상세정보
학술지
Secure User Authentication based on the Trusted Platform for Mobile Devices
- 발행일
- 201612
- 출처
- EURASIP Journal on Wireless Communications and Networking, v.2016 no.1, pp.1-15
- ISSN
- 1687-1499
- 출판사
- Hindawi Publishing, Springer
- 협약과제
- 16MH3100, 모바일 단말의 비인가 접근 차단 및 안전한 운영환경 보장을 위한 EAL 4급 군사용 융합 보안 솔루션 개발, 김정녀
- 초록
- In recent years, the use of mobile devices including smartphones has increased significantly all over the world, and e-commerce using smartphones has also greatly increased. Furthermore, many people are using their smartphones to carry out certain aspects of their work according to the BYOD trend. Therefore, it is extremely important that mobile device users are authenticated securely by remote servers when using their smartphones. Digital certificates are one of the many solutions available for authentication, but they are easy to copy and leak. Mobile device services need to properly manage registered devices and users, and trusted means of authenticating their identities are needed. In this paper, we propose a secure certificate-based user authentication framework using the trusted mobile zone (TMZ) system into which the trusted platform is built. The TMZ system is a secure mobile device into which a hypervisor is built on the mobile device, and in which the hypervisor separates the mobile device into a normal zone and a secure zone. Android OS operates in the normal zone on the TMZ systems, and secure OS is run in the secure zone at the same time. The trusted platform is built in the normal zone and the secure zone in order to provide the user with secure services. In this paper, we propose a TMZ system founded on the TEE system of the global platform. The TMZ system provides a secure execution environment in which to store sensitive data and execute security functions securely. In conclusion, we describe the experimental results of generating the signature data in the TMZ system.
- KSP 제안 키워드
- Android OS, Carry out, Digital Certificate, Electronic commerce(E-Commerce), Global platform, Mobile devices, Remote server, Secure Execution Environment, Sensitive Data, Trusted platform, User Authentication