Research And Implementation Of Secure Payment Based On Intelligent Device’s Trusted Operating System

With the development and rapid popularization of intelligent terminals, people have become accustomed to dealing with many daily affairs, including entertainment,live and work. But also because of its "intelligent" nature, people can download the application through by many ways to enrich intelligent terminals, which makes people so fond of it that they cannot take their hands off it. As the proportion of intelligent terminal use in people’s daily life is growing, and more and more people now use mobile payments, its security has become a crucial issue. We have to find a solution to the problem of secure payments, and the better way is that we should give a framework solution to this security problem so that we can handle other possible security problems in the similar way.In recent years a concept called TEE(Trusted Execution Environment) began to appear terminal appears. Its corresponding concept is REE. Common applications will run in the REE while the key and sensitive program will run in the TEE, and the code runs TEE is considered safe. ARM proposed TrustZone security extensions based on this concept. ARM core with ARM Trust Zone security extensions can virtualize one physical core into two separate logic core. One of them is called safe core which has highest processing authority, and the other one is common core whose processing authority depends on configuration of registers by safe core. To solve the security problems of intelligent terminals, based on ARM TrustZone hardware-based isolation mechanism, we developed a credible operating system, by which we can easily solve the problem of secure payment, but can also solve more security problems using the same mechanism.The implementation of operating system takes reference to the TEE documentation released by Global Platform. The operating system is composed of two sub-operating system, the Android operating system and the T-OS operating system.Android runs in general execution environment while the T-OS running in a secure execution environment. Usually, users operate directly in the Android operating system,but only when dealing with sensitive data will enter into T-OS. By this mechanism, we can not only affect the customers’ experience but also can easily solve security problemsin the same time.Finally, we propose a secure payment solution according to trusted operating system, and the model is implemented on a trusted operating system.