상세정보
학술지
A Secure Storage System for Sensitive Data Protection Based on Mobile Virtualization
- 발행일
- 201504
- 출처
- International Journal of Distributed Sensor Networks, v.2015, pp.1-9
- ISSN
- 1550-1329
- 출판사
- Hindawi Publishing
- 협약과제
- 15MS3600, 모바일 단말의 비인가 접근 차단 및 안전한 운영환경 보장을 위한 EAL 4급 군사용 융합 보안 솔루션 개발, 김정녀
- 초록
- Recently, the development of smart phones has been reported the number of security vulnerabilities. Although these smart phones have a concept of Sandbox for the security, sensitive personal information has been still exposed by internal data exchange or root privilege acquisition. In this paper, we propose a system framework for secure storage of sensitive data in smartphone. The system is divided into general domain (GD) and secure domain (SD) in mobile device utilizing domain separation technique of virtualization, and SD provides a secure execution environment to protect sensitive data and secure services. In addition, our system introduces the secure functions such as authentication/access control, and encryption/key management and secures filesystem to be run in SD and addresses a detailed secure filesystem as a key function for secure storage. Lastly, the experiments are conducted to measure the performance overhead imposed by security features in SD and by overall system with interdomain communication from GD to SD. These experiment results show suitability of our system and suggest applicability of various secure functions which can be applied in our secure storage system.
- KSP 제안 키워드
- Data exchange, Domain separation, Experiment results, Internal data, Key management, Mobile devices, Mobile virtualization, Overall system, Performance Overhead, Secure Execution Environment, Security vulnerabilities