Abstract: To solve the problems of equipment safety and sensitive data leakage in mobile terminal,this paper proposes a Mobile Terminal Security Management System ( MTSMS) based on Android,which allows the users to remotely manage the mobile terminal. MTSMS adopts C / S architecture,the client-side of MTSMS permits users to register mobile terminal on the server,and also achieves local user identification of three factors based on Trusted Platform Module (TMP) in mobile terminal. The server-side of MTSMS permits users to login Web platform to remotely encrypt and decrypt data in registered mobile terminal,locate and lock the registered mobile terminal. Further,to prevent users’ remote order from being faked,MTSMS achieves server-side authentication based on elliptic curve cryptography and zero knowledge proof. Experimental result shows that the system can ensure the security of mobile terminal devices,and prevent the fake of remote user instructions.

Key words: mobile terminal, security management, Trusted Platform Module (TPM), zero knowledge proof, elliptic curve, identity authentication

摘要：

针对Android 移动终端设备安全和敏感数据泄露的问题,设计并实现基于Android 的移动终端安全管理系统,允许用户远程对移动终端设备和其存储的数据进行安全管理。该系统采用C / S 架构,客户端允许用户将移动终端注册到服务端,并通过在移动终端嵌入可信平台模块实现基于口令、设备和SIM 卡三因素的本地用户身份识别。服务端允许用户通过Web 平台对已注册的移动终端进行定位、锁定、数据加解密、数据擦除等远程安全管理。为防止用户的远程操作指令受到假冒攻击,以椭圆曲线加密和零知识证明为基础,实现移动终端对服务端的远程身份认证。实验结果表明,该系统能保障移动终端设备通信安全,防止假冒攻击。

关键词: 移动终端, 安全管理, 可信平台模块, 零知识证明, 椭圆曲线, 身份认证

CLC Number: 

• TP309