Build a trusted storage system on a mobile phone

Zhang, Qiang; Qiao, Jianzhong; Meng, Qiang

doi:10.1049/iet-ifs.2018.5031

Cited by 1 publication

(1 citation statement)

References 27 publications

(24 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…First, the client application (CA) in the REE, which is responsible for calling the measurement modules, initiates the security request. Ten, the processor is switched to the TEE by calling the secure monitor call (SMC) command, and the trusted application (TA) responsible for the measurement work is executed [22,23]. If the API interface in the REE to call TA is broken, the measurement work in the TEE will be interrupted and will not provide security for systems and applications such as the Trojan Dvmap virus [24].…”

Section: Introductionmentioning

confidence: 99%

TZEAMM: An Efficient and Secure Active Measurement Method Based on TrustZone

Liu

Lai

Liu

et al. 2023

Security and Communication Networks

View full text Add to dashboard Cite

With the rapid development of computer and communication technology, embedded systems are widely used in smart devices. The increasing connectivity of these systems and the difficulties in providing comprehensive security have made such devices vulnerable to malicious attacks. Passive defense technologies and traffic-based intrusion detection technologies are not fully effective against such attacks. Trusted execution environment (TEE) technology can ensure system security against unknown attacks to some extent. Most researchers use TrustZone to implement TEE. However, the problem is that the API interface of the TEE module which provides the service is not secure. Therefore, to actively defend against attacks, we developed a trusted computing active measurement architecture based on TrustZone. To overcome the serious problem that modules in the trusted execution environment need to be passively invoked to provide services, we have proposed an active measurement closed-loop immune mechanism. To reduce the trusted computing base and reduce the performance overhead, we removed certain functional modules from the trusted execution environment. In addition, based on this architecture, we developed a trust chain and dynamic measurement method to ensure the security of the target applications. We changed the traditional attack response method, which requires the entire system to be restarted after an attack, by developing a fallback mechanism that is more suitable for the system. Finally, we verified the effectiveness of the architecture by developing an attack model. Performance testing and analysis showed that the architecture reduced the impact of the security mechanisms on the system. In the future, we will extend our research to more fine-grained measurements.

show abstract

Section: Introductionmentioning

confidence: 99%