Application integrity protection via secure interaction and processing

摘要

The present disclosure is directed to application integrity protection via secure interaction and processing. For example, interaction with a user interface in a device may result in input information being generated. Following encryption, the input information may be conveyed to an application executing in a secure processing environment. The encrypted input information may be received, decrypted and processed by the application. An example application may include a secure controller component, a secure model component and a secure view component. The secure controller component may, for example, provide change instructions to the secure model component based on the decrypted input information. The secure model component may then, if necessary, provide a change notification to the secure view component based on the change instructions. The secure view component may then generate output information, which may be encrypted prior to being provided to the user interface for decryption, processing and presentation.

主权项

1. A device, comprising:
a user interface that is incorporated within or coupled to the device, the user interface including a user input interface wherein input information generated by user interaction with the user input interface is encrypted using a first encryption protocol; an operating system interface to receive the encrypted input information from the user interface; and a trusted execution environment isolated from an operating system of the device, the trusted execution environment including at least an application, wherein the application comprises at least a secure controller component, a secure model component and a secure view component; wherein the secure controller component is to:
receive the encrypted input information from the operating system interface; decrypt the encrypted input information; and
provide change instructions in the encrypted input information to the secure model component; wherein the secure model component is to:
receive change instructions from the secure controller component; andwhen necessary, provide change notifications to the secure view component based on the received change instructions; the application to: process the decrypted input information using the application to generate output information; encrypt the output information using a second encryption protocol; and provide the encrypted output information to the operating system interface, wherein the operating system interface is to provide the encrypted output information to the user interface, the user interface including a user output interface to decrypt the encrypted output information using the second encryption protocol and to present the decrypted output information, where the application, the secure controller component, the secure model component and the secure view component are executed by a processor.