[go: up one dir, main page]

CN104102497B - The equipment and its loading method of system management facility interacted for safety information - Google Patents

The equipment and its loading method of system management facility interacted for safety information Download PDF

Info

Publication number
CN104102497B
CN104102497B CN201310112102.8A CN201310112102A CN104102497B CN 104102497 B CN104102497 B CN 104102497B CN 201310112102 A CN201310112102 A CN 201310112102A CN 104102497 B CN104102497 B CN 104102497B
Authority
CN
China
Prior art keywords
system management
management device
storage device
loading
information interaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310112102.8A
Other languages
Chinese (zh)
Other versions
CN104102497A (en
Inventor
柴洪峰
鲁志军
何朔
郭伟
周钰
于彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201310112102.8A priority Critical patent/CN104102497B/en
Priority to PCT/CN2014/074472 priority patent/WO2014161458A1/en
Publication of CN104102497A publication Critical patent/CN104102497A/en
Application granted granted Critical
Publication of CN104102497B publication Critical patent/CN104102497B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Stored Programmes (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明提出了用于安全性信息交互的设备及其系统管理装置的加载方法,所述方法包括:在用于安全性信息交互的设备启动后,接收来自用户的选择指令;基于所述选择指令,将存储在外部存储装置中的系统管理装置安装包安装到所述第二存储装置中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置以作为所述安全系统管理装置而运行。本发明所公开的设备及方法能够使得用户可以自主地选择安全系统管理装置并可对其进行升级和修复。

The present invention proposes a device for security information interaction and a method for loading a system management device thereof, the method comprising: after the device for security information interaction is started, receiving a selection instruction from the user; based on the selection instruction , installing the system management device installation package stored in the external storage device to a corresponding location in the second storage device to form a system management device to be run, and then loading the system management device to be run into the second storage device A storage device operates as the security system management device. The device and method disclosed in the invention enable users to independently select a safety system management device and upgrade and repair it.

Description

用于安全性信息交互的设备及其系统管理装置的加载方法Equipment used for security information interaction and loading method of system management device thereof

技术领域technical field

本发明涉及用于信息交互的设备及其系统管理装置的加载方法,更具体地,涉及用于安全性信息交互的设备及其系统管理装置的加载方法。The present invention relates to a device used for information interaction and a loading method of a system management device thereof, more particularly, relates to a device used for security information interaction and a loading method of a system management device thereof.

背景技术Background technique

目前,随着计算机和网络应用的日益广泛以及不同领域的业务种类的日益丰富,用于安全性信息交互(即对安全性要求较高的信息交互,例如金融领域中的交易处理过程)的设备(尤其是基于移动终端的安全性信息交互设备)变得越来越重要。At present, with the increasingly wide application of computers and networks and the increasing variety of businesses in different fields, equipment used for security information interaction (that is, information interaction with high security requirements, such as transaction processing in the financial field) (Especially mobile terminal-based security information interaction equipment) is becoming more and more important.

在现有的基于可信环境平台的用于安全性信息交互的设备(其通常包括常规的系统管理装置(如常规的多媒体操作系统)和附加的安全系统管理装置(例如附加的安全操作系统),诸如TEE技术)中,附加的安全系统管理装置通常被预先(例如出厂时)内置在非易失性存储器(例如EEPROM或FLASH)中。Devices for security information interaction based on existing trusted environment platforms (which usually include conventional system management devices (such as conventional multimedia operating systems) and additional security system management devices (such as additional security operating systems) , such as TEE technology), additional safety system management devices are usually pre-built (eg, when leaving the factory) in non-volatile memory (eg, EEPROM or FLASH).

然而,现有的技术方案存在如下问题:(1)用户无法自主地选择安全系统管理装置;(2)用户无法对安全系统管理装置进行升级;(3)当安全系统管理装置出现问题时,用户无法通过重新安装方式进行修复。However, the existing technical solutions have the following problems: (1) the user cannot independently select the security system management device; (2) the user cannot upgrade the security system management device; (3) when there is a problem with the security system management device, the user Cannot be repaired by reinstallation.

因此,存在如下需求:提供能够使得用户可以自主地选择安全系统管理装置并可对其进行升级和修复的用于安全性信息交互的设备及其系统管理装置的加载方法。Therefore, there is a need to provide a device for security information interaction and a loading method for a system management device thereof that enables users to independently select a security system management device and upgrade and repair it.

发明内容Contents of the invention

为了解决上述现有技术方案所存在的问题,本发明提出了能够使得用户可以自主地选择安全系统管理装置并可对其进行升级和修复的用于安全性信息交互的设备及其系统管理装置的加载方法。In order to solve the problems existing in the above-mentioned existing technical solutions, the present invention proposes a device for security information interaction and a system management device thereof that allow users to independently select a security system management device and upgrade and repair it. load method.

本发明的目的是通过以下技术方案实现的:The purpose of the present invention is achieved through the following technical solutions:

一种用于安全性信息交互的设备,所述用于安全性信息交互的设备包括:A device for security information interaction, the device for security information interaction includes:

第一系统管理装置,所述第一系统管理装置为常规的应用提供运行环境;a first system management device, the first system management device provides an operating environment for conventional applications;

第二系统管理装置,所述第二系统管理装置为安全性应用提供安全模式下的运行环境,以执行安全性信息交互过程;A second system management device, the second system management device provides the security application with an operating environment in a security mode to execute a security information interaction process;

第一存储装置,所述第一存储装置为所述第一系统管理装置和所述第二系统管理装置提供正常运行所需的环境资源;A first storage device, where the first storage device provides environment resources required for normal operation for the first system management device and the second system management device;

通信接口,所述通信接口执行所述用于安全性信息交互的设备与外部设备之间的数据通信;a communication interface, the communication interface performs data communication between the device for security information interaction and an external device;

其中,在当前待运行的应用是常规的应用的情况下,所述用于安全性信息交互的设备将所述第一系统管理装置作为当前使用的系统管理装置,而在当前待运行的应用是安全性应用的情况下,所述用于安全性信息交互的设备将所述第二系统管理装置作为当前使用的系统管理装置。Wherein, when the application currently to be run is a conventional application, the device for security information interaction uses the first system management device as the currently used system management device, and when the application to be run currently is In the case of a security application, the device for exchanging security information uses the second system management device as the currently used system management device.

在上面所公开的方案中,优选地,所述用于安全性信息交互的设备进一步包括:In the solutions disclosed above, preferably, the device for security information interaction further includes:

第二存储装置,所述第二存储装置用于存储待运行的系统管理装置;a second storage device, the second storage device is used to store the system management device to be run;

引导装置,在所述用于安全性信息交互的设备启动后,基于配置文件或用户的选择指令,所述引导装置将存储在所述第二存储装置中的待运行的系统管理装置装载到所述第一存储装置以作为所述第二系统管理装置而运行,或者经由所述通信接口将存储在外部存储装置中的系统管理装置安装包安装到所述第二存储装置中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置以作为所述第二系统管理装置而运行,或者经由所述通信接口直接将存储在外部存储装置中的系统管理装置装载到所述第一存储装置以作为所述第二系统管理装置而运行;a booting device, after the device for security information interaction is started, based on a configuration file or a user's selection instruction, the booting device loads the system management device to be executed stored in the second storage device into the the first storage device to run as the second system management device, or install the system management device installation package stored in the external storage device to a corresponding location in the second storage device via the communication interface to constitute the system management device to be run and then load the system management device to be run into the first storage device to run as the second system management device, or directly store the system management device in the external storage device via the communication interface the system management device in the loaded into the first storage device to run as the second system management device;

用户接口,所述用户接口用于接收来自用户的所述选择指令。A user interface, the user interface is used for receiving the selection instruction from the user.

在上面所公开的方案中,优选地,在所述用于安全性信息交互的设备启动后,用户能够通过预设的开关进入所述用户接口的对应的用户界面以输入所述选择指令,所述选择指令指示需要装载到所述第一存储装置以作为所述第二系统管理装置而运行的装载目标,所述装载目标是从下列项中选择的一个或多个:所述第二存储装置中所存储的系统管理装置,所述外部存储装置中所存储的一个或多个系统管理装置安装包、以及所述外部存储装置中所存储的一个或多个系统管理装置。In the solution disclosed above, preferably, after the device for security information interaction is started, the user can enter the corresponding user interface of the user interface through a preset switch to input the selection instruction, so The selection instruction indicates a loading target that needs to be loaded into the first storage device to operate as the second system management device, and the loading target is one or more selected from the following items: the second storage device The system management device stored in the external storage device, one or more system management device installation packages stored in the external storage device, and one or more system management devices stored in the external storage device.

在上面所公开的方案中,优选地,如果用户选择多个装载目标,则所述用户能够通过所述选择指令设定所述多个装载目标的装载顺序。In the solution disclosed above, preferably, if the user selects multiple loading targets, the user can set the loading sequence of the multiple loading targets through the selection instruction.

在上面所公开的方案中,优选地,所述第二存储装置是非易失性存储器。In the solutions disclosed above, preferably, the second storage device is a non-volatile memory.

在上面所公开的方案中,优选地,当所述装载目标是所述外部存储装置中所存储的一个或多个系统管理装置安装包和/或所述外部存储装置中所存储的一个或多个系统管理装置时,所述引导装置在执行装载操作之前按照所述选择指令设定的装载顺序依次对所述一个或多个装载目标进行认证,直至找出第一个通过认证的装载目标,并随后针对所述第一个通过认证的装载目标执行装载操作,如果整个认证过程失败,则清除认证过程中产生的相关数据并返回所述用户界面以提示用户重新选择装载目标。In the solution disclosed above, preferably, when the loading target is one or more system management device installation packages stored in the external storage device and/or one or more system management device installation packages stored in the external storage device In the case of a system management device, before performing the loading operation, the booting device sequentially authenticates the one or more loading targets according to the loading sequence set by the selection instruction until the first certified loading target is found, And then perform a loading operation on the first authenticated loading target, if the entire authentication process fails, clear the relevant data generated during the authentication process and return to the user interface to prompt the user to select a loading target again.

在上面所公开的方案中,优选地,在所述用于安全性信息交互的设备启动后,如果用户没有输入所述选择指令,则所述引导装置针对所述配置文件所指示的装载目标以如下方式执行装载操作:按照所述配置文件设定的装载顺序依次对一个或多个装载目标进行装载操作,直至所述一个或多个装载目标中的一个装载目标被装载成功。In the solutions disclosed above, preferably, after the device for security information interaction is started, if the user does not input the selection instruction, the guidance device will use The loading operation is performed in the following manner: one or more loading targets are sequentially loaded according to the loading sequence set by the configuration file until one of the one or more loading targets is successfully loaded.

在上面所公开的方案中,优选地,用户能够通过所述引导装置升级和/或重新装载当前使用的第二系统管理装置。In the solution disclosed above, preferably, the user can upgrade and/or reload the currently used second system management device through the boot device.

本发明的目的也可以通过以下技术方案实现:The purpose of the present invention can also be achieved through the following technical solutions:

一种用于安全性信息交互的设备的安全系统管理装置的加载方法,所述方法包括下列步骤:A method for loading a safety system management device of a device for safety information interaction, the method includes the following steps:

(A1)在用于安全性信息交互的设备启动后,接收来自用户的选择指令;(A1) After the device used for security information interaction is started, receive a selection instruction from the user;

(A2)基于所述选择指令,将存储在第二存储装置中的待运行的系统管理装置装载到第一存储装置以作为安全系统管理装置而运行,或者将存储在外部存储装置中的系统管理装置安装包安装到所述第二存储装置中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置以作为所述安全系统管理装置而运行,或者直接将存储在外部存储装置中的系统管理装置装载到所述第一存储装置以作为所述安全系统管理装置而运行。(A2) Based on the selection instruction, load the system management device to be executed stored in the second storage device into the first storage device to run as a secure system management device, or load the system management device stored in the external storage device to installing a device installation package into a corresponding location in the second storage device to constitute a system management device to be run and then loading the system management device to be run into the first storage device to serve as the secure system management device or directly load the system management device stored in the external storage device to the first storage device to run as the security system management device.

本发明所公开的用于安全性信息交互的设备及其系统管理装置的加载方法具有下列优点:能够使得用户可以自主地选择安全系统管理装置并可以对其进行升级和修复。The device for security information interaction and the loading method of the system management device disclosed in the present invention have the following advantages: the user can independently select the security system management device and upgrade and repair it.

附图说明Description of drawings

结合附图,本发明的技术特征以及优点将会被本领域技术人员更好地理解,其中:With reference to the accompanying drawings, the technical features and advantages of the present invention will be better understood by those skilled in the art, wherein:

图1是根据本发明的实施例的用于安全性信息交互的设备的示意性结构图;FIG. 1 is a schematic structural diagram of a device for security information interaction according to an embodiment of the present invention;

图2是根据本发明的实施例的用于安全性信息交互的设备的安全系统管理装置的加载方法的流程图。Fig. 2 is a flowchart of a loading method of a security system management device of a device for security information interaction according to an embodiment of the present invention.

具体实施方式detailed description

图1是根据本发明的实施例的用于安全性信息交互的设备的示意性结构图。如图1所示,本发明所公开的用于安全性信息交互的设备包括第一系统管理装置1、第二系统管理装置2、第一存储装置3、通信接口4。其中,所述第一系统管理装置1(例如常规的多媒体操作系统)为常规的应用提供运行环境。所述第二系统管理装置2为安全性应用(即对安全性要求较高的应用,例如金融领域中的支付应用)提供安全模式下的运行环境,以执行安全性信息交互过程。所述第一存储装置3(例如内存)为所述第一系统管理装置1和所述第二系统管理装置2提供正常运行所需的环境资源。所述通信接口4执行所述用于安全性信息交互的设备与外部设备之间的数据通信。其中,在当前待运行的应用是常规的应用的情况下,所述用于安全性信息交互的设备将所述第一系统管理装置1作为当前使用的系统管理装置,而在当前待运行的应用是安全性应用的情况下,所述用于安全性信息交互的设备将所述第二系统管理装置2(例如安全操作系统)作为当前使用的系统管理装置(示例性地,所述用于安全性信息交互的设备能够在所述第一系统管理装置1和所述第二系统管理装置2之间进行切换)。Fig. 1 is a schematic structural diagram of a device for exchanging security information according to an embodiment of the present invention. As shown in FIG. 1 , the device for security information exchange disclosed in the present invention includes a first system management device 1 , a second system management device 2 , a first storage device 3 , and a communication interface 4 . Wherein, the first system management device 1 (for example, a conventional multimedia operating system) provides a running environment for conventional applications. The second system management device 2 provides an operating environment in a safe mode for security applications (that is, applications that require high security, such as payment applications in the financial field) to execute security information interaction processes. The first storage device 3 (such as memory) provides the first system management device 1 and the second system management device 2 with environment resources required for normal operation. The communication interface 4 performs data communication between the device for exchanging security information and external devices. Wherein, in the case that the application currently to be run is a conventional application, the device for security information interaction uses the first system management device 1 as the currently used system management device, and the application to be run currently In the case of a security application, the device for security information interaction uses the second system management device 2 (such as a security operating system) as the currently used system management device (for example, the security The device for exchanging sexual information can be switched between the first system management device 1 and the second system management device 2).

优选地,本发明所公开的用于安全性信息交互的设备进一步包括引导装置7、第二存储装置5和用户接口6。所述第二存储装置5用于存储待运行的系统管理装置。在所述用于安全性信息交互的设备启动后,基于配置文件或用户的选择指令,所述引导装置7将存储在所述第二存储装置5中的待运行的系统管理装置装载到所述第一存储装置3(例如内存)以作为所述第二系统管理装置2而运行,或者经由所述通信接口4将存储在外部存储装置(例如与该用于安全性信息交互的设备相连的SD卡或通过网络与该用于安全性信息交互的设备相连的远程服务器中的存储设备)中的系统管理装置安装包安装到所述第二存储装置5中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置3(例如内存)以作为所述第二系统管理装置2而运行,或者经由所述通信接口4直接将存储在外部存储装置(例如与该用于安全性信息交互的设备相连的SD卡或通过网络与该用于安全性信息交互的设备相连的远程服务器中的存储设备)中的系统管理装置装载到所述第一存储装置3(例如内存)以作为所述第二系统管理装置2而运行。所述用户接口6用于接收来自用户的所述选择指令。Preferably, the device for security information interaction disclosed in the present invention further includes a guiding device 7 , a second storage device 5 and a user interface 6 . The second storage device 5 is used to store the system management device to be run. After the device for security information interaction is started, based on configuration files or user selection instructions, the boot device 7 loads the system management device to be executed stored in the second storage device 5 into the The first storage device 3 (such as internal memory) can operate as the second system management device 2, or store in an external storage device (such as an SD card connected to the device for security information interaction) via the communication interface 4 card or the storage device in the remote server connected to the device for security information exchange through the network) the system management device installation package is installed to the corresponding position in the second storage device 5 to constitute the system management system to be run device and then load the system management device to be run into the first storage device 3 (such as internal memory) to run as the second system management device 2, or directly store the system management device externally via the communication interface 4 The system management device in the storage device (such as the SD card connected to the device for security information interaction or the storage device in the remote server connected to the device for security information interaction through the network) is loaded into the first A storage device 3 (such as memory) operates as the second system management device 2 . The user interface 6 is used for receiving the selection instruction from the user.

优选地,在本发明所公开的用于安全性信息交互的设备中,在所述用于安全性信息交互的设备启动后,用户能够通过预设的开关(例如快捷键)进入所述用户接口6的对应的用户界面以输入所述选择指令,所述选择指令指示需要装载到所述第一存储装置3(例如内存)以作为所述第二系统管理装置2而运行的装载目标,所述装载目标是从下列项中选择的一个或多个:所述第二存储装置5中所存储的系统管理装置,所述外部存储装置中所存储的一个或多个系统管理装置安装包(例如安全操作系统安装包)、以及所述外部存储装置中所存储的一个或多个系统管理装置。Preferably, in the device for security information interaction disclosed in the present invention, after the device for security information interaction is started, the user can enter the user interface through a preset switch (such as a shortcut key) 6 to input the selection instruction, the selection instruction indicates the loading target that needs to be loaded into the first storage device 3 (such as internal memory) to run as the second system management device 2, the The loading target is one or more selected from the following items: the system management device stored in the second storage device 5, one or more system management device installation packages stored in the external storage device (such as security operating system installation package), and one or more system management devices stored in the external storage device.

优选地,在本发明所公开的用于安全性信息交互的设备中,如果用户选择多个装载目标,则所述用户能够通过所述选择指令设定所述多个装载目标的装载顺序。Preferably, in the device for security information interaction disclosed in the present invention, if the user selects multiple loading targets, the user can set the loading sequence of the multiple loading targets through the selection instruction.

优选地,在本发明所公开的用于安全性信息交互的设备中,所述第二存储装置是非易失性存储器(诸如EEPROM或FLASH)。Preferably, in the device for exchanging security information disclosed in the present invention, the second storage device is a non-volatile memory (such as EEPROM or FLASH).

优选地,在本发明所公开的用于安全性信息交互的设备中,当所述装载目标是所述外部存储装置中所存储的一个或多个系统管理装置安装包(例如安全操作系统安装包)和/或所述外部存储装置中所存储的一个或多个系统管理装置时,所述引导装置7在执行装载操作(即将装载目标安装到所述第二存储装置5中的相应位置以及可能的随后将装载目标装载到所述第一存储装置3)之前按照所述选择指令设定的装载顺序依次对所述一个或多个装载目标进行认证(该认证用于鉴别所述装载目标是否是经过认证或授权的相关方发布的),直至找出第一个通过认证的装载目标,并随后针对所述第一个通过认证的装载目标执行装载操作,如果整个认证过程失败,则清除认证过程中产生的相关数据并返回所述用户界面以提示用户重新选择装载目标。示例性地,可以使用如下认证方式:所述引导装置7保存相关的公钥,而使用相关联的私钥签名所述系统管理装置安装包,由此,如果所述引导装置7能够验证该签名,则该系统管理装置安装包认证通过。Preferably, in the device for security information interaction disclosed in the present invention, when the loading target is one or more system management device installation packages (such as security operating system installation packages) stored in the external storage device ) and/or one or more system management devices stored in the external storage device, the boot device 7 executes the loading operation (that is, installing the loading target into the corresponding location in the second storage device 5 and possibly Before loading the loading target into the first storage device 3), the one or more loading targets are sequentially authenticated according to the loading sequence set by the selection instruction (the authentication is used to identify whether the loading target is issued by an authenticated or authorized party), until the first authenticated mount target is found, and then the mount operation is performed against said first authenticated mount target, and if the entire authentication process fails, the authentication process is cleared Relevant data generated in and returned to the user interface to prompt the user to reselect the loading target. Exemplarily, the following authentication method can be used: the boot device 7 saves the relevant public key, and uses the associated private key to sign the system management device installation package, thus, if the boot device 7 can verify the signature , then the installation package authentication of the system management device passes.

优选地,在本发明所公开的用于安全性信息交互的设备中,在所述用于安全性信息交互的设备启动后,如果用户没有输入所述选择指令,则所述引导装置针对所述配置文件所指示的装载目标以如下方式执行装载操作:按照所述配置文件设定的装载顺序依次对一个或多个装载目标进行装载操作,直至所述一个或多个装载目标中的一个装载目标被装载成功(即首先装载默认最高优先级的装载目标,并且当该装载目标装载失败时按照顺序装载另外的装载目标)。Preferably, in the device for security information interaction disclosed in the present invention, after the device for security information interaction is started, if the user does not input the selection instruction, the guidance means for the The loading target indicated by the configuration file executes the loading operation in the following manner: one or more loading targets are sequentially loaded according to the loading sequence set by the configuration file until one of the one or more loading targets is loaded. is mounted successfully (that is, the default highest priority mount target is loaded first, and other mount targets are loaded in order when the mount target fails to load).

优选地,在本发明所公开的用于安全性信息交互的设备中,用户能够通过所述引导装置7升级和/或重新装载当前使用的第二系统管理装置2。Preferably, in the device for security information interaction disclosed in the present invention, the user can upgrade and/or reload the currently used second system management device 2 through the guide device 7 .

由上可见,本发明所公开的用于安全性信息交互的设备具有下列优点:能够使得用户可以自主地选择安全系统管理装置并可以对其进行升级和修复。It can be seen from the above that the device for security information interaction disclosed by the present invention has the following advantages: it enables users to independently select a security system management device and upgrade and repair it.

图2是根据本发明的实施例的用于安全性信息交互的设备的安全系统管理装置的加载方法的流程图。如图2所示,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法包括下列步骤:(A1)在用于安全性信息交互的设备启动后,接收来自用户的选择指令;(A2)基于所述选择指令,将存储在第二存储装置中的待运行的系统管理装置装载到第一存储装置(例如内存)以作为安全系统管理装置而运行,或者将存储在外部存储装置(例如与该用于安全性信息交互的设备相连的SD卡或通过网络与该用于安全性信息交互的设备相连的远程服务器中的存储设备)中的系统管理装置安装包安装到所述第二存储装置中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置(例如内存)以作为所述安全系统管理装置而运行,或者直接将存储在外部存储装置(例如与该用于安全性信息交互的设备相连的SD卡或通过网络与该用于安全性信息交互的设备相连的远程服务器中的存储设备)中的系统管理装置装载到所述第一存储装置(例如内存)以作为所述安全系统管理装置而运行。Fig. 2 is a flowchart of a loading method of a security system management device of a device for security information interaction according to an embodiment of the present invention. As shown in FIG. 2 , the loading method of the security system management device of the device for security information interaction disclosed by the present invention includes the following steps: (A1) After the device for security information interaction is started, receive a message from the user A selection instruction; (A2) based on the selection instruction, load the system management device to be run stored in the second storage device into the first storage device (such as internal memory) to run as a security system management device, or store in The installation package of the system management device in the external storage device (such as the SD card connected to the device for security information interaction or the storage device in the remote server connected to the device for security information interaction through the network) is installed to the corresponding location in the second storage device to constitute the system management device to be run and then load the system management device to be run into the first storage device (such as internal memory) as the secure system management device run, or directly store the data stored in an external storage device (such as an SD card connected to the device for security information interaction or a storage device in a remote server connected to the device for security information interaction through a network) The system management device is loaded into the first storage device (such as memory) to operate as the secure system management device.

优选地,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法进一步包括:在所述用于安全性信息交互的设备启动后,用户通过预设的开关(例如快捷键)进入对应的用户界面以输入所述选择指令,所述选择指令指示需要装载到所述第一存储装置(例如内存)以作为所述安全系统管理装置而运行的装载目标,所述装载目标是从下列项中选择的一个或多个:所述第二存储装置中所存储的系统管理装置,所述外部存储装置中所存储的一个或多个系统管理装置安装包(例如安全操作系统安装包)、以及所述外部存储装置中所存储的一个或多个系统管理装置。Preferably, the method for loading the security system management device of the device for security information interaction disclosed in the present invention further includes: after the device for security information interaction is started, the user uses a preset switch (such as a shortcut key) to enter the corresponding user interface to input the selection instruction, the selection instruction indicates the loading target that needs to be loaded into the first storage device (such as internal memory) to operate as the security system management device, and the loading target is one or more selected from: a system management device stored in the second storage device, one or more system management device installation packages (such as a secure operating system installation package) stored in the external storage device package), and one or more system management devices stored in the external storage device.

优选地,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法进一步包括:如果用户选择多个装载目标,则所述用户通过所述选择指令设定所述多个装载目标的装载顺序。Preferably, the loading method of the security system management device for security information interaction equipment disclosed in the present invention further includes: if the user selects multiple loading targets, the user sets the multiple loading targets through the selection instruction. The load order of the mount targets.

优选地,在本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法中,所述第二存储装置是非易失性存储器(诸如EEPROM或FLASH)。Preferably, in the loading method of the security system management device of the device for security information interaction disclosed in the present invention, the second storage device is a non-volatile memory (such as EEPROM or FLASH).

优选地,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法进一步包括:当所述装载目标是所述外部存储装置中所存储的一个或多个系统管理装置安装包(例如安全操作系统安装包)和/或所述外部存储装置中所存储的一个或多个系统管理装置时,在执行装载操作(即将装载目标安装到所述第二存储装置中的相应位置以及可能的随后将装载目标装载到所述第一存储装置)之前按照所述选择指令设定的装载顺序依次对所述一个或多个装载目标进行认证(该认证用于鉴别所述装载目标是否是经过认证或授权的相关方发布的),直至找出第一个通过认证的装载目标,并随后针对所述第一个通过认证的装载目标执行装载操作,并且如果整个认证过程失败,则清除认证过程中产生的相关数据并返回所述用户界面以提示用户重新选择装载目标。示例性地,可以使用如下认证方式:所述用于安全性信息交互的设备保存相关的公钥,而使用相关联的私钥签名所述系统管理装置安装包,由此,如果所述用于安全性信息交互的设备能够验证该签名,则该系统管理装置安装包认证通过。Preferably, the method for loading a security system management device of a device for security information interaction disclosed in the present invention further includes: when the loading target is one or more system management devices installed in the external storage device package (such as a secure operating system installation package) and/or one or more system management devices stored in the external storage device, when performing the loading operation (that is, installing the loading target to the corresponding location in the second storage device) and possibly subsequently loading the loading target into the first storage device) before sequentially authenticating the one or more loading targets according to the loading order set by the selection instruction (the authentication is used to identify whether the loading target is issued by an authenticated or authorized party), until the first authenticated mount target is found, and then the mount operation is performed against said first authenticated mount target, and if the entire authentication process fails, clear The relevant data generated during the authentication process is returned to the user interface to prompt the user to reselect the loading target. Exemplarily, the following authentication method may be used: the device for security information interaction stores the relevant public key, and signs the installation package of the system management device with the associated private key, thus, if the If the device for exchanging security information can verify the signature, then the installation package of the system management device has passed the authentication.

优选地,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法进一步包括:在所述用于安全性信息交互的设备启动后,如果用户没有输入所述选择指令,则针对配置文件所指示的装载目标以如下方式执行装载操作:按照所述配置文件设定的装载顺序依次对一个或多个装载目标进行装载操作,直至所述一个或多个装载目标中的一个装载目标被装载成功(即首先装载默认最高优先级的装载目标,并且当该装载目标装载失败时按照顺序装载另外的装载目标)。Preferably, the method for loading the security system management device of the device for security information interaction disclosed in the present invention further includes: after the device for security information interaction is started, if the user does not input the selection instruction, Then, the loading operation is performed on the loading target indicated by the configuration file in the following manner: one or more loading targets are sequentially loaded according to the loading sequence set by the configuration file until one of the one or more loading targets The mount target is mounted successfully (that is, the mount target with the default highest priority is loaded first, and other mount targets are loaded in order when the mount target fails to mount).

优选地,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法进一步包括:用户能够升级和/或重新装载当前使用的第二系统管理装置。Preferably, the method for loading the security system management device of the device for security information interaction disclosed in the present invention further includes: the user can upgrade and/or reload the currently used second system management device.

由上可见,本发明所公开的用于安全性信息交互的设备的安全系统管理装置的加载方法具有下列优点:能够使得用户可以自主地选择安全系统管理装置并可以对其进行升级和修复。It can be seen from the above that the method for loading the security system management device of the device for security information interaction disclosed by the present invention has the following advantages: it enables the user to independently select the security system management device and upgrade and repair it.

尽管本发明是通过上述的优选实施方式进行描述的,但是其实现形式并不局限于上述的实施方式。应该认识到:在不脱离本发明主旨和范围的情况下,本领域技术人员可以对本发明做出不同的变化和修改。Although the present invention has been described through the above-mentioned preferred embodiments, its implementation forms are not limited to the above-mentioned embodiments. It should be appreciated that those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention.

Claims (8)

1.一种用于安全性信息交互的设备,所述用于安全性信息交互的设备包括:1. A device for security information interaction, the device for security information interaction comprising: 第一系统管理装置,所述第一系统管理装置为常规的应用提供运行环境;a first system management device, the first system management device provides an operating environment for conventional applications; 第二系统管理装置,所述第二系统管理装置为安全性应用提供安全模式下的运行环境,以执行安全性信息交互过程;A second system management device, the second system management device provides the security application with an operating environment in a security mode to execute a security information interaction process; 第一存储装置,所述第一存储装置为所述第一系统管理装置和所述第二系统管理装置提供正常运行所需的环境资源;A first storage device, where the first storage device provides environment resources required for normal operation for the first system management device and the second system management device; 通信接口,所述通信接口执行所述用于安全性信息交互的设备与外部设备之间的数据通信;a communication interface, the communication interface performs data communication between the device for security information interaction and an external device; 其中,在当前待运行的应用是常规的应用的情况下,所述用于安全性信息交互的设备将所述第一系统管理装置作为当前使用的系统管理装置,而在当前待运行的应用是安全性应用的情况下,所述用于安全性信息交互的设备将所述第二系统管理装置作为当前使用的系统管理装置;Wherein, when the application currently to be run is a conventional application, the device for security information interaction uses the first system management device as the currently used system management device, and when the application to be run currently is In the case of a security application, the device for security information interaction uses the second system management device as the currently used system management device; 其中,所述用于安全性信息交互的设备进一步包括:Wherein, the device for security information interaction further includes: 第二存储装置,所述第二存储装置用于存储待运行的系统管理装置;a second storage device, the second storage device is used to store the system management device to be run; 引导装置,在所述用于安全性信息交互的设备启动后,基于配置文件或用户的选择指令,所述引导装置将存储在所述第二存储装置中的待运行的系统管理装置装载到所述第一存储装置以作为所述第二系统管理装置而运行,或者经由所述通信接口将存储在外部存储装置中的系统管理装置安装包安装到所述第二存储装置中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置以作为所述第二系统管理装置而运行,或者经由所述通信接口直接将存储在外部存储装置中的系统管理装置装载到所述第一存储装置以作为所述第二系统管理装置而运行;a booting device, after the device for security information interaction is started, based on a configuration file or a user's selection instruction, the booting device loads the system management device to be executed stored in the second storage device into the the first storage device to run as the second system management device, or install the system management device installation package stored in the external storage device to a corresponding location in the second storage device via the communication interface to constitute the system management device to be run and then load the system management device to be run into the first storage device to run as the second system management device, or directly store the system management device in the external storage device via the communication interface the system management device in the loaded into the first storage device to run as the second system management device; 用户接口,所述用户接口用于接收来自用户的所述选择指令。A user interface, the user interface is used for receiving the selection instruction from the user. 2.根据权利要求1所述的用于安全性信息交互的设备,其特征在于,在所述用于安全性信息交互的设备启动后,用户能够通过预设的开关进入所述用户接口的对应的用户界面以输入所述选择指令,所述选择指令指示需要装载到所述第一存储装置以作为所述第二系统管理装置而运行的装载目标,所述装载目标是从下列项中选择的一个或多个:所述第二存储装置中所存储的系统管理装置,所述外部存储装置中所存储的一个或多个系统管理装置安装包、以及所述外部存储装置中所存储的一个或多个系统管理装置。2. The device for security information interaction according to claim 1, characterized in that, after the device for security information interaction is started, the user can enter the corresponding to input the selection instruction, the selection instruction indicates a loading target that needs to be loaded into the first storage device to operate as the second system management device, the loading target is selected from the following One or more: the system management device stored in the second storage device, one or more system management device installation packages stored in the external storage device, and one or more installation packages stored in the external storage device Multiple system management devices. 3.根据权利要求2所述的用于安全性信息交互的设备,其特征在于,如果用户选择多个装载目标,则所述用户能够通过所述选择指令设定所述多个装载目标的装载顺序。3. The device for security information interaction according to claim 2, wherein if the user selects multiple loading targets, the user can set the loading of the multiple loading targets through the selection instruction order. 4.根据权利要求3所述的用于安全性信息交互的设备,其特征在于,所述第二存储装置是非易失性存储器。4. The device for security information exchange according to claim 3, wherein the second storage device is a non-volatile memory. 5.根据权利要求4所述的用于安全性信息交互的设备,其特征在于,当所述装载目标是所述外部存储装置中所存储的一个或多个系统管理装置安装包和/或所述外部存储装置中所存储的一个或多个系统管理装置时,所述引导装置在执行装载操作之前按照所述选择指令设定的装载顺序依次对所述一个或多个装载目标进行认证,直至找出第一个通过认证的装载目标,并随后针对所述第一个通过认证的装载目标执行装载操作,如果整个认证过程失败,则清除认证过程中产生的相关数据并返回所述用户界面以提示用户重新选择装载目标。5. The device for security information interaction according to claim 4, wherein when the loading target is one or more system management device installation packages and/or the When one or more system management devices stored in the external storage device are used, the boot device authenticates the one or more loading targets sequentially according to the loading sequence set by the selection instruction before executing the loading operation until find out the first authenticated loading target, and then perform a loading operation on the first authenticated loading target, if the entire authentication process fails, clear the relevant data generated during the authentication process and return to the user interface to Prompt the user to reselect the mount target. 6.根据权利要求5所述的用于安全性信息交互的设备,其特征在于,在所述用于安全性信息交互的设备启动后,如果用户没有输入所述选择指令,则所述引导装置针对所述配置文件所指示的装载目标以如下方式执行装载操作:按照所述配置文件设定的装载顺序依次对一个或多个装载目标进行装载操作,直至所述一个或多个装载目标中的一个装载目标被装载成功。6. The device for security information interaction according to claim 5, characterized in that, after the device for security information interaction is started, if the user does not input the selection instruction, the guiding means For the loading target indicated by the configuration file, the loading operation is performed in the following manner: one or more loading targets are sequentially loaded according to the loading sequence set by the configuration file, until the one or more loading targets in the one or more loading targets A mount target was loaded successfully. 7.根据权利要求6所述的用于安全性信息交互的设备,其特征在于,用户能够通过所述引导装置升级和/或重新装载当前使用的第二系统管理装置。7. The device for security information interaction according to claim 6, characterized in that, the user can upgrade and/or reload the currently used second system management device through the boot device. 8.一种用于安全性信息交互的设备的安全系统管理装置的加载方法,所述方法包括下列步骤:8. A method for loading a safety system management device of a device for safety information interaction, the method comprising the following steps: (A1)在用于安全性信息交互的设备启动后,接收来自用户的选择指令;(A1) After the device used for security information interaction is started, receive a selection instruction from the user; (A2)基于所述选择指令,将存储在第二存储装置中的待运行的系统管理装置装载到第一存储装置以作为安全系统管理装置而运行,或者将存储在外部存储装置中的系统管理装置安装包安装到所述第二存储装置中的相应位置以构成待运行的系统管理装置并随后将所述待运行的系统管理装置装载到所述第一存储装置以作为所述安全系统管理装置而运行,或者直接将存储在外部存储装置中的系统管理装置装载到所述第一存储装置以作为所述安全系统管理装置而运行;(A2) Based on the selection instruction, load the to-be-run system management device stored in the second storage device into the first storage device to operate as a secure system management device, or load the system management device stored in the external storage device installing a device installation package into a corresponding location in the second storage device to constitute a system management device to be run and then loading the system management device to be run into the first storage device to serve as the secure system management device and run, or directly load the system management device stored in the external storage device into the first storage device to run as the secure system management device; 其中,所述方法进一步包括:在所述用于安全性信息交互的设备启动后,用户通过预设的开关进入对应的用户界面以输入所述选择指令,所述选择指令指示需要装载到所述第一存储装置以作为所述安全系统管理装置而运行的装载目标,所述装载目标是从下列项中选择的一个或多个:所述第二存储装置中所存储的系统管理装置,所述外部存储装置中所存储的一个或多个系统管理装置安装包、以及所述外部存储装置中所存储的一个或多个系统管理装置。Wherein, the method further includes: after the device for security information interaction is started, the user enters the corresponding user interface through a preset switch to input the selection instruction, and the selection instruction indicates that it needs to be loaded into the The first storage device has a loading target that operates as the secure system management device, and the loading target is one or more selected from the following: the system management device stored in the second storage device, the One or more system management device installation packages stored in the external storage device, and one or more system management devices stored in the external storage device.
CN201310112102.8A 2013-04-02 2013-04-02 The equipment and its loading method of system management facility interacted for safety information Active CN104102497B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201310112102.8A CN104102497B (en) 2013-04-02 2013-04-02 The equipment and its loading method of system management facility interacted for safety information
PCT/CN2014/074472 WO2014161458A1 (en) 2013-04-02 2014-04-01 Apparatus used for security information interaction and system management device loading method therefor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310112102.8A CN104102497B (en) 2013-04-02 2013-04-02 The equipment and its loading method of system management facility interacted for safety information

Publications (2)

Publication Number Publication Date
CN104102497A CN104102497A (en) 2014-10-15
CN104102497B true CN104102497B (en) 2017-08-25

Family

ID=51657592

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310112102.8A Active CN104102497B (en) 2013-04-02 2013-04-02 The equipment and its loading method of system management facility interacted for safety information

Country Status (2)

Country Link
CN (1) CN104102497B (en)
WO (1) WO2014161458A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105636027A (en) * 2015-05-20 2016-06-01 宇龙计算机通信科技(深圳)有限公司 Connection method for external equipment, connection device for external equipment and terminal

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101256608A (en) * 2008-03-25 2008-09-03 北京飞天诚信科技有限公司 Safe operation method and system
CN101334824A (en) * 2007-04-11 2008-12-31 趋势科技公司 Portable secured computing environment for performing online confidential transactions in untrusted computers
CN102087687A (en) * 2009-12-04 2011-06-08 株式会社Ntt都科摩 State notification apparatus and state notification method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1922623A (en) * 2004-02-17 2007-02-28 富士通株式会社 Wireless wallet
WO2007127188A2 (en) * 2006-04-24 2007-11-08 Encryptakey, Inc. Portable device and methods for performing secure transactions
CN101833817B (en) * 2009-03-11 2014-08-13 中兴通讯股份有限公司 Method and terminal for realizing application selection in non-contact electronic payment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101334824A (en) * 2007-04-11 2008-12-31 趋势科技公司 Portable secured computing environment for performing online confidential transactions in untrusted computers
CN101256608A (en) * 2008-03-25 2008-09-03 北京飞天诚信科技有限公司 Safe operation method and system
CN102087687A (en) * 2009-12-04 2011-06-08 株式会社Ntt都科摩 State notification apparatus and state notification method

Also Published As

Publication number Publication date
WO2014161458A1 (en) 2014-10-09
CN104102497A (en) 2014-10-15

Similar Documents

Publication Publication Date Title
US11221838B2 (en) Hot update method, operating system, terminal device, system, and computer-readable storage medium for a system process
CN108960830B (en) Intelligent contract deployment method, device, equipment and storage medium
US9477848B2 (en) System and method for managing and diagnosing a computing device equipped with unified extensible firmware interface (UEFI)-compliant firmware
CN104754552B (en) A kind of credible performing environment TEE initial methods and equipment
US10846408B2 (en) Remote integrity assurance of a secured virtual environment
US20190332421A1 (en) Secure delivery and deployment of a virtual environment
US9111081B2 (en) Remote direct memory access authentication of a device
CN112887160B (en) Block chain all-in-one machine, multi-node deployment method and device thereof, and storage medium
US9569620B2 (en) Method for processing UEFI protocols and system therefor
US20140149730A1 (en) Systems and methods for enforcing secure boot credential isolation among multiple operating systems
CN105446713A (en) Safe storage method and equipment
US20170255775A1 (en) Software verification systems with multiple verification paths
CN115048642B (en) Communication method between trusted applications in multi-trusted execution environment and electronic equipment
CN108335105B (en) Data processing method and related equipment
US20190163898A1 (en) Package processing
CN104348616A (en) Method for visiting terminal security component, device thereof and system thereof
WO2019233022A1 (en) Rollback prevention method and system
US20190166123A1 (en) User terminal using cloud service, integrated security management server for user terminal, and integrated security management method for user terminal
WO2016150034A1 (en) Virtual sim card management method, device and system
CN104102497B (en) The equipment and its loading method of system management facility interacted for safety information
CN115859381B (en) A method, device, computer equipment and storage medium for building a trusted environment
CN117453343A (en) Virtual machine measurement and secret calculation authentication method, device, system and storage medium
US20230074627A1 (en) Method and system for detecting forgery of mobile application by using user identifier and signature collection
WO2020233044A1 (en) Plug-in verification method and device, and server and computer-readable storage medium
CN113360172B (en) Application deployment method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant