BROWSE
Detail
Conference Paper
An Architecture for Virtualization-Based Trusted Execution Environment on Mobile Devices
Cited 0 time in 
Share 
Share
- Authors
- Young-Woo Jung, Hag-Young Kim, Sang-Wook Kim
- Issue Date
- 2014-12
- Citation
- International Conference on Ubiquitous Intelligence and Computing (UIC) / International Conference on Autonomic and Trusted Computing (ATC) / International Conference on Scalable Computing and Communications and Its Associated Workshops (ScalCom) 2014, pp.540-547
- Language
- English
- Type
- Conference Paper
- Abstract
- In this paper, we present an architecture for a trusted execution environment on mobile devices that allows applications with a wide range of security requirements to run safely in an isolated environment, by using a mobile virtualization technology. These applications can take advantage of the semantics of running on secure area which is isolated from non-secure area that suffers from hacking, malignant code, or the like, while retaining the ability to run side-by-side with normal applications on a general execution environment. We achieve this synthesis by use of a mobile virtual machine monitor (mVMM) that partitions single mobile hardware platform into the separated and isolated virtual machines (VMs), providing the trusted execution environment and the trusted paths. In VM on which the secure OS runs, authentication credentials (e.g. Private keys) for electronic transactions and security sensitive data are stored and security sensitive processing is executed with no external network interfaces provided and only with a secure communication channel provided by mVMM. We explore the strengths and limitations of this architecture by describing and analyzing our prototype implementation and a simple mobile payment service that can be one of the important applications for the trusted execution environment. Through the architecture analysis, the proposed architecture can provide a reasonably trustworthy execution environment to a user in the run-time execution point of view.
- KSP Keywords
- Electronic transactions, External Network, Hardware platform, Mobile devices, Mobile virtualization, Network interfaces, Prototype implementation, Run-Time, Security requirements, Sensitive Data, Side-by-side