In accordance with an embodiment, an electronic device includes a secure element configured to implement a plurality of operating systems; and a near field communication module coupled to the secure element by a volatile memory.

The present disclosure provides a secure booting method, apparatus, device for an embedded program and a storage medium. The method includes: when a boot program is running, acquiring data of an application program, including signature information, public key information, parameter information, encrypted data, and a digital check code; performing signature check according to the signature information; performing integrity check according to the digital check code if the signature check passes; and performing data decryption according to the public key information and the parameter information if the integrity check passes. The present disclosure may improve information security.

The present disclosure provides a secure booting method, apparatus, device for an embedded program and a storage medium. The method includes: when a boot program is running, acquiring data of an application program, including signature information, public key information, parameter information, encrypted data, and a digital check code; performing signature check according to the signature information; performing integrity check according to the digital check code if the signature check passes; and performing data decryption according to the public key information and the parameter information if the integrity check passes. The present disclosure may improve information security.

An authentication method for a tag device includes exchanging authentication codes between the tag device and an authentication server to perform mutual authentication. A reader device acts as a communications bridge between the tag device and the authentication server. The reader device may observe mutual authentication between the tag device and the authentication server as an indicator that the tag device is authentic. A failure of mutual authentication indicates that the tag device is not authentic.

An authentication method for a tag device includes exchanging authentication codes between the tag device and an authentication server to perform mutual authentication. A reader device acts as a communications bridge between the tag device and the authentication server. The reader device may observe mutual authentication between the tag device and the authentication server as an indicator that the tag device is authentic. A failure of mutual authentication indicates that the tag device is not authentic.

A method of authenticating a consumable or detachable element of a continuous inkjet printer comprising: the controller of the printer generating a 1.sup.st item of random information that is dispatched to an authentication circuit of the element; encrypting the 1.sup.st item of information by the authentication circuit using a 1.sup.st encryption algorithm and a 1.sup.st secret key to form a 1.sup.st item of encrypted random information; dispatching the 1.sup.st item of information to the controller; encrypting the 1.sup.st item of information by the controller using a 2.sup.nd encryption algorithm and a 2.sup.nd secret key to form a 2.sup.nd item of encrypted random information; comparing the 1.sup.st item of encrypted random information with the 2.sup.nd encrypted item of random information to authenticate the consumable element; and if the consumable element is authenticated, dispatching at least one part of a 3.sup.rd key, termed the shared key, by the element to the printer.

A method of authenticating a consumable or detachable element of a continuous inkjet printer comprising: the controller of the printer generating a 1.sup.st item of random information that is dispatched to an authentication circuit of the element; encrypting the 1.sup.st item of information by the authentication circuit using a 1.sup.st encryption algorithm and a 1.sup.st secret key to form a 1.sup.st item of encrypted random information; dispatching the 1.sup.st item of information to the controller; encrypting the 1.sup.st item of information by the controller using a 2.sup.nd encryption algorithm and a 2.sup.nd secret key to form a 2.sup.nd item of encrypted random information; comparing the 1.sup.st item of encrypted random information with the 2.sup.nd encrypted item of random information to authenticate the consumable element; and if the consumable element is authenticated, dispatching at least one part of a 3.sup.rd key, termed the shared key, by the element to the printer.

A system and method are provided for providing trusted links between applications. The method is executed by a registry server device. The method includes storing in a database coupled to the registry server device, query parameters for a plurality of applications; receiving, from a first application, a first request to obtain a trusted link to communicate with a second application; providing the trusted link, wherein the trusted link is signed by the registry server device and identifies one or more query parameters of the first request; sending to the first application, a first response comprising the trusted link; receiving, from the second application, a second request to verify, at least in part, permissions defined by the one or more query parameters identified based on to the trusted link; and sending to the second application a second response comprising a result of the verification that enables the second application to verify that the signed trusted link was not tampered with and that the one or more query parameters of the first request have not been tampered with.

A system and method are provided for providing trusted links between applications. The method is executed by a registry server device. The method includes storing in a database coupled to the registry server device, query parameters for a plurality of applications; receiving, from a first application, a first request to obtain a trusted link to communicate with a second application; providing the trusted link, wherein the trusted link is signed by the registry server device and identifies one or more query parameters of the first request; sending to the first application, a first response comprising the trusted link; receiving, from the second application, a second request to verify, at least in part, permissions defined by the one or more query parameters identified based on to the trusted link; and sending to the second application a second response comprising a result of the verification that enables the second application to verify that the signed trusted link was not tampered with and that the one or more query parameters of the first request have not been tampered with.

There is provided mechanisms for handling instances of a trusted execution environment on an execution platform. The trusted execution environment is associated with a secure cryptoprocessor. The secure cryptoprocessor holds a register. The trusted execution environment is configured to read from and write to the register at a given index i. A method is performed by the trusted execution environment. The method comprises checking, upon start of a new instance of the trusted execution environment, status of the register at the given index i, and wherein, when the register at the given index i has its status set to “undefined”, an internal status value is set to a first value, and else, when a value is read from the register at the given index i, the internal status value is set to a second value based on the read value. The method comprises writing the internal status value to the register at the given index i. The method comprises running the new instance. The method comprises, whilst running the new instance, reading a current value from the register at the given index i. The method comprises enabling the new instance to keep running only when the current value equals the internal status value.