CN110443078B - Security storage system based on privilege hierarchy - Google Patents
Security storage system based on privilege hierarchy Download PDFInfo
- Publication number
- CN110443078B CN110443078B CN201910654396.4A CN201910654396A CN110443078B CN 110443078 B CN110443078 B CN 110443078B CN 201910654396 A CN201910654396 A CN 201910654396A CN 110443078 B CN110443078 B CN 110443078B
- Authority
- CN
- China
- Prior art keywords
- encryption
- hardware domain
- module
- decryption
- secure world
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012545 processing Methods 0.000 claims description 5
- 238000003672 processing method Methods 0.000 claims 1
- 230000015654 memory Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 10
- 230000005540 biological transmission Effects 0.000 description 6
- 230000007547 defect Effects 0.000 description 4
- 238000000034 method Methods 0.000 description 3
- LHMQDVIHBXWNII-UHFFFAOYSA-N 3-amino-4-methoxy-n-phenylbenzamide Chemical compound C1=C(N)C(OC)=CC=C1C(=O)NC1=CC=CC=C1 LHMQDVIHBXWNII-UHFFFAOYSA-N 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000009191 jumping Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012800 visualization Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
A security storage system based on privilege hierarchy comprises an encryption and decryption unit, a storage controller and a storage device, wherein the encryption and decryption unit is used for encrypting and decrypting data according to mode information from a hardware domain; and the storage controller controls the read-write operation of the storage equipment according to the mode information from the hardware domain. The security storage system based on privilege hierarchy of the invention shares a set of encryption and decryption unit and storage equipment in a plurality of software runtime environments, and can effectively reduce hardware cost while ensuring security.
Description
Technical Field
The invention relates to the technical field of data security storage, in particular to a security storage system based on privilege hierarchy.
Background
Storage security refers to ensuring its security, integrity, reliability and validity in data preservation. The storage security comprises storage environment security, storage medium security, storage management security, virus processing and the like. With the continuous development of social informatization, the importance of data information is increasingly prominent, and the security of data storage is more and more emphasized by people.
In 2004, ARM corporation proposed a security solution, Trust Zone technology. The technology is a system security expansion technology integrated in a CPU core, and provides a system architecture with high security, and the influence on the power consumption, the performance and the product of the core is very little. The Trust Zone technology is a technology combining software and hardware, resource isolation is provided from hardware security extension, and basic security services and interfaces are provided by software. The Trust Zone technology isolates software and hardware resources into two environments, namely a secure world and a non-secure world. The technology introduces a processor mode, namely a monitor mode, the main function of a monitor is to be responsible for switching between two environments, the processor is defaulted to be in a safe state in the monitor mode, and a privileged instruction, namely a safety monitor interrupt or SMC instruction can be used for entering the monitor mode, and the entry point of the monitor can be jumped to through the instruction. When the trusted service needs to be called, jumping from the ordinary environment to the monitor through the privileged instruction, and then jumping to the safe environment by the monitor to perform corresponding processing.
In the prior art, the security storage scheme has the following three modes:
scheme 1, a set of encryption and decryption engine, a set of storage device.
In the secure storage scheme, the hardware domain-1 has only one operating system, and data is exchanged with the hardware domain-2 through an inter-domain shared memory. Hardware domain-2 has two operating systems: and the two operating systems perform data interaction through a shared memory. The hardware domain-1 and the hardware domain-2 share a set of storage controllers and a set of encryption and decryption engines. The storage controller is controlled only by the hardware domain-2 non-secure world operating system, and the encryption and decryption engine is controlled only by the hardware domain-2 secure world.
Fig. 1 is a schematic structural diagram of a secure storage scheme in the prior art, as shown in fig. 1, a general application in a hardware domain-1 sends data to be encrypted to a secure world in a hardware domain-2 via an inter-domain shared memory, an encryption/decryption engine in a secure world in a hardware domain controls the transmitted data to be encrypted and then transmitted to a non-secure world in the hardware domain-2 via two inter-world shared memories in the hardware domain-2, and a storage controller in the non-secure world controls the data to be written in. The hardware domain-2 non-secure world transmits data to be encrypted to the secure world through two world shared memories, the secure world controls the encryption and decryption engine to encrypt the transmitted data and then transmit the encrypted data to the non-secure world through the two world shared memories, and the non-secure world controls the storage controller to write in the data.
Scheme 1 has the following technical defects: if the data of the non-secure world has the encryption and decryption requirements, the data needs to be transmitted to the secure world, then encrypted and decrypted, then transmitted to the non-secure world, and the non-secure world controls the storage controller to write the data. Multiple data transfers can affect system performance and increase bandwidth requirements, and meanwhile, multiple data transfers also increase the risk of data exposure and reduce data security. In addition, the software implementation complexity is also the greatest under the scheme.
Scheme 2, a plurality of sets of encryption and decryption engines and a set of storage equipment.
The hardware domain-1 has only one operating system, and data is interacted with the hardware domain-2 through an inter-domain shared memory.
In this secure storage scheme, hardware domain-2 has two operating systems: and the two operating systems perform data interaction through a shared memory. Hardware domain-1 shares a set of memory controllers with hardware domain-2. The hardware domain-1 operating system and the hardware domain-2 non-secure world operating system and the secure world operating system are respectively provided with a set of encryption and decryption engines.
Fig. 2 is a schematic structural diagram of a second security storage scheme in the prior art, and as shown in fig. 2, after data encryption is performed on general application data in a hardware domain-1 by an encryption and decryption engine inside the hardware domain-1, the data is transmitted to a non-secure world in the hardware domain-2 by an inter-domain shared memory, and a storage controller is controlled by the non-secure world in the hardware domain-2 to write data. And the hardware domain-2 non-secure world common application data is encrypted by an encryption and decryption engine in the hardware domain-2 non-secure world and then is directly written in by the control storage controller.
Scheme 2 has the following technical defects: if the data applied by the hardware domain-1 or the hardware domain-2 in the secure world and the non-secure world has encryption and decryption requirements, the encryption and decryption engines can be respectively controlled by respective operating systems to encrypt and decrypt the data, which is more convenient. However, since there is only one memory and the hardware domain-2 is controlled by the non-secure world operating system, the encrypted data write-in storage devices of the hardware domain-1 application and the hardware domain-2 application still need to be transferred to the non-secure world, and the non-secure world controls the storage controller to write data. In addition, since each operating system has its own hardware encryption/decryption engine, the hardware cost increases. The software complexity is moderate under this scheme.
Scheme 3, multiple sets of encryption and decryption engines and multiple sets of storage equipment.
In this secure storage scheme, hardware domain-1 has only one operating system. Hardware domain-2 has two operating systems: a secure world operation and a non-secure time operation system. The hardware domain-1 operating system, the hardware domain-2 non-secure world operating system and the secure world operating system are respectively provided with a set of storage controller and encryption and decryption engine.
Fig. 3 is a schematic diagram of a third structure of a secure storage scheme in the prior art, and as shown in fig. 3, common application data of a hardware domain-1 operating system and a hardware domain-2 non-secure world operating system and a secure world operating system are respectively written in by a control storage controller in each operating system after being encrypted by respective internal encryption and decryption engines.
Scheme 3 has the following technical defects: each hardware domain operating system has its own storage device and hardware encryption and decryption engine. Under the scheme, the performance is optimal, the software implementation complexity is minimum, and meanwhile, the safety is highest. But the cost is highest due to the introduction of multiple sets of encryption and decryption engines and storage devices.
Disclosure of Invention
In order to solve the defects in the prior art, the invention provides a security storage system based on privilege hierarchy, which shares a set of encryption and decryption unit and storage equipment in a plurality of software runtime environments, and can effectively reduce the hardware cost while ensuring the security.
To achieve the above object, the present invention provides a security storage system based on privilege hierarchy, comprising an encryption/decryption unit, a storage controller, and a storage device, wherein,
the encryption and decryption unit is used for carrying out encryption and decryption processing on data according to the mode information from the hardware domain;
and the storage controller controls the read-write operation of the storage equipment according to the mode information from the hardware domain.
Further, the mode information includes hardware domain information, secure world information and non-secure world information.
Further, the encryption and decryption unit further comprises a decryption module, an encryption module, a decryption key selection module, and an encryption key selection module, wherein,
the decryption key selection module selects a corresponding decryption key according to the mode information from the hardware domain and sends the decryption key to the decryption module;
the decryption module decrypts the data by using the decryption key sent by the decryption key selection module;
the encryption key selection module selects a corresponding encryption key according to the mode information from the hardware domain and sends the corresponding encryption key to the encryption module;
and the encryption module encrypts data by using the encryption key sent by the encryption key selection module.
Furthermore, the storage controller further includes a selection control module, where the control module starts read-write protection for the register according to the mode information from the hardware domain, and controls read-write operation of the storage device.
The invention provides a security storage system based on privilege hierarchy, which can enable a plurality of software runtime environments to share one set of encryption and decryption engine and storage equipment, thereby effectively reducing hardware cost, and simultaneously achieving higher security and performance and lower software development complexity on the basis.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description and examples, serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic diagram of a prior art secure storage scheme;
FIG. 2 is a schematic structural diagram of a second prior art secure storage scheme;
FIG. 3 is a schematic diagram of a prior art secure storage scheme;
FIG. 4 is a schematic diagram of a privilege hierarchy based secure storage system according to the present invention;
FIG. 5 is a block diagram of an embodiment of a privilege hierarchy-based secure storage system according to the present invention.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, and it should be understood that the embodiments described herein are merely for the purpose of illustrating and explaining the present invention and are not intended to limit the present invention.
The TrustZone hardware architecture is intended to provide a security framework to enable devices to defend against the many specific threats that will be encountered. TrustZone technology may provide an infrastructure that allows SoC designers to choose from a large number of components that can implement specific functions in the secure world, without providing a fixed and unchanging security solution.
The main security objective of the architecture is to support the building of a programmable environment to protect the confidentiality and integrity of assets from certain attacks. Platforms with these characteristics can be used to build a wide range of security solutions that would be time consuming and laborious to build using traditional methods.
System security can be ensured by isolating all SoC hardware and software resources to be located in two regions (the secure world for the secure subsystem and the non-secure world for storing all other content) separately. Hardware logic in the AMBA3 AXI bus construct that supports TrustZone may ensure that non-secure world components cannot access secure world resources, thereby building a strong boundary between these two regions. The design of putting sensitive resources into the secure world, and running software reliably in the secure processor core, may ensure that the asset is able to withstand numerous potential attacks, including those that are often difficult to protect (e.g., entering passwords using a keyboard or touch screen). By isolating security-sensitive peripherals in hardware, designers can limit the number of subsystems that need to pass security assessments, thereby saving cost when submitting security certification equipment.
Another aspect of the TrustZone hardware architecture is an extension implemented in some ARM processor cores. With these additional added extensions, a single physical processor core can execute code from both the unsecure world and the secure world in a time sliced manner safely and efficiently. In this way, the use of a dedicated secure processor core is eliminated, saving chip area and power, and allowing high performance security software to run with non-secure world operating environments.
After the currently running virtual processor is changed, the two virtual processors are context switched through a new processor mode (called a monitor mode).
The mechanisms by which the physical processor enters the monitor mode from the unsecure world are closely controlled and are always considered exceptions to the monitor mode software. The items to be monitored may be triggered by software executing a dedicated instruction (a Secure Monitor Call (SMC) instruction), or by a subset of a hardware exception mechanism. The IRQ, FIQ, external data abort, and external prefetch abort exceptions may be configured to cause the processor to switch to a monitor mode.
The software executing in the monitoring mode is implementation defined, but it typically saves the state of the current region and restores the state of the region location to which it will switch. It will then perform the return from exception operation to restart the process in the restored region.
A final aspect of the TrustZone hardware architecture is the security-aware debugging infrastructure, which can control access to secure world debugging without impairing the debugging visualization of the non-secure world.
Axi (advanced eXtensible interface) is a Bus protocol, which is the most important part of the amba (advanced Microcontroller Bus architecture)3.0 protocol proposed by ARM corporation, and is an on-chip Bus oriented to high performance, high bandwidth and low latency. The address/control and data phase of the system are separated, unaligned data transmission is supported, meanwhile, in burst transmission, only a first address is needed, simultaneously, a data channel is separately read and written, and outbound transmission access and out-of-order access are supported, and time sequence convergence is easier to perform. AXI is a new high performance protocol in AMBA. The AXI technology enriches the content of the existing AMBA standard and meets the requirements of ultra-high performance and complex system on chip (SoC) design.
One embodiment of the invention is based on TrustZone hardware architecture to realize the safe storage of data. The first hardware domain 41 has only one operating system, and the second hardware domain 42 includes two operating systems: the secure world operating system and the non-secure time operating system, the first hardware domain 41 operating system, the second hardware domain 42 non-secure world operating system and the secure world operating system share a set of encryption/decryption unit 401 and a set of storage controller 402.
Fig. 4 is a schematic diagram illustrating a security storage system based on privilege hierarchy according to the present invention, and as shown in fig. 4, the security storage system based on privilege hierarchy of the present invention includes a first hardware Domain (Domain)41, a second hardware Domain 42, an encryption/decryption unit 401, a storage controller 402, and a storage device 403, wherein,
the first hardware domain 41 and the second hardware domain 42 are isolated hardware environments, and can independently run different operating systems.
A second hardware domain 42, comprising a secure world and a non-secure world (note: the secure world is based on ARM trostzone on ARM-based hardware). The secure world runs a different operating system than the non-secure world. Thus, in embodiments of the present invention, there are three software runtime environments: a first hardware domain 41, a second hardware domain 42 secure world, and a second hardware domain 42 non-secure world.
The first hardware domain 41 is provided with a first general application module 411.
The second hardware domain 42, whose non-secure world is provided with a second generic application module 421, and whose secure world is provided with a secure application module 422.
And an encryption/decryption unit 401 that accepts control of the secure world and the non-secure world of the first hardware domain 41 and the second hardware domain 42, and performs encryption/decryption processing on data information from the first normal application module 411, the second normal application module 421, the secure application module 422, and the storage device 403.
And a storage controller 402 that controls data reading of the storage device 403 under control of the secure world and the non-secure world of the first hardware domain 41 and the second hardware domain 42.
In an embodiment of the present invention, the encryption and decryption unit 401 selects a key to encrypt and decrypt the storage data according to AxUSR information carried on the ARM AXI bus.
Fig. 5 is an architecture diagram of an embodiment of the security storage system based on privilege hierarchy according to the present invention, as shown in fig. 5, in an embodiment of the present invention, an encryption/decryption unit 401 includes a decryption module 501, an encryption module 502, a decryption key selection module 503, and an encryption key selection module 504, wherein,
and a decryption module 501 that receives the decryption key sent by the decryption key selection module 503 and decrypts the data.
The encryption module 502 receives the encryption key transmitted by the encryption key selection module 504, and encrypts the data.
A decryption key selection module 503 which selects a decryption key based on the inputted TEE/REE (secure world or non-secure world) and hardware Domain information (Domain) and transmits it to the decryption module 501.
An encryption key selection module 504 that selects an encryption key based on the inputted TEE/REE (secure world or non-secure world) and hardware Domain information (Domain) and sends it to the encryption module 502.
In one embodiment of the invention, KEY 1(KEY1) of the first hardware domain 41 is pre-provisioned with the unsecure world KEY 2(KEY2) and the secure world KEY3 (KEY 3) of the second hardware domain 42. The KEY (KEY) is stored in a system nonvolatile programmable storage area (EFUSE), and is only accessible by the hardware encryption and decryption unit 401, and is not accessible by software.
When the IO request of the operating system in the first hardware domain 41 reaches the encryption and decryption unit 401, the hardware encryption and decryption unit (CE) automatically selects the KEY 1(KEY1) according to the AxUSR information (used for judging which hardware domain the IO request comes from) carried on the current IO request bus, and encrypts data, wherein the whole encryption process is transparent to software.
When the IO request of the non-secure world operating system in the second hardware domain 42 reaches the encryption/decryption unit 402, the hardware encryption/decryption unit 401 automatically selects KEY2 according to the AxPROT information (used to determine which world the IO request comes from) carried on the bus, and encrypts data.
In one embodiment of the invention, the storage controller 402 includes a selection control module 505. The selection control module 505 controls access operations of the storage device according to inputted TEE/REE (secure world or non-secure world) and hardware Domain information (Domain).
In one embodiment of the present invention, on the path configured by the storage controller 402, read-write protection for the register is initiated according to mode information (hardware domain/secure world/non-secure world information) attached to a transmission read/write channel (R/W channel), which is exemplified as follows:
the non-safety world initiates data read-write operation once.
The secure world then also initiates a data read and write operation.
Since IO operations are ongoing for storage devices in the non-secure world, the register set operation is suspended when storage device IO operation requests for the secure world arrive at the storage controller 402, discovering that the IO operations are from a different runtime environment than the IO operations that are now operating.
After the IO operation of the current non-secure world is completed, the storage controller 402 finds that the storage operation of the secure world is suspended, and performs the IO operation of the storage device of the secure world.
In one embodiment of the present invention, on the data path into the memory controller 402, a PRE-ENC/DEC unit 401 is provided. An operating system sends out a block data transmission request, a 128bit is used as a group to carry out symmetric encryption (AES) on a data channel entering an internal buffer (buffer) of a storage device, and an encrypted key (key) can be automatically switched according to mode information attached to a transmission R/W channel (for example, AxPROT information on an ARM AXI bus in a secure world and a non-secure world is carried; information of different hardware domains (domains) can be carried by AxUSR information on the AXI bus). Different modes can realize the isolation of data among different modes by using different keys,
in an embodiment of the present invention, since the IO operation is atomic, for example, completing an IO read operation includes: start command- > data transfer- > stop command, no interruption is allowed during atomic operations. The storage controller 502 needs to correctly recognize the atomic operation to decide when suspended IO operations from different runtime environments can be restarted.
Those of ordinary skill in the art will understand that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (3)
1. A security storage system based on privilege hierarchy comprises a first hardware domain, a second hardware domain, an encryption and decryption unit, a storage controller and a storage device,
the first hardware domain and the second hardware domain are mutually isolated hardware environments and independently run different operating systems; the second hardware domain comprises a secure world and a non-secure world;
the secure world and the non-secure world run different operating systems;
the first hardware domain is provided with a first common application module;
the non-secure world is provided with a second common application module, and the secure world is provided with a secure application module;
the encryption and decryption unit is used for carrying out encryption and decryption processing on data according to the mode information from the hardware domain; the encryption and decryption processing method comprises the steps of encrypting and decrypting stored data according to an AxUSR information selection key carried on an ARM AXI bus, receiving control of the first hardware domain, the secure world and the non-secure world, and encrypting and decrypting data information from the first common application module, the second common application module, the secure application module and the storage device;
the storage controller controls the read-write operation of the storage equipment according to the mode information from the hardware domain; the control of the first hardware domain, the safe world and the non-safe world is accepted, and the data reading of the storage device is controlled;
the encryption and decryption unit further comprises a decryption module, an encryption module, a decryption key selection module and an encryption key selection module, wherein,
the decryption key selection module selects a corresponding decryption key according to the mode information from the hardware domain and sends the decryption key to the decryption module;
the decryption module decrypts the data by using the decryption key sent by the decryption key selection module;
the encryption key selection module selects a corresponding encryption key according to the mode information from the hardware domain and sends the corresponding encryption key to the encryption module;
and the encryption module encrypts data by using the encryption key sent by the encryption key selection module.
2. The privilege-hierarchy-based secure storage system of claim 1, wherein the mode information comprises hardware domain information, secure world information, and non-secure world information.
3. The privilege-hierarchy-based secure storage system according to claim 1, wherein the storage controller further comprises a selection control module, and the selection control module starts read-write protection of a register according to mode information from a hardware domain to control read-write operations of the storage device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910654396.4A CN110443078B (en) | 2019-07-19 | 2019-07-19 | Security storage system based on privilege hierarchy |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910654396.4A CN110443078B (en) | 2019-07-19 | 2019-07-19 | Security storage system based on privilege hierarchy |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110443078A CN110443078A (en) | 2019-11-12 |
| CN110443078B true CN110443078B (en) | 2021-05-28 |
Family
ID=68429786
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910654396.4A Active CN110443078B (en) | 2019-07-19 | 2019-07-19 | Security storage system based on privilege hierarchy |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110443078B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112256338B (en) * | 2020-10-27 | 2023-12-05 | 记忆科技(深圳)有限公司 | SOC starting method and device, computer equipment and storage medium |
| CN115145645B (en) * | 2022-09-01 | 2022-11-25 | 南京芯驰半导体科技有限公司 | Touch screen control method, system and chip supporting multiple operating systems |
| CN115185880B (en) * | 2022-09-09 | 2022-12-09 | 南京芯驰半导体科技有限公司 | Data storage method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106980794A (en) * | 2017-04-01 | 2017-07-25 | 北京元心科技有限公司 | TrustZone-based file encryption and decryption method and device and terminal equipment |
| CN107609412A (en) * | 2017-09-19 | 2018-01-19 | 山东大学 | A kind of method for realizing that mobile terminal safety stores under mobile Internet based on TrustZone technologies |
| CN108197500A (en) * | 2018-01-31 | 2018-06-22 | 长安大学 | A kind of storage system and method based on TrustZone Security and Integrality of Data |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1802030A1 (en) * | 2005-12-23 | 2007-06-27 | Nagracard S.A. | Secure system-on-chip |
| KR101975027B1 (en) * | 2012-05-04 | 2019-05-03 | 삼성전자주식회사 | System on chip, operation method thereof, and devices having the same |
| US20130301830A1 (en) * | 2012-05-08 | 2013-11-14 | Hagai Bar-El | Device, system, and method of secure entry and handling of passwords |
| CN104301289B (en) * | 2013-07-17 | 2018-09-04 | 中国银联股份有限公司 | Equipment for safety information interaction |
| CN104392188B (en) * | 2014-11-06 | 2017-10-27 | 三星电子(中国)研发中心 | A kind of secure data store method and system |
| CN106599735B (en) * | 2017-02-13 | 2023-10-24 | 珠海格力电器股份有限公司 | Data protection device, method and storage controller |
| CN106997439B (en) * | 2017-04-01 | 2020-06-19 | 北京元心科技有限公司 | TrustZone-based data encryption and decryption method and device and terminal equipment |
| CN108288004A (en) * | 2017-12-07 | 2018-07-17 | 深圳市中易通安全芯科技有限公司 | A kind of encryption chip is in REE and TEE environmental coexistence system and methods |
| CN109728902A (en) * | 2018-06-01 | 2019-05-07 | 平安科技(深圳)有限公司 | Key management method, device, storage medium and device |
| CN109168085B (en) * | 2018-08-08 | 2021-01-08 | 瑞芯微电子股份有限公司 | Hardware protection method for video stream of equipment client |
-
2019
- 2019-07-19 CN CN201910654396.4A patent/CN110443078B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106980794A (en) * | 2017-04-01 | 2017-07-25 | 北京元心科技有限公司 | TrustZone-based file encryption and decryption method and device and terminal equipment |
| CN107609412A (en) * | 2017-09-19 | 2018-01-19 | 山东大学 | A kind of method for realizing that mobile terminal safety stores under mobile Internet based on TrustZone technologies |
| CN108197500A (en) * | 2018-01-31 | 2018-06-22 | 长安大学 | A kind of storage system and method based on TrustZone Security and Integrality of Data |
Non-Patent Citations (2)
| Title |
|---|
| The Untapped Potential of Trusted Execution Environment on Mobile Devices;Jan-Erik Ekberg 等;《IEEE Security & Privacy》;20140831;第12卷(第4期);29-37页 * |
| 基于TrustZone的TLS安全性增强;穆振;《中国优秀硕士学位论文全文数据库 信息科技辑》;20160731(第07期);I139-67页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110443078A (en) | 2019-11-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12189542B2 (en) | Technologies for secure device configuration and management | |
| US10708051B2 (en) | Controlled access to data in a sandboxed environment | |
| TWI570589B (en) | Apparatus for providing trusted computing | |
| US11841806B1 (en) | System, apparatus and method for integrity protecting tenant workloads in a multi-tenant computing environment | |
| US20200349265A1 (en) | Technologies for trusted i/o with a channel identifier filter and processor-based cryptographic engine | |
| Schneider et al. | Sok: Hardware-supported trusted execution environments | |
| CN103026347B (en) | Virutal machine memory in multicore architecture divides | |
| US10095862B2 (en) | System for executing code with blind hypervision mechanism | |
| KR101052400B1 (en) | Methods for Delegating Access, Machine-readable Storage Media, Devices, and Processing Systems | |
| US12099864B2 (en) | Formally verified trusted computing base with active security and policy enforcement | |
| CN103038746A (en) | Method and apparatus for trusted execution in infrastructure as a service cloud environments | |
| EP2672673B1 (en) | Apparatus and method for secure data processing | |
| CN110443078B (en) | Security storage system based on privilege hierarchy | |
| US11755753B2 (en) | Mechanism to enable secure memory sharing between enclaves and I/O adapters | |
| JP6955619B2 (en) | Computer system software / firmware and processing equipment with security modules | |
| CN104335549A (en) | Secure data processing | |
| WO2014098998A1 (en) | Securing data transmissions between processor packages | |
| US20230289204A1 (en) | Zero Trust Endpoint Device | |
| US20190050570A1 (en) | Computer resource access control based on the state of a non-accessing component | |
| US20240073013A1 (en) | High performance secure io | |
| CN110276214A (en) | A dual-core trusted SOC architecture and method based on slave access protection | |
| Zhu et al. | Investigating TrustZone: A Comprehensive Analysis | |
| CN119004554A (en) | Equipment access method and device | |
| EP3945437B1 (en) | Method and system for improving efficiency of protecting multi-content process | |
| US20150356307A1 (en) | Safe input method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |