17HH6100, Development of Operating System Security Core Technology for the Smart Lightweight IoT Devices ,
Kim Jeong Nyeo
Abstract
In the IoT environment, all devices are connected to each other, and mobile device is considered as key device. But hacking into mobile devices is increasing rapidly with the increase in mobile device users. As the market share of Android OS increases, hacking of mobile devices has focused on Android devices. Although there are many security solutions for mobile devices, they are fragmentary for mobile threats; that is, they are solutions for only several threats rather than comprehensive solutions. There is hence a limit to protecting user's and company's data stored or used on mobile devices from various types of hacking. To address this, we propose a mobile device protection technology based on domain isolation. Virtualization technology has emerged to increase CPU utilization in server-class PCs and to run various OSs in one system. As these virtualization technologies become lightweight, they are beginning to be applied to embedded devices. In this paper, we applied this lightweight embedded virtualization technology to mobile devices to divide mobile devices into two areas. Therefore, users can have hidden area from hacker attack in addition to Android OS area which can use same as existing mobile device. There is a hardware-based mobile security solution using an secure element, but this has to be reflected in the manufacturing process of the mobile device. However, since the domain separation technology using the virtualization, proposed in this paper, is a software solution, it has an advantage that it can be applied to a device that is already in use. In addition, to protect the hidden area, application authentication/authorization and user authentication technology were applied. And we use white-box cryptography to get root of trust of the key which is used for secure storage and data encryption/decryption. We believe this is a fundamental solution for protecting the mobile device users from hacking. We implemented and tested various mobile applications operating on a mobile device that incorporates our proposed structure based on domain isolation. There is some performance degradation caused by the domain separation, but it is negligible. According to https://www.wired.com/insights/2012/11/mobile-supercomputers/, the chips for mobile phones have evolved and mobile phones will soon become supercomputers. In this case, the addition of virtualization to the mobile device will have less impact on the computing power of the mobile device, and data protection stored in mobile devices and secure execution environment of security programs will become more important issues. Therefore, our TeeMo structure is a necessary technology to protect mobile device users.
KSP Keywords
Android Devices, Android OS, Authentication technology, CPU Utilization, Computing power, Data protection, Device structure, Domain separation, Embedded Devices, Embedded Virtualization, Fundamental solution
Copyright Policy
ETRI KSP Copyright Policy
The materials provided on this website are subject to copyrights owned by ETRI and protected by the Copyright Act. Any reproduction, modification, or distribution, in whole or in part, requires the prior explicit approval of ETRI. However, under Article 24.2 of the Copyright Act, the materials may be freely used provided the user complies with the following terms:
The materials to be used must have attached a Korea Open Government License (KOGL) Type 4 symbol, which is similar to CC-BY-NC-ND (Creative Commons Attribution Non-Commercial No Derivatives License). Users are free to use the materials only for non-commercial purposes, provided that original works are properly cited and that no alterations, modifications, or changes to such works is made. This website may contain materials for which ETRI does not hold full copyright or for which ETRI shares copyright in conjunction with other third parties. Without explicit permission, any use of such materials without KOGL indication is strictly prohibited and will constitute an infringement of the copyright of ETRI or of the relevant copyright holders.
J. Kim et. al, "Trends in Lightweight Kernel for Many core Based High-Performance Computing", Electronics and Telecommunications Trends. Vol. 32, No. 4, 2017, KOGL Type 4: Source Indication + Commercial Use Prohibition + Change Prohibition
J. Sim et.al, “the Fourth Industrial Revolution and ICT – IDX Strategy for leading the Fourth Industrial Revolution”, ETRI Insight, 2017, KOGL Type 4: Source Indication + Commercial Use Prohibition + Change Prohibition
If you have any questions or concerns about these terms of use, or if you would like to request permission to use any material on this website, please feel free to contact us
KOGL Type 4:(Source Indication + Commercial Use Prohibition+Change Prohibition)
Contact ETRI, Research Information Service Section
Privacy Policy
ETRI KSP Privacy Policy
ETRI does not collect personal information from external users who access our Knowledge Sharing Platform (KSP). Unathorized automated collection of researcher information from our platform without ETRI's consent is strictly prohibited.
[Researcher Information Disclosure] ETRI publicly shares specific researcher information related to research outcomes, including the researcher's name, department, work email, and work phone number.
※ ETRI does not share employee photographs with external users without the explicit consent of the researcher. If a researcher provides consent, their photograph may be displayed on the KSP.