Font Size: a A A

Research On Content Security Display Technology Based On TEE

Posted on:2020-10-24Degree:MasterType:Thesis
Country:ChinaCandidate:Y X ZhangFull Text:PDF
GTID:2428330572972237Subject:Computer technology
Abstract/Summary:
The rapid spread of 4G networks and mobile communication devices has transformed smart phone from a communication tool into the main channel for connecting to the Internet,and has led to the emergence of O2O(Online To Offline)and mobile office.These emerging application scenarios require interaction between users and devices,but there are serious security risks in the process of interaction.On the one hand,these applications are difficult to guarantee WYSIWYS(What You See Is What You Sign).On the other hand,in many scenarios,the displayed content is extremely private,and the security of the data in the mobile device must be guaranteed.When the security of the smartphone system cannot be guaranteed,the attacker can easily overwrite or tamper with the display content so that WYSIWYS cannot guarantee,and the data iseasily intercepted by the attack.This makes emerging application scenarios bring convenience and at the same time poses a huge risk to all users.This paper mainly studies the security problems existing in the display of the transaction and private data in smart phone,and realizes the attack on the application.It proves that under the traditional client server architecture,if the security of the operation system and the application cannot be guaranteed,the privacy and WYSIWYS of data are not guaranteed too.In order to solve the potential security threats in the data display,this paper deeply researches the TEE technology,and then proposes the private data security display scheme and the WYSIWYS security display scheme respectively.Finally,the TEE-based security display system is designed and implemented.The main work of this paper is as follows:1.Secure display design of private data:for the secure display of private data,the key storage and decryption of the display content of the solution will be completed in the TEE environment,thereby avoiding display security caused by key storage and system security issues.problem.In this solution,a symmetric key is shared between the device client and the server.The client key is stored in the TEE environment..The server must encrypt the private information first.The device REE environment receives the encrypted data sent by the server and stores it.If it needs to be displayed,the data is sent to the TEE environment.The corresponding program in the TEE decrypts the data and then displays it.2.WYSIWYS security display scheme design:this article achieves the signature and verification of the display content.The solution needs to use two public-private pairs.The server and the client both hold their own private key and the public key of the other party.The server side signs the sent transaction information,sends the signature together with the transaction information to the device,and the REE environment will send the received transaction content and signature to the TEE environment for display.If the verification is passed,the transaction information is displayed,and the display content is signed with the local private key and then sent to the server for response.3.The design and implementation of the TEE-based security display system:this paper implements the above security display scheme on the FVP(Fixed Virtual Platforms)simulator,and performs security verification on the private data display and WYSIWYS respectively.The experimental results show that the attack It is impossible to tamper with or steal the display content in this system.Finally,according to the research and experimental results of this paper,the FIDO UAF protocol has been modified so that the new FIDO UAF protocol can guarantee WYSIWYS in devices with TEE environment.
Keywords/Search Tags:secure display, TEE, FIDO UAF protocol, driver, WYSIWYS
Related items