计算机科学 ›› 2016, Vol. 43 ›› Issue (7): 147-152.doi: 10.11896/j.issn.1002-137X.2016.07.026

• 信息安全 • 上一篇    下一篇

基于TrustZone的指纹识别安全技术研究与实现

杨霞,刘志伟,雷航   

  1. 电子科技大学信息与软件工程学院 成都610054;保密通信重点实验室 成都610041,电子科技大学信息与软件工程学院 成都610054,电子科技大学信息与软件工程学院 成都610054
  • 出版日期:2018-12-01 发布日期:2018-12-01
  • 基金资助:
    本文受国家核高基重大专项(M1401060112ZX0103301),国家科技支撑计划(2012BAH44F00)资助

Research and Implementation of Fingerprint Identification Security Technology Based on ARM TrustZone

YANG Xia, LIU Zhi-wei and LEI Hang   

  • Online:2018-12-01 Published:2018-12-01

摘要: 随着指纹识别技术在智能终端设备中的大量应用,指纹技术本身的安全问题也日益突出。为增强智能终端指纹识别的安全性,借助于ARM TrustZone安全扩展机制,提出了一种基于TrustZone的指纹识别安全保障技术和方法,其为指纹识别程序提供了可信执行环境,以保证其执行过程的安全性并防止恶意程序的攻击。同时,对指纹数据和指纹特征模板进行加密,并将密钥存储在受TrustZone保护的安全区域中以防止被窃取。此外,还实现了指纹数据的安全传输通道,以进一步确保敏感数据传输过程的安全性。最后,设计并实现了一个原型系统来验证所提技术和方法的有效性,实验结果证明所提出的技术和方法是可行的。

关键词: TrustZone,指纹识别,安全存储,指纹匹配,嵌入式系统

Abstract: The security of fingerprint technology itself is becoming increasingly prominent with its wide use in intelligent terminal device.With the security extension mechanism of ARM TrustZone,the technique and method of fingerprint identification security are put forward based on TrustZone to enhance the security of fingerprint identification for intelligent terminals.They provide trusted execution environment for the fingerprint identification program to ensure its safety in executing and prevent malicious code attacks.Meanwhile,the fingerprint data and fingerprint feature template are encrypted,the key is put into the secure area protected by TrustZone in order to prevent it from stealing.In addition,a secure channel for fingerprint data transmission is realized to further ensure the security of sensitive data transmission.At last,a prototype system is designed and implemented to verify the validity of the mentioned technique and method.The experimental results verify that the technique and method proposed in this paper are feasible.

Key words: TrustZone,Fingerprint identification,Secure storage,Fingerprint matching,Embedded system

[1] ARM.Building a Secure System using TrustZone Technology[M].2009
[2] Wang Dong,Fan Jian-ying.Application Study of Fingerprint Identification Based on Linux Embedded System[D].Harbin:Harbin Engineering University,2009(in Chinese) 王东.藿入式Linux系统在指纹识别中的应用研究[D].哈尔滨:哈尔滨理工大学,2009
[3] Luo Fan,Pei Yi-jian.Research and design of embedded fingerprint recognition system based on ARM+Linux[D].Kunming:Yunnan University,2014(in Chinese) 罗凡,裴以建.基于ARM+Linux的嵌入式指纹识别系统研究与设计[D].昆明:云南大学,2014
[4] Shen Yong,Zhu Wen-jing.Design and Implementation of Security-enhanced Scheme for Embedded Database[J].Modern Electronics Technique,2010(14):21-24(in Chinese) 沈勇,朱文静.一种嵌入式数据库安全增强方案的设计与实现[J].现代电子技术,2010(14):21-24
[5] Luo Jing,Yang Xia,et al.Design and Implementation of Security OS based on the TrustZone[C]∥ICEMI.IEEE Press,2013:1027-1032
[6] Global Platform Device Technology.TEE Internal API Specification[EB/OL].[2011-01].http://www.globalplatform.org/specificationsdevice.asp
[7] Yang Xia,Luo Jing,et al.Trust-E:A Trusted Embedded Ope-rating System Based on the ARM Trustzone[C]∥UIC-ATC-ScalCom.2014
[8] Wang Jin-xiang.Gabor Filter based Fingerprint Image Enhancement[C]∥International Society for Optics and Photonics.2013
[9] Wang W,Li J,Huang F,et al.Design and implementation of Log-Gabor filter in fingerprint image enhancement[J].Pattern Recognition Letters,2008,29(3):301-308

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!