公开(公告)号：US20160350543A1

公开(公告)日：2016-12-01

申请号：US15166909

申请日：2016-05-27

Applicant: Samsung Electronics Co., Ltd. ,  KOREA ADVANCED INSTITUTE OF SCIENCE AND TECHNOLOGY

Inventor： Sunjune KONG ,  ByungHoon Brent KANG

IPC: G06F21/60 ,  G06F21/56

CPC classification number: G06F21/567 ,  G06F21/566 ,  G06F21/575 ,  G06F2221/034

Abstract: A method for an electronic device to access kernel data is provided. The method includes transmitting data associated with a kernel symbol to a secure world that is included in a normal world, determining whether a normal world kernel data observation request exists, when the normal world kernel data observation request exists, adjusting the allocation of a virtual memory address space of the secure world, transmitting the normal world kernel data from the normal world to the secure world, loading the normal world kernel data into a virtual address space of the secure world, linking the data associated with the kernel symbol to the normal world kernel data, and observing the normal world kernel data that is loaded into the virtual address space of the secure world, wherein the data associated with the kernel symbol is included in the normal world when the electronic device is booted.

Abstract translation: 提供了一种用于电子设备访问内核数据的方法。 该方法包括：当正常世界内核数据观察请求存在时，将与内核符号相关联的数据发送到包含在正常世界中的安全世界，确定是否存在正常的世界内核数据观察请求，调整虚拟存储器的分配 将正常世界内核数据从正常世界传输到安全世界，将正常的世界内核数据加载到安全世界的虚拟地址空间中，将与内核符号相关联的数据链接到正常世界 内核数据，以及观察加载到安全世界的虚拟地址空间中的正常世界内核数据，其中当电子设备被引导时，与核心符号相关联的数据被包括在正常世界中。

公开(公告)号：US20200293667A1

公开(公告)日：2020-09-17

申请号：US16815541

申请日：2020-03-11

Applicant: Samsung Electronics Co., Ltd.

Inventor： Bumhan KIM ,  Sunjune KONG ,  Seongjin CHO

IPC: G06F21/60 ,  G06F15/78 ,  G06F12/14 ,  G06F7/58 ,  H01L23/00 ,  H04L9/08

Abstract: An electronic device including a secure Integrated Circuit (IC) is provided. The electronic device includes a secure IC configured as a System-on-Chip (SoC) and configured to provide a general environment and a security environment, wherein the secure IC includes a main processor configured to operate in the general environment, a secure processor configured to operate in the security environment and control security of data using a first security key, and a secure memory configured to be operatively connected to the secure processor and store a second security key corresponding to the first security key. Various other embodiments are possible.

公开(公告)号：US20220103350A1

公开(公告)日：2022-03-31

申请号：US17421911

申请日：2020-01-02

Applicant: Samsung Electronics Co., Ltd.

Inventor： Bumhan KIM ,  Eunbi KIM ,  Sunjune KONG ,  Hansang SONG

IPC: H04L9/08 ,  G06F21/62 ,  H04L9/14 ,  G06F21/60 ,  H04L9/32 ,  H04L9/30

Abstract: An electronic device and a method of operating the electronic device are provided. Data corresponding to a user input is received through a user interface of the electronic device. The data is stored in a normal area of a memory of the electronic device. A quantity of information in the stored data is identified. At least one key is selected from a plurality of keys stored in the memory, based on at least the quantity of information. The data is encrypted using the at least one key. The encrypted data and information indicating the at least one key are transmitted to a secure area of the memory, which requires access authority.

公开(公告)号：US20210096837A1

公开(公告)日：2021-04-01

申请号：US17033367

申请日：2020-09-25

Applicant: Samsung Electronics Co., Ltd.

Inventor： Jinhyoung KIM ,  Sunjune KONG ,  Bumhan KIM ,  Taehoon KIM

IPC: G06F8/61 ,  G06F21/44

Abstract: An apparatus and a method for updating firmware by using a security integrated circuit in an electronic device. An electronic device may include a security integrated circuit (IC) providing a rich execution environment and a secure execution environment. The security integrated circuit includes a main processor operating in the rich execution environment and a secure processor operating in the secure execution environment. The secure processor is configured to perform user authentication based on firmware update information received from a server through the main processor. If the user authentication is successful, authentication information is generated corresponding to the firmware update information and stored in at least a part of a secure memory. If the firmware is installed, authentication of the firmware is performed based on the authentication information stored in the secure memory, and if the authentication of the firmware is successful, the firmware is installed.

公开(公告)号：US20230004660A1

公开(公告)日：2023-01-05

申请号：US17940214

申请日：2022-09-08

Applicant: Samsung Electronics Co., Ltd.

Inventor： Jinhyoung KIM ,  Sunjune KONG ,  Bumhan KIM ,  Taehoon KIM

IPC: G06F21/60 ,  G06F21/31 ,  G06F21/62 ,  H04L9/32

Abstract: According to certain embodiments, an electronic device comprises: a memory storing an interface and an application; a processor; and a secure module physically separated from the processor and including a secure processor and a secure memory, wherein the processor is configured to: obtain user authentication information, through the interface; attempt user authentication, based on the user authentication information; obtain data stored in the secure memory when the user authentication succeeds; store a first token including a first valid duration for an access to the secure memory, the obtained data, and a first key value for decoding the obtained data in a buffer; and delete the first token and the first key value from the buffer when the first valid duration expires.

公开(公告)号：US20210044575A1

公开(公告)日：2021-02-11

申请号：US16985503

申请日：2020-08-05

Applicant: Samsung Electronics Co., Ltd.

Inventor： Sunjune KONG ,  Bumhan KIM ,  Jinhyoung KIM ,  Sunghoon YOO ,  Byeonghwa KIM ,  Jeongil KIM ,  Mincheol JUNG

IPC: H04L29/06 ,  H04L9/08

Abstract: An electronic device and method of operating an electronic device are provided. The electronic device includes an integrated circuit including at least one key, at least one processor including the integrated circuit, and a memory operatively connected to the at least one processor. The memory stores instructions that, when executed, cause the at least one processor to obtain at least one piece of hardware information related to the electronic device, generate a signed certificate signing request including the at least one piece of hardware information, based on the at least one key, transmit the signed certificate signing request to an external electronic device, receive an attestation certificate generated based on the signed certificate signing request, from the external electronic device, and store the received attestation certificate in the memory.