Typically, a data processing device includes a processor configured to execute loaded applications under the control of an Operating System (OS). In a case where a specific application is executed by the processor, it is needed to guarantee security on the resource of the data processing device in association with the corresponding application.
For example, in a case of applications needing a security key to perform validation, authentication, and decryption process, the data processed with the input of the security key has to be stored in a secure region of the memory so as to be protected from the access of malware, such as a hacking application, and also preventing the security key input process from hooking attack by operating the input means, such as a keypad in a secure mode.
As an example of resource security, a TrustZone architecture of ARM secures the hardware resource using a processor supporting non-secure mode domain (normal world) and secure mode domain (secure world). For example, the non-secure mode domain and the secure mode domain are separated in hardware so as to reinforce security.
More specifically, the legacy OSs (such as Linux, Android, and iOS) are running in the non-secure mode domain and the framework and applications are running under the control of the OS. Since the non-security region is vulnerable to the malware attack, it is risky to perform highly security-sensitive operations.
Meanwhile, in the secure mode domain, the legacy OSs and framework operations are restricted and separated from the non-secure mode domain in hardware so as to avoid a security problem caused by the malware programs of the related art. In the secure mode domain, it is possible to use the resource of System On Chip (SoC) and other hardware resources and, by configuring the permission level of the corresponding resource to ‘secure’ in response to a certain application, it becomes impossible to access and use the corresponding resource although there is a request from an application in the non-secure mode domain.
Accordingly, although an application attempting access to a secure resource for processing any urgent process in the non-secure mode domain in the state that the resource permission level is set to ‘secure’ in the secure mode domain, it is impossible to access or use the corresponding resource as far as the permission level to the corresponding resource is not change.
Therefore, a need exists for a method and an apparatus for allowing a non-secure mode domain to use the resource of the secure mode domain in response to an application with high priority in a data processing device equipped with a process having the secure mode domain and the non-secure mode domain.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.