Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

Koutroumpouchos, Nikolaos; Ntantogian, Christoforos; Xenakis, Christos

doi:10.3390/s21020520

Cited by 22 publications

(13 citation statements)

References 58 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Trusted Execution Environment (TEE) [44] can be considered a sandbox capable of executing applications (named Trusted Applications). The isolation of the normal operating system from the TEE entails a secure environment, where applications of the normal world including malicious software are out of reach of sensitive data either stored in TEE or utilized by trusted applications.…”

Section: Trusted Execution Environment (Tee)mentioning

confidence: 99%

“…However, the use of TEE hinders malware from executing arbitrary code and accessing the stored secret since TEE has the highest privileges in the OS. As a result, malware must also find an exploit to break TEE in order to read private information stored in the secure world [44]. On the other hand, the Idemix master secret being the equivalent of a private key, can be considered as a solution for non-repudiation (S3-Non-repudiation).…”

Section: Security and Privacy Analysismentioning

confidence: 99%

See 1 more Smart Citation

P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go

Farao

Veroni

Ntantogian

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

Due to its flexibility in terms of charging and billing, the smart grid is an enabler of many innovative energy consumption scenarios. One such example is when a landlord rents their property for a specific period to tenants. Then the electricity bill could be redirected from the landlord’s utility to the tenant’s utility. This novel scenario of the smart grid ecosystem, defined in this paper as Grid-to-Go (G2Go), promotes a green economy and can drive rent reductions. However, it also creates critical privacy issues, since utilities may be able to track the tenant’s activities. This paper presents P4G2Go, a novel privacy-preserving scheme that provides strong security and privacy assertions for roaming consumers against honest but curious entities of the smart grid. At the heart of P4G2Go lies the Idemix cryptographic protocol suite, which utilizes anonymous credentials and provides unlinkability of the consumer activities. Our scheme is complemented by the MASKER protocol, used to protect the consumption readings, and the FIDO2 protocol for strong and passwordless authentication. We have implemented the main components of P4G2Go, to quantitatively assess its performance. Finally, we reason about its security and privacy properties, proving that P4G2Go achieves to fulfill the relevant objectives.

show abstract

Section: Trusted Execution Environment (Tee)mentioning

confidence: 99%

Section: Security and Privacy Analysismentioning

confidence: 99%

P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go

Farao

Veroni

Ntantogian

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

show abstract

“…We decided to utilize the TrustZone TEE [ 28 ] for the SealedGRID platform, since it provides a wide range of functionality in isolated environments. Also, TrustZone is suitable for the use in low powered devices (IoT, smart meters etc.).…”

Section: Trusted Computing Componentmentioning

confidence: 99%

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

Suciu¹,

Sachian²,

Vulpe

et al. 2021

Sensors

Self Cite

View full text Add to dashboard Cite

Recent advancements in information and communication technologies (ICT) have improved the power grid, leading to what is known as the smart grid, which, as part of a critical economic and social infrastructure, is vulnerable to security threats from the use of ICT and new emerging vulnerabilities and privacy issues. Access control is a fundamental element of a security infrastructure, and security is based on the principles of less privilege, zero-trust, and segregation of duties. This work addresses how access control can be applied without disrupting the power grid’s functioning while also properly maintaining the security, scalability, and interoperability of the smart grid. The authentication in the platform presumes digital certificates using a web of trust. This paper presents the findings of the SealedGRID project, and the steps taken for implementing Attribute-based access control policies specifically customized to the smart grid. The outcome is to develop a novel, hierarchical architecture composed of different licensing entities that manages access to resources within the network infrastructure. They are based on well-drawn policy rules and the security side of these resources is placed through a context awareness module. Together with this technology, the IoT is used with Big Data (facilitating easy handling of large databases). Another goal of this paper is to present implementation and evaluations details of a secure and scalable security platform for the smart grid.

show abstract

“…a smartphone), in an external element such as a flash memory card, in the circuitry of devices such as the SIM card itself used in mobile phones, or as a cloud service in Host Card Emulation technology. A new family of embedded environments known as Trusted Execution Environments (TEE) [25,26] has emerged. A TEE is a hardware environment with a secure operating system that is isolated and completely separated from the mobile platform.…”

Section: Secure Element As Trust Anchormentioning

confidence: 99%

“…For example, packet 1 may be 100 bytes starting at offset 0. Packet 2 may be 100 bytes starting at offset25. Packet 2 will overwrite 75 bytes of packet 1.…”

mentioning

confidence: 99%

P2ISE: Preserving Project Integrity in CI/CD Based on Secure Elements

et al. 2021

Self Cite

View full text Add to dashboard Cite

Over the past decade, software development has evolved from a rigid, linear process to a highly automated and flexible one, thanks to the emergence of continuous integration and delivery environments. Nowadays, more and more development teams rely on such environments to build their complex projects, as the advantages they offer are numerous. On the security side, however, most environments seem to focus on authentication, neglecting other critical aspects, such as the integrity of the source code and the compiled binaries. To ensure the soundness of a software project, its source code must be secured from malicious modifications. Yet, no method can accurately verify that the integrity of a project’s source code has not been breached. This paper presents P2ISE, a novel integrity-preserving tool that provides strong security assertions for developers against attackers. At the heart of P2ISE lies the TPM trusted computing technology, which is leveraged to ensure integrity preservation. We have implemented the P2ISE and quantitatively assessed its performance and efficiency.

show abstract

Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

Cited by 22 publications

References 58 publications

P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go

P4G2Go: A Privacy-Preserving Scheme for Roaming Energy Consumers of the Smart Grid-to-Go

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

P2ISE: Preserving Project Integrity in CI/CD Based on Secure Elements

Contact Info

Product

Resources

About