Recently, the use of high-performance mobile devices such as smart phones has increased significantly. The smart phone is a mobile communication device that provides various functions such as program operation, data communication, interworking with a personal computer (PC), etc. and provides advanced functions like a PC. The smart phone provides a standardized interface and platform for an application program developer, and a user other than a mobile device manufacturer or a mobile communication service provider can freely install various application programs that the user wants and can develop and provide application programs to be installed in the smart phones.
Moreover, with the increased use of the smart phones, application stores where various application programs used in the smart phones are available as applications have emerged, and thus the users can download desired applications to their smart phones through the application stores.
These smart phones are provided with open platforms and various network connection environments and thus face more security threats such as information leakage, charge occurrence, device failure, etc. through malicious code infection, hacking, etc. than existing mobile phones.
The development of security technologies currently used in the smart phones has been focused primarily on software-based vaccine programs or network traffic control technologies. However, in the case of the smart phones, the risk that user information may be easily exposed through hardware control is very high, and thus it is impossible to provide sufficient security with conventional security technologies.
In particular, a technique for ensuring the reliability of a device (hardware) from jailbreaking or rooting and a technique for preventing malicious code from running with respect to the open platform of the smart phone, a technique for verifying the security of applications with respect to the distribution of mobile applications, a technique for encrypting data stored in the device to prevent information leakage and a technique for remotely controlling a lost device with respect to data protection, a technique for secure payment and secure storage of payment information to achieve a secure electronic payment service with respect to the electronic financial transaction, etc. are required.
TrustZone technology is a security technology used in a system that runs on an open operating system (OS), in which one central processing unit (CPU) is physically divided into a normal domain and a secure domain.
Moreover, the secure domain runs on a secure operating system, and an application that requires security runs in the secure domain. The normal domain runs on an open operating system such as Android, Windows Phone 7, etc., and an application that does not require security runs in the normal domain.
For the application of the TrustZone technology, a trusted application should be securely installed in the secure domain and, in particular, a method for securely downloading the trusted application to the secure domain in a device equipped with a platform employing the TrustZone technology or equipped with a trusted platform is required.
Furthermore, in the device equipped with the platform employing the TrustZone technology or equipped with the trusted platform, the secure domain and the normal domain run on different operating systems, and a memory space storing data is divided. Thus, the access to the data that requires security is totally blocked, but it is necessary for some execution procedures, such as payment, of a normal application installed in the normal domain to be processed by a trusted application installed in the secure domain. Accordingly, the interworking between the trusted application installed in the secure domain and the normal application installed in the normal domain is required.
In addition, the device equipped with the trusted platform running in the divided secure domain and normal domain requires various security standards for security enhancement or standards for a key management method in the secure domain. The secure domain may be divided into a root protection domain, a protection domain, and a domain assigned to each application, and a key may be assigned to each domain to perform an authentication procedure, thus executing the installed application.
However, the key assigned to each of these domains of the device is a public key received from a trusted application providing server or a management server and, when the received public key is updated, a public key stored in the trusted application providing server or the management server does not match a public key stored in the device, which makes it impossible to perform the authentication.