Recently, the mobile device is required to handle a high quality of service. For example, a mobile device may download various applications from the Internet or a mobile communication network and install the applications on the mobile device, and accordingly provide services provided by each application. Applications are, for example, a game application, a Social Networking Service (SNS) based application, a banking application, an image editing application, a map application, etc.
In order to provide such a variety of services, the mobile device employs a Central Process Unit (CPU) and an operating system (OS). The mobile device employs an open operating system (open OS) in order to implement an open application program interface. The open operating system has become the core of competition for mobile devices and mobile services. In addition, the operating system of the mobile device is strategically opened by a major manufacturer and a major provider, and an application program interface, a software development kit, and a source file are to be open to the public.
While applications downloaded from the Internet by the mobile device may be used after receiving a quality inspection and approval from the manufacturer of the mobile device, substantially all of the functions of various applications cannot be tested. Accordingly, there is a problem in that malware targeting such mobile devices increases, and in particular, mobile devices using open operating systems may receive software attacks by malware. Recently, methods for using secure operating systems are being sought.
A method for using a secure operating system may include, for example, a hypervisor-based security method. The hypervisor-based security method divides a storage area of a memory into a non-secure storage area and a secure storage area, an application that requires security (hereinafter referred to as “a security application”) provides an execution environment for operating in a secure storage area. That is, when booting a mobile device, the hypervisor divides the storage area of the memory into a non-secure storage area and a secure storage area such that a general application that does not require security operates in a non-secure storage, and a security application operates in a secure storage area.
In another method, there is a trust zone based security method. The trust zone based security method is a method for protecting a security application in a hardware level, which enables a secure world and a normal world to exist in a single application controller (for example, a CPU, an ARM, etc.) without using a separate secure hardware chip, to provide an execution environment in which a general application operates in a normal world and an application that require security operates in a secure world.