基于用户卡的可信执行环境初始化方案
|
摘要
智能终端具备的可信执行环境在加载环节存在加载证书权威性问题。在分析可信执行环境(TEE)初始化架构和初始化方案的基础上,利用信任链技术,设计提出了将运营商用户卡作为可信根,进行智能终端可信执行环境初始化的方案,为电信运营商利用用户卡资源参与可信执行环境的产业链建设提供思路。
Smartphones with a trusted execution environment(TEE) has an authority issue of the certificate with the loading stage. Based on the analysis of the initialization architecture and initializing scheme of the trusted execution environment, by using trust chain technology, a scheme was proposed to initialize the trusted terminal of the operator's card as the trusted root, and ideas were provided for the telecom operators to use the user card resources to participate in the construction of the industrial chain of the trusted execution environment.
Smartphones with a trusted execution environment(TEE) has an authority issue of the certificate with the loading stage. Based on the analysis of the initialization architecture and initializing scheme of the trusted execution environment, by using trust chain technology, a scheme was proposed to initialize the trusted terminal of the operator's card as the trusted root, and ideas were provided for the telecom operators to use the user card resources to participate in the construction of the industrial chain of the trusted execution environment.
引文
[1]ANWAR W,LINDSKOG D,ZAVARSKY P,et al.Redesigning secure element access control for NFC enabled Android smartphones using mobile trusted computing[C]//The 2013 IEEE International Conference on Information Society,June 24-26,2013,Toronto,Canada.New Jersey:IEEE Press,2013:27-34.
[2]ZHENG X Y.Analysis and research of Trust Zone technology[J].Chinese Journal of Computers,2016(9):1912-1928.
[3]Global Platform device technology.TEE system architecture version 1.0.technical report GPD_SPE_009,global platform.org[R/OL].(2011-12-01)[2016-12-02].http://www.globalplatform.org/specificationsdevice.asp.
[4]Global Platform Inc.Global Platform device technology TEE system architecture version 1.0[EB/OL].(2011-12-01)[2016-12-02].http://www.globalplatform.org/specificationsdevice.asp.
[5]Unified extensible firmware interface specification,version 2.4[EB/OL].(2014-12-01)[2016-12-02].https://www.baidu.com/link?url=V5ABp Ke6y6s K0q Cg18NU4Ia42Hp Uazbja KTb Rz A3h8u S0_c Iz Xj Xj Ho YVM78g Y_G&wd=&eqid=a20d780700003c540000000358845f61.
[6]焦四辈,杨正军,国炜,等.智能终端可信执行环境安全性分析[J].互联网天地,2016(8):8-13.JIAO S B,YANG Z J,GUO W,et al.Analysis of security on intelligent terminal trusted execution environment[J].China Internet,2016(8):8-13.
[2]ZHENG X Y.Analysis and research of Trust Zone technology[J].Chinese Journal of Computers,2016(9):1912-1928.
[3]Global Platform device technology.TEE system architecture version 1.0.technical report GPD_SPE_009,global platform.org[R/OL].(2011-12-01)[2016-12-02].http://www.globalplatform.org/specificationsdevice.asp.
[4]Global Platform Inc.Global Platform device technology TEE system architecture version 1.0[EB/OL].(2011-12-01)[2016-12-02].http://www.globalplatform.org/specificationsdevice.asp.
[5]Unified extensible firmware interface specification,version 2.4[EB/OL].(2014-12-01)[2016-12-02].https://www.baidu.com/link?url=V5ABp Ke6y6s K0q Cg18NU4Ia42Hp Uazbja KTb Rz A3h8u S0_c Iz Xj Xj Ho YVM78g Y_G&wd=&eqid=a20d780700003c540000000358845f61.
[6]焦四辈,杨正军,国炜,等.智能终端可信执行环境安全性分析[J].互联网天地,2016(8):8-13.JIAO S B,YANG Z J,GUO W,et al.Analysis of security on intelligent terminal trusted execution environment[J].China Internet,2016(8):8-13.