Security provision for a subject image displayed in a non-secure domain
First Claim
1. Apparatus for processing data comprising:
- processing circuitry configured to operate in a selectable one of a secure domain and a non-secure domain;
a memory coupled to said processing circuitry and configured to store secure data within a secure region of said memory and to store non-secure data within a non-secure region of said memory, said secure data being accessible to said processing circuitry when operating in said secure domain and being non-accessible to said processing circuitry when operating in said non-secure domain, and said non-secure data being accessible to said processing circuitry when operating in said secure domain and being accessible to said processing circuitry when operating in said non-secure domain;
a user input device coupled to said processing circuitry and configured to receive user input data; and
a display coupled to said processing circuitry and configured to display a display image in dependence upon a frame of image data read from a frame buffer stored within said non-secure region;
whereinsaid processing circuitry is configured to operate in said secure domain to store a subject image comprising at least a portion of said frame of image data within a validated display area of said frame buffer and to store within said secure region validation data dependent upon said subject image; and
said processing circuitry is configured to operate in said secure domain to receive a user input from said user input device and, upon receipt of said user input, to read displayed data stored within said validated display area and to compare check data dependent upon said displayed data with said validation data to confirm said displayed data matches said subject image.
1 Assignment
0 Petitions
Accused Products
Abstract
A data processing device is provided with a processor core 8 that can operate in either a secure domain or a non-secure domain. Data stored within a secure region 34 of a memory 10 can only be accessed when the processor core 8 is executing in the secure domain. A frame buffer 36 for storing a display image 20 to be displayed is stored within a non-secure region of memory which can be accessed by the processor core 8 irrespective of whether it is in the secure domain or the non-secure domain as well as a display controller 12. When a subject image 22 is written to the frame buffer 36, validation data for the subject image 22 is stored within the secure region 34. When a user input is received the displayed data stored at a validated display area to which the subject image was written is read back and used to generate check data with is compared with the validation data before the user input is authenticated.
65 Citations
23 Claims
-
1. Apparatus for processing data comprising:
-
processing circuitry configured to operate in a selectable one of a secure domain and a non-secure domain; a memory coupled to said processing circuitry and configured to store secure data within a secure region of said memory and to store non-secure data within a non-secure region of said memory, said secure data being accessible to said processing circuitry when operating in said secure domain and being non-accessible to said processing circuitry when operating in said non-secure domain, and said non-secure data being accessible to said processing circuitry when operating in said secure domain and being accessible to said processing circuitry when operating in said non-secure domain; a user input device coupled to said processing circuitry and configured to receive user input data; and a display coupled to said processing circuitry and configured to display a display image in dependence upon a frame of image data read from a frame buffer stored within said non-secure region;
whereinsaid processing circuitry is configured to operate in said secure domain to store a subject image comprising at least a portion of said frame of image data within a validated display area of said frame buffer and to store within said secure region validation data dependent upon said subject image; and said processing circuitry is configured to operate in said secure domain to receive a user input from said user input device and, upon receipt of said user input, to read displayed data stored within said validated display area and to compare check data dependent upon said displayed data with said validation data to confirm said displayed data matches said subject image. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. Apparatus for processing data comprising:
-
processing means for performing processing in a selectable one of a secure domain and a non-secure domain; memory means for storing data, said memory means being coupled to said processing circuitry and configured to store secure data within a secure region of said memory and to store non-secure data within a non-secure region of said memory means, said secure data being accessible to said processing means when operating in said secure domain and being non-accessible to said processing means when operating in said non-secure domain, and said non-secure data being accessible to said processing means when operating in said secure domain and being accessible to said processing means when operating in said non-secure domain; user input means for receiving a user input data, said user input means being coupled to said processing means; and display means for displaying a display image, said display means being coupled to said processing means and configured to display said display image in dependence upon a frame of image data read from a frame buffer stored within said non-secure region;
whereinsaid processing means is configured to operate in said secure domain to store a subject image comprising at least a portion of said frame of image data within a validated display area of said frame buffer and to store within said secure region validation data dependent upon said subject image; and said processing means is configured to operate in said secure domain to receive a user input from said user input means and, upon receipt of said user input, to read displayed data stored within said validated display area and to compare check data dependent upon said displayed data with said validation data to confirm said displayed data matches said subject image.
-
-
23. A method of processing data comprising the steps of:
-
operating processing circuitry in a selectable one of a secure domain and a non-secure domain; storing secure data within a secure region of a memory and storing non-secure data within a non-secure region of said memory, said secure data being accessible to said processing circuitry when operating in said secure domain and being non-accessible to said processing circuitry when operating in said non-secure domain, and said non-secure data being accessible to said processing circuitry when operating in said secure domain and being accessible to said processing circuitry when operating in said non-secure domain; receiving user input data; and displaying a display image in dependence upon a frame of image data read from a frame buffer stored within said non-secure region;
whereinwhen said processing circuitry is operating in said secure domain, storing a subject image comprising at least a portion of said frame of image data within a validated display area of said frame buffer and storing within said secure region validation data dependent upon said subject image; and when said processing circuitry is operating in said secure domain, receiving a user input from said user input device and, upon receipt of said user input, reading displayed data stored within said validated display area and comparing check data dependent upon said displayed data with said validation data to confirm said displayed data matches said subject image.
-
Specification