安全可信智能移动终端研究

[摘要] 从软件方案、基于可信执行环境（TEE）方案和基于典型安全元件（SE）方案3个方面对智能移动终端安全技术进行了探讨。软件层面探讨了一般运行环境中的安全技术，基于TEE的方案探讨了TEE的系统架构、隔离技术和安全执行技术，基于SE的方案探讨了基于本地SE和云端SE的安全增强技术。认为只有将可信硬件平台和可信软件加以结合，才能为智能移动终端提供完整的安全保障。

[关键词] 智能移动终端；可信执行环境；可信计算；安全元件

[Abstract] This paper discusses the smart mobile terminal security technology from three aspects: software solutions, solution based on trusted execution environment (TEE) and solution based on secure element (SE). A software-level solution involves security technology used in the rich execution environment. A solution based on TEE involves the system architecture of TEE, isolation technology of TEE and the trusted execution technology. A solution based on SE involves security-enhancement technology based on local SE and cloud of SE. A combination of trusted software and trusted hardware platform guarantees security for smart mobile terminals.

[Keywords] intelligent mobile terminal; trusted execution environment; trusted computing; secure element