Wei Huang, Vasily Rudchenko, He Shuang, Zhen Huang, D. Lie
{"title":"Pearl-TEE:支持TrustZone中不受信任的应用程序","authors":"Wei Huang, Vasily Rudchenko, He Shuang, Zhen Huang, D. Lie","doi":"10.1145/3268935.3268936","DOIUrl":null,"url":null,"abstract":"Rising concerns about mobile security have motivated the use of architectural features such as ARM TrustZone to protect sensitive applications from compromise by malicious applications or a compromised OS. However, many TEE OSes (which run in TrustZone) currently assume all applications in TrustZone are trusted, and thus do not provide strong isolation guarantees between them. The benefit of this is that TEE OSes can be simple, allowing them to provide a high-assurance trusted computing base (TCB). However, unlike how arbitrary third-party mobile applications can be installed onto a smartphone, the need for mutual trust among all applications running inside TrustZone prevents the installation of 3rd party applications on the TEE OS. In this paper, we identify the key properties that define application code that may wish to use TrustZone and show that a standard TEE OS can be extended to support multiple, mutually distrusting applications in TrustZone with less than a 3% increase in the TCB. We realize our ideas in Pearl-TEE, a novel TEE OS prototype we have implemented that can provide mechanisms specific to the needs of TrustZone applications, including isolation for execution, secure persistent storage, and support for network communication. We find that Pearl-TEE imposes less than 20% performance overhead on applications.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"142 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Pearl-TEE: Supporting Untrusted Applications in TrustZone\",\"authors\":\"Wei Huang, Vasily Rudchenko, He Shuang, Zhen Huang, D. Lie\",\"doi\":\"10.1145/3268935.3268936\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Rising concerns about mobile security have motivated the use of architectural features such as ARM TrustZone to protect sensitive applications from compromise by malicious applications or a compromised OS. However, many TEE OSes (which run in TrustZone) currently assume all applications in TrustZone are trusted, and thus do not provide strong isolation guarantees between them. The benefit of this is that TEE OSes can be simple, allowing them to provide a high-assurance trusted computing base (TCB). However, unlike how arbitrary third-party mobile applications can be installed onto a smartphone, the need for mutual trust among all applications running inside TrustZone prevents the installation of 3rd party applications on the TEE OS. In this paper, we identify the key properties that define application code that may wish to use TrustZone and show that a standard TEE OS can be extended to support multiple, mutually distrusting applications in TrustZone with less than a 3% increase in the TCB. We realize our ideas in Pearl-TEE, a novel TEE OS prototype we have implemented that can provide mechanisms specific to the needs of TrustZone applications, including isolation for execution, secure persistent storage, and support for network communication. We find that Pearl-TEE imposes less than 20% performance overhead on applications.\",\"PeriodicalId\":142419,\"journal\":{\"name\":\"Proceedings of the 3rd Workshop on System Software for Trusted Execution\",\"volume\":\"142 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-01-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 3rd Workshop on System Software for Trusted Execution\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3268935.3268936\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3268935.3268936","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Pearl-TEE: Supporting Untrusted Applications in TrustZone
Rising concerns about mobile security have motivated the use of architectural features such as ARM TrustZone to protect sensitive applications from compromise by malicious applications or a compromised OS. However, many TEE OSes (which run in TrustZone) currently assume all applications in TrustZone are trusted, and thus do not provide strong isolation guarantees between them. The benefit of this is that TEE OSes can be simple, allowing them to provide a high-assurance trusted computing base (TCB). However, unlike how arbitrary third-party mobile applications can be installed onto a smartphone, the need for mutual trust among all applications running inside TrustZone prevents the installation of 3rd party applications on the TEE OS. In this paper, we identify the key properties that define application code that may wish to use TrustZone and show that a standard TEE OS can be extended to support multiple, mutually distrusting applications in TrustZone with less than a 3% increase in the TCB. We realize our ideas in Pearl-TEE, a novel TEE OS prototype we have implemented that can provide mechanisms specific to the needs of TrustZone applications, including isolation for execution, secure persistent storage, and support for network communication. We find that Pearl-TEE imposes less than 20% performance overhead on applications.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
