WO2012113545A3 - Verfahren zum datenaustausch in einer gesicherten laufzeitumgebung - Google Patents

Verfahren zum datenaustausch in einer gesicherten laufzeitumgebung Download PDF

Info

Publication number
WO2012113545A3
WO2012113545A3 PCT/EP2012/000763 EP2012000763W WO2012113545A3 WO 2012113545 A3 WO2012113545 A3 WO 2012113545A3 EP 2012000763 W EP2012000763 W EP 2012000763W WO 2012113545 A3 WO2012113545 A3 WO 2012113545A3
Authority
WO
WIPO (PCT)
Prior art keywords
runtime environment
secure
interchanging data
secure runtime
data
Prior art date
Application number
PCT/EP2012/000763
Other languages
English (en)
French (fr)
Other versions
WO2012113545A2 (de
Inventor
Stephan Spitz
Original Assignee
Giesecke & Devrient Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke & Devrient Gmbh filed Critical Giesecke & Devrient Gmbh
Priority to JP2013554811A priority Critical patent/JP2014506704A/ja
Priority to KR1020137024122A priority patent/KR20140027109A/ko
Priority to CN2012800103219A priority patent/CN103477344A/zh
Priority to EP12711339.7A priority patent/EP2678796B1/de
Priority to US14/001,332 priority patent/US20140007251A1/en
Publication of WO2012113545A2 publication Critical patent/WO2012113545A2/de
Publication of WO2012113545A3 publication Critical patent/WO2012113545A3/de

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Abstract

Die Erfindung betrifft ein Verfahren zum Datenaustausch zwischen einer gesicherten Laufzeitumgebung (SWd), in welcher eine Anzahl an sicheren Applikationen (TL) ausführbar ist, und einer unsicheren Umgebung (NWd) einer Mikroprozessoreinheit (MP), insbesondere in einem mobilen Endgerät, bei dem die Übertragung von Applikationsdaten (AD) und Steuerdaten (MCP, NQ) über verschiedene Puffer erfolgt.
PCT/EP2012/000763 2011-02-24 2012-02-22 Verfahren zum datenaustausch in einer gesicherten laufzeitumgebung WO2012113545A2 (de)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2013554811A JP2014506704A (ja) 2011-02-24 2012-02-22 セキュアランタイム環境でのデータ交換方法
KR1020137024122A KR20140027109A (ko) 2011-02-24 2012-02-22 보안된 런타임 환경에서 데이터를 교환하기 위한 방법
CN2012800103219A CN103477344A (zh) 2011-02-24 2012-02-22 用于在安全运行时环境中交换数据的方法
EP12711339.7A EP2678796B1 (de) 2011-02-24 2012-02-22 Verfahren zum datenaustausch in einer gesicherten laufzeitumgebung
US14/001,332 US20140007251A1 (en) 2011-02-24 2012-02-22 Method for interchanging data in a secure runtime environment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102011012227.3 2011-02-24
DE102011012227A DE102011012227A1 (de) 2011-02-24 2011-02-24 Verfahren zum Datenaustausch in einer gesicherten Laufzeitumgebung

Publications (2)

Publication Number Publication Date
WO2012113545A2 WO2012113545A2 (de) 2012-08-30
WO2012113545A3 true WO2012113545A3 (de) 2013-01-10

Family

ID=45922632

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2012/000763 WO2012113545A2 (de) 2011-02-24 2012-02-22 Verfahren zum datenaustausch in einer gesicherten laufzeitumgebung

Country Status (7)

Country Link
US (1) US20140007251A1 (de)
EP (1) EP2678796B1 (de)
JP (1) JP2014506704A (de)
KR (1) KR20140027109A (de)
CN (1) CN103477344A (de)
DE (1) DE102011012227A1 (de)
WO (1) WO2012113545A2 (de)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102011018431A1 (de) 2011-04-21 2012-10-25 Giesecke & Devrient Gmbh Verfahren zur Anzeige von Informationen auf einer Anzeigeeinrichtung eines Endgeräts
DE102011115135A1 (de) 2011-10-07 2013-04-11 Giesecke & Devrient Gmbh Mikroprozessorsystem mit gesicherter Laufzeitumgebung
US9672360B2 (en) 2012-10-02 2017-06-06 Mordecai Barkan Secure computer architectures, systems, and applications
US11188652B2 (en) 2012-10-02 2021-11-30 Mordecai Barkan Access management and credential protection
WO2014055372A2 (en) 2012-10-02 2014-04-10 Mordecai Barkan Secure computer architectures, systems, and applications
US9342695B2 (en) 2012-10-02 2016-05-17 Mordecai Barkan Secured automated or semi-automated systems
FR3003967B1 (fr) * 2013-03-29 2015-05-01 Alstom Transport Sa Procede d'execution d'un logiciel securitaire et d'un logiciel non securitaire entrelaces
GB201408539D0 (en) * 2014-05-14 2014-06-25 Mastercard International Inc Improvements in mobile payment systems
CN104378381A (zh) * 2014-11-27 2015-02-25 上海斐讯数据通信技术有限公司 智能终端企业邮件安全办公方法及系统
CN110059500A (zh) * 2015-11-30 2019-07-26 华为技术有限公司 用户界面切换方法和终端
CN106845160B (zh) * 2015-12-03 2018-04-20 国家新闻出版广电总局广播科学研究院 一种用于智能操作系统的数字版权管理(drm)方法和系统
CN113641518A (zh) * 2021-08-16 2021-11-12 京东科技控股股份有限公司 服务调用方法、装置及存储介质

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000043876A1 (en) * 1999-01-22 2000-07-27 Sun Microsystems, Inc. Techniques for permitting access across a context barrier on a small footprint device using an entry point object
WO2001075595A2 (en) * 2000-03-31 2001-10-11 Intel Corporation Controlling accesses to isolated memory using a memory controller for isolated execution
US20090327552A1 (en) * 2008-06-30 2009-12-31 Anand Sundaram Method and System for Secure Communication Between Processor Partitions

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH01185734A (ja) * 1988-01-20 1989-07-25 Fujitsu Ltd バッファメモリ管理方式
JPH05265779A (ja) * 1992-03-23 1993-10-15 Nec Corp タスク間通信システム
GB2396930B (en) * 2002-11-18 2005-09-07 Advanced Risc Mach Ltd Apparatus and method for managing access to a memory
AU2003274383A1 (en) * 2002-11-18 2004-06-15 Arm Limited Processor switching between secure and non-secure modes
GB0226874D0 (en) * 2002-11-18 2002-12-24 Advanced Risc Mach Ltd Switching between secure and non-secure processing modes
GB2406403B (en) * 2003-09-26 2006-06-07 Advanced Risc Mach Ltd Data processing apparatus and method for merging secure and non-secure data into an output data stream
DE102004054571B4 (de) * 2004-11-11 2007-01-25 Sysgo Ag Verfahren zur Verteilung von Rechenzeit in einem Rechnersystem
US7627807B2 (en) * 2005-04-26 2009-12-01 Arm Limited Monitoring a data processor to detect abnormal operation
US7765399B2 (en) * 2006-02-22 2010-07-27 Harris Corporation Computer architecture for a handheld electronic device
CN101299228B (zh) * 2008-01-26 2010-09-01 青岛大学 一种基于单cpu双总线的安全网络终端
GB2459097B (en) * 2008-04-08 2012-03-28 Advanced Risc Mach Ltd A method and apparatus for processing and displaying secure and non-secure data
US8978132B2 (en) * 2008-05-24 2015-03-10 Via Technologies, Inc. Apparatus and method for managing a microprocessor providing for a secure execution mode
US8595491B2 (en) * 2008-11-14 2013-11-26 Microsoft Corporation Combining a mobile device and computer to create a secure personalized environment
JP4698724B2 (ja) * 2008-12-01 2011-06-08 株式会社エヌ・ティ・ティ・ドコモ プログラム実行装置
US9207968B2 (en) * 2009-11-03 2015-12-08 Mediatek Inc. Computing system using single operating system to provide normal security services and high security services, and methods thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000043876A1 (en) * 1999-01-22 2000-07-27 Sun Microsystems, Inc. Techniques for permitting access across a context barrier on a small footprint device using an entry point object
WO2001075595A2 (en) * 2000-03-31 2001-10-11 Intel Corporation Controlling accesses to isolated memory using a memory controller for isolated execution
US20090327552A1 (en) * 2008-06-30 2009-12-31 Anand Sundaram Method and System for Secure Communication Between Processor Partitions

Also Published As

Publication number Publication date
EP2678796A2 (de) 2014-01-01
JP2014506704A (ja) 2014-03-17
DE102011012227A1 (de) 2012-08-30
EP2678796B1 (de) 2015-08-19
WO2012113545A2 (de) 2012-08-30
KR20140027109A (ko) 2014-03-06
US20140007251A1 (en) 2014-01-02
CN103477344A (zh) 2013-12-25

Similar Documents

Publication Publication Date Title
WO2012113545A3 (de) Verfahren zum datenaustausch in einer gesicherten laufzeitumgebung
EP2628281A4 (de) Endgerät, steuervorrichtung, kommunikationsverfahren, kommunikationssystem, kommunikationsmodul, programm und informationsverarbeitungsvorrichtung
EP2700205A4 (de) Endgerät, steuervorrichtung, kommunikationsverfahren, kommunikationssystem, kommunikationsmodul, programm und informationsverarbeitungsvorrichtung
WO2011127354A3 (en) Mobile phone payment processing methods and systems
EP2612764A4 (de) Metallzahlkarte und verfahren zu ihrer herstellung
WO2014055645A3 (en) Systems, methods, and computer program products for managing remote financial transactions
WO2012088512A3 (en) Mobile phone atm processing methods and systems
EP2657875A4 (de) Authentifizierungskarte, authentifizierungssystem, führungsverfahren und programm
WO2012012751A3 (en) System and method for determining a status of a proposed transaction
AP2014007429A0 (en) Mobile banking system with cryptographic expansiondevice
MX2015002243A (es) Metodo y sistema para habilitar ticketing/pagos moviles sin contacto por medio de una aplicacion de telefono movil.
EP3057049A4 (de) Verfahren und system für elektronische transaktionen sowie und bezahlplattformsystem
EP2645216A4 (de) Informationseingabesystem, programm, medium
EP2693696A4 (de) Computersystem und kommunikationsverfahren
AU2019268112A1 (en) Multi-process communication regarding gaming information
GB201407561D0 (en) Transaction processing system,method and program
EP2572336A4 (de) Mobile vorrichtung, serveranordnung und verfahren für augmented-reality-anwendungen
EP2890025A4 (de) Kommunikationssystem, kommunikationsendgerät, kommunikationsverfahren, chip-takterzeugungsverfahen und verfahren zur erzeugung eines orthogonalen codes
EP2793156A4 (de) Vorrichtung zur authentifizierung von eingabeinformationen, server, system zur authentifizierung von eingabeinformationen und programm für die vorrichtung
WO2012112800A3 (en) Customizable financial institution application interface
EP2661025A4 (de) Informationssystem, steuerungsvorrichtung, kommunikationsverfahren und programm
ZA201206128B (en) Trusted stored-value payment system that includes untrusted merchant terminals
WO2012096488A3 (ko) 통신 시스템에서 제어정보의 전송방법 및 그 기지국, 제어정보의 처리방법 및 그 단말
EP2739064A4 (de) Informationsverarbeitungsvorrichtung, eingabegerät, auswahlverfahren, programm und system
EP2797004A4 (de) Informationsfreigabevorrichtung, informationsfreigabeverfahren, informationsfreigabeprogramm und endgerät dafür

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2012711339

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2013554811

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20137024122

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 14001332

Country of ref document: US