Securing Smartphones: A Micro-TCB Approach

Autor: Gilad, Yossi, Herzberg, Amir, Trachtenberg, Ari
Rok vydání: 2014
Předmět:
Druh dokumentu: Working Paper
Popis: As mobile phones have evolved into `smartphones', with complex operating systems running third- party software, they have become increasingly vulnerable to malicious applications (malware). We introduce a new design for mitigating malware attacks against smartphone users, based on a small trusted computing base module, denoted uTCB. The uTCB manages sensitive data and sensors, and provides core services to applications, independently of the operating system. The user invokes uTCB using a simple secure attention key, which is pressed in order to validate physical possession of the device and authorize a sensitive action; this protects private information even if the device is infected with malware. We present a proof-of-concept implementation of uTCB based on ARM's TrustZone, a secure execution environment increasingly found in smartphones, and evaluate our implementation using simulations.
Databáze: arXiv