1. Technical Field
The present invention generally relates to a method for protecting data stored in the flash memory of a smart device and, more particularly, to a method and apparatus that protect data stored in flash memory by activating the locked state of access to a smart device at a bootloader step, and prevent illegal use of the smart device from occurring due to the loss or theft of the smart device.
2. Description of the Related Art
Recently, with the advent of various smart devices, the improvement of the speed of a Central Processing Unit (CPU) and memory for an embedded system, and the increase in the storage space of the CPU and memory thereof, technologies that can also be used for work have appeared. Compared to a personal computer (PC), smart devices may be easily lost or stolen by another person due to the portability thereof. Therefore, since confidential information related to work, as well as personal information, is stored in a smart device, problems such as information leakage may occur when the smart device is lost or stolen by another person. To protect information against such information leakage, methods for setting the control of user access using a password or the like and kill switch functions, capable of remotely locking a smart device or deleting data, have been provided.
The methods for setting the control user access to smart devices are intended to set access control so that only authorized users are capable of accessing smart devices using various methods such as pattern-lock, user password input, fingerprint recognition, and knock-on. However, such methods are problematic in that when access control is bypassed by another person using forensic acquisition technology, data stored in flash memory may be acquired.
Remote control methods correspond to kill switch methods for remotely setting the locking device of smart devices or remotely initializing data when the smart device is lost. Such a remote control function is installed on and utilized in recent smart devices. Kill switch functions are intended to remotely operate a locking device or remotely perform a factory reset function using a Short Message Service (SMS) push message based on menu preset by the user when a smart device is lost. However, such a kill switch function is problematic in that smart devices can be remotely operated only in an environment in which they are connected to a mobile communication network or a Wi-Fi network. When a smart device is lost or stolen, it is impossible to perform a kill switch function if another person removes a Universal Subscriber Identity Module (USIM) card from the corresponding smart device or if the smart device is in an airplane mode or is located in a shielded space in which signals are blocked. Thus, there is a problem in that personal information and confidential data for work, stored in the smart device, are inevitably leaked by another person. Further, kill switch functions based on remote deletion are also problematic in that user data can be recovered using forensic recovery tools, even after factory reset.
Therefore, there are required technologies and devices that are capable of protecting personal information and confidential information for work, stored in smart devices, when the smart devices are lost or stolen by other persons.