DOI QR코드

DOI QR Code

Security Core Technology Implementation for Hardware-based Smart Devices

HW기반 스마트 단말 보안 핵심기술 구현

  • Received : 2016.09.28
  • Accepted : 2016.11.20
  • Published : 2016.11.28

Abstract

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study inspects features of hardware-based smart device security technology. Furthermore, this study proposes a realization method in MTM hardware-based secure smart device execution environment for an application software that runs in smart devices. While existing MTM provides the root of trust function only for the mobile device, the MTM-based mobile security environment technology proposed in this paper can provide numerous security functions that application program needs in mobile device. The further researches on IoT devices that are compatible with security hardware, gateway security technology and methods that secure reliability and security applicable to varied IoT devices by advancing security hardware are the next plan to proceed.

Keywords

Smart Device Security;Mobile Trusted Module;Integrity Verification;Internet Banking;Security Management

Acknowledgement

Grant : 스마트 경량 IoT 기기용 운영체제 보안 핵심 기술 개발

Supported by : 정보통신기술진흥센터

References

  1. Mobey Forum Mobile Financial Services, " Alternatives for Banks to offer Secure Mobile Payments version 1.0," Aug. 2010.
  2. TCG mobile reference architecture specification version 1.0, (https://www.trustedcomputinggroup.org)
  3. Siani Pearson, "Trusted Computing Platforms", 2003.
  4. TCG, "TCG Mobile Trusted Module Specification. Version 1.0, Revision 7.02, April 28, 2010
  5. S. Choi, J. Han, J. Lee, J. Kim, S. Jun, "Implementation of a TCG-based trusted computing in mobile device", TrustBus 2008 pp.18-27
  6. "TrustZone API Specification" Version 3.0, ARM, February 2009.
  7. "TEE Client API Specification" Version 1.0, Global Platform, July 2010.
  8. Global Platform site, http://www.globalplatform.org/specifications device.asp
  9. "TEE System Architecture" Version 1.0, Global Platform, December 2011.
  10. Keun-Ho Lee, "A Security Threats in Wireless Charger Systems in M2M", Journal of the Korea Convergence Society, Vol. 4, No. 1, pp. 27-31, 2013.
  11. Sik-Wan Cho, Won-Jun Jang, Hyung-Woo Lee, "Development of User Oriented Vulnerability Analysis Application on Smart Phone", Journal of the Korea Convergence Society, Vol. 3, No. 2, pp. 7-12, 2012.
  12. Seong-Gwon Yeo, Keun-Ho Lee, "Smart Phone and Vehicle Authentication Scheme with M2M Device", Journal of the Korea Convergence Society, Vol. 2, No. 4, pp. 1-7, 2011.
  13. Keun-Ho Lee, "Analysis of Threats Factor in IT Convergence Security", Journal of the Korea Convergence Society, Vol. 1, No. 1, pp. 49-55, 2010.
  14. Seong-Ryeol Kim, "Design of a User Authentication System using the Device Constant Information", Journal of IT Convergence Society for SMB, Vol. 6, No. 3, pp. 29-35, 2016. https://doi.org/10.22156/CS4SMB.2016.6.3.029
  15. Hyung-Jin Mun, Gwang-Houn Choi, Yooncheol Hwang, "Countermeasure to Underlying Security Threats in IoT communication", Journal of IT Convergence Society for SMB, Vol. 6, No. 2, pp. 37-44, 2016