• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The present invention relates to a microcontroller comprising a processor and a memory divided into different zones which are secured, unsecured or shared, to implement a secure boot comprising a self-protection control circuit for detecting the vulnerability conditions and the processor executing a Linux operating system, said processor comprising a monitor for switching operations either in a secure area of the memory for operating at least one authentication process or in an unsecured area for other operations and determining whether the connected devices or accessing or accessed by the microcontroller must be managed by the secure area or the unsecured area using a hardware firewall to determine whether the information or control of an application is authorized to access the secure area or not .
    公开号:BE1024111B1
    申请号:E2016/5612
    申请日:2016-07-25
    公开日:2017-11-17
    发明作者:Frédéric Richez;Sven Gulikers
    申请人:Atos Worldline S.A.;
    IPC主号:
    专利说明:

    Microcontroller for secure start with firewall
    TECHNICAL FIELD OF THE INVENTION
    The present invention relates to the field of data protection and in particular data exchanged in financial transactions. The present invention specifically relates to a device for ensuring the security of confidential data exchanges between a customer and a financial institution or between two financial institutions.
    BACKGROUND OF THE INVENTION
    The protection of sensitive data used in financial transactions is a major challenge for the field of the economy. Transactions can be made either through a dedicated website, the website using encryption and several verification measures or by means of a device such as vending machines. The latter authorize transactions using cards with at least one chip, the chip containing at least one authentication information of the card holder. Nevertheless, devices such as vending machines have disadvantages. Indeed, a vending machine includes a memory that stores the authentication codes retrieved from an interbank network, for example. A voluntary or unintentional failure of the machine, however, may allow an attacker to recover data from the memory contained in the machine. Although some progress in the protection of vending machines has been made in recent years, machines still have disadvantages associated with their architecture and / or electronic components they contain.
    In US7953989 B1, there is taught a device comprising a high security microcontroller which includes tamper control circuits for detecting vulnerability conditions: a write in the program memory before the sensitive financial information has been erased, a tamper detection condition, debugger enable, power-up condition, non-compliant temperature condition, non-compliant power supply voltage condition, oscillator failure condition, and power condition. removal of the battery. If the tamper control circuit detects a vulnerability condition, then the memory where the sensitive financial information could be stored is erased. When powering on if a valid image is detected in the program memory, then the boot loader is not executed and the secure memory is not erased but rather the image is executed, the control circuit self-protection is an automaton that is out of the control of the software loaded by a user and out of the control of the debugger. One of the disadvantages of the device described above is that the security of the system depends entirely on the proper operation of the tamper device. Indeed, if the latter was defective, the security of the entire system would be compromised.
    GENERAL DESCRIPTION OF THE INVENTION
    The present invention aims to overcome one or more disadvantages of the prior art by proposing that can effectively protect data exchanges in financial transactions and prevent theft of data by degradation of the machine containing said device.
    This goal is achieved by a microcontroller comprising a processor and a separate memory in different areas that are secured, unsecured or shared, to implement a secure boot including a self-protection control circuit to detect the vulnerability conditions and the processor running a Linux operating system (Linus OS), said processor comprising a monitor for switching operations either in a secure area of the memory for operating at least one authentication process or in an unsecured area for other operations and determine whether devices connected to or accessing the, or accessed by the microcontroller must be managed by the secure area or the unsecured area by using a hardware firewall to determine whether information or control of an application is allowed to access the secured area or not.
    According to another particularity, the secure and non-secure zones are both included in the processor of the microcontroller, the data processing and exchange processes executed by the microcontroller being effected from one zone to another according to the nature of the information to be processed.
    In another feature, the hardware firewall includes registers that are each assigned to a device and that use the information stored in the Linux device tree, described in the Linux operating system, wherein said device tree is added with security attributes, defining the secure (S) or nonsecure (N) status of the device to be stored in each register associated with a device a secure or insecure status to induce the processing of the information or command to from a device in the secure area of the processor if the device is defined as secure, and induce information or command processing from a device in the unsecured area of the processor if the device is defined as Insecure.
    In another feature, the Linux device tree is authenticated by a secure primary application during the secure boot operation.
    According to another particularity, the secure zone comprises a core receiving at least one instruction from the non-secure zone or from a device included in the device tree, and performing various operations that depend on the received instruction, a register comprising a set of secure services comprising the rules for the protection of different types of processes corresponding to different types of services.
    According to another particularity, the unsecured zone comprises the operating system kernel, a program and application execution environment and / or data processing methods, at least one library, and at least one platform dedicated to the adding client applications or proprietary applications, the method of adding and accessing said applications to the functionalities of the device controlled by the microcontroller being defined by security rules implemented by the hardware firewall.
    According to another particularity, the execution environment is configured to integrate at least one means for interpreting different types of client applications, said means being capable of translating the language of said applications into native programs in order to process them on said environment. execution.
    In another feature, the runtime environment is Android.
    According to another particularity, the accessible peripherals are at least two of the following devices: Bluetooth / Wifi circuit, Ethernet, printers, display, GPS, camera, sound, proximity sensor, HDMI, USB, touch screen, keyboard, contactless reader ( NFC), magnetic card reader, smart card reader, cryptographic material, computer key manager.
    A contactless reader is any object reader that does not require direct contact between the object and the reader in order to communicate at least one piece of information, for example a card using radio-identification technology (RFID) or communications in the field. near (NFC).
    The term "cryptographic material" means any device or device for encrypting or encrypting sensitive information or data, for example and without limitation a cryptoprocessor.
    According to another particularity, the peripherals: display, touch screen, keyboard, contactless reader, magnetic card reader, smart card reader, cryptographic material and computer key manager are secure devices, while peripherals: Bluetooth circuit / Wifi, Ethernet, printers, GPS, camera, sound, proximity sensor, HDMI and USB receive either a secure status (S) or a non-secure status (N).
    In another feature, the secure boot process of the Linux operating system for a microcontroller with self-protection device and trusted processing zone includes the steps of: • starting to execute the code contained in the ROM; • load an encrypted initial partition from an external memory; • decrypt the information of the initial partition; • authenticate public keys (Pk) and authenticate the protected primary application (PPA) and initial software (ISW); • and load and start other Linux startup programs.
    In another feature, the secure boot process of the Linux operating system includes the steps of: • loading the U-boot SPL (Secondary Program Loader); • authenticate the device tree (DT); • start the PA-loader (Primary Application loader); • decrypt the live PA (Primary Application live); • initialize ramdisk; • load the Linux kernel; • start the Linux kernel; • start dm-verity; • run Android apps under SELinux.
    According to another particularity, at least several microcontroller device registers initially have a secure status (S) when the code contained in the ROM begins to execute and before the activation of the PA-loader.
    According to another particularity, after the activation of the PA-loader, the security attributes defined for each device in the device tree are managed by the PA-Loader and the secure status (S) of at least one register of the parity -fire associated with a device, initially defined in a secure status (S) and deemed uncritical due to the description in the device tree for the security and / or integrity of a system or device, is changed to an unsecure (N) or normal status in the firewall registry.
    In another feature, the application platforms are separated from the library, the operating system kernel and the operating system runtime environment by a control module, contained in the operating system, which controls the accesses for the applications and limits the access to a given device or a service for the unauthorized client applications, the access control of said device or said service being carried out by means of a file provided by SELinux, said file whitelisting the type of operations allowed in combination with the identity (ID) of a particular application or process and establishing the operation permission for each application.
    According to another particular feature, the access of an authorized or unauthorized client application to certain functionalities of a peripheral such as, for example, the touch display screen, is controlled by the microcontroller and is done by means of a proxy a secure proxy actuated by the control module, said secure proxy verifying whether a message concerning a touch event is signed by a trusted third party before being displayed and if not, the touch event is not transferred to the unsecured area.
    In another feature, a microcontroller with self-protection device and trusted processing area and a secure boot of the Linux operating system is used in an all-in-one terminal including an LCD screen, a capacitive touch screen, a magnetic card reader, chip card reader, contactless card reader, upstream security circuit board, connection circuit board, and camera to constitute a tamper-proof terminal in which each secure operation or secure device is managed (e) by the microcontroller's confidence zone and in which the protection of access to this trusted processing zone is protected against access of a probe to the microcontroller by the insertion of the main printed circuit including the microcontroller in a connection cage to detect any attempt to open the cage or drilling through the cage.
    According to another particularity, the upstream security printed circuit comprises at least one proximity sensor for detecting any action presence and sending a signal to the microcontroller to perform an analysis and to trigger an action (display of a welcome or use message ).
    According to another particularity, the printed connection circuit comprises at least one USB interface, a UART serial port, an Ethernet interface and a Bluetooth / Wifi interface for communication and data exchange.
    DESCRIPTION OF THE ILLUSTRATIVE FIGURES Other features and advantages of the present invention will appear more clearly on reading the description below, made with reference to the accompanying drawings, in which: FIG. 1 represents a diagram of the structure of the microcontroller according to FIG. one embodiment, - Figure 2 shows a diagram of the components of the microcontroller secured by the firewall of said microcontroller, according to one embodiment, - Figure 3 shows a diagram of the processor structure of the microcontroller, according to a method of Fig. 4 shows a diagram of the structure of a terminal including the microcontroller, according to one embodiment, - Figs. 5A, 5B and 5C show diagrams, respectively, of the system startup process and steps S1. , S2a, S2b, S3a and S3b of said startup process, according to one embodiment.
    DESCRIPTION OF THE PREFERRED EMBODIMENTS OF THE INVENTION
    The present invention relates to a microcontroller (1, Figure 1) for the protection of data exchange in a terminal for applications with a high level of security such as for example financial transactions.
    In some embodiments, the microcontroller (1) comprises a processor (11, Figures, 2 and 3) and a memory separated into at least two areas that are secured (110, Figs. 2 and 3), unsecure (Figs. 2 and 3), for implementing a secure boot, comprising a tamper control circuit (13) or tamper circuit for detecting the vulnerability conditions and the processor (11) running a Linux operating system, said processor comprising a monitor for switching operations either in a secure area (110) of the memory for operating at least one authentication process or in an unsecure area (111) for other operations and determining whether the connected devices or accessing or accessed by the microcontroller (1) must be managed by the secure area (110) or the non-secure area (111) using a hardware firewall (12, Figures 1 and 2) in ur to determine whether the information or control of an application is authorized to access the secure zone (110) or not. The self-protection device (13) comprises, for example, sensors (130a, 130b, 130c, FIG. 1) enabling it to detect whether someone is trying to access the microcontroller (1) or the device controlled by the microcontroller (1). ) in the case where access is not allowed. For example and in a nonlimiting manner, the sensors (130a, 130b, 130c) are capable of detecting shocks (130a) and / or variations in voltage (130b) and temperature (130c), etc. The tamper device (13) further comprises at least one alarm (132) that triggers in the event of an intrusion and at least one clock (131) to date the events, for example an unauthorized access attempt. In the event of an intrusion, the self-protection device (13) sends an order for erasing the confidential data contained in secure (14) or encrypted (volatile or non-volatile) memories arranged in the microcontroller (1) and connected to the device self-protection (13). The data are, for example and without limitation, authentication codes or coding keys. The microcontroller also comprises a ROM (10a) ("Read-Only Memory"), a BOOT-RAM boot memory (10b), a static memory SRAM (10c) ("Static Random Access Memory" or RAM static) and a debugger. The processor (11, Figures 1, 2 and 3) virtualizes the secure area (110) and the non-secure area (111) by means of the processor switching layer (112). For example and without limitation, the processor (11) is an ARM Cortex-A9. The devices (16a, 16b, 16c, 16d, 16e, 16f) managed respectively by the secure area (110) and the unsecure area (111), of the microcontroller (1), are assigned by the hardware firewall (12). ), respectively, the letter "S" (for secure) and the letter "N" (for non-secure or normal), said security information is saved in the registers of the hardware firewall (12) as shown in Figure 2 The self-protection device (13), also connected to the hardware firewall (12), is assigned a permanent secure status, in order to avoid any intrusion, in particular an attempt to recover data in the event that the device self-protection (13) is defective.
    In some embodiments, the memory is divided into three areas, one secure, one unsecured and one shared. The shared zone is intended to receive devices requiring the use of resources, for example information or applications, secure and unsecured resources. Such an architecture makes it possible to avoid the introduction of a weak point for the peripherals requiring only secure resources.
    In some embodiments, the secure (110) and non-secure (or normal) zones are both included in the processor (11) of the microcontroller (1), for example as shown in FIGS. 2 and 3. processing and exchange of data executed by the microcontroller (1) are effected from one area to another depending on the nature of the information to be processed. For example, if the information relates to sensitive data such as authentication codes, it is first transmitted to the secure area (110) for verification (authentication). When the authentication is complete, the result of the processing is transmitted to the non-secure zone (111) to allow or not the continuation of the treatment. The configuration of the processor (11) and the memory in a secure area (110) and a non-secure area (111) and the presence of the hardware firewall (12) controlling the accessibility of the devices (16a, 16b, 16c, 16d, 16e, 16f) managed by the microcontroller (1) provides an additional layer of protection. This protective layer could be combined, in addition, with the self-protection circuit (13) which mainly prevents unauthorized access from outside. The secure microcontroller (1) prevents unauthorized access from within and is therefore complementary to the prevention of unauthorized access from outside for a secure and tamper-proof terminal.
    In some embodiments, the hardware firewall (12) includes registers that are each assigned to a device (16a, 16b, 16c, 16d, 16e, 16f) and that use the information stored in the Linux device tree. , described in the Linux operating system, wherein said device tree is added with security attributes defining the secure (S) or nonsecure (N) state of the device to be stored in each registry associated with a device a secure status or not secure to induce the processing of information or control from a device in the secure area of the processor if the device is defined as secure, and induce the processing of the information or command from a device in the unsecured area of the processor if the device is defined as unsecured. The layout of the various interfaces associated with the different devices in the two zones is configured by the hardware firewall (12). For example, if the processor tries to access a given interface, it must do so in the correct mode. operation that is to say according to the secure or non-secure status established by the hardware firewall (12) to have access to said interface.
    In some embodiments, the Linux device tree is authenticated by a secure primary application during the secure boot operation.
    In some embodiments, the secure area (110) includes a heart (110b) receiving at least one instruction from the unsecured area (111) or a device (16a, 16b, 16c, 16d, 16e, 16f) included. in the device tree, and performing various operations that depend on the received instruction, a register (110a) comprising a set of secure services including rules for protecting different types of processes corresponding to different types of services
    In some embodiments, the non-secure area (111) includes the operating system kernel (111a), an execution environment (111b) of the programs and applications and / or data processing methods, at least one library, and at least one platform (111c, 111d) dedicated to the addition of client applications (111d) or proprietary applications (111c), the method of adding and accessing said applications to the functionality of the device controlled by the microcontroller (1) being defined by security rules implemented by the hardware firewall (12).
    In some embodiments, the execution environment (111b) is configured to integrate at least one means for interpreting different types of client applications, said means being capable of translating the language of said applications into native programs for processing on them. said execution environment (111b). This configuration thus makes it possible to avoid having to change the execution environment as soon as the programming language of the client applications is changed.
    In some embodiments, the runtime environment is Android.
    In some embodiments, the accessible devices are at least two of the following devices: Bluetooth (16c) / Wifi (16b) circuit, Ethernet (16d), printers, display, GPS, camera (161), sound, proximity sensor ( 16k), HDMI, USB (16a), touch screen (16f), keypad, non-contact reader (16th), magnetic card reader (16h), smart card reader (16g), cryptographic material, computer key manager .
    In some embodiments, display devices, touch screen (16f), keyboard, non-contact reader (16th), magnetic card reader (16h), smart card reader (16g), cryptographic hardware and computer key manager are secure devices, while Bluetooth (16c) / Wifi (16b), Ethernet (16d), printers, GPS, camera (161), sound, proximity sensor (16k), HDMI and USB (16a) devices receive either a secure status (S) or a non-secure status (N).
    In some embodiments, the secure boot process of the Linux operating system (see Figures 5A, 5B and 5C) for a microcontroller (1) with self-protection device (13) and trusted processing area (110) comprises the steps of: • starting to execute the code contained in the ROM (10a); • load an encrypted initial partition from an external memory; • decrypt the information of the initial partition; • authenticate public keys (Pk) and authenticate the protected primary application (PPA) and initial software (ISW); • and load and start other Linux startup programs.
    The ROM includes the public keys for authenticating the information of the initial partition loaded from the external memory and / or optionally decryption. The ROM, then, downloads the decrypted information from the initial partition, the Protected Primary Application (PPA) and the Initial Software (ISW), which includes Secure Initial Software (ISSW) and normal or non-secure initial software (ISNW). ), in the boot memory or BOOT-RAM (10b), only accessible in secure mode (S).
    In another embodiment, the secure boot process of the Linux operating system includes the steps of: • loading the U-boot SPL (Secondary Program Loader); • authenticate the device tree (DT); • start the PA-loader (Primary Application loader); • decrypt the live PA (Primary Live Application) which is the specific secure client application that contains the specific functions for a client or payment scheme; • initialize ramdisk; • load the Linux kernel; • start the Linux kernel; • start dm-verity; • run Android applications under SELinux The U-boot SPL image is loaded into the unsecured area or normal zone (see Figures 5A, 5B) of the processor (11). After the programs start, the list of devices included in the operating system's device tree is sent for authentication in the secure area (110). After authentication of the list, the next step is activated. If, during the different steps, an authentication process is required, the instruction is transferred, again, to the secure area for verification. The process thus proceeds until the operating system (110a) is started and the applications run. SELinux (Security-Enhanced Linux) is used to further define the limits of the secure environment or "sandbox" of the Android application. SELinux improves the security of Android by confining the privileged processes and automating the creation of the security policy. Anything that is not explicitly allowed is denied. SELinux can operate in one of two global modes: the permissive mode, in which authorization denials are logged but not enforced, and the enhanced mode, in which authorization denials are both logged and enforced. SELinux is configured in the enhanced mode. SELinux also supports a permissive mode by domain in which specific domains (processes) can be permissive while placing the rest of the system in a global enhanced mode. A domain is simply a label identifying a process or set of processes in the security policy, where all processes marked with the same domain are treated identically by the security policy. A list of permissive domains is stored in the memory of the microcontroller (1) and checked before executing a command provided by an Android application.
    Therefore, the application platforms are separated from the library, the kernel, and the operating system runtime environment by a control module, contained in the operating system, that controls application access and limit access to a given device or service to an unauthorized client application, control and access to said device or service being performed using a file provided by SELinux, said file describing in a "whitelist" the type of operations that are authorized by a particular application or process and establishing operation permission for each application.
    In some embodiments, at least several device registers of the microcontroller (1) initially have a secure status (S) when the code contained in the ROM (10a) begins to execute and before the activation of the PA-loader. The system is always started in the secure zone (111a), almost all the devices are then assigned, initially by default, the secure status (S) and are prohibited from access until the step of authentication of devices included in the device tree be executed.
    In some embodiments, after activation of the PA-loader, the security attributes defined for each device in the device tree are managed by the PA-Loader and the secure status (S) of at least one register of the device. a firewall (12) associated with a device, initially defined in secure status (S) and deemed uncritical due to the description in the device tree for the security and / or integrity of a system or a device, is changed to an unsecured (N) or normal status in the firewall registry. After authenticating the device tree, the PA-loader reads it and changes the status of the devices in the tree according to the rules established by the hardware firewall (12). For example, the firewall registers associated with the camera (161) and the USB (16a) may change from a secure status (S) to an unsecure status (N), while the firewall registers Fire associated with the touch screen (16f) or the magnetic card reader (16h), which manipulate sensitive data, are maintained in the secure status (S).
    In some embodiments, the application platforms (111c, 111d) are separated from the operating system kernel (111a) and operating system environment (111b) by a control module, contained in the operating system, which controls access for applications and limits access to a given device or service for unauthorized client applications, access control of said device or service being performed using a file provided by SELinux, said file whitelisting the type of operations allowed in combination with the identity (ID) of a particular application or process, and establishing operation permission for each application.
    In some embodiments, the access of an authorized or unauthorized client application to certain features of a device such as, for example, the touch screen display, is controlled by the microcontroller (1) and is done by means of a secure proxy activated by the control module, said secure proxy verifying if a message concerning a touch event is signed by a trusted third party before being displayed and if not, the touch event is not transferred to the zone unsecured. For example and without limitation, if a client application using a standard application programming interface (API) of Android, tries to have access to the display screen (16f) of a device controlled by the microcontroller (1), the control module actuates the secure proxy that checks whether there is a correspondence between ΓΑΡΙ of the application and ΓΑΡΙ native of the system. If there is no match, the application is not allowed. In the case where the application is authorized, the screen initially displays only input data provided by the application, said data can not trigger the execution of a task. The data is subsequently transmitted to the secure area by the secure proxy for verification. If the data is authenticated, it is signed and retransmitted, via the secure proxy, to the screen so as to trigger in the processor of the display screen, the execution of a task.
    In some embodiments, a microcontroller (1) with self-protection device (13) and trusted processing area (110) and a secure boot of the Linux operating system is used in an all-in-all terminal (2). one comprising an LCD screen (16f), a capacitive touch screen (16f), a magnetic card reader (16h), a smart card reader (16g), a contactless card reader (16e), a printed circuit board security device (21), a connection circuit (22) and a camera (161) for constituting a tamper-proof terminal (2) in which each secure operation or secure device is managed by the trusted zone (110). ) of the microcontroller (1) and wherein the protection of access to this trusted processing area (110) is protected against access of a probe to the microcontroller (1) by the insertion of the main printed circuit ( 20) comprising the microcontroller (1) in a connection cage n to detect any attempt to open the cage or drilling through the cage.
    In some embodiments, the upstream security circuit (21) includes at least one proximity sensor (16k) for detecting any presence or action and sending a signal to the microcontroller (1) to perform an analysis and initiate an action ( displaying a welcome or usage message).
    In some embodiments, the printed circuit board (22) includes at least one USB interface (16a), a UART serial port (16i), an Ethernet interface (16j) and a Bluetooth (16c) / Wifi interface (16b) for communication and data exchange.
    The present application describes various technical features and advantages with reference to the figures and / or various embodiments. Those skilled in the art will appreciate that the technical features of a given embodiment may in fact be combined with features of another embodiment unless the reverse is explicitly mentioned or it is evident that these characteristics are incompatible or that the combination does not provide a solution to at least one of the technical problems mentioned in this application. In addition, the technical features described in a given embodiment can be isolated from the other features of this mode unless the opposite is explicitly mentioned.
    It should be obvious to those skilled in the art that the present invention allows embodiments in many other specific forms without departing from the scope of the invention as claimed. Therefore, the present embodiments should be considered by way of illustration, but may be modified within the scope defined by the scope of the appended claims, and the invention should not be limited to the details given above.
    权利要求:
    Claims (18)
    [1]
    Microcontroller (1) comprising a processor (11) having a memory separated into at least two zones, which are secured (110), unsecured (111) or shared, to implement a secure start, a control circuit of self-protection (13) comprising at least one sensor (130a, 130b, 130c) for detecting vulnerability conditions, said processor (11) running a Linux operating system (Linus OS) and also including a monitor for switching operations; in a secure area (110) of the memory for operating at least one of the authentication processes in an unsecured area (111) for other operations and determining whether the devices connected to or accessing the, or accessed by the microcontroller ( 1) must be managed by the secure zone (110) or by the non-secure zone (111), said microcontroller (1) being characterized in that it comprises a hardware firewall (12), used read by said processor (11), to determine whether the information or control of an application is authorized to access the secure area (110) or not, said hardware firewall (12) being connected to said control circuit of tamper (13) to prevent intrusion and / or data recovery in the event of failure of said self-protection control circuit (13).
    [2]
    A microcontroller according to claim 1, wherein the secure (110) and non-secure (111) areas are both included in the processor (11) of the microcontroller (1), the methods of data processing and exchange executed by the microcontroller (1) being effected from one zone to another depending on the nature of the information to be processed.
    [3]
    3. Microcontroller according to claims 1 and 2, wherein the hardware firewall (12) includes registers which are each assigned to a peripheral (16a, 16b, 16c, 16d, 16e, 16f) and which use the information stored in the Linux device tree, described in the Linux operating system, wherein said device tree is added with security attributes, defining the secure (S) or nonsecure (N) status of the device to be stored in each registry associated with a device a secure or insecure status to induce the processing of information or command from a device in the secure area of the processor if the device is defined as secure, and induce the processing of the information or the command from a device in the unsecured area of the processor if the device is defined as unsecured.
    [4]
    4. Microcontroller (1) according to claims 1 to 3, wherein the tree of Linux devices is authenticated by a secure primary application during the secure boot operation.
    [5]
    5. Microcontroller (1) according to claims 1 to 4, wherein the secure area (110) comprises a core (110b) receiving at least one instruction of the unsecured area (111) or a peripheral (16a, 16b, 16c, 16d, 16e, 16f) included in the device tree, and performing various operations that depend on the received instruction, a register (110a) comprising a set of secure services including the rules for protection of different types of processes. corresponding to different types of services.
    [6]
    6. Microcontroller (1) according to claims 1 to 4, wherein the unsecure area (111) comprises the operating system kernel (111a), an execution environment (111b) programs and applications and / or data processing methods, at least one library, and at least one platform (111c, 111d) dedicated to adding client applications (111d) or proprietary applications (111c), the method of adding and the access of said applications to the functionalities of the device controlled by the microcontroller (1) being defined by security rules implemented by the hardware firewall (12).
    [7]
    7. Microcontroller according to the preceding claim, wherein the execution environment (111b) is configured to integrate at least one means for interpreting different types of client applications, said means being capable of translating the language of said applications into native programs so to process them on said execution environment (111b).
    [8]
    8. Microcontroller (1) according to claims 6 and 7, wherein the runtime environment is Android.
    [9]
    9. Microcontroller (1) according to claim 1 to 3, wherein the devices included in the device tree and accessible are at least two of the following devices: Bluetooth circuit (16c) / Wifi (16b), Ethernet (16j), printers, display, GPS, camera (161), sound, proximity sensor (16k), HDMI, USB (16a), touch screen (16f), keypad, non-contact reader (16th), magnetic card reader (16h), smart card reader (16g), cryptographic material, computer key manager.
    [10]
    10. Microcontroller according to the preceding claim, wherein the display devices, touch screen (16f), keyboard, contactless reader (16th), magnetic card reader (16h), smart card reader (16g), cryptographic material and manager computer keys are secure devices, while the M / ifi (16b), 16d, Ethernet, 16j, Bluetooth, printer, GPS, camera (161), sound, proximity sensor (16k), HDMI, and USB devices (16a) receive either a secure status (S) or a non-secure status (N).
    [11]
    11. Secure boot process of the Linux operating system for a microcontroller (1) with tamper (13) and secure area (110) according to claim 1, comprising the steps of: • starting to execute the code contained in the ROM (10a); • load an encrypted initial partition from an external memory; • decrypt the information of the initial partition; • authenticate public keys (Pk) and authenticate a protected primary application (PPA) and initial software (ISW); • and load and start other Linux startup programs. the boot process being characterized in that the step "load and start other Linux boot programs" includes at least one of the steps of: - loading the U-boot SPL (Secondary Program Loader); - authenticate the device tree (DT); - start the PA-loader (Primary Application loader); - decrypt the live PA (Primary Application live); - initialize ramdisk; - load the Linux kernel; - start the Linux kernel; - start dm-verity; - run Android apps under SELinux
    [12]
    12. Secure boot process of the Linux operating system for a microcontroller (1) according to claim 11, characterized in that at least several device registers of the microcontroller (1) initially have a secure status (S) when the code content in the ROM (10a) begins to execute and before activation of the PA-loader.
    [13]
    13. Secure boot process Linux operating system for a microcontroller (1) according to claim 12, characterized in that after the activation of PA-loader, the security attributes defined for each device in the tree of devices are managed by the PA-Loader and the secure status (S) of at least one firewall register (12) associated with a device, initially defined in a secure status (S) and deemed uncritical due to the description in the device tree for the security and / or integrity of a system or device, is changed to an unsecured (N) or normal status in the firewall registry.
    [14]
    14. Secure boot process of the Linux operating system for a microcontroller (1) according to claims 11 to 13, characterized in that the application platforms (111c, 111d) are separated from the library, the core (111a ) of the operating system and the operating environment (111b) of the operating system by a control module, contained in the operating system, which controls the accesses for the applications and limits access to a given device or to a service for unauthorized client applications, the access control of said device or of said service being effected by means of a file provided by SELinux, said file whitelisting the type of device or service; permitted operations in combination with the identity (ID) of a particular application or process and establishing operation permission for each application.
    [15]
    15. Secure boot process of the Linux operating system for a microcontroller (1) according to claims 11 to 14, characterized in that the access of an authorized or unauthorized client application to certain features of a device such as for example the touch screen display, is controlled by the microcontroller (1) and is done by means of a secure proxy operated by the control module, said secure proxy checking if a message about a touch event is signed by a trusted third party before being displayed and if not, the touch event is not transferred to the unsecured area.
    [16]
    16. Use of a microcontroller (1) with a tamper (13) and secure area (110), according to claim 1, and secure boot of the Linux operating system in an all-in terminal (2). one comprising an LCD screen (16f), a capacitive touch screen (16f), a magnetic card reader (16h), a smart card reader (16g), a contactless card reader (16e), a printed circuit board an upstream security (21), a connection circuit (22) and a camera (161) for constituting a tamper-proof terminal (2) in which each secure operation or secure peripheral is managed by the secure area (110) of the microcontroller (1) and wherein the protection of access to this secure area (110) is protected against access of a probe to the microcontroller (1) by the insertion of the main printed circuit (20) comprising the microcontroller (1) in a connection cage to detect any temptation iive opening the cage or drilling through the cage.
    [17]
    17. Use of a microcontroller (1) according to the preceding claim, characterized in that the upstream security printed circuit (21) comprises at least one proximity sensor (16k) to detect any presence or action and send a signal to microcontroller (1) for performing an analysis and triggering an action: displaying a welcome or usage message.
    [18]
    18. Use of a microcontroller (1) according to claim 17, characterized in that the printed circuit connection (22) comprises at least one USB interface (16a), a UART serial port (16i), an Ethernet interface (16j). ) and a Bluetooth (16c) / Wifi interface (16b) for communication and data exchange.
    类似技术:
    公开号 | 公开日 | 专利标题
    Smith2013|Trusted computing platforms: design and applications
    US8782404B2|2014-07-15|System and method of providing trusted, secure, and verifiable operating environment
    Parno2008|Bootstrapping Trust in a" Trusted" Platform.
    US8335931B2|2012-12-18|Interconnectable personal computer architectures that provide secure, portable, and persistent computing environments
    US8522018B2|2013-08-27|Method and system for implementing a mobile trusted platform module
    CN107533609A|2018-01-02|For the system, apparatus and method being controlled to multiple credible performing environments in system
    US10162975B2|2018-12-25|Secure computing system
    CN101529366A|2009-09-09|Identification and visualization of trusted user interface objects
    Altuwaijri et al.2020|Android data storage security: A review
    Türpe et al.2009|Attacking the BitLocker boot process
    US8423783B2|2013-04-16|Secure PIN management of a user trusted device
    TW201633207A|2016-09-16|Device keys protection
    JP4931543B2|2012-05-16|Information device and computer program
    WO2009149715A1|2009-12-17|Secure link module and transaction system
    US7805601B2|2010-09-28|Computerized apparatus and method for version control and management
    US20220050905A1|2022-02-17|Secure computing system
    CN109657448A|2019-04-19|A kind of method, apparatus, electronic equipment and storage medium obtaining Root authority
    BE1024111B1|2017-11-17|MICROCONTROLLER FOR SAFE STARTING WITH FIREWALL
    EP3244375B1|2021-02-17|Microcontroller for secure starting with firewall
    US10951414B2|2021-03-16|Method for securing digital currency
    EP1952297A2|2008-08-06|Method and device for authentication by a user of a trustworthy interface and related computer programme
    US11100215B2|2021-08-24|Management of a display of a view of an application on a screen of an electronic data entry device, corresponding method, device and computer program product
    US20190236591A1|2019-08-01|Mobile wallet for digital currency
    Perrotis2018|Development of cryptographic algorithms in the trusted execution environment
    Angelakis2018|Application development in the trusted execution environment
    同族专利:
    公开号 | 公开日
    BE1023815B1|2017-07-28|
    BE1023424B1|2017-03-15|
    BE1024111A1|2017-11-16|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US20060112421A1|2004-11-23|2006-05-25|Beierwalters William T|Smart card systems and methods for building automation|
    EP2393070A1|2010-06-02|2011-12-07|3M Innovative Properties Company|Security system for data receiving unit|
    JP5915886B2|2012-01-30|2016-05-11|カシオ計算機株式会社|Portable information terminal|
    US9058172B2|2012-07-02|2015-06-16|Square, Inc.|Method for conserving power using a wireless card reader|
    US9767422B2|2013-03-12|2017-09-19|Diebold Self-Service Systems, Division Of Diebold, Incorporated|Detecting unauthorized card skimmers|
    JP6274970B2|2014-05-26|2018-02-07|日本電産サンキョー株式会社|Printed circuit board and card reader|
    法律状态:
    2018-02-12| FG| Patent granted|Effective date: 20171117 |
    2019-07-03| HC| Change of name of the owners|Owner name: WORLDLINE SA/NV; BE Free format text: DETAILS ASSIGNMENT: CHANGE OF OWNER(S), CHANGEMENT DE NOM DU PROPRIETAIRE, CORRECTION; FORMER OWNER NAME: ATOS WORLDLINE S.A. Effective date: 20190418 |
    优先权:
    申请号 | 申请日 | 专利标题
    BE2016/5331A|BE1023424B1|2016-05-10|2016-05-10|SEALED TERMINAL FOR CHIP CARDS|
    BE2016/5331|2016-05-10|
    BE2016/5582A|BE1023815B1|2016-05-10|2016-07-12|MULTI-SUPPORT PAYMENT TERMINAL|EP17170242.6A| EP3244377A1|2016-05-10|2017-05-09|Waterproof terminal for chip cards|
    EP17170239.2A| EP3244376A1|2016-05-10|2017-05-09|Multimedia payment terminal|
    EP17170202.0A| EP3244375B1|2016-05-10|2017-05-09|Microcontroller for secure starting with firewall|
    [返回顶部]