CPU supports TEE through TrustZone technology, and supports REE and TEE switching and information transfer through the supported firmware (ARM trusted firmware).
- the ARM CPU with TrustZone and trusted firmware can be An example of Platform Hardware.
- Shared memory Memory used by REE and TEE.
- REE side dedicated memory memory used only under REE.
- TEE's protected memory Memory used only under TEE.
- SHA Secure Hash Algorithm
- FIPS PUB 180 It is the national standard FIPS PUB 180 issued by the National Institute of Standards and Technology. The latest standard has been updated to FIPS PUB 180-3 in 2008. It specifies several one-way hashing algorithms, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
- SHA-1, SHA-224, and SHA-256 are suitable for messages that are no longer than 2 ⁇ 64 bits.
- SHA-384 and SHA-512 are suitable for messages with a length of no more than 2 ⁇ 128 bits.
- AES Advanced Encryption Standard
- FIPS PUB 197 by NIST (National Institute of Standards and Technology) on November 26, 2001, and became an effective standard on May 26, 2002.
- the AES algorithm is a symmetric key encryption algorithm.
- AES is an iterative, symmetric key grouping cipher. 128, 192, and 256-bit keys can be used, and 128-bit (16-byte) packets are used to encrypt and decrypt data.
- IEEE 802.15.4 uses a fixed 128-bit key, which is labeled AES-128. Whether for AES encryption algorithms or decryption algorithms, operations using round transformations are used.
- the working modes include an ECB (Electronic Codebook Book), a cipher packet link mode (CBC), a cryptographic feedback mode (CFB), an output feedback mode (OFB), and a counter mode (CTR, Counter).
- ECB Electronic Codebook Book
- CBC cipher packet link mode
- CFB output feedback mode
- CTR Counter
- RSA RSA algorithm
- An asymmetric encryption algorithm which is one of the best public key algorithms in encryption and decryption technology.
- FIG. 1 it is a system architecture supporting TEE in the related art.
- the system includes ROS under REE, TUI Agent, Trusted Storage, and TOS and TUI under TEE.
- ROS and TOS share Platform Hardware, and ROS and TOS can exchange information (Messages), and TUI resources.
- the data is stored in the trusted memory, and the TEE decrypts the obtained TUI resource data and provides the TUI resource data to the TUI for use by using a securely stored key (Trusted storage key).
- Trusted storage key a securely stored key
- the terminal device will not be able to provide trusted memory when the terminal device cannot use the relatively expensive eMMC due to cost considerations, or the trusted storage device that cannot provide hardware protection due to the hardware design defect of the terminal device, and can only use the external ordinary flash. Or the trusted memory is not available. At this time, the above solution will not be used, and the TUI resource data will not be effectively protected.
- the present application provides the following technical solution, which is applicable to an application scenario in which resource data is required when there is no secure storage device.
- the technical solution of the present application includes: a data processing method, the method may include: obtaining encrypted resource data from a REE and providing it to a TEE; decrypting the encrypted resource data in a TEE; and performing the decrypted resource data Process it.
- the resource data includes, but is not limited to, TUI resource data, which is used to present a TUI, and is applicable to an application scenario in which TUI resource data is required when there is no secure storage device.
- Processing the resource data includes, but is not limited to, the presentation of the TUI under the TEE. It should be understood that in the technical solution of the present application, the resource data may also be other types, and the corresponding processing is not limited to the presentation of the TUI. For the type of resource data and its processing method, depending on the specific application scenario, this document is not limited.
- a method for applying TUI resource data may include:
- Step 201 triggering the startup of the TUI on the non-TUI, obtaining the encrypted trusted user interface resource data from the REE and providing the data to the TEE;
- Step 202 Decrypt the encrypted TUI resource data in the TEE, and display the TUI based on the decrypted TUI resource data.
- the encrypted TUI resource data is obtained from the REE and provided to the TEE, and the TEE decrypts the TUI resource data to display the TUI, so that the integrity and confidentiality of the TUI resource data can be ensured.
- the TUI resource data can be saved in the untrusted memory, which avoids the limitation that the trusted memory must be used to store the TUI resource data, and the TUI resource data cannot be safely saved due to the inability of some terminal devices to provide the secure memory. The problem can effectively reduce the hardware cost of using mobile security technology for terminal devices.
- the method further includes: storing the encrypted TUI resource data in the REE before acquiring the encrypted trusted user interface resource data from the rich execution environment and providing the data to the trusted execution environment.
- the embodiment uses encrypted TUI resource data, it can be stored in any memory in the REE during storage, that is, it can be stored in the trusted memory or in the untrusted memory.
- the type of memory stores the encrypted TUI resource data, which can be flexibly adjusted according to the needs of the actual application or the hardware configuration of the terminal device.
- the encrypted TUI resource data may be stored in an untrusted storage space in the REE to reduce the cost of the memory.
- the untrusted storage space may also be referred to as a non-secure storage area.
- the storage space may be a memory or an area in the memory.
- the encrypted TUI resource data can be stored in a Flash external to the terminal device.
- the TUI resource data may include a font, a character, a picture, and the like.
- the TUI resource data may be TUI static resource data or TUI dynamic resource data.
- the TUI static resource data can be pre-stored on the terminal device with the installation of the application, and the TUI dynamic resource data needs to be delivered through the network in real time.
- the encrypted TUI resource data may be pre-stored in the REE when the application is installed.
- the encrypted TUI resource data can be dynamically sent to the terminal device by the network side, and the terminal device temporarily stores the encrypted TUI resource data in the REE.
- the method in this embodiment is preferably used for TUI static resource data.
- the activation of the trusted user interface can be triggered by a user operation on the non-trusted user interface. That is to say, the user can operate on the non-TUI when the terminal device displays the non-TUI to trigger the startup of the TUI.
- the operation may be a button operation, a voice operation, a touch operation, or other user operations.
- the user when using an application of the terminal device, the user may first enter the non-TUI of the application, and when the non-TUI is displayed, the user may operate on the non-TUI, trigger the TUI display request, and the terminal device displays the request in the TUI.
- the REE to TEE switching is performed under the instruction, and the REE can provide the encrypted TUI resource data to the TEE during the execution of the handover, and the TEE decrypts the TUI and displays the TUI using the TUI resource data.
- the method may further include: generating the encrypted TUI resource data before acquiring the encrypted trusted user interface resource data from the rich execution environment and providing the data to the trusted execution environment; wherein the generating the The manner of encrypting the TUI resource data may include one of the following: 1) generating a TUI resource data packet, generating a digital signature of the TUI resource data packet by using a secure hash algorithm and an asymmetric encryption algorithm, and attaching the digital signature to the After the TUI resource data packet is described, the encrypted TUI resource data is obtained; 2) the TUI resource data is directly encrypted by the AES encryption algorithm to generate the encrypted TUI resource data.
- the appropriate encryption algorithm can be used to encrypt the TUI resource data based on the requirements of the application environment to ensure the integrity and confidentiality of the TUI resource data.
- the TUI resource data of all user interfaces of an application can be uniformly encrypted, and all the TUI resource data adopt the same encryption algorithm and the same key.
- Different encryption algorithms may be used for TUI resource data corresponding to different applications, and the same encryption algorithm may be used, but different keys are used when using the same encryption algorithm.
- decrypting the encrypted TUI resource data in the TEE may include: decrypting the encrypted TUI resource data by using a preset TUI resource key.
- the method for decrypting the encrypted TUI resource data in the TEE may include one of the following: 1) verifying the digital signature of the encrypted TUI resource data by using a public key; 2) utilizing AES The decryption algorithm decrypts the encrypted TUI resource data.
- the TEE uses the public key to check the encrypted TUI resource data.
- the preset TUI resource key refers to the public key. If the AES encryption algorithm is used to encrypt the TUI resource data, the TEE decrypts the encrypted TUI resource data by using a corresponding AES decryption algorithm. At this time, the preset TUI resource key refers to the AES decryption algorithm. Key.
- the encryption and decryption algorithm of the TUI resource data may adopt the following scheme:
- TUI resource data packet Digitally digest the TUI resource data packet using one of SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512, and then use an asymmetric encryption algorithm (for example, RSA algorithm).
- the digital digest is encrypted, and a digital signature of the TUI resource data packet is generated, and the digital signature is appended to the TUI resource data packet to obtain the encrypted TUI resource data.
- the TEE uses the encrypted TUI resource data, it only needs to verify the digital signature by using the public key, so that the TUI resource is data that has not been tampered with.
- the TUI resource data is directly encrypted using the AES encryption algorithm of ECB, CBC, CFB, OFB, and CTR.
- the TEE uses the encrypted TUI resource
- the TUI resource data can be used by directly decrypting using the corresponding AES decryption algorithm.
- the TUI resource data may be generated and encrypted by the application developer through the resource generation tool and using the above encryption algorithm.
- the private key involved in encrypting TUI resource data can be protected by the application developer.
- the application developer generates a TUI resource data packet through the TUI resource generation tool during the development process, and digitally summarizes the resource package through the SHA256, and then encrypts the digest through RSA2048 to generate a digital signature of the TUI resource data packet, and The digital signature can be obtained by appending the TUI resource data packet to the encrypted TUI resource data packet.
- the encrypted TUI resource data packet is stored in the REE memory.
- the TEE uses the public key to check the encrypted TUI resource data packet.
- the TUI resource data is stored in the protected memory of the TEE, and is used when the TUI is displayed.
- the TUI resource tool is a tool specifically for manual coding.
- the application developer generates TUI resource data through the TUI resource generation tool and directly encrypts the TUI resource data by using the AES CTR algorithm to generate an encrypted TUI resource data packet.
- the encrypted TUI resource data packet is stored in the REE memory.
- the TES decrypts the encrypted TUI resource data packet by using the key of the AES CTR algorithm, and stores it in the protected memory of the TEE for use in displaying the TUI.
- the installation of the above application program is determined according to the specific conditions of the terminal device, and the terminal device may be preset in the production stage, or may be manually downloaded to the terminal device by the user through the network.
- the application program is preset in the production stage of the device, and correspondingly, the encrypted TUI resource data can also be pre-stored in the memory of the two-dimensional code payment device in the production stage.
- triggering the startup of the TUI on the non-TUI, and obtaining the encrypted trusted user interface resource data from the REE and providing the data to the TEE may include: when the user operation on the non-TUI triggers the startup of the TUI, loading the REE
- the encrypted TUI resource data is sent to the shared memory; the encrypted TUI resource data is copied from the shared memory to the protected memory of the TEE in the TEE.
- the providing the encrypted TUI resource data to the TEE may include: sending, by the TUI program, a request for the TUI resource data to the REE, and loading the encrypted TUI resource data in the REE according to the request.
- the encrypted TUI resource data is copied from the shared memory to the protected memory of the TEE by the TUI program.
- the request for the TUI resource data may carry the TUI identifier; in the REE, the corresponding encrypted TUI resource data is loaded and sent to the shared memory based on the TUI identifier carried in the request.
- the TUI identifier may be a Universally Unique Identifier (UUID) or other similar information.
- the TUI agent when the application requests to open the TUI, the TUI agent is started first, and then the application calls the TUI Agent to send a TUI startup command to the TEE, and the TUI program is started according to the TUI startup command in the TEE, and the TUI program is started.
- the TUI resource data is stored in the protected memory on the TEE side and is provided for use by the TUI program to render the TUI.
- the data requested by the TUI program to the REE can be distinguished by different commands.
- the corresponding TUI resource data and the TUI program can be bound by a TUI identifier (for example, a UUID).
- a TUI identifier for example, a UUID
- a TUI Agent can send a request for the TUI resource data carrying the UUID of the TUI_A
- the TUI Agent can search for the storage in the memory according to the UUID carried in the request for the TUI resource data.
- the UUID of the encrypted TUI resource data of the plurality of encrypted TUI resource data conforms to the UUID of the TUI_A, and the encrypted TUI resource data matching the UUID of the TUI_A is found and then loaded.
- the TUI in this embodiment may be of any type.
- the TUI is preferably an imaged TUI, for example, the TUI may be a TUI including a merchant paying a two-dimensional code. That is, in an implementation manner of this embodiment, the graphical TUI may be displayed based on the decrypted TUI resource data.
- the method may further include: clearing, in the process of exiting the TUI program, or after exiting the TUI program, the TUI resource data in the protected memory of the TEE.
- the TUI resource data in the protected memory of the TEE may be cleared to release the space in the TEE protected.
- the present embodiment stores the decrypted TUI resource data in the protected memory on the TEE side, and continues the lifetime of the entire TUI display until the user closes the TUI. After the TUI is closed, the decrypted TUI resource data is cleared from the protected memory on the TEE side to release the memory it occupies.
- the method may further include: after the TUI program exits, clearing the encrypted TUI resource data in the shared memory.
- the TUI Agent on the REE side issues a shutdown command for the TUI program
- the encrypted TUI resource data in the shared memory can be deleted, and the space occupied by the encrypted TUI resource data in the shared memory is released.
- the embodiment stores the encrypted TUI resource data in the shared memory on the REE side for real-time reading by the TEE side. After the TUI is closed, the encrypted TUI resource data can be cleared from the shared memory to release the memory it occupies.
- the above method of this embodiment can be implemented by any terminal device capable of providing TEE security capabilities.
- it can be applied to terminal devices that cannot provide secure storage but can provide TEE security capabilities.
- FIG. 3 when the foregoing method of the present embodiment is applied to a terminal device that cannot provide secure storage but can provide TEE security capability, an example of a system architecture of the terminal device is shown in FIG. Another exemplary diagram of this.
- the above method of this embodiment can be implemented by the following exemplary process:
- Step 501 Before the TUI resource data is installed to the terminal device, the TUI resource data is encrypted by the encryption software to generate encrypted TUI resource data (TUI En-Rsc, TUI encrypted resource);
- Step 502 when the application is installed, storing the encrypted TUI resource data of the application into a memory (for example, an untrusted memory) on the REE side of the terminal device;
- a memory for example, an untrusted memory
- Step 503 When the TUI needs to be started, the TUI Agent loads the encrypted TUI resource data from the memory on the REE side to the shared memory to provide the loaded encrypted TUI resource data (through the shared memory in the Platform) to the TEE side.
- Step 504 On the TEE side, after the TUI program obtains the encrypted TUI resource data from the shared memory, the TUI resource key is decrypted by using a preset TUI resource key to obtain the decrypted TUI resource data (TUI De-Rsc, TUI decrypted). Resource), and the decrypted TUI resource data is stored in the protected memory on the TEE side;
- TUI De-Rsc TUI decrypted. Resource
- Step 505 the TUI program uses the decrypted TUI resource data to display a graphical TUI, so that the user can operate in a secure TEE (for example, input an account password; for example, input ID information, etc.).
- a secure TEE for example, input an account password; for example, input ID information, etc.
- FIG. 3, FIG. 4 and FIG. 5 are exemplary implementations of the method in this embodiment. In other application scenarios, the foregoing method in this embodiment may also be implemented in other manners.
- the embodiment provides an application device for TUI resource data, which may include: a providing module and a processing module; wherein, the providing module is configured to obtain encrypted resource data from the REE and provide the data to the TEE; and the processing module may be used in the TEE Decrypting the encrypted resource data; processing the decrypted resource data.
- the processing module includes, but is not limited to, the TUI module described below.
- the application device of the TUI resource data in this embodiment may include:
- the providing module 62 is configured to trigger the startup of the TUI on the non-TUI, obtain the encrypted trusted user interface resource data from the REE, and provide the data to the TEE;
- the TUI module 63 is configured to decrypt the encrypted TUI resource data in the TEE, and display the TUI based on the decrypted TUI resource data.
- the foregoing application apparatus of this embodiment may further include: a generating module 64, configured to generate the encrypted TUI resource data by: 1) generating a TUI resource data packet, generating by using a secure hash algorithm and an asymmetric encryption algorithm The digital signature of the TUI resource data packet is obtained by appending the digital signature to the TUI resource data packet to obtain the encrypted TUI resource data; 2) directly encrypting the TUI resource data by using an advanced encryption standard AES encryption algorithm Processing, generating the encrypted TUI resource data.
- a generating module 64 configured to generate the encrypted TUI resource data by: 1) generating a TUI resource data packet, generating by using a secure hash algorithm and an asymmetric encryption algorithm The digital signature of the TUI resource data packet is obtained by appending the digital signature to the TUI resource data packet to obtain the encrypted TUI resource data; 2) directly encrypting the TUI resource data by using an advanced encryption standard AES encryption algorithm Processing, generating the encrypted TUI resource data.
- the application device of the embodiment may further include: a storage module 61 disposed in the REE, configured to store the encrypted TUI resource data.
- the storage module 61 may be an untrusted storage space in the REE.
- the providing module 62 may be configured to load the encrypted TUI resource data in the REE and send it to the shared memory when the user operation on the non-TUI triggers the startup of the TUI;
- the TUI module is configured to copy the encrypted TUI resource data from the shared memory into a protected memory of the TEE.
- the foregoing application device of this embodiment may be configured in any terminal device capable of providing TEE security capability or implemented as the terminal device.
- the above-mentioned application device of the present embodiment may be installed in or implemented as a terminal device that cannot provide secure storage but can provide TEE security capabilities.
- the above application device of the embodiment can be installed in a low-cost offline two-dimensional code payment device.
- the storage module 61, the providing module 62, the TUI module 63, and the generating module 64 provided in the REE may be software, hardware, or a combination of the two.
- the storage module 61 disposed in the REE may be embodied as an untrusted memory or an untrusted storage area of the terminal device
- the providing module 62 may be embodied as a TUI Agent on the REE side of the terminal device
- the TUI module 63 may be embodied as The TUI program on the TEE side of the terminal device
- the generating module 64 can be embodied as an external device of the terminal device, and the external device can support the TUI resource generation tool and the encryption algorithm (for example, an AES algorithm; for example, an encryption algorithm related to a digital signature) Any type of device.
- the encryption algorithm for example, an AES algorithm; for example, an encryption algorithm related to a digital signature
- An application device of the TUI resource data may include:
- a memory 72 storing a computer program
- the processor 73 is configured to read the computer program to perform the operation of the application method of the trusted user interface resource data of Embodiment 1.
- the processor 73 may be configured to read the computer program to perform operations of: obtaining encrypted resource data from the REE and providing it to the TEE; decrypting the encrypted resource data in the TEE; and the decrypted resource The data is processed.
- the processor 73 is configured to read the computer program to perform steps 201 to 202 in the first embodiment.
- the application device of the TUI resource data shown in FIG. 7 can be implemented by any terminal device capable of providing TEE security capabilities.
- the application device of the TUI resource data shown in FIG. 7 may include other components in addition to the above-described memory and processor.
- the application device of the TUI resource data may further include a data storage (for example, an untrusted memory or the like) for storing user data; for example, the application device of the TUI resource data may further include, for communicating with an external device.
- the communication circuit for example, the application device of the TUI resource data may further include a bus for coupling and connecting the parts.
- the application device of the TUI resource data may further include an audio output component (eg, a speaker) or the like that outputs TUI related audio.
- the application device of the TUI resource data may also include other components.
- the embodiment further provides a computer readable storage medium having a computer program stored thereon, the computer program being executed by the processor to implement the steps of the application method of the TUI resource data.
- the step of implementing the computer program by the processor comprises: obtaining encrypted resource data from the REE and providing the data to the TEE; decrypting the encrypted resource data in the TEE; and processing the decrypted resource data .
- steps 201 to 202 of the first embodiment are implemented. For other technical details of this embodiment, refer to the first embodiment.
- the two-dimensional code payment device can provide a payment QR code display of the merchant, and the buyer can scan the two-dimensional code displayed by the two-dimensional code payment device to complete the payment.
- the two-dimensional code displayed by the two-dimensional code payment device needs to meet the requirements of security and irreplaceability. Therefore, on the basis of its ability to provide TEE, the two-dimensional code will be displayed through the TUI to protect the security of the two-dimensional code.
- the process of displaying the two-dimensional code by the two-dimensional code payment device through the TUI may include:
- step 901 the merchant presses the power button to start the device, and when the device starts, the TUI Agent is called by the two-dimensional code payment application.
- the two-dimensional code payment application is mainly responsible for obtaining the payment QR code information of the merchant, uploading the transaction information, acquiring the transaction status information, and calling the TUI Agent to complete the display and interaction of the TUI.
- Step 902 When displayed on the non-TUI interface, the merchant triggers the TUI Agent to send a TUI open command by pressing the confirm key, and the TUI open command is transmitted to the TOS by calling the Platform Hardware service through the ROS driver.
- Step 903 After receiving the TUI open command, the TOS starts the TUI program, and applies the encrypted resource data to the TUI Agent, that is, sends a request for the TUI resource data to the TUI Agent.
- Step 904 After receiving the request for the TUI resource data, the TUI Agent opens the encrypted TUI resource data stored in the untrusted memory of the REE and loads the data into the shared memory.
- the TUI Agent can also download encrypted TUI resource data from the network to the shared memory.
- Step 905 The TUI program copies the encrypted TUI resource data in the shared memory to the protected memory of the TEE, and decrypts the encrypted TUI resource data and decrypts the TUI resource data by using a pre-stored TUI resource key. Stored in the protected memory of the TEE.
- Step 906 The TUI program reads the decrypted TUI resource data from the protected memory of the TEE, and uses the TUI resource data to generate a TUI including the payment QR code of the merchant and displays the TUI. As shown in FIG. 10, an example diagram of displaying the TUI for the two-dimensional code payment device is shown.
- the merchant can press the exit button to exit the TUI, or after the buyer scans the code and completes, the transaction server sends the application to the terminal device through the network two-dimensional code.
- the transaction success information is sent, and the two-dimensional code payment application calls the TUI Agent to initiate the exit process of the TUI. Proactively initiate a TUI shutdown command to the TOS.
- the exit process of the TUI may include:
- Step 1101 the merchant presses the exit key on the two-dimensional code payment device, the TUI Agent sends a close command to the TOS, or the two-dimensional code payment device receives the transaction status information from the transaction server indicating that the transaction is successful through the network, and the TUI Agent directly Send a close command to the TOS.
- Step 1102 After receiving the shutdown command, the TOS clears the currently used TUI resource data to release the memory occupied by the TUI resource data, and closes the TUI program.
- Step 1103 The TUI Agent clears the TUI resource data that has been loaded into the shared memory to release the space occupied by the TUI resource data in the shared memory.
- step 1104 the TUI Agent continuously monitors user operations (eg, buttons) to initiate the TUI program when triggered until the power of the two-dimensional code payment device is turned off.
- user operations eg, buttons
- FIG. 8 to FIG. 11 are only examples, and are not intended to limit the present application. In other application scenarios, it can also be implemented in other ways.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
本文公开了一种数据处理方法、可信用户界面资源数据的应用方法及装置,包括:在非可信用户界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境;在可信执行环境中将所述加密的可信用户界面资源数据解密,并基于所述解密后的可信用户界面资源数据显示可信用户界面。本申请至少能够保证终端设备无法提供安全存储功能时TUI资源数据的安全和完整。
Description
本申请要求2017年11月29日递交的申请号为201711230388.4、发明名称为“数据处理方法、可信用户界面资源数据的应用方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本发明涉及计算机技术领域,尤其涉及一种数据处理方法、可信用户界面资源数据的应用方法及装置。
相关技术中,可信用户界面(TUI,Trusted User Interface)的显示需要用到TUI资源数据,通过利用这些资源,在可信执行环境(TEE,Trusted Execution Environment)中可显示图形化的用户界面,以为用户提供安全可信的图形交互界面,保护用户信息(如,账户信息、密码信息等)的安全。
相关技术中,TUI资源数据一般存储在终端设备的可信存储器上。但是,在终端设备出于成本考虑无法使用相对昂贵的可信存储器或由于终端设备的硬件设计缺陷而无法提供可信存储器时,终端设备将无法提供安全存储功能,此时,如何存储TUI资源数据以保证TUI资源数据的安全性和完整性,目前还未提出有效的解决方案。
发明内容
本申请旨在解决相关技术中的上述技术问题。
本申请提供一种数据处理方法、可信用户界面资源数据的应用方法及装置,至少能够保证终端设备无法提供安全存储功能时资源数据的安全和完整。
本申请采用如下技术方案。一种可信用户界面资源数据的应用方法,包括:
在非可信用户界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境;
在可信执行环境中将所述加密的可信用户界面资源数据解密,并基于所述解密后的可信用户界面资源数据显示可信用户界面。
其中,所述方法还包括:从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境之前,生成所述加密的可信用户界面资源数据;
其中,所述生成所述加密的可信用户界面资源数据包括如下之一:
生成可信用户界面资源数据包,利用安全哈希算法和非对称加密算法生成所述可信用户界面资源数据包的数字签名,将所述数字签名附加在所述可信用户界面资源数据包之后,以得到所述加密的可信用户界面资源数据;
利用高级加密标准AES加密算法直接对可信用户界面资源数据进行加密处理,以生成所述加密的可信用户界面资源数据。
其中,所述在可信执行环境中将所述加密的可信用户界面资源数据解密,包括:使用预先设定的可信用户界面资源密钥对所述加密的可信用户界面资源数据进行解密。
其中,所述在可信执行环境中将所述加密的可信用户界面资源数据解密,包括如下之一:
使用公钥对所述加密的可信用户界面资源数据的数字签名进行验签;
使用AES解密算法对所述加密的可信用户界面资源数据进行解密。
其中,所述方法还包括:从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境之前,将所述加密的可信用户界面资源数据存放在所述富执行环境中。
其中,所述将加密的可信用户界面资源数据存放在富执行环境中,包括:将所述加密的可信用户界面资源数据存放在富执行环境中不可信的存储空间。
其中,所述在非可信用户界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境,包括:非可信用户界面上的用户操作触发可信用户界面的启动时,在富执行环境中加载所述加密的可信用户界面资源数据并送到共享内存;在可信执行环境中将所述加密的可信用户界面资源数据从所述共享内存复制到可信执行环境的受保护内存。
其中,所述从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境,包括:通过可信用户界面程序向富执行环境发送针对可信用户界面资源数据的请求,基于所述请求在富执行环境中加载所述加密的可信用户界面资源数据并送到共享内存;通过所述可信用户界面程序将所述加密的可信用户界面资源数据从所述共享内存复制到可信执行环境的受保护内存。
其中,所述针对可信用户界面资源数据的请求中携带可信用户界面标识;在富执行环境中,基于所述请求中携带的可信用户界面标识,加载对应的加密的可信用户界面资源数据并送到共享内存。
其中,所述方法还包括:在退出所述可信用户界面程序的过程中或退出所述可信用 户界面程序之后,清除所述可信执行环境的受保护内存中的所述可信用户界面资源数据。
其中,所述方法还包括:在所述可信用户界面程序退出后,清除所述共享内存中所述加密的可信用户界面资源数据。
其中,所述基于所述解密后的可信用户界面资源数据显示可信用户界面,包括:基于所述解密后的可信用户界面资源数据显示图形化的可信用户界面。
一种可信用户界面资源数据的应用装置,包括:
提供模块,用于在非可信用户界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境;
可信用户界面模块,用于在可信执行环境中将所述加密的可信用户界面资源数据解密,并基于所述解密后的可信用户界面资源数据显示可信用户界面。
其中,还包括:
生成模块,用于通过如下之一生成所述加密的可信用户界面资源数据:
生成可信用户界面资源数据包,利用安全哈希算法和非对称加密算法生成所述可信用户界面资源数据包的数字签名,将所述数字签名附加在所述可信用户界面资源数据包之后,以得到所述加密的可信用户界面资源数据;
利用高级加密标准AES加密算法直接对可信用户界面资源数据进行加密处理,以生成所述加密的可信用户界面资源数据。
其中,所述提供模块,用于在非可信用户界面上的用户操作触发可信用户界面的启动时,在富执行环境中加载所述加密的可信用户界面资源数据并送到共享内存;所述可信用户界面模块,用于将所述加密的可信用户界面资源数据从所述共享内存复制到可信执行环境的受保护内存中。
其中,还包括:设置于富执行环境中的存储模块,用于存放所述加密的可信用户界面资源数据。
一种可信用户界面资源数据的应用装置,包括:
显示器;
存储有计算机程序的存储器;
处理器,配置为读取所述计算机程序以执行上述可信用户界面资源数据的应用方法的操作。
一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现上述可信用户界面资源数据的应用方法的步骤。
一种数据处理方法,包括:
从富执行环境获取加密的资源数据并提供给可信执行环境;
在可信执行环境中将所述加密的资源数据解密;
对所述解密后的资源数据进行处理。
本申请包括以下优点:
本申请中,需要显示TUI时REE可以从REE获取该加密的TUI资源数据并提供给TEE,TEE将其解密即可使用该TUI资源数据显示TUI,这样,不仅可以保证TUI资源数据的完整性和保密性,而且可以将TUI资源数据保存在不可信的存储器上,避开了必须使用可信存储器存放TUI资源数据的限制,解决某些终端设备因无法提供安全存储器而导致TUI资源数据无法被安全保存的问题,可有效降低终端设备使用移动安全技术的硬件成本。
当然,实施本申请的任一产品必不一定需要同时达到以上所述的所有优点。
图1为相关技术的系统架构示意图;
图2为实施例一中TUI资源数据应用方法的流程示意图;
图3为实施例一中TUI资源数据应用方法所适用的一系统结构示例图;
图4为实施例一中TUI资源数据应用方法所适用的又一系统结构示例图;
图5为实施例一种TUI资源数据应用方法的示例性流程示意图;
图6为实施例二中TUI资源数据应用装置的结构示意图;
图7为实施例三中TUI资源数据应用装置的结构示意图;
图8为实例1中二维码支付设备的应用环境及内部系统架构示意图;
图9为实施1中二维码支付设备通过TUI显示二维码的流程示意图;
图10为实例1中二维码支付设备的TUI显示实例图;
图11为实例1中二维码支付设备退出TUI的流程示意图。
下面将结合附图及实施例对本申请的技术方案进行更详细的说明。
需要说明的是,如果不冲突,本申请实施例以及实施例中的各个特征可以相互结合,均在本申请的保护范围之内。另外,虽然在流程图中示出了逻辑顺序,但是在某些情况 下,可以以不同于此处的顺序执行所示出或描述的步骤。
在一个典型的配置中,客户端或服务器的计算设备可包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存(memory)。
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。内存可能包括模块1,模块2,……,模块N(N为大于2的整数)。
计算机可读介质包括永久性和非永久性、可移动和非可移动存储介质。存储介质可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM),快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括非暂存电脑可读媒体(transitory media),如调制的数据信号和载波。
本申请中所述的终端设备可以是手机、平板电脑、移动互联网设备、可穿戴设备或其他可部署CPU的硬件实体或虚拟装置。
本文涉及术语解释如下:
可信执行环境(TEE,Trusted Execution Environment):提供一种相对于REE隔离的执行环境,提供代码的保护执行及数据的机密性、隐私管理功能。
富执行环境(REE,Rich Execution Environment):提供给富操作系统执行和管理的运行环境,它在可信执行环境之外,在该环境执行的应用被认为是不可信的。
富操作系统(ROS,Rich OS):在REE中执行,相对于TEE内执行的操作系统,富操作系统将提供更多丰富功能,它对于应用的安装使用相较于可信操作系统更为开放。
可信操作系统(TOS,Trusted OS):在TEE中执行,使用TEE安全特性相关的硬件、软件或两者结合的技术来保护执行的代码和数据,提供对TA的加载、执行和管理等功能。
可信用户界面(TUI,Trusted User Interface):在TEE中提供可信的用户界面,以保护比如密码、身份等敏感的信息不被TEE之外的程序探知。
可信用户界面的代理程序(TUI Agent):是在REE侧运行的TUI代理程序,负责 接收应用程序对TUI的服务请求并转发给TUI、以及加载TUI资源数据。
安全硬件平台(Platform Hardware):具备可以运行TEE的硬件和配套软件的完整系统。比如,ARM CPU通过信任区(TrustZone)技术来支持TEE,并通过配套的可信固件(ARM trusted firmware)来支持REE与TEE的切换和信息的传递,包含TrustZone、可信固件的ARM CPU可以为Platform Hardware的一个示例。
共享内存:供REE和TEE共同使用的内存。
REE侧专用内存:仅在REE下使用的内存。
TEE的受保护内存:仅在TEE下使用的内存。
安全哈希算法(SHA,Secure Hash Algorithm):是美国国家标准技术研究所发布的国家标准FIPS PUB 180,最新的标准已经于2008年更新到FIPS PUB 180-3。其中规定了SHA-1,SHA-224,SHA-256,SHA-384,和SHA-512这几种单向散列算法。SHA-1,SHA-224和SHA-256适用于长度不超过2^64二进制位的消息。SHA-384和SHA-512适用于长度不超过2^128二进制位的消息。
高级加密标准(AES,Advanced Encryption Standard):AES是由NIST(美国国家标准与技术研究院)于2001年11月26日发布于FIPS PUB 197,并在2002年5月26日成为有效的标准。AES算法是一种对称密钥加密算法,AES是一个迭代的、对称密钥分组的密码,可以使用128、192和256位密钥,并且用128位(16字节)分组加密和解密数据。IEEE 802.15.4采用固定的128位密钥,记为AES-128。不论对于AES加密算法还是解密算法,都是使用轮变换的操作。工作模式包括电码本模式(ECB,Electronic Codebook Book)、密码分组链接模式(CBC)、密码反馈模式(CFB)、输出反馈模式(OFB)、计数器模式(CTR,Counter)。
RSA(RSA algorithm):一种非对称加密算法,是目前加解密技术中最优秀的公钥算法之一。
如图1所示,为相关技术中支持TEE的系统架构。其中,所述系统包含REE下的ROS、TUI Agent、可信存储器(Trusted Storage)以及TEE下的TOS、TUI,ROS与TOS共用Platform Hardware,ROS与TOS之间可交互信息(Messages),TUI资源数据保存在可信存储器中,TEE使用安全存储的密钥(Trusted storage key)解密获得TUI资源数据并将TUI资源数据提供给TUI使用。此方式依赖于可信存储器的存在,然而可信存储器需要硬件提供支持,比如嵌入式多媒体存储卡(eMMC,Embedded Multi Media Card)的RPMB分区或受硬件保护的片内flash等。在终端设备出于成本考虑无法使用相对昂 贵的eMMC,或者由于终端设备的硬件设计缺陷而无法提供硬件保护的可信存储设备、只能使用外部普通的flash时,终端设备将无法提供可信存储器或不具备该可信存储器,此时,上述方案将无法使用,TUI资源数据将无法得到有效保护。
为解决上述问题,本申请提出如下技术方案,该技术方案适用于无安全存储设备时需要使用资源数据的应用场景。
本申请的技术方案包括:一种数据处理方法,该方法可以包括:从REE获取加密的资源数据并提供给TEE;在TEE中将所述加密的资源数据解密;对所述解密后的资源数据进行处理。这里,该资源数据包括但不限于TUI资源数据,该TUI资源数据用于呈现TUI,适用于无安全存储设备时需要使用TUI资源数据的应用场景。对资源数据进行处理包括但不限于TUI在TEE下的呈现。应当理解,本申请的技术方案中,资源数据还可以是其他类型,相应的处理也不限于TUI的呈现。对于资源数据的类型及其处理方式,视具体应用场景而定,本文不予限制。
下面对本申请技术方案的实现方式进行详细说明。
实施例一
一种TUI资源数据的应用方法,如图2所示,可包括:
步骤201,在非TUI上触发TUI的启动,从REE获取加密的可信用户界面资源数据并提供给TEE;
步骤202,在TEE中将所述加密的TUI资源数据解密,并基于所述解密后的TUI资源数据显示TUI。
本实施例中,需要显示TUI时从REE获取加密的TUI资源数据并提供给TEE,TEE将其解密即可使用该TUI资源数据显示TUI,这样,不仅可以保证TUI资源数据的完整性和保密性,而且可以将TUI资源数据保存在不可信的存储器上,避开了必须使用可信存储器存放TUI资源数据的限制,解决了某些终端设备因无法提供安全存储器而导致TUI资源数据无法被安全保存的问题,可有效降低终端设备使用移动安全技术的硬件成本。
本实施例中,还可以包括:从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境之前,将加密的TUI资源数据存放在REE中。
由于本实施例采用加密的TUI资源数据,因此存放时可以存放在REE中的任何存储器中,也就是说,既可以存放在可信存储器中,也可以存放在不可信的存储器中,具体使用何种类型的存储器存放该加密的TUI资源数据,可根据实际应用的需要或终端设备 的硬件配置灵活调整。一种实现方式中,可以将所述加密的TUI资源数据存放在REE中不可信的存储空间中,以降低存储器的成本。实际应用中,该不可信的存储空间还可以称之为非安全存储区域。这里,存储空间可以是一个存储器,也可以是存储器中的一个区域。比如,可以将该加密的TUI资源数据存储到终端设备外接的Flash。
本实施例中,TUI资源数据可以包括字体、字符、图片等。该TUI资源数据可以是TUI静态资源数据,也可以是TUI动态资源数据。其中,TUI静态资源数据可随应用程序的安装预存到终端设备上,TUI动态资源数据则需要实时通过网络下发。对于TUI静态资源数据,可以在应用程序安装时预先将加密的TUI资源数据存放在REE中。对于TUI动态资源数据,可以由网络侧动态下发加密的TUI资源数据到终端设备,终端设备将该加密的TUI资源数据暂存在REE中。本实施例中的方法优选用于TUI静态资源数据。
本实施例中,可以通过非可信用户界面上的用户操作触发可信用户界面的启动。也就是说,用户可以在终端设备显示非TUI时在该非TUI上进行操作,以触发TUI的启动。实际应用中,该操作可以是按键操作、语音操作、触控操作或其他用户操作。比如,用户在使用终端设备的某个应用程序时,可以先进入该应用程序的非TUI,在显示非TUI时用户可以在该非TUI上进行操作,触发TUI显示请求,终端设备在TUI显示请求的指示下执行REE到TEE的切换,REE可以在此切换的执行过程中向TEE提供加密的TUI资源数据,TEE将其解密后使用该TUI资源数据显示TUI。
本实施例中,所述方法还可以包括:从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境之前,生成所述加密的TUI资源数据;其中,所述生成所述加密的TUI资源数据的方式可以包括如下之一:1)生成TUI资源数据包,利用安全哈希算法和非对称加密算法生成所述TUI资源数据包的数字签名,将所述数字签名附加在所述TUI资源数据包之后,以得到所述加密的TUI资源数据;2)利用AES加密算法直接对TUI资源数据进行加密处理,以生成所述加密的TUI资源数据。实际应用中,可基于应用环境的需求选择合适的加密算法加密TUI资源数据,以确保TUI资源数据的完整性和保密性。
实际应用中,一个应用程序的所有用户界面的TUI资源数据可统一加密,这些TUI资源数据全部采用同一加密算法和同一密钥。对应不同应用程序的TUI资源数据可采用不同的加密算法,也可采用相同的加密算法,但采用相同的加密算法时需要使用不同的密钥。
本实施例中,在TEE中将所述加密的TUI资源数据解密,可以包括:使用预先设定的TUI资源密钥对所述加密的TUI资源数据进行解密。一种实现方式中,在TEE中将所述加密的TUI资源数据解密的方式可以包括如下之一:1)使用公钥对所述加密的TUI资源数据的数字签名进行验签;2)利用AES解密算法对所述加密的TUI资源数据进行解密。
实际应用中,如果加密TUI资源数据时使用的是数字签名,那么TEE使用公钥对所述加密的TUI资源数据进行验签,此时,上述预先设定的TUI资源密钥即是指该公钥。如果加密TUI资源数据时采用AES加密算法,那么TEE使用相应的AES解密算法对所述加密的TUI资源数据进行解密,此时,上述预先设定的TUI资源密钥即是指该AES解密算法的密钥。
具体的,TUI资源数据的加解密算法可以采用如下方案:
1)先使用SHA-1、SHA-224、SHA-256、SHA-384、SHA-512中之一对所述TUI资源数据包进行数字摘要,然后通过非对称加密算法(比如,RSA算法)对该数字摘要进行加密,生成所述TUI资源数据包的数字签名,将所述数字签名附加在所述TUI资源数据包之后,得到所述加密的TUI资源数据。在TEE使用被加密的TUI资源数据时,只需要使用公钥对该数字签名进行验证,即可保证该TUI资源是未被篡改的数据。
2)使用ECB、CBC、CFB、OFB、CTR的AES加密算法对TUI资源数据进行直接加密。在TEE使用被加密的TUI资源时,直接使用相应的AES解密算法解密即可使用TUI资源数据。
实际操作中,可以由应用程序开发者通过资源生成工具并利用上述加密算法生成TUI资源数据并进行加密处理。对TUI资源数据进行加密处理时涉及的私钥可以由应用程序开发者自行保护其安全性。
比如,应用程序开发者在开发过程中通过TUI资源生成工具生成TUI资源数据包,并通过SHA256对资源包进行数字摘要,然后通过RSA2048对摘要进行加密,生成TUI资源数据包的数字签名,将该数字签名附加所述TUI资源数据包后即可得到加密的TUI资源数据包。当应用程序安装时,将加密的TUI资源数据包存放在REE的存储器上。TUI显示时,TEE使用公钥来验签该加密的TUI资源数据包,验签通过则将TUI资源数据存放于TEE的受保护内存中,显示TUI时使用。这里,TUI资源工具是专门用于人工编码的工具。
再比如,应用程序开发者在开发过程中,通过TUI资源生成工具生成TUI资源数据 并利用AES CTR算法直接对该TUI资源数据进行加密处理,生成加密的TUI资源数据包。当应用程序安装时,将该加密的TUI资源数据包存放在REE的存储器上。TUI显示时,TEE获取到该加密的TUI资源数据包之后,通过AES CTR算法的密钥解密该加密的TUI资源数据包,并存放于TEE的受保护内存中,供显示TUI时使用。
实际应用中,上述应用程序的安装依照终端设备的具体情况而定,可以是终端设备在生产阶段便预置其中,也可以是用户通过网络手动下载到终端设备。比如,对于二维码支付设备,其应用程序在设备的生产阶段便预置其中,相应的,加密的TUI资源数据也可以在生产阶段便预先存放在二维码支付设备的存储器中。
本实施例中,在非TUI上触发TUI的启动,从REE获取加密的可信用户界面资源数据并提供给TEE,可以包括:非TUI上的用户操作触发TUI的启动时,在REE中加载所述加密的TUI资源数据并送到共享内存;在TEE中将所述加密的TUI资源数据从所述共享内存复制到TEE的受保护内存。一种实现方式中,将所述加密的TUI资源数据提供给TEE,可以包括:通过TUI程序向REE发送针对TUI资源数据的请求,基于所述请求在REE中加载所述加密的TUI资源数据并送到共享内存;通过所述TUI程序将所述加密的TUI资源数据从所述共享内存复制到TEE的受保护内存。这里,所述针对TUI资源数据的请求中可以携带TUI标识;在REE中,基于所述请求中携带的TUI标识,加载对应的加密的TUI资源数据并送到共享内存。实际应用中,该TUI标识可以是通用唯一识别码(UUID,Universally Unique Identifier)或其他类似的信息。
实际应用中,应用程序请求打开TUI时,先开启TUI代理程序(TUI Agent),然后应用程序调用TUI Agent发送TUI启动命令给TEE,在TEE中根据该TUI启动命令的要求开启TUI程序,TUI程序启动时发送针对TUI资源数据的请求给REE中的TUI Agent,TUI Agent基于请求加载相应的加密TUI资源数据到共享内存,TEE中的TUI程序从共享内存读取该加密TUI资源数据,解密后将TUI资源数据存放在TEE侧的受保护内存中,提供给TUI程序呈现TUI时使用。
本实施例中,可以通过不同命令来区分TUI程序向REE请求的数据。一种实现方式中,上述针对TUI资源数据的请求可以表示为指定的命令。比如,可以预先设定CMD=1为TUI资源数据的打开命令,那么,TEE中的TUI程序将该“CMD=1”的命令发送给REE中的TUI Agent,TUI Agent即会在该命令的指示下加载相应的加密TUI资源数据到共享内存。
实际应用中,如果终端设备存在多个TUI程序,那么,相应的TUI资源数据与TUI 程序之间可以通过TUI标识(比如,UUID)绑定。这里,对应某个TUI程序的TUI标识(比如,UUID)包含在加密TUI资源数据中。比如,如果TUI_A程序需要加载TUI_A资源数据,向TUI Agent可以发送了携带TUI_A的UUID的针对TUI资源数据的请求,那么TUI Agent可以根据该针对TUI资源数据的请求中携带的UUID查找存储器中存放的众多加密TUI资源数据中哪个加密TUI资源数据的UUID符合该TUI_A的UUID,找到与TUI_A的UUID相匹配的加密TUI资源数据之后再加载。
实际应用中,本实施例中的TUI可以是任何类型。一种实现方式中,该TUI优选为图像化的TUI,比如,该TUI可以是包含商家支付二维码的TUI。也就是说,本实施例的一种实现方式中,可以基于所述解密后的TUI资源数据显示图形化的TUI。
本实施例中,上述方法还可以包括:在退出所述TUI程序的过程中或退出所述TUI程序之后,清除所述TEE的受保护内存中的所述TUI资源数据。比如,TEE中的TOS接收到来自REE侧的针对所述TUI程序的关闭命令后,可以清除所述TEE的受保护内存中的所述TUI资源数据,以释放TEE受保护内中的空间。换言之,本实施例在显示TUI的过程中会将解密后的TUI资源数据存放在TEE侧的受保护内存中,持续整个TUI显示的生命期,直到用户将TUI关闭。TUI被关闭后,该解密后的TUI资源数据从TEE侧的受保护内存中清除,以释放其占用的内存。
本实施例中,上述方法还可以包括:在所述TUI程序退出后,清除所述共享内存中所述加密的TUI资源数据。比如,在REE侧的TUI Agent发出针对所述TUI程序的关闭命令后,可以将共享内存中的加密TUI资源数据删除,以及时释放该加密TUI资源数据在共享内存中占用的空间。换言之,本实施例在显示TUI的过程中,会将加密TUI资源数据存于REE侧的共享内存以便TEE侧实时读取。在TUI关闭后,可以将该加密TUI资源数据从该共享内存中清除,以释放其占用的内存。
本实施例的上述方法可通过任何能够提供TEE安全能力的终端设备实现。尤其是,可适用于无法提供安全存储但能够提供TEE安全能力的终端设备。比如低成本的线下二维码支付设备等。
如图3所示,为本实施例的上述方法应用于无法提供安全存储但能够提供TEE安全能力的终端设备时,该终端设备的系统架构示例图,如图4所示为该终端设备系统架构的另一示例性图。
如图5所示,本实施例的上述方法可以通过如下的示例性流程实现:
步骤501,在TUI资源数据被安装到终端设备之前,通过加密软件对TUI资源数据 进行加密处理,生成加密TUI资源数据(TUI En-Rsc,TUI encrypted resource);
步骤502,在应用程序安装时,将该应用程序的加密TUI资源数据存储到终端设备REE侧的存储器(比如,不可信存储器)中;
步骤503,需要启动TUI时,TUI Agent将加密TUI资源数据从REE侧的存储器加载到共享内存,以将所加载的加密TUI资源数据(通过Platform中的共享内存)提供给TEE侧。
步骤504,TEE侧,TUI程序从共享内存获取加密TUI资源数据之后,通过预先设定的TUI资源密钥(TUI resource key)进行解密,得到解密后的TUI资源数据(TUI De-Rsc,TUI decrypted resource),并将解密后的TUI资源数据存放在TEE侧的受保护内存中;
步骤505,TUI程序使用解密后的TUI资源数据,显示图形化的TUI,以便用户在安全的TEE中进行操作(比如,输入账号密码;比如,输入身份证信息等)。
需要说明的是,上述图3、图4和图5为本实施例方法的示例性实现形式,在其他应用场景中本实施例的上述方法还可以通过其他方式来实现。
实施例二
本实施例提供一种TUI资源数据的应用装置,可以包括:提供模块和处理模块;其中,提供模块,可用于从REE获取加密的资源数据并提供给TEE;处理模块,可用于在TEE中将所述加密的资源数据解密;对所述解密后的资源数据进行处理。该处理模块包括但不限于下文所述的TUI模块。
具体来讲,本实施例中TUI资源数据的应用装置如图6所示,可以包括:
提供模块62,用于在非TUI上触发TUI的启动,从REE获取加密的可信用户界面资源数据并提供给TEE;
TUI模块63,用于在TEE中将所述加密的TUI资源数据解密,并基于所述解密后的TUI资源数据显示TUI。
本实施例的上述应用装置,还可以包括:生成模块64,用于通过如下之一生成所述加密的TUI资源数据:1)生成TUI资源数据包,利用安全哈希算法和非对称加密算法生成所述TUI资源数据包的数字签名,将所述数字签名附加在所述TUI资源数据包之后,得到所述加密的TUI资源数据;2)利用高级加密标准AES加密算法直接对TUI资源数据进行加密处理,生成所述加密的TUI资源数据。
本实施例的上述应用装置,还可以包括:设置于REE中的存储模块61,用于存放所 述加密的TUI资源数据。一种实现方式中,该存储模块61可以是REE中不可信的存储空间。
本实施例中的上述应用装置中,所述提供模块62,可用于在非TUI上的用户操作触发TUI的启动时,在REE中加载所述加密的TUI资源数据并送到共享内存;所述TUI模块,可用于将所述加密的TUI资源数据从所述共享内存复制到TEE的受保护内存中。
实际应用中,本实施例的上述应用装置可设置于任何能够提供TEE安全能力的终端设备中或实现为该终端设备。尤其是,本实施例的上述应用装置可设置于无法提供安全存储但能够提供TEE安全能力的终端设备中或实现为该终端设备。比如,本实施例的上述应用装置可设置于低成本的线下二维码支付设备中。
需要说明的是,本实施例的上述应用装置中,设置于REE中的存储模块61、提供模块62、TUI模块63、生成模块64分别可以是软件、硬件或两者的结合。一种实现方式中,设置于REE中的存储模块61可以体现为终端设备的不可信存储器或不可信存储区域,提供模块62可以体现为终端设备中REE侧的TUI Agent,TUI模块63可以体现为终端设备中TEE侧的TUI程序,生成模块64可以体现为终端设备的外接设备,该外接设备可以是支持TUI资源生成工具、加密算法(比如,AES算法;比如,数字签名相关的加密算法等)的任何类型的设备。
实施例三
一种TUI资源数据的应用装置,如图7所示,可以包括:
显示器71;
存储有计算机程序的存储器72;
处理器73,配置为读取所述计算机程序以执行实施例一所述可信用户界面资源数据的应用方法的操作。
这里,处理器73可以配置为读取所述计算机程序以执行如下操作:从REE获取加密的资源数据并提供给TEE;在TEE中将所述加密的资源数据解密;对所述解密后的资源数据进行处理。
具体来讲,处理器73,配置为读取所述计算机程序以执行实施例一中的步骤201~步骤202。
本实施例中TUI资源数据的应用装置的其他技术细节可参照上文方法部分。
实际应用中,图7所示的TUI资源数据的应用装置可以通过任何能够提供TEE安全能力的终端设备来实现。
需要说明的是,图7所示的TUI资源数据的应用装置除包含上述的存储器和处理器之外,还可包含其他部件。比如,TUI资源数据的应用装置中还可以包含用于存储用户数据的数据存储器(比如,不可信存储器等);再比如,TUI资源数据的应用装置中还可包含用于与外部设备进行通信的通信电路;再比如,TUI资源数据的应用装置中还可以包含用于将各部分耦合连接的总线。又比如,TUI资源数据的应用装置还可以包括输出TUI相关音频的音频输出部件(如,喇叭)等。除此之外,该TUI资源数据的应用装置还可以包含其他部件。
实施例四
本实施例还提供一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现如上述TUI资源数据的应用方法的步骤。
这里,所述计算机程序被处理器执行时实现的步骤包括:从REE获取加密的资源数据并提供给TEE;在TEE中将所述加密的资源数据解密;对所述解密后的资源数据进行处理。具体来讲,所述计算机程序被处理器执行时可实现如实施例一的步骤201~步骤202。本实施例的其他技术细节可参照实施例一。
下面对上述各实施例的示例性实现方式进行详细说明。需要说明的是,下文各实例可相互结合。并且,下文实例中各流程、执行过程等也可以根据实际应用的需要进行调整。此外,在实际应用中,上述各实施例还可以有其他的实现方式。
实例1
实际应用中存在低成本的终端设备,比如线下二维码支付设备,可以提供支付二维码显示,但其不具备提供安全存储的能力。因此,此类设备需要提供TUI功能时,便需要使用本实施例的方案以保护TUI资源数据的安全。
本实例中,以低成本的线下二维码支付设备为例对本申请各实施例的具体实现方式进行说明。
如图8所示,为二维码支付设备的应用环境及其内部系统架构的示例图。本实例中,该二维码支付设备可以提供商家的支付二维码显示,买家可以通过手机扫描该二维码支付设备显示的二维码完成支付。该二维码支付设备显示的二维码需要满足安全性、不可替代性的要求。因此,在其具备提供TEE能力的基础上,会通过TUI来显示二维码,以此保护二维码的安全性。
如图9所示,二维码支付设备通过TUI显示二维码的过程可以包括:
步骤901,商家按电源键启动设备,设备启动时通过二维码支付应用程序调用TUI Agent。
其中,二维码支付应用程序主要负责获取商家的支付二维码信息、交易信息的上传、交易状态信息的获取以及调用TUI Agent来完成TUI的显示和交互。
步骤902,当显示在非TUI界面时,商家通过按下确认键触发TUI Agent发送TUI开启命令,该TUI开启命令通过ROS驱动调用Platform Hardware服务传递到TOS。
步骤903,TOS接收到TUI开启命令后,启动TUI程序,并向TUI Agent申请被加密的资源数据即向TUI Agent发送针对TUI资源数据的请求;
步骤904,TUI Agent接收到针对TUI资源数据的请求后,打开REE的不可信存储器中存放的加密TUI资源数据并加载到共享内存。
这里,TUI Agent还可以从网络端下载加密的TUI资源数据到共享内存。
步骤905,TUI程序将共享内存中加密的TUI资源数据复制到TEE的受保护内存,并利用预存的TUI资源密钥(TUI resource key)解密该加密的TUI资源数据并将解密后的TUI资源数据存放到TEE的受保护内存。
步骤906,TUI程序从TEE的受保护内存中读取解密后的TUI资源数据,使用该TUI资源数据生成包含商家的支付二维码的TUI并显示该TUI。如图10所示,为二维码支付设备显示该TUI的示例图。
实际应用中,在买家通过手机扫码并完成支付之后,商家可按退出键退出该TUI,或者在买家扫码并完成之后由交易服务器通过网络向终端设备的二维码支付应用程序下发交易成功信息,二维码支付应用程序调用TUI Agent主动发起TUI的退出流程。主动发起TUI关闭命令给TOS。
如图11所示,本实例中,TUI的退出流程可以包括:
步骤1101,商家在二维码支付设备上按下退出键,TUI Agent发送关闭命令给TOS,或者二维码支付设备通过网络接收到来自交易服务器的指示交易成功的交易状态信息后,TUI Agent直接发送关闭命令给TOS。
步骤1102,TOS接收到关闭命令后,将当前使用的TUI资源数据清除,以释放该TUI资源数据所占用的内存,并关闭TUI程序;
步骤1103,TUI Agent将已加载到共享内存的TUI资源数据清除,以释放该TUI资源数据在共享内存中占用的空间;
步骤1104,TUI Agent持续监控用户操作(比如,按键),以在被触发时启动TUI程序,直到二维码支付设备的电源关闭。
需要说明的是,上述图8至图11仅为示例,并不用于限制本申请。在其他应用场景下,还可以通过其他方式实现。
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件完成,所述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。本申请不限制于任何特定形式的硬件和软件的结合。
当然,本申请还可有其他多种实施例,在不背离本申请精神及其实质的情况下,熟悉本领域的技术人员当可根据本申请作出各种相应的改变和变形,但这些相应的改变和变形都应属于本申请的权利要求的保护范围。
Claims (19)
- 一种可信用户界面资源数据的应用方法,包括:在非可信用户界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境;在可信执行环境中将所述加密的可信用户界面资源数据解密,并基于所述解密后的可信用户界面资源数据显示可信用户界面。
- 根据权利要求1所述的应用方法,其特征在于,所述方法还包括:从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境之前,生成所述加密的可信用户界面资源数据;其中,所述生成所述加密的可信用户界面资源数据包括如下之一:生成可信用户界面资源数据包,利用安全哈希算法和非对称加密算法生成所述可信用户界面资源数据包的数字签名,将所述数字签名附加在所述可信用户界面资源数据包之后,以得到所述加密的可信用户界面资源数据;利用高级加密标准AES加密算法直接对可信用户界面资源数据进行加密处理,以生成所述加密的可信用户界面资源数据。
- 根据权利要求1所述的应用方法,其特征在于,所述在可信执行环境中将所述加密的可信用户界面资源数据解密,包括:使用预先设定的可信用户界面资源密钥对所述加密的可信用户界面资源数据进行解密。
- 根据权利要求3所述的应用方法,其特征在于,所述在可信执行环境中将所述加密的可信用户界面资源数据解密,包括如下之一:使用公钥对所述加密的可信用户界面资源数据的数字签名进行验签;使用AES解密算法对所述加密的可信用户界面资源数据进行解密。
- 根据权利要求1所述的应用方法,其特征在于,所述方法还包括:从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境之前,将所述加密的可信用户界面资源数据存放在所述富执行环境中。
- 根据权利要求5所述的应用方法,其特征在于,所述将加密的可信用户界面资源数据存放在富执行环境中,包括:将所述加密的可信用户界面资源数据存放在富执行环境中不可信的存储空间。
- 根据权利要求1至6任一项所述的应用方法,其特征在于,所述在非可信用户 界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境,包括:非可信用户界面上的用户操作触发可信用户界面的启动时,在富执行环境中加载所述加密的可信用户界面资源数据并送到共享内存;在可信执行环境中将所述加密的可信用户界面资源数据从所述共享内存复制到可信执行环境的受保护内存。
- 根据权利要求7所述的应用方法,其特征在于,所述从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境,包括:通过可信用户界面程序向富执行环境发送针对可信用户界面资源数据的请求,基于所述请求在富执行环境中加载所述加密的可信用户界面资源数据并送到共享内存;通过所述可信用户界面程序将所述加密的可信用户界面资源数据从所述共享内存复制到可信执行环境的受保护内存。
- 根据权利要求8所述的应用方法,其特征在于:所述针对可信用户界面资源数据的请求中携带可信用户界面标识;在富执行环境中,基于所述请求中携带的可信用户界面标识,加载对应的加密的可信用户界面资源数据并送到共享内存。
- 根据权利要求7所述的应用方法,其特征在于,所述方法还包括:在退出所述可信用户界面程序的过程中或退出所述可信用户界面程序之后,清除所述可信执行环境的受保护内存中的所述可信用户界面资源数据。
- 根据权利要求7所述的应用方法,其特征在于,所述方法还包括:在所述可信用户界面程序退出后,清除所述共享内存中所述加密的可信用户界面资源数据。
- 根据权利要求1所述的应用方法,其特征在于,所述基于所述解密后的可信用户界面资源数据显示可信用户界面,包括:基于所述解密后的可信用户界面资源数据显示图形化的可信用户界面。
- 一种可信用户界面资源数据的应用装置,其特征在于,包括:提供模块,用于在非可信用户界面上触发可信用户界面的启动,从富执行环境获取加密的可信用户界面资源数据并提供给可信执行环境;可信用户界面模块,用于在可信执行环境中将所述加密的可信用户界面资源数据解密,并基于所述解密后的可信用户界面资源数据显示可信用户界面。
- 根据权利要求13所述的应用装置,其特征在于,还包括:生成模块,用于通过如下之一生成所述加密的可信用户界面资源数据:生成可信用户界面资源数据包,利用安全哈希算法和非对称加密算法生成所述可信用户界面资源数据包的数字签名,将所述数字签名附加在所述可信用户界面资源数据包之后,以得到所述加密的可信用户界面资源数据;利用高级加密标准AES加密算法直接对可信用户界面资源数据进行加密处理,以生成所述加密的可信用户界面资源数据。
- 根据权利要求13所述的应用装置,其特征在于:所述提供模块,用于在非可信用户界面上的用户操作触发可信用户界面的启动时,在富执行环境中加载所述加密的可信用户界面资源数据并送到共享内存;所述可信用户界面模块,用于将所述加密的可信用户界面资源数据从所述共享内存复制到可信执行环境的受保护内存中。
- 根据权利要求13所述的应用装置,其特征在于,还包括:设置于富执行环境中的存储模块,用于存放所述加密的可信用户界面资源数据。
- 一种可信用户界面资源数据的应用装置,其特征在于,包括:显示器;存储有计算机程序的存储器;处理器,配置为读取所述计算机程序以执行权利要求1至12任一项所述可信用户界面资源数据的应用方法的操作。
- 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现权利要求1至12任一项可信用户界面资源数据的应用方法的步骤。
- 一种数据处理方法,包括:从富执行环境获取加密的资源数据并提供给可信执行环境;在可信执行环境中将所述加密的资源数据解密;对所述解密后的资源数据进行处理。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711230388.4 | 2017-11-29 | ||
CN201711230388.4A CN109840436A (zh) | 2017-11-29 | 2017-11-29 | 数据处理方法、可信用户界面资源数据的应用方法及装置 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019105290A1 true WO2019105290A1 (zh) | 2019-06-06 |
Family
ID=66664700
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2018/117106 WO2019105290A1 (zh) | 2017-11-29 | 2018-11-23 | 数据处理方法、可信用户界面资源数据的应用方法及装置 |
Country Status (3)
Country | Link |
---|---|
CN (1) | CN109840436A (zh) |
TW (1) | TW201939345A (zh) |
WO (1) | WO2019105290A1 (zh) |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109214215B (zh) * | 2018-06-19 | 2021-10-26 | 中国银联股份有限公司 | 基于tee和ree的分离式切换方法及其系统 |
CN110442462B (zh) | 2019-07-16 | 2020-07-28 | 阿里巴巴集团控股有限公司 | Tee系统中的多线程数据传输方法和装置 |
CN110442463B (zh) * | 2019-07-16 | 2020-07-07 | 阿里巴巴集团控股有限公司 | Tee系统中的数据传输方法和装置 |
US10699015B1 (en) | 2020-01-10 | 2020-06-30 | Alibaba Group Holding Limited | Method and apparatus for data transmission in a tee system |
CN110399235B (zh) | 2019-07-16 | 2020-07-28 | 阿里巴巴集团控股有限公司 | Tee系统中的多线程数据传输方法和装置 |
CN112422487A (zh) * | 2019-08-23 | 2021-02-26 | 北京小米移动软件有限公司 | 数据传输方法、装置、系统及计算机可读存储介质 |
CN111737368B (zh) | 2020-07-24 | 2020-12-18 | 支付宝(杭州)信息技术有限公司 | 一种数据处理方法、装置、设备及介质 |
CN111814172A (zh) | 2020-08-28 | 2020-10-23 | 支付宝(杭州)信息技术有限公司 | 一种数据授权信息的获取方法、装置及设备 |
CN111818094B (zh) | 2020-08-28 | 2021-01-05 | 支付宝(杭州)信息技术有限公司 | 一种身份注册方法、装置及设备 |
CN111815420B (zh) | 2020-08-28 | 2021-07-06 | 支付宝(杭州)信息技术有限公司 | 一种基于可信资产数据的匹配方法、装置及设备 |
CN111741036B (zh) | 2020-08-28 | 2020-12-18 | 支付宝(杭州)信息技术有限公司 | 一种可信数据传输方法、装置及设备 |
CN111814196B (zh) | 2020-09-04 | 2021-01-05 | 支付宝(杭州)信息技术有限公司 | 一种数据处理方法、装置及设备 |
CN113434849A (zh) * | 2020-09-04 | 2021-09-24 | 支付宝(杭州)信息技术有限公司 | 一种基于可信硬件的数据管理方法、装置及设备 |
CN111814156B (zh) | 2020-09-04 | 2022-04-29 | 支付宝(杭州)信息技术有限公司 | 一种基于可信设备的数据获取方法、装置及设备 |
CN111931238B (zh) | 2020-09-15 | 2021-05-04 | 支付宝(杭州)信息技术有限公司 | 一种基于区块链的数据资产流转方法、装置及设备 |
CN111930846B (zh) | 2020-09-15 | 2021-02-23 | 支付宝(杭州)信息技术有限公司 | 一种数据处理方法、装置及设备 |
CN113012008B (zh) | 2020-09-15 | 2022-06-03 | 支付宝(杭州)信息技术有限公司 | 一种基于可信硬件的身份管理方法、装置及设备 |
CN112286562B (zh) * | 2020-10-28 | 2021-09-10 | 飞腾信息技术有限公司 | 一种可信操作系统调试更新方法及系统 |
CN112434306B (zh) * | 2020-12-11 | 2024-04-16 | 中国科学院信息工程研究所 | 可信度量方法,装置,系统,电子设备及存储介质 |
CN115016666B (zh) * | 2021-11-18 | 2023-08-25 | 荣耀终端有限公司 | 触控处理方法、终端设备以及存储介质 |
CN114780981A (zh) * | 2022-05-11 | 2022-07-22 | 珠海全志科技股份有限公司 | 安全数据的存储方法、计算机装置及计算机可读存储介质 |
CN116049813B (zh) * | 2022-07-29 | 2023-10-20 | 荣耀终端有限公司 | 基于可信执行环境的触屏数据处理方法、设备及存储介质 |
CN115174125A (zh) * | 2022-09-07 | 2022-10-11 | 北京笔新互联网科技有限公司 | 可信执行环境中可信真随机数的获取方法及装置 |
CN116382896B (zh) * | 2023-02-27 | 2023-12-19 | 荣耀终端有限公司 | 图像处理算法的调用方法、终端设备、介质及产品 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110087610A1 (en) * | 2009-10-13 | 2011-04-14 | Asif Batada | Global secure service provider directory |
CN103491080A (zh) * | 2013-09-12 | 2014-01-01 | 深圳市文鼎创数据科技有限公司 | 信息安全保护方法及系统 |
CN105812332A (zh) * | 2014-12-31 | 2016-07-27 | 北京握奇智能科技有限公司 | 数据保护方法 |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104581214B (zh) * | 2015-01-28 | 2018-09-11 | 三星电子(中国)研发中心 | 基于ARM TrustZone系统的多媒体内容保护方法和装置 |
US20160234176A1 (en) * | 2015-02-06 | 2016-08-11 | Samsung Electronics Co., Ltd. | Electronic device and data transmission method thereof |
CN106200891B (zh) * | 2015-05-08 | 2019-09-06 | 阿里巴巴集团控股有限公司 | 显示用户界面的方法、装置及系统 |
CN106997439B (zh) * | 2017-04-01 | 2020-06-19 | 北京元心科技有限公司 | 基于TrustZone的数据加解密方法、装置及终端设备 |
CN106990972B (zh) * | 2017-04-13 | 2021-04-02 | 沈阳微可信科技有限公司 | 用于运行可信用户界面的方法和装置 |
-
2017
- 2017-11-29 CN CN201711230388.4A patent/CN109840436A/zh active Pending
-
2018
- 2018-09-28 TW TW107134281A patent/TW201939345A/zh unknown
- 2018-11-23 WO PCT/CN2018/117106 patent/WO2019105290A1/zh active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110087610A1 (en) * | 2009-10-13 | 2011-04-14 | Asif Batada | Global secure service provider directory |
CN103491080A (zh) * | 2013-09-12 | 2014-01-01 | 深圳市文鼎创数据科技有限公司 | 信息安全保护方法及系统 |
CN105812332A (zh) * | 2014-12-31 | 2016-07-27 | 北京握奇智能科技有限公司 | 数据保护方法 |
Also Published As
Publication number | Publication date |
---|---|
TW201939345A (zh) | 2019-10-01 |
CN109840436A (zh) | 2019-06-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019105290A1 (zh) | 数据处理方法、可信用户界面资源数据的应用方法及装置 | |
CN107659632B (zh) | 一种文件加解密方法、装置及计算机可读存储介质 | |
US10462114B2 (en) | System and associated software for providing advanced data protections in a defense-in-depth system by integrating multi-factor authentication with cryptographic offloading | |
CN110492990B (zh) | 区块链场景下的私钥管理方法、装置及系统 | |
KR101891420B1 (ko) | DaaS를 위한 컨텐츠 보호 | |
US7639819B2 (en) | Method and apparatus for using an external security device to secure data in a database | |
TWI598814B (zh) | 用於管理及診斷配備有統一可延伸韌體介面(uefi)相容韌體的計算裝置之系統與方法 | |
US9461819B2 (en) | Information sharing system, computer, project managing server, and information sharing method used in them | |
WO2022028289A1 (zh) | 数据加密方法、数据解密方法、装置、终端和存储介质 | |
WO2021164166A1 (zh) | 一种业务数据保护方法、装置、设备及可读存储介质 | |
CN106992851B (zh) | 基于TrustZone的数据库文件口令加解密方法、装置及终端设备 | |
WO2018177394A1 (zh) | 一种安卓so文件的保护方法及装置 | |
US9367700B2 (en) | System and method for establishing a shared secret for communication between different security domains | |
WO2020073712A1 (zh) | 一种移动终端中共享安全应用的方法及移动终端 | |
CN110806919A (zh) | 一种云环境下保护虚拟机镜像的方法及系统 | |
WO2024198933A1 (zh) | 私钥保护和服务端访问方法、系统、设备及存储介质 | |
US20150227474A1 (en) | Enabling a secure boot from non-volatile memory | |
US20230222230A1 (en) | Key distribution system in a secure enclave | |
WO2023207975A1 (zh) | 数据传输方法、装置和电子设备 | |
US9087211B2 (en) | Method and system for annotation based secure caching | |
KR101952139B1 (ko) | 사용자 단말과 연동된 게이트웨이 서버에서 drm 기능을 제공하는 방법 | |
US11399015B2 (en) | Data security tool | |
EP4174695A1 (en) | Method to store data persistently by a software payload | |
EP4175218A1 (en) | Method to establish a secure channel | |
JP6741236B2 (ja) | 情報処理装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18882913 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18882913 Country of ref document: EP Kind code of ref document: A1 |