Username   Password       Forgot your password?  Forgot your username? 


A Solution to Make Trusted Execution Environment More Trustworthy

Volume 14, Number 9, September 2018, pp. 2127-2136
DOI: 10.23940/ijpe.18.09.p21.21272136

Xiao Kun and Luo Lei

University of Electronic Science and Technology of China, Chengdu, 611731, China

(Submitted on May 14, 2018; Revised on July 23, 2018; Accepted on August 9, 2018)


Trusted Execution Environment is an execution environment that resides in connected devices and ensures that sensitive data are stored, processed, and protected isolated from general-purpose OS such as Android. The TrustZone TEE solution can achieve a medium protection level with comparatively low cost, so it is widely used. However, related researches show that the TrustZone TEE solution has security defects; for example, hardware isolation provided by TrustZone is insufficient. In this paper, we propose a security enhancement scheme based on TEE. According to the existing problems in the TrustZone TEE scheme, a corresponding protection mechanism is established to fully enhance the reliability of connected devices. In our scheme, TEE is used alongside other security technology such as secure elements and microkernel and kernel real-time protection to provide multi-layered defense mechanisms. In our scheme, we introduce a security element as the root of trust (ROT) of connected devices. The secure element is used to store sensitive data such as the first-stage bootloader, various secret keys, and the certificate of the second-stage bootloader. The secure element is also used to execute sensitive operations such as encryption and decryption.


References: 26

                1. A. Chou, J. Yang, B. Chelf, S. Hallem, and D. Engler, “An Empirical Study of Operating Systems Errors?” ACM SIGOPS Operating Systems Review, Vol. 35, pp. 73-88, 2001
                2. Y. Qin, H. Dai, and Y. YAN, “Study on Defects Relate to Device Driver in Monolithic Kernel of Operating System,” Computer Science, Vol. 38, No.4, 2011
                3. M. Nauman, S. Khan, and X. Zhang, “Apex: Extending Android Permission Model and Enforcement with User-Defined Runtime Constraints?” in Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 328-332, 2010
                4. B. Morrow, “BYOD Security Challenges: Control and Protect Your Most Sensitive Data,” Network Security, Vol. 2012, No. 12, pp. 5-8, 2012
                5. M. Becher, F. C. Freiling, J. Hoffmann, T. Holz, S. Uellenbeck, and C. Wolf, “Mobile Security Catching Up? Revealing the Nuts and Bolts of the Security of Mobile Devices?” Security and Privacy (SP), IEEE Symposium, pp. 96-111, May 2011
                6. J. E. Ekberg, K. Kostiainen, and N. Asokan, “Trusted Execution Environments on Mobile Devices?” in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 1497-1498, November 2013
                7. B. McGillion, T. Dettenborn, T. Nyman, and N. Asokan, “Open-TEE--An Open Virtual Trusted Execution Environment?” Trustcom/BigDataSE/ISPA, Vol. 1, pp. 400-407, August 2015
                8. J. Winter, “Trusted Computing Building Blocks for Embedded Linux-Based ARM Trustzone Platforms?” in Proceedings of the 3rd ACM workshop on Scalable trusted computing, pp. 21-30, October 2008
                9. J. González and P. Bonnet, “Towards an Open Framework Leveraging a Trusted Execution Environment,” Cyberspace Safety and Security, pp. 458-467, 2013
                10. T. Müller and M. Spreitzenbarth, “Frost?” in Proceedings of International Conference on Applied Cryptography and Network Security, pp. 373-388, Berlin, Germany, June 2013
                11. G. Arfaoui, S. Gharout, and J. Traoré, “Trusted Execution Environments: A Look under the Hood?” in Proceedings of IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 259-266, April 2014
                12. M. Lipp, D. Gruss, R. Spreitzer, C. Maurice, and S. Mangard, “ARMageddon: Cache Attacks on Mobile Devices?” USENIX Security Symposium, pp. 549-564, August 2016
                13. A. Atamli-Reineh, R. Borgaonkar, R. A. Balisane, G. Petracca, and A. Martin, “Analysis of Trusted Execution Environment Usage in Samsung KNOX?” in Proceedings of the 1st Workshop on System Software for Trusted Execution, pp. 7, December 2016
                14. J. Viega and H. Thompson, “The State of Embedded-Device Security (Spoiler Alert: It’s bad),” IEEE Security & Privacy, Vol. 10, No. 5, pp. 68-70, 2012
                15. X. Ren, R. D. Blanton, and V. G. Tavares, “A Learning-based Approach to Secure JTAG Against Unseen Scan-based Attacks?” IEEE Computer Society Annual Symposium on VLSI (ISVLSI), pp. 541-546, July 2016
                16. H. Salmani, “Design Techniques for Hardware Trojans Prevention and Detection at the Layout Level,” Trusted Digital Circuits, pp. 93-107, 2018
                17. T. H. Le, J. Clédière, C. Servière, and J. L. Lacoume, “Noise Reduction in Side Channel Attack using Fourth-Order Cumulant,” IEEE Transactions on Information Forensics and Security, Vol. 2, No. 4, pp. 710-720, 2007
                18. M. W. Shih, S. Lee, T. Kim, and M. Peinado, “T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs?” in Proceedings of the 2017 Annual Network and Distributed System Security Symposium (NDSS), San Diego, USA, February 2017
                19. A. Ukil, J. Sen, and S. Koilakonda, “Embedded Security for Internet of Things?,” in Proceedings of 2nd National Conference on Emerging Trends and Applications in Computer Science (NCETACS), pp. 1-6, March 2011
                20. M. Ezzeddine and H. Akkary, “Issues in Trustworthy Software Systems?” IEEE Trustcom/BigDataSE/ISPA, Vol. 1, pp. 1142-1147, August 2015
                21. T. Cooijmans, J. de Ruiter, and E. Poll, “Analysis of Secure Key Storage Solutions on Android?” in Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, pp. 11-20, November 2014
                22. H. Lopes, and R. Lopes, “Comparative Analysis of Mobile Security Threats And Solution,” Int. Journal of Engineering Research and Applications, Vol. 3, No. 5, pp. 499-502, 2013
                23. J. E. Ekberg, K. Kostiainen, and N. Asokan, “The Untapped Potential of Trusted Execution Environments on Mobile Devices,” IEEE Security & Privacy, Vol. 12, No. 4, pp. 29-37, 2014
                24. D. Kim, Y. Jung, K. A. Toh, B. Son, and J. Kim, “An Empirical Study on Iris Recognition in a Mobile Phone,” Expert Systems with Applications, Vol. 54, pp. 328-339, 2016
                25. J. N. Herder, H. Bos, B. Gras, P. Homburg, and A. S. Tanenbaum, “Construction of a Highly Dependable Operating System?” in Proceedings of European Dependable Computing Conference, pp. 3-12, October 2006
                26. G. Heiser, K. Elphinstone, I. Kuz, G. Klein, and S. M. Petters, “Towards Trustworthy Computing Systems: Taking Microkernels to the Next Level,” ACM SIGOPS Operating Systems Review, Vol. 41, No. 4, pp. 3-11, 2007


                              Please note : You will need Adobe Acrobat viewer to view the full articles.Get Free Adobe Reader

                              This site uses encryption for transmitting your passwords.