METHOD AND APPARATUS FOR PROVIDING SECURE EXECUTION ENVIRONMENT BASED ON DOMAIN SEPARATION
摘要
PURPOSE: A method for providing a safe execution environment based on domain separation and a device thereof are provided to improve security for software executed in a terminal by composing two independent execution environments through virtualization-based domain separation and providing a safety service through a security service channel between domains. CONSTITUTION: A general service domain(300) performs operation requested for a general service in a mobile terminal. A safe service domain(400) is separated from the general service domain based on virtualization to perform operation requested for a security service. The general service domain includes a general service application(360) for interlinking the security service, a safe service API(Application Program Interface)(350) for interlinking the security service requested in the general service application with the safe service domain, and a front end driver(340) for executing the security service received from the API by transmitting the service to the safe service domain. [Reference numerals] (100) Processor; (200) Monitor/hypervisor; (300) General service domain; (310) Embedded operation system; (320) Library; (330) Mobile application; (340) Front end driver; (350) Safe service API; (360) General service application; (400) Safe service domain; (410) Back end driver; (420) Code module; (430) Code API; (440) Safe server application
申请公布号
KR20130017762(A)
申请公布日期
2013.02.20
申请号
KR20110080381
申请日期
2011.08.12
申请人
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
发明人
KIM, YOUNG HO;KIM, JEONG NYEO;JEON, YONG SUNG;JU, HONG IL;LEE, YUN KYUNG