WO2024071927A1 - Dispositif électronique et procédé de protection de données l'utilisant - Google Patents

Dispositif électronique et procédé de protection de données l'utilisant Download PDF

Info

Publication number
WO2024071927A1
WO2024071927A1 PCT/KR2023/014703 KR2023014703W WO2024071927A1 WO 2024071927 A1 WO2024071927 A1 WO 2024071927A1 KR 2023014703 W KR2023014703 W KR 2023014703W WO 2024071927 A1 WO2024071927 A1 WO 2024071927A1
Authority
WO
WIPO (PCT)
Prior art keywords
data file
hash value
model
model data
space
Prior art date
Application number
PCT/KR2023/014703
Other languages
English (en)
Korean (ko)
Inventor
황보람
이상우
이은택
Original Assignee
삼성전자 주식회사
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020220146318A external-priority patent/KR20240044287A/ko
Application filed by 삼성전자 주식회사 filed Critical 삼성전자 주식회사
Publication of WO2024071927A1 publication Critical patent/WO2024071927A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators

Definitions

  • Various embodiments of the present invention relate to electronic devices and data protection methods using the same.
  • These electronic devices can run various applications based on machine learning model data learned through deep learning or machine learning based on artificial neural networks.
  • malware and spyware are introduced into portable electronic devices, causing damage from cyber attacks such as network traffic, system performance degradation, file deletion, and personal information leakage.
  • An electronic device includes a memory and a processor operatively connected to the memory, and when the memory is executed, the processor starts an operation according to the execution of an application based on a model data file. Then, the model data file is loaded from the memory, a hash value for the model data file is calculated in the hypervisor space, stored together with model-related information for the model data file, and based on a timer generated in the kernel space. Calculate the hash value of the loaded model data file in the hypervisor space, compare the calculated hash value with the stored hash value to confirm identity, and if the hash values are not identical according to the comparison, the model data You can store instructions that determine whether a file has been modified.
  • a method of an electronic device includes the operation of loading the model data file from the memory when an operation according to execution of an application based on the model data file begins, and the operation of loading the model data file in the hypervisor space.
  • An operation of calculating a hash value and storing it together with model-related information about the model data file, an operation of calculating a hash value of the loaded model data file in the hypervisor space based on a timer generated in the kernel space, the calculation It may include an operation of comparing the hash value with the stored hash value to confirm identity, and an operation of determining that the model data file has been modified if the hash values are not the same according to the comparison.
  • FIG. 1 is a block diagram of an electronic device in a network environment, according to various embodiments.
  • FIG. 2 is a diagram illustrating the structure of an operating system running on an electronic device, according to various embodiments.
  • FIG. 3 is a block diagram illustrating functional modules of an operating system structure running on an electronic device, according to various embodiments.
  • FIG. 4 is a block diagram illustrating functional modules of an operating system structure running on an electronic device, according to various embodiments.
  • FIG. 5 is a diagram for explaining a method of protecting data in an electronic device, according to various embodiments.
  • FIG. 6 is a flowchart illustrating a method for protecting data in an electronic device, according to various embodiments.
  • FIG. 7 is a flowchart illustrating a method for protecting data in an electronic device, according to various embodiments.
  • FIG. 1 is a block diagram of an electronic device 101 in a network environment 100, according to various embodiments.
  • the electronic device 101 communicates with the electronic device 102 through a first network 198 (e.g., a short-range wireless communication network) or a second network 199. It is possible to communicate with at least one of the electronic device 104 or the server 108 through (e.g., a long-distance wireless communication network). According to one embodiment, the electronic device 101 may communicate with the electronic device 104 through the server 108.
  • a first network 198 e.g., a short-range wireless communication network
  • a second network 199 e.g., a second network 199.
  • the electronic device 101 may communicate with the electronic device 104 through the server 108.
  • the electronic device 101 includes a processor 120, a memory 130, an input module 150, an audio output module 155, a display module 160, an audio module 170, and a sensor module ( 176), interface 177, connection terminal 178, haptic module 179, camera module 180, power management module 188, battery 189, communication module 190, subscriber identification module 196 , or may include an antenna module 197.
  • at least one of these components eg, the connection terminal 178) may be omitted or one or more other components may be added to the electronic device 101.
  • some of these components e.g., sensor module 176, camera module 180, or antenna module 197) are integrated into one component (e.g., display module 160). It can be.
  • the processor 120 for example, executes software (e.g., program 140) to operate at least one other component (e.g., hardware or software component) of the electronic device 101 connected to the processor 120. It can be controlled and various data processing or calculations can be performed. According to one embodiment, as at least part of data processing or computation, the processor 120 stores commands or data received from another component (e.g., sensor module 176 or communication module 190) in volatile memory 132. The commands or data stored in the volatile memory 132 can be processed, and the resulting data can be stored in the non-volatile memory 134.
  • software e.g., program 140
  • the processor 120 stores commands or data received from another component (e.g., sensor module 176 or communication module 190) in volatile memory 132.
  • the commands or data stored in the volatile memory 132 can be processed, and the resulting data can be stored in the non-volatile memory 134.
  • the processor 120 includes a main processor 121 (e.g., a central processing unit or an application processor) or an auxiliary processor 123 that can operate independently or together (e.g., a graphics processing unit, a neural network processing unit ( It may include a neural processing unit (NPU), an image signal processor, a sensor hub processor, or a communication processor).
  • a main processor 121 e.g., a central processing unit or an application processor
  • auxiliary processor 123 e.g., a graphics processing unit, a neural network processing unit ( It may include a neural processing unit (NPU), an image signal processor, a sensor hub processor, or a communication processor.
  • the electronic device 101 includes a main processor 121 and a secondary processor 123
  • the secondary processor 123 may be set to use lower power than the main processor 121 or be specialized for a designated function. You can.
  • the auxiliary processor 123 may be implemented separately from the main processor 121 or as part of it.
  • the auxiliary processor 123 may, for example, act on behalf of the main processor 121 while the main processor 121 is in an inactive (e.g., sleep) state, or while the main processor 121 is in an active (e.g., application execution) state. ), together with the main processor 121, at least one of the components of the electronic device 101 (e.g., the display module 160, the sensor module 176, or the communication module 190) At least some of the functions or states related to can be controlled.
  • co-processor 123 e.g., image signal processor or communication processor
  • may be implemented as part of another functionally related component e.g., camera module 180 or communication module 190. there is.
  • the auxiliary processor 123 may include a hardware structure specialized for processing artificial intelligence models.
  • Artificial intelligence models can be created through machine learning. For example, such learning may be performed in the electronic device 101 itself on which the artificial intelligence model is performed, or may be performed through a separate server (e.g., server 108).
  • Learning algorithms may include, for example, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning, but It is not limited.
  • An artificial intelligence model may include multiple artificial neural network layers.
  • Artificial neural networks include deep neural network (DNN), convolutional neural network (CNN), recurrent neural network (RNN), restricted boltzmann machine (RBM), belief deep network (DBN), bidirectional recurrent deep neural network (BRDNN), It may be one of deep Q-networks or a combination of two or more of the above, but is not limited to the examples described above.
  • artificial intelligence models may additionally or alternatively include software structures.
  • the memory 130 may store various data used by at least one component (eg, the processor 120 or the sensor module 176) of the electronic device 101. Data may include, for example, input data or output data for software (e.g., program 140) and instructions related thereto.
  • Memory 130 may include volatile memory 132 or non-volatile memory 134.
  • the program 140 may be stored as software in the memory 130 and may include, for example, an operating system 142, middleware 144, or application 146.
  • the input module 150 may receive commands or data to be used in a component of the electronic device 101 (e.g., the processor 120) from outside the electronic device 101 (e.g., a user).
  • the input module 150 may include, for example, a microphone, mouse, keyboard, keys (eg, buttons), or digital pen (eg, stylus pen).
  • the sound output module 155 may output sound signals to the outside of the electronic device 101.
  • the sound output module 155 may include, for example, a speaker or a receiver. Speakers can be used for general purposes such as multimedia playback or recording playback.
  • the receiver can be used to receive incoming calls. According to one embodiment, the receiver may be implemented separately from the speaker or as part of it.
  • the display module 160 can visually provide information to the outside of the electronic device 101 (eg, a user).
  • the display module 160 may include, for example, a display, a hologram device, or a projector, and a control circuit for controlling the device.
  • the display module 160 may include a touch sensor configured to detect a touch, or a pressure sensor configured to measure the intensity of force generated by the touch.
  • the audio module 170 can convert sound into an electrical signal or, conversely, convert an electrical signal into sound. According to one embodiment, the audio module 170 acquires sound through the input module 150, the sound output module 155, or an external electronic device (e.g., directly or wirelessly connected to the electronic device 101). Sound may be output through the electronic device 102 (e.g., speaker or headphone).
  • the electronic device 102 e.g., speaker or headphone
  • the sensor module 176 detects the operating state (e.g., power or temperature) of the electronic device 101 or the external environmental state (e.g., user state) and generates an electrical signal or data value corresponding to the detected state. can do.
  • the sensor module 176 includes, for example, a gesture sensor, a gyro sensor, an air pressure sensor, a magnetic sensor, an acceleration sensor, a grip sensor, a proximity sensor, a color sensor, an IR (infrared) sensor, a biometric sensor, It may include a temperature sensor, humidity sensor, or light sensor.
  • the interface 177 may support one or more designated protocols that can be used to connect the electronic device 101 directly or wirelessly with an external electronic device (eg, the electronic device 102).
  • the interface 177 may include, for example, a high definition multimedia interface (HDMI), a universal serial bus (USB) interface, an SD card interface, or an audio interface.
  • HDMI high definition multimedia interface
  • USB universal serial bus
  • SD card interface Secure Digital Card interface
  • audio interface audio interface
  • connection terminal 178 may include a connector through which the electronic device 101 can be physically connected to an external electronic device (eg, the electronic device 102).
  • the connection terminal 178 may include, for example, an HDMI connector, a USB connector, an SD card connector, or an audio connector (eg, a headphone connector).
  • the haptic module 179 can convert electrical signals into mechanical stimulation (e.g., vibration or movement) or electrical stimulation that the user can perceive through tactile or kinesthetic senses.
  • the haptic module 179 may include, for example, a motor, a piezoelectric element, or an electrical stimulation device.
  • the camera module 180 can capture still images and moving images.
  • the camera module 180 may include one or more lenses, image sensors, image signal processors, or flashes.
  • the power management module 188 can manage power supplied to the electronic device 101.
  • the power management module 188 may be implemented as at least a part of, for example, a power management integrated circuit (PMIC).
  • PMIC power management integrated circuit
  • the battery 189 may supply power to at least one component of the electronic device 101.
  • the battery 189 may include, for example, a non-rechargeable primary battery, a rechargeable secondary battery, or a fuel cell.
  • Communication module 190 is configured to provide a direct (e.g., wired) communication channel or wireless communication channel between electronic device 101 and an external electronic device (e.g., electronic device 102, electronic device 104, or server 108). It can support establishment and communication through established communication channels. Communication module 190 operates independently of processor 120 (e.g., an application processor) and may include one or more communication processors that support direct (e.g., wired) communication or wireless communication.
  • processor 120 e.g., an application processor
  • the communication module 190 is a wireless communication module 192 (e.g., a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module) or a wired communication module 194 (e.g., : LAN (local area network) communication module, or power line communication module) may be included.
  • a wireless communication module 192 e.g., a cellular communication module, a short-range wireless communication module, or a global navigation satellite system (GNSS) communication module
  • GNSS global navigation satellite system
  • wired communication module 194 e.g., : LAN (local area network) communication module, or power line communication module
  • the corresponding communication module is a first network 198 (e.g., a short-range communication network such as Bluetooth, wireless fidelity (WiFi) direct, or infrared data association (IrDA)) or a second network 199 (e.g., legacy It may communicate with an external electronic device 104 through a telecommunication network such as a cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., LAN or WAN).
  • a telecommunication network such as a cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., LAN or WAN).
  • a telecommunication network such as a cellular network, a 5G network, a next-generation communication network, the Internet, or a computer network (e.g., LAN or WAN).
  • a telecommunication network such as a cellular network, a 5G network, a next-generation communication network
  • the wireless communication module 192 uses subscriber information (e.g., International Mobile Subscriber Identifier (IMSI)) stored in the subscriber identification module 196 within a communication network such as the first network 198 or the second network 199.
  • subscriber information e.g., International Mobile Subscriber Identifier (IMSI)
  • IMSI International Mobile Subscriber Identifier
  • the wireless communication module 192 may support 5G networks after 4G networks and next-generation communication technologies, for example, NR access technology (new radio access technology).
  • NR access technology provides high-speed transmission of high-capacity data (eMBB (enhanced mobile broadband)), minimization of terminal power and access to multiple terminals (mMTC (massive machine type communications)), or high reliability and low latency (URLLC (ultra-reliable and low latency). -latency communications)) can be supported.
  • the wireless communication module 192 may support high frequency bands (eg, mmWave bands), for example, to achieve high data rates.
  • the wireless communication module 192 uses various technologies to secure performance in high frequency bands, for example, beamforming, massive array multiple-input and multiple-output (MIMO), and full-dimensional multiplexing. It can support technologies such as input/output (FD-MIMO: full dimensional MIMO), array antenna, analog beam-forming, or large scale antenna.
  • the wireless communication module 192 may support various requirements specified in the electronic device 101, an external electronic device (e.g., electronic device 104), or a network system (e.g., second network 199).
  • the wireless communication module 192 supports Peak data rate (e.g., 20 Gbps or more) for realizing eMBB, loss coverage (e.g., 164 dB or less) for realizing mmTC, or U-plane latency (e.g., 164 dB or less) for realizing URLLC.
  • Peak data rate e.g., 20 Gbps or more
  • loss coverage e.g., 164 dB or less
  • U-plane latency e.g., 164 dB or less
  • the antenna module 197 may transmit or receive signals or power to or from the outside (eg, an external electronic device).
  • the antenna module 197 may include an antenna including a radiator made of a conductor or a conductive pattern formed on a substrate (eg, PCB).
  • the antenna module 197 may include a plurality of antennas (eg, an array antenna). In this case, at least one antenna suitable for a communication method used in a communication network such as the first network 198 or the second network 199 is connected to the plurality of antennas by, for example, the communication module 190. can be selected Signals or power may be transmitted or received between the communication module 190 and an external electronic device through the at least one selected antenna.
  • other components eg, radio frequency integrated circuit (RFIC) may be additionally formed as part of the antenna module 197.
  • RFIC radio frequency integrated circuit
  • a mmWave antenna module includes: a printed circuit board, an RFIC disposed on or adjacent to a first side (e.g., bottom side) of the printed circuit board and capable of supporting a designated high frequency band (e.g., mmWave band); And a plurality of antennas (e.g., array antennas) disposed on or adjacent to the second side (e.g., top or side) of the printed circuit board and capable of transmitting or receiving signals in the designated high frequency band. can do.
  • a first side e.g., bottom side
  • a designated high frequency band e.g., mmWave band
  • a plurality of antennas e.g., array antennas
  • peripheral devices e.g., bus, general purpose input and output (GPIO), serial peripheral interface (SPI), or mobile industry processor interface (MIPI)
  • signal e.g. commands or data
  • commands or data may be transmitted or received between the electronic device 101 and the external electronic device 104 through the server 108 connected to the second network 199.
  • Each of the external electronic devices 102 or 104 may be of the same or different type as the electronic device 101.
  • all or part of the operations performed in the electronic device 101 may be executed in one or more of the external electronic devices 102, 104, or 108.
  • the electronic device 101 may perform the function or service instead of executing the function or service on its own.
  • one or more external electronic devices may be requested to perform at least part of the function or service.
  • One or more external electronic devices that have received the request may execute at least part of the requested function or service, or an additional function or service related to the request, and transmit the result of the execution to the electronic device 101.
  • the electronic device 101 may process the result as is or additionally and provide it as at least part of a response to the request.
  • cloud computing distributed computing, mobile edge computing (MEC), or client-server computing technology can be used.
  • the electronic device 101 may provide an ultra-low latency service using, for example, distributed computing or mobile edge computing.
  • the external electronic device 104 may include an Internet of Things (IoT) device.
  • Server 108 may be an intelligent server using machine learning and/or neural networks.
  • the external electronic device 104 or server 108 may be included in the second network 199.
  • the electronic device 101 may be applied to intelligent services (e.g., smart home, smart city, smart car, or healthcare) based on 5G communication technology and IoT-related technology. .
  • Electronic devices may be of various types.
  • Electronic devices may include, for example, portable communication devices (e.g., smartphones), computer devices, portable multimedia devices, portable medical devices, cameras, wearable devices, or home appliances.
  • Electronic devices according to embodiments of this document are not limited to the above-described devices.
  • first, second, or first or second may be used simply to distinguish one component from another, and to refer to that component in other respects (e.g., importance or order) is not limited.
  • One (e.g., first) component is said to be “coupled” or “connected” to another (e.g., second) component, with or without the terms “functionally” or “communicatively.”
  • any of the components can be connected to the other components directly (e.g. wired), wirelessly, or through a third component.
  • module used in various embodiments of this document may include a unit implemented in hardware, software, or firmware, and is interchangeable with terms such as logic, logic block, component, or circuit, for example. It can be used as A module may be an integrated part or a minimum unit of the parts or a part thereof that performs one or more functions. For example, according to one embodiment, the module may be implemented in the form of an application-specific integrated circuit (ASIC).
  • ASIC application-specific integrated circuit
  • Various embodiments of the present document are one or more instructions stored in a storage medium (e.g., built-in memory 136 or external memory 138) that can be read by a machine (e.g., electronic device 101). It may be implemented as software (e.g., program 140) including these.
  • a processor e.g., processor 120
  • the one or more instructions may include code generated by a compiler or code that can be executed by an interpreter.
  • a storage medium that can be read by a device may be provided in the form of a non-transitory storage medium.
  • 'non-transitory' only means that the storage medium is a tangible device and does not contain signals (e.g. electromagnetic waves), and this term refers to cases where data is semi-permanently stored in the storage medium. There is no distinction between temporary storage cases.
  • Computer program products are commodities and can be traded between sellers and buyers.
  • the computer program product may be distributed in the form of a machine-readable storage medium (e.g. compact disc read only memory (CD-ROM)) or through an application store (e.g. Play StoreTM) or on two user devices (e.g. It can be distributed (e.g. downloaded or uploaded) directly between smart phones) or online.
  • a machine-readable storage medium e.g. compact disc read only memory (CD-ROM)
  • an application store e.g. Play StoreTM
  • two user devices e.g. It can be distributed (e.g. downloaded or uploaded) directly between smart phones) or online.
  • at least a portion of the computer program product may be at least temporarily stored or temporarily created in a machine-readable storage medium, such as the memory of a manufacturer's server, an application store's server, or a relay server.
  • each component (e.g., module or program) of the above-described components may include a single or plural entity, and some of the plurality of entities may be separately placed in other components. there is.
  • one or more of the components or operations described above may be omitted, or one or more other components or operations may be added.
  • multiple components eg, modules or programs
  • the integrated component may perform one or more functions of each component of the plurality of components in the same or similar manner as those performed by the corresponding component of the plurality of components prior to the integration. .
  • operations performed by a module, program, or other component may be executed sequentially, in parallel, iteratively, or heuristically, or one or more of the operations may be executed in a different order, or omitted. Alternatively, one or more other operations may be added.
  • FIG. 2 shows the structure of an operating system executed by the processor 120 (e.g., the processor 120 of FIG. 1) of an electronic device (e.g., the electronic device 101 of FIG. 1) according to various embodiments. It can be expressed.
  • the processor 120 is a main processor (e.g., the main processor 121 in FIG. 1) (e.g., a central processing unit or an application processor) or a secondary processor that can operate independently or together with the main processor (e.g., the main processor 121 in FIG. 1).
  • a main processor e.g., the main processor 121 in FIG. 1
  • a secondary processor that can operate independently or together with the main processor (e.g., the main processor 121 in FIG. 1).
  • the processor 120 is operatively connected to a memory (e.g., the memory 130 of FIG. 1), and permissions or properties related to an operating system, middleware, or various applications stored in the memory 130 are set.
  • a memory e.g., the memory 130 of FIG. 1
  • permissions or properties related to an operating system, middleware, or various applications stored in the memory 130 are set.
  • various related data can be loaded and various operations can be performed.
  • the processor 120 may load and execute various data related to the machine learning model stored in the memory 130 to perform inference using the machine learning model and execute various instructions related to various applications using the results. there is.
  • the processor 120 may execute an operating system stored in the memory 130, and the operating system structure accordingly includes a user space 210, a kernel space 220, and a hyper It may include a hypervisor space 230.
  • the operating system structure running on the processor 120 a logical separation structure of the user space 210, kernel space 220, and hypervisor space 230 with respect to execution rights or properties of instructions stored in memory 130. You can cause commands or processes to be executed.
  • the processor 120 can execute various applications using machine learning models under this operating system structure and can block external attacks on machine learning model data to ensure the integrity of the data.
  • the user space 210 may transmit information related to the machine learning model to the kernel space 220.
  • model-related information may include a model identifier.
  • an application may be identified by a name string of the application, such as “com.sec.android.app.sbrowser”.
  • a learning machine model may be identified by a model name string, for example, “mobilenet”.
  • a list of learning machine models that can be used by a specific application can be managed as shown in Table 1 below, and an unused number from 0 to 100, for example, can be assigned as a model identifier for the learning machine model. You can.
  • ID app model 0 com.sec.android.app.sbrowser mobilenet
  • Resnet 2 com.sec.android.app.camera Mobilenet ... ... ...
  • the application name (app string) and model name (model string) can be searched from the above-described list. If the corresponding application name and model name are not in the list according to the search, a new identifier can be assigned to this pair. Depending on the search, pairs of the corresponding application name and model name are in the list, and information about the corresponding model can be used depending on the execution of the application. Additionally, when the application is terminated, information about the model can be deleted from the list of items related to the application (app string). For example, when the camera app is terminated, items 1 and 2 may be deleted from the list in Table 1 described above.
  • a device driver or syscall may receive model-related information transmitted from the user space 210 and transmit it to the kernel space 220.
  • the kernel space 220 changes the properties of the machine learning model data file to read only based on the model-related information transmitted from the user space 210 and stores the model-related information in the hypervisor space. It can be delivered to (230).
  • the hypervisor space 230 may calculate a hash value for the machine learning model data file based on model-related information and store the calculated hash value along with the model-related information.
  • the calculated hash value can be stored in the memory 130, for example.
  • the hypervisor space 230 may block access of the kernel space 220 to the stored hash value.
  • the hypervisor space 230 may block access to the kernel space 220 by changing the entry value of the memory management table of the kernel space 220 for the internal memory 240.
  • the hypervisor space 230 may generate a new hash value for the machine learning model data file over a specified period of time and compare it with the stored hash value.
  • the hash value comparison operation as described above may be periodically performed in the hypervisor space 230.
  • authentication of the model data file may be performed based on whether the hash values are the same through a hash value comparison operation in the hypervisor space 230.
  • the hash value generation and comparison operations may be performed again a specified number of times (e.g., 3 times).
  • the model data file is reloaded through the user space 210 or the currently running application is terminated. can do.
  • FIG. 3 illustrates a functional module of an operating system structure executed by a processor (e.g., processor 200 of FIG. 2) of an electronic device (e.g., electronic device 101 of FIG. 1) according to various embodiments. It is a block diagram.
  • a processor e.g., processor 200 of FIG. 2
  • an electronic device e.g., electronic device 101 of FIG. 1
  • the operating system architecture of Figure 3 includes user space (e.g., user space 210 of Figure 2), kernel space (e.g., kernel space 220 of Figure 2), and hypervisor space (e.g., Figure 2). It may include 2 hypervisor spaces (230).
  • the processor e.g., processor 120 of FIG. 2 uses a machine learning framework based on the program or application instructions.
  • (211) e.g., machine learning libraries such as tflite, caffee, pytorch, keras
  • inference may be performed through the loaded machine learning model (212).
  • the model inference module (e.g., inference model module) 213 in the user space 210 is used in the kernel space to change the properties of the machine learning data file before inference by the machine learning model 212 begins.
  • An executable command can be called at (220).
  • the model inference module 213 may read a machine learning data file and transfer model-related information to the kernel space 220.
  • the model inference module 213 may call the kernel space 220 to stop and organize related operations before the inference of the machine learning model 212 is terminated.
  • the model inference module 213 may use ioctl or implement syscall as shown in Table 2 below to perform the above-described operations.
  • Figure 3 may show an example in which the model inference module 213 uses ioctl to perform the above-described operations.
  • a device driver e.g., /dev/protect_ml
  • the device driver 221 may be included in the kernel space 220, for example.
  • the model protection module 222 of the kernel space 220 read-only (reads) the properties of the model data file stored in memory (e.g., memory 130 in FIG. 1) based on the received model-related information. can be changed to only).
  • the model protection module 222 may generate a timer 223. For example, when a notification is periodically generated in the timer 223, the model protection module 222 may transmit that a notification has been created to the hash comparison module 232 in the hypervisor space 230.
  • the model protection module 222 may include a total of four functions: change_ro(), register_timer(), hvc_for_hash(), and clean().
  • the model protection module 222 changes the corresponding model data file by the change_ro() function. You can change the inode access permission property to read-only (r--r--r--).
  • the register_timer() and hvc_for_hash() functions of the model protection module 222 operate when an ioctl (e.g., ioctl(CMD_START)) or syscall (e.g., model_start syscall) is received in the user space 220. You can.
  • ioctl e.g., ioctl(CMD_START)
  • syscall e.g., model_start syscall
  • the register_timer() function can create a timer that generates a notification (e.g., interrupt) at a specified time interval (e.g., 5 minutes).
  • a notification e.g., interrupt
  • a specified time interval e.g., 5 minutes
  • the hvc_for_hash() function may transmit the notification that a notification has occurred through a hypervisor call (hvc) to the hash management module 231 to request hash registration and/or management.
  • hvc hypervisor call
  • the hvc call can transmit model-related information such as fd (file descriptor), size, and model identifier to the hash management module 231.
  • the clean() function may terminate the timer 223 created upon receipt of an ioctl (e.g., ioctl(CMD_END)) or syscall (e.g., model_end syscall) from the user space 210.
  • the expiration of the timer 223 may be communicated to the hypervisor space 230 through an hvc call, allowing the hash management module 231 to end management of the hash value.
  • the timer 223 may operate once at a designated time point (e.g., every 5 minutes).
  • a designated time point e.g., every 5 minutes.
  • the hash management module 231 calculates the hash value
  • the hash comparison module 232 calculates the calculated hash value.
  • the integrity of the model file can be verified by comparing the hash value with the stored hash value.
  • the hash management module 231 in the hypervisor space 230 calculates a hash value for the machine learning model data file currently loaded in memory based on model-related information, and the calculated hash value. can be saved along with model-related information.
  • the hash management module 231 may store the calculated hash value in, for example, the memory 130.
  • the hash management module 231 in the hypervisor space 230 may block access of the kernel space 220 to the stored hash value.
  • the hash management module 231 in the hypervisor space 230 changes the entry value of the memory management table of the kernel space 220 for the internal memory 240, so that the kernel space 220 changes the hash value. Access to this stored memory space can be blocked.
  • the hypervisor space 230 may generate a new hash value for the model data file currently loaded in memory when a specified time has elapsed and compare it with the stored hash value.
  • the timer 223 can be set to operate once at a designated time point (e.g., every 5 minutes).
  • the hash management module 231 calculates a hash value in the hypervisor space 230 through an hvc call, and the hash comparison module 232 calculates the calculated hash value.
  • the integrity of the model file can be verified by comparing it with the stored hash value.
  • the hash management module 231 may include a create_hash function and a delete_hash function
  • the hash comparison module 232 may include a compare_hash function
  • the create_hash function uses model-related information such as file descriptor (fd) and file size (size) received through ioctl and hvc to create a hash value (e.g. SHA) of the model file being used by the user process of the application. -256) can be calculated.
  • the calculated hash value can be stored in the form of a pair along with the model identifier (model id).
  • the stored hash value can later be used as a value to verify the integrity of file data. Accordingly, even if the kernel space 220 is vulnerable to security and is attacked, the hash value is retrieved by accessing the memory where the hash value is stored in the kernel space 220. Access to the kernel space 220 can be blocked to prevent modification.
  • the hash management module 231 may block access to the memory location where the hash value is stored by setting the value indicating the virtual address where the hash value is stored in the virtual address table of the kernel space 220 to invalid.
  • FIG. 4 is a block diagram illustrating the structure of a logical operation module executed by a processor (e.g., processor 120 of FIG. 2) of an electronic device (e.g., electronic device 101 of FIG. 1) according to various embodiments. It is also a degree.
  • a processor e.g., processor 120 of FIG. 2
  • an electronic device e.g., electronic device 101 of FIG. 1
  • the processor architecture of Figure 4 includes user space (e.g., user space 210 in Figure 2), kernel space (e.g., kernel space 220 in Figure 2), and hypervisor space (e.g., Figure 2). It may include a hypervisor space (230).
  • the processor e.g., processor 120 of FIG. 2 uses a machine learning framework based on the program or application instructions.
  • 311 e.g., machine learning libraries such as tflite, caffee, pytorch, keras
  • 311 can be executed and inference may be performed through the loaded machine learning model 312.
  • the model inference module (e.g., inference model module) 313 of the user space 210 calls the kernel space 220 before inference by the machine learning model 312 starts to file a machine learning data file. You can change the properties of .
  • the model inference module 313 may read a machine learning data file and call the kernel space 220.
  • the model inference module 313 may call the kernel space 220 to stop and organize related operations before the application of the machine learning model 312 is terminated.
  • the model inference module 313 may implement a syscall as described in Table 2 above to perform the above-described operations.
  • Figure 4 may show an example in which the model inference module 313 uses a syscall to perform the above-described operations.
  • the model inference module 313 may use a syscall to perform communication between the user space 210 and the kernel space 220.
  • the device driver 221 as shown in FIG. 3 may be omitted.
  • the configuration of FIG. 4 may be similar in function to the configuration of FIG. 3 except for the device driver 221, and detailed descriptions may be omitted below.
  • the model protection module 322 of the kernel space 220 read-only (read-only) properties of a model data file stored in memory (e.g., internal memory 240 of FIG. 2) based on the received model-related information. You can change it to read only).
  • the model protection module 322 may generate a timer 323.
  • a notification periodically generated by the timer 323 may be delivered to the hash comparison module 332 in the hypervisor space 230.
  • the model protection module 322 may be composed of a total of four functions: change_ro(), register_timer(), hvc_for_hash(), and clean().
  • the functions of the four functions are similar to those described with reference to FIG. 2, and detailed descriptions thereof are omitted here.
  • the model protection module 322 sets the inode access permission attribute of the corresponding model data file to read-only (r--r--r). --), and model-related information such as fd(), size, and model identifier can be transmitted to the hash management module 331 through hvc call.
  • a syscall e.g., model_chmod syscall
  • the model protection module 322 sets the inode access permission attribute of the corresponding model data file to read-only (r--r--r). --), and model-related information such as fd(), size, and model identifier can be transmitted to the hash management module 331 through hvc call.
  • the timer 323 operates once at a designated point in time (e.g., every 5 minutes), and the hash management module 331 in the hypervisor space 230 compares the newly calculated hash value to the hash comparison module 332. The integrity of the model file can be verified by comparing it with the stored hash value.
  • the hash management module 331 in the hypervisor space 230 calculates a hash value for the machine learning model data file based on model-related information, and combines the calculated hash value with model-related information and You can save them together.
  • the hash management module 231 may store the calculated hash value in, for example, the internal memory 240.
  • the hash management module 331 in the hypervisor space 230 may block access of the kernel space 220 to the stored hash value.
  • the hash management module 331 in the hypervisor space 230 changes the entry value of the memory management table of the kernel space 220 for the internal memory 240, so that the kernel space 220 changes the hash value. Access to this stored memory space can be blocked.
  • An electronic device includes a memory (e.g., memory 130 of FIG. 1) and a processor (e.g., processor 120 of FIG. 1) operatively connected to the memory, wherein the memory includes, When executed, the processor loads the model data file from the memory when an operation according to application execution based on the model data file begins, calculates a hash value for the model data file in the hypervisor space, and generates the model data file. Store it with model-related information, calculate the hash value of the loaded model data file in the hypervisor space based on a timer generated in the kernel space, and compare the calculated hash value with the stored hash value. Instructions may be stored to confirm identity and determine that the model data file has been modified if the hash values are not identical according to the comparison.
  • the memory may store instructions that, when executed, cause the processor to block access of the hypervisor space to the hash value storage location in the kernel space.
  • the memory may store instructions that, when executed, cause the processor to block access to the hash value storage location by changing an entry in a page table of the kernel space.
  • the memory may store instructions that, when executed, cause the processor to change the entry of the page table in the kernel space to invalid.
  • the memory when executed, may store instructions that cause the processor to change the properties of the model data file to read-only when an operation according to execution of an application based on the model data file begins. .
  • the processor transfers the model-related information about the model data file from the kernel space to the hypervisor space to calculate and store the hash value in the hypervisor space. You can store instructions that allow you to perform actions.
  • the memory may store instructions that, when executed, cause the processor to transfer the model-related information for the model data file from the kernel space to the hypervisor space through a device driver or syscall. You can.
  • the memory may store instructions that, when executed, cause the processor to transmit a notification generated by the timer generated in the kernel space to the hypervisor space to perform the hash value comparison operation. You can.
  • FIG. 5 is a diagram for explaining a method of protecting data in an electronic device, according to various embodiments.
  • a processor designed as an Advance RISC Machine (e.g., processor 120 in FIG. 2) may be configured with four exception levels to handle exceptions when they occur, and each level is connected to each other. You may have other privileges.
  • ARM Advance RISC Machine
  • ARM's exception levels can be divided into EL0, EL1, EL2, and EL3, and an operation can be performed at one of these exception levels.
  • the four levels EL3, EL2, EL1, and EL0 are in that order.
  • the security level of EL2 is higher than that of EL1
  • the privilege level is high
  • the level of authority to access resources may also be higher.
  • the hypervisor space which is EL2
  • the hash management module of the hypervisor space (e.g., hypervisor space 230 of Figures 2, 3, or 4 (e.g., hash management module 231 or 331 of Figure 3 or 4)) creates_hash It may include a function, delete_hash function, and the hash comparison module 232 may include a compare_hash function.
  • the create_hash function calculates the hash value (e.g., SHA-256) of the model file used by the user process of the application using fd and size passed through ioctl, syscall, and/or hvc to create memory 530. ) (e.g., internal memory 240 of FIG. 2).
  • the calculated hash value can be stored in the form of a pair along with the model identifier (model id).
  • the stored hash value can later be used as a value to verify file data integrity, and accordingly, the memory location 531 where the hash value is stored in the kernel space (e.g., the kernel space 220 in FIG. 2, FIG. 3, or FIG. 4) Access to can be blocked.
  • the hash management module 231 or 331 of the hypervisor space at the EL2 level creates the last page table 511 entry 513 of the page table of the kernel space 220 at the EL1 level. By setting it to invalid, access to the memory location 531 in the kernel space can be blocked.
  • FIG. 6 is a flowchart illustrating a method for protecting data in an electronic device, according to various embodiments.
  • a processor e.g., processor 120 of FIG. 2, FIG. 3, or FIG. 4 of an electronic device (e.g., electronic device 101 of FIG. 1) generates a specific learning machine model and A variety of related data can be loaded.
  • the processor executes a specific application in user space (e.g., user space 210 in Figures 2, 3, or 4), starts operations to perform various instructions, and runs a running program used by the specific application.
  • Data files related to the machine model can be loaded into memory.
  • the user space when inference begins through a machine learning model as a specific application is executed, stores information related to the machine learning model in the kernel space (e.g., kernel space 220 of Figures 2, 3, or 4). ) can be transmitted.
  • model-related information may include a model identifier.
  • the processor may create a timer in kernel space.
  • a timer created in kernel space can generate notifications (e.g. prompts) at points when the integrity of the model data file is verified to ensure the security of the model data file.
  • the processor changes the properties of the machine learning model data file to read only based on model-related information in kernel space and stores the model-related information in hypervisor space (e.g., Figure 2, Figure 3, or It can be delivered to the hypervisor space 230 in FIG. 4.
  • hypervisor space e.g., Figure 2, Figure 3, or It can be delivered to the hypervisor space 230 in FIG. 4.
  • the processor calculates a hash value for the machine learning model data file in the hypervisor space based on model-related information transmitted from the kernel space, and stores the calculated hash value as model-related information. You can save it with .
  • the calculated hash value can be stored in, for example, internal memory (eg, internal memory 240 in FIG. 2).
  • the processor may block kernel space access to the hash value stored in the hypervisor space so that the hash value cannot be modified accordingly if the kernel space is attacked.
  • the processor may generate a new hash value for the machine learning model data file in the hypervisor space at operation 605 at a designated time based on a timer generated in the kernel space.
  • the processor may compare the generated hash value and the stored hash value in the hypervisor space in operation 607.
  • the processor may re-perform the hash value generation and comparison operation a specified number of times (e.g., 3 times).
  • the processor may determine in operation 609 that the model data file has been modified if the hash values are not the same.
  • the processor may periodically perform a hash value comparison operation in the hypervisor space.
  • authentication of a model data file can be performed based on whether the hash values are the same through a hash value comparison operation in the hypervisor space.
  • the processor may reload the model data file through user space or terminate the currently running application.
  • FIG. 7 is a flowchart illustrating a method for protecting data in an electronic device, according to various embodiments.
  • a processor e.g., processor 120 of FIG. 2, FIG. 3, or FIG. 4 of an electronic device (e.g., electronic device 101 of FIG. 1) generates a specific learning machine model and A variety of related data can be loaded.
  • the processor executes a specific application in user space (e.g., user space 210 of Figures 2, 3, or 4) and starts operations to perform various commands, Data files related to the machine model can be loaded into memory.
  • user space e.g., user space 210 of Figures 2, 3, or 4
  • Data files related to the machine model can be loaded into memory.
  • models generated from machine learning frameworks may be trained in the learning step, and the trained model may include optimized weight information.
  • model data including the tree structure and weights of the model may be loaded.
  • a device driver e.g., /dev/protect_ml
  • a device driver can be created to check the integrity of the model.
  • each model may have its own model identifier (model id).
  • the processor may initiate inference through a machine learning model as a specific application is executed in user space, thereby sending information related to the machine learning model to kernel space (e.g., FIGS. 2 and 3 ). Alternatively, it can be delivered to the kernel space 220 of FIG. 4).
  • the processor when inference begins through a model, sends a device driver (e.g. : /dev/protect_ml). After the file open and read is performed, CMD_ID 1 to indicate that inference of the model has started, for example via ioctl, and the model file's file descriptor, file size, or model identifier (model id). Related information can be written to the device driver.
  • a device driver e.g. : /dev/protect_ml
  • the processor changes the properties of the machine learning model data file to read only based on model-related information in kernel space and stores the model-related information in hypervisor space (e.g., Figure 2, It can be delivered to the hypervisor space 230 of Figure 3 or Figure 4.
  • hypervisor space e.g., Figure 2
  • the chage_ro() function is executed to change the file's properties to change the file's properties to the corresponding model data file.
  • the file is opened for model inference in user space (e.g., open(FILE, O_RDONLY)
  • the file is opened with write permission.
  • accessing such access may fail because the file's attribute is read only.
  • the processor may open a model data file for read-only in operation 705 and may read a model data file from the open model data file in operation 707.
  • the same model file may be loaded in different applications or different processes. Different applications or user processes can have different model identifiers.
  • the processor may generate a timer in kernel space in operation 709 accordingly.
  • a timer is created based on the start point of model data file inference, and the created timer is For example, you can periodically generate notifications (e.g. prompts).
  • the kernel space can transmit model-related information such as fd, file size, and model id to the hypervisor space through the hvc call and notify that model inference has begun.
  • the processor may periodically check the hash value based on a timer generated in kernel space.
  • the processor may periodically generate a new hash value for the machine learning model data file in the hypervisor space based on a timer generated in the kernel space and compare the hash value generated in the hypervisor space with the stored hash value.
  • the timer in the registered kernel space can generate a timer interrupt, for example, once every 5 minutes and call a function (e.g. Compare_hash()) that compares hash values in the hypervisor space through hvc.
  • Compare_hash() e.g. Compare_hash()
  • the processor may check whether the hash value mismatch (fail in operation 711) has been performed more than a specified number of times (e.g., 3 times) according to the hash value comparison operation in the hypervisor space. If the specified number of times has not been exceeded according to the hash value comparison operation, the operation returns to operation 711 and the hash value generation and comparison operation can be performed again.
  • the compare_hash() function in hypervisor space can deliver a value indicating the integrity of the file (e.g., return 0) if the hash values are the same.
  • the processor determines that the model data file has been modified, and determines whether the application is terminated in operation 715. If it is determined that the model data file has been modified, the model data file can be reloaded or the application can be terminated. If the two hash values are different, the hash operation can be retried a specified number of times, for example, 3 times, taking into account the possibility of malfunction. Accordingly, if the hash values are different all three times, the processor can determine that the file has been modified. In this case, a new file may be loaded depending on the case, but for applications that are very sensitive to security, such as a biometric recognition system, the system may be turned off.
  • the processor may recover the damaged data by reloading the model data file in operation 717. there is.
  • the processor calculates a hash value for the machine learning model data file in the hypervisor space based on model-related information transmitted from the kernel space, and stores the calculated hash value in the model-related information. You can save it with .
  • the calculated hash value can be stored along with the model identifier.
  • the processor can verify integrity by periodically comparing the stored hash value with a file loaded in memory accessible to the user process.
  • the processor may block kernel space access to the hash value stored in the hypervisor space.
  • the page table value in the kernel space can be changed to make the memory where the hash value is stored inaccessible.
  • an entry in the page table in the kernel space can be changed to invalid to unmap it.
  • the kernel space can be attacked, making it impossible to modify the file contents and recalculate and save the hash value. Therefore, if the kernel space is attacked, the hash value managed by the hypervisor may not be modified even if the contents of the file loaded in memory are changed.
  • the processor may store the hash value in hypervisor space and unmap the page table in kernel space, and then start model inference through user space in operation 723.
  • the processor may transmit a notification before process termination from the user space to the kernel space in operation 725.
  • the user space can use CMD_ID 2 and model id to notify termination through ioctl, and the kernel space can terminate the timer accordingly in operation 727, and deliver notification through hvc to execute operation 729 in the hypervisor. You can perform an operation to delete the stored hash value.
  • the processor includes a main processor and an auxiliary processor, and when a plurality of machine learning models according to the above-described embodiments operate and a model inference operation is performed by two or more processors, a plurality of machine learning models It is possible to create and operate only one timer (global timer) described above. For example, when inference of a machine learning model begins, all operations except the timer creation operation in the above-described embodiments may be performed in the same or similar manner. In some cases, for security reasons, a timer may be registered separately by adjusting the interval time for a specific model. When the global timer periodically issues interrupts for multiple models, the hash value of the currently used model file can be calculated in the hypervisor space and compared with the stored hash value.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Telephone Function (AREA)

Abstract

Un dispositif électronique selon divers modes de réalisation de la présente divulgation peut comprendre une mémoire et un processeur connecté fonctionnellement à la mémoire, la mémoire stockant des instructions qui, lorsqu'elles sont exécutées, amènent le processeur à : au début d'un calcul dicté par l'exécution d'une application sur la base d'un fichier de données de modèle, charger le fichier de données de modèle à partir de la mémoire ; calculer une valeur de hachage pour le fichier de données de modèle dans un espace d'hyperviseur et stocker la valeur de hachage avec des informations relatives à un modèle sur le fichier de données de modèle ; dans l'espace d'hyperviseur, calculer une valeur de hachage du fichier de données de modèle chargé sur la base d'un temporisateur généré dans un espace de noyau ; comparer la valeur de hachage calculée à la valeur de hachage stockée pour déterminer s'il y a identité ; et si les valeurs de hachage ne sont pas identiques d'après la comparaison, déterminer que le fichier de données de modèle a été modifié. Divers modes de réalisation, autres que les divers modes de réalisation de la présente divulgation, sont possibles.
PCT/KR2023/014703 2022-09-28 2023-09-25 Dispositif électronique et procédé de protection de données l'utilisant WO2024071927A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2022-0123763 2022-09-28
KR20220123763 2022-09-28
KR1020220146318A KR20240044287A (ko) 2022-09-28 2022-11-04 전자 장치 및 이를 이용한 데이터 보호 방법
KR10-2022-0146318 2022-11-04

Publications (1)

Publication Number Publication Date
WO2024071927A1 true WO2024071927A1 (fr) 2024-04-04

Family

ID=90478693

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2023/014703 WO2024071927A1 (fr) 2022-09-28 2023-09-25 Dispositif électronique et procédé de protection de données l'utilisant

Country Status (1)

Country Link
WO (1) WO2024071927A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20100045372A (ko) * 2008-10-23 2010-05-03 훙-치엔 초우 실시간 데이터 보호 방법 및 이를 구현하기 위한 데이터 보호 장치
US20140137180A1 (en) * 2012-11-13 2014-05-15 Bitdefender IPR Management Ltd. Hypervisor-Based Enterprise Endpoint Protection
KR101429434B1 (ko) * 2013-03-13 2014-08-12 한국과학기술원 클라우드 컴퓨팅 환경에서 사용자 가상 머신 실행환경의 신뢰성 향상 장치 및 방법
KR20150109645A (ko) * 2014-03-20 2015-10-02 주식회사 씨애너스 패킷 데이터의 무결성 보장을 위한 블랙박스를 이용하는 보안 시스템 및 보안시스템 제어방법
KR20180002832A (ko) * 2015-05-08 2018-01-08 사이트릭스 시스템스, 인크. 보안 소켓 계층 통신의 보안을 향상시키기 위한 시스템 및 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20100045372A (ko) * 2008-10-23 2010-05-03 훙-치엔 초우 실시간 데이터 보호 방법 및 이를 구현하기 위한 데이터 보호 장치
US20140137180A1 (en) * 2012-11-13 2014-05-15 Bitdefender IPR Management Ltd. Hypervisor-Based Enterprise Endpoint Protection
KR101429434B1 (ko) * 2013-03-13 2014-08-12 한국과학기술원 클라우드 컴퓨팅 환경에서 사용자 가상 머신 실행환경의 신뢰성 향상 장치 및 방법
KR20150109645A (ko) * 2014-03-20 2015-10-02 주식회사 씨애너스 패킷 데이터의 무결성 보장을 위한 블랙박스를 이용하는 보안 시스템 및 보안시스템 제어방법
KR20180002832A (ko) * 2015-05-08 2018-01-08 사이트릭스 시스템스, 인크. 보안 소켓 계층 통신의 보안을 향상시키기 위한 시스템 및 방법

Similar Documents

Publication Publication Date Title
WO2022146026A1 (fr) Procédé de traitement de données protégées et dispositif électronique le prenant en charge
WO2023058860A1 (fr) Dispositif électronique pour le traitement d'un fichier apk à signatures multiples, et son procédé de fonctionnement
WO2024071927A1 (fr) Dispositif électronique et procédé de protection de données l'utilisant
WO2023003147A1 (fr) Procédé de réglage d'une fonction de verrouillage de réseau d'un dispositif électronique, et dispositif électronique correspondant
WO2023182725A1 (fr) Appareil électronique comprenant un contrôleur pour le démarrage du système et son procédé de fonctionnement
WO2024071769A1 (fr) Dispositif électronique comprenant un élément sécurisé et son procédé de fonctionnement
WO2023003150A1 (fr) Dispositif électronique pour réaliser une sauvegarde sur un élément sécurisé, et procédé de sauvegarde
WO2022260263A1 (fr) Procédé de gestion de mémoire pour sécurité et dispositif électronique associé
WO2022191454A1 (fr) Dispositif électronique pour effectuer une vérification de somme de contrôle d'exécution sur des images de dispositif de bloc, et son procédé de fonctionnement
WO2024076123A1 (fr) Procédé de mise à jour d'une application et dispositif électronique associé
WO2023085589A1 (fr) Procédé de conservation de données dans une situation d'initialisation d'un dispositif électronique et dispositif électronique associé
WO2022119110A1 (fr) Procédé de surveillance de machine virtuelle au moyen d'un hyperviseur et dispositif électronique conçu pour prendre en charge ledit procédé
WO2022080652A1 (fr) Dispositif électronique de gestion de fichier journal et son procédé de fonctionnement
WO2021154005A1 (fr) Procédé de reconnaissance de ressources d'un dispositif électronique externe, et appareil électronique le prenant en charge
WO2022030777A1 (fr) Procédé de protection de mémoire et dispositif électronique
WO2022191455A1 (fr) Dispositif électronique pour effectuer une rédaction de fichier et son procédé de fonctionnement
WO2024049141A1 (fr) Dispositif électronique pour stocker des données chiffrées dans une mémoire non volatile et procédé s'y rapportant
WO2023149648A1 (fr) Dispositif électronique pour fournir une fonction de sécurité et son procédé de fonctionnement
WO2024219801A2 (fr) Dispositif électronique et procédé de suppression de fichier de données d'application dans un dispositif électronique
WO2024172391A1 (fr) Procédé de gestion d'informations relatives à un fichier, et dispositif électronique le prenant en charge
WO2022203184A1 (fr) Dispositif électronique pour fonction de partage et son procédé de fonctionnement
WO2023068507A1 (fr) Dispositif électronique permettant d'assurer une fonction rcs et son procédé de fonctionnement
WO2024039233A1 (fr) Dispositif électronique et procédé d'exécution d'un mode d'amélioration de confidentialité dans un dispositif électronique
WO2024136341A1 (fr) Système électronique et procédé de gestion de système électronique
WO2024029717A1 (fr) Dispositif et procédé de gestion de processus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23873042

Country of ref document: EP

Kind code of ref document: A1