Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
A comparison of software and hardware techniques for x86 virtualization
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series)
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Reconfigurable trusted computing in hardware
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Measuring integrity on mobile phone systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Embedded Trusted Computing with Authenticated Non-volatile Memory
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Trusted computing building blocks for embedded linux-based ARM trustzone platforms
Proceedings of the 3rd ACM workshop on Scalable trusted computing
A Framework for Trustworthy Service-Oriented Computing (Short Paper)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Implementation Aspects of Mobile and Embedded Trusted Computing
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Defending against sensor-sniffing attacks on mobile phones
Proceedings of the 1st ACM workshop on Networking, systems, and applications for mobile handhelds
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Trust in a small package: minimized MRTM software implementation for mobile secure environments
Proceedings of the 2009 ACM workshop on Scalable trusted computing
A secure DVB set-top box via trusting computing technologies
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
pBMDS: a behavior-based malware detection system for cellphone devices
Proceedings of the third ACM conference on Wireless network security
Realizing dynamic behavior attestation for mobile platforms
Proceedings of the 7th International Conference on Frontiers of Information Technology
Towards customizable, application specific mobile trusted modules
Proceedings of the fifth ACM workshop on Scalable trusted computing
CRePE: context-related policy enforcement for android
ISC'10 Proceedings of the 13th international conference on Information security
Delivering secure applications on commercial mobile devices: the case for bare metal hypervisors
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Practical and lightweight domain isolation on Android
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Defending users against smartphone apps: techniques and future directions
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Semantically rich application-centric security in Android
Security and Communication Networks
Trustworthy execution on mobile devices: what security properties can my mobile platform give me?
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
SmartTokens: delegable access control with NFC-Enabled smartphones
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
| Hi-index | 0.00 |
Driven by the ever increasing information security demands in mobile devices, the Trusted Computing Group (TCG) formed a dedicated group - Mobile Phone Working Group (MPWG). to address the security needs of mobile platforms. Along this direction, the MPWG has recently released a Trusted Mobile Phone Reference Architecture Specification. In order to realize trusted mobile platforms, they adapt well-known concepts like TPM, isolation, integrity measurement, etc. from the trusted PC world - with slight modifications due to the characteristics and resource limitations of mobile devices - into generic mobile phone platforms. The business needs of mobile phone industry mandate 4 different stakeholders(platform owners): device manufacturer, cellular service provider, general service provider, and of course the end-user. The specification requires separate trusted and isolated operational domains, so called Trusted Engines, for each of these stakeholders. Although the TCG MPWG does not explicitly prescribe a specific technical realization of these Trusted Engines, a general perception suggests reusing the very well established (Trusted) Virtualization concept from corresponding PC architectures. However, despite of all its merits, the current "resource devourer" Virtualization is not very well suited for mobile devices. Thus, in this paper, we propose another isolation technique, which is specifically crafted for mobile phone platforms and respects its resource limitations. We achieve this goal by realizing the TCG's Trusted Mobile Phone specification by leveraging SELinux which provides a generic domain isolation concept at the kernel level. Additional to harnessing the potential of SELinux to realize mobile phone specific (isolated) operational domains, we are also able to seamlessly integrate the important integrity measurement and verification concept into our SELinux-based Trusted Mobile Phone architecture. This is achieved by defining some SELinux policy language extensions. Thus, the present paper provides a novel, efficient and inherently secure TCG-aware Mobile Phone reference architecture