公开(公告)号：US20160314082A1

公开(公告)日：2016-10-27

申请号：US15200909

申请日：2016-07-01

Applicant: Samsung Electronics Co., Ltd.

Inventor： Tymur KORKISHKO ,  Kyunghee LEE ,  Sergiy POMETUN ,  Sergey BELOUSOV ,  Vasyl SHUTOVSKYI ,  Vitaliy VASYLSKYY ,  Andrey ANDROSOV ,  Kateryna DOVGAN

IPC: G06F12/14 ,  G06F21/44

CPC classification number: G06F12/1408 ,  G06F21/44 ,  G06F2212/1052 ,  H04L63/0428 ,  H04L63/123

Abstract: A method and apparatus of access control in an electronic apparatus implementing the method are provided. The method of operating an electronic apparatus includes detecting an access request to a resource from an application included in a first area of a memory by a processor of the electronic apparatus, in response to the access request, executing an access control module included in a second area of the memory to calculate a hash value of the application by the processor, determining whether a record exists in the memory, the record corresponding to the hash value and identification information of the application, by executing the access control module by the processor, and allowing access to the resource by the processor when the record exists in the memory.

Abstract translation: 提供了一种实现该方法的电子设备中的访问控制的方法和装置。 操作电子设备的方法包括响应于该访问请求，检测来自电子设备的处理器的包括在存储器的第一区域中的应用对资源的访问请求，执行包括在第二个中的访问控制模块 存储器的区域，通过由处理器执行访问控制模块来计算处理器的应用程序的哈希值，确定存储器中是否存在记录，对应于哈希值的记录和应用的识别信息，以及 当记录存在于存储器中时允许处理器访问资源。

公开(公告)号：US20140283006A1

公开(公告)日：2014-09-18

申请号：US14209017

申请日：2014-03-13

Applicant: Samsung Electronics Co., Ltd.

Inventor： Tymur KORKISHKO ,  Kyunghee LEE ,  Andrii Lukin ,  Sergii KOVBA ,  Anton GROPIANOV ,  Sergey BELOUSOV

IPC: G06F21/44 ,  G06F12/14

CPC classification number: G06F21/44 ,  G06F21/53

Abstract: A method for operating an electronic device is provided. The method includes executing, by a processor of the electronic device operable in a first mode (e.g. a trusted execution environment (TEE)) or a second mode (e.g. a non-trusted execution environment (NTEE)), wherein the first mode is more secure than the second mode; receiving, by the processor operating in the first mode, data or information related to a first software program stored in a first memory region; and authenticating, by the processor operating in the first mode, at least a portion of the data or information using a second software program stored in a second memory region.

Abstract translation: 提供一种操作电子设备的方法。 该方法包括由第一模式（例如，可信执行环境（TEE））或第二模式（例如非可信执行环境（NTEE））可操作的电子设备的处理器执行其中第一模式更多 比第二模式安全; 通过在第一模式下操作的处理器接收与存储在第一存储器区域中的第一软件程序相关的数据或信息; 以及通过在第一模式中操作的处理器，使用存储在第二存储器区域中的第二软件程序来认证所述数据或信息的至少一部分。