Abstract
Many mobile systems run on ARM-based devices today. People use these for increasingly diverse yet security-sensitive applications. ARM has adopted a security model to tackle this threat, where they manage private information in an isolated <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">trusted execution environment</i> (TEE) provided by <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TrustZone</i> . This TrustZone-based model has been proven effective, but due to security concerns, it is available solely for the vendor's applications, thereby hindering the broad use of TrustZone. Consequently, we propose a runtime framework backed by TrustZone to construct a secondary TEE. <sc xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Ambassy</small> has its residence built on an on-chip field-programmable gate array (FPGA), which is a standard component in an <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">ARM/FPGA hybrid</i> system readily available on the market today. This study, to the best of our knowledge, is the first attempt to broaden the use of TrustZone by using an FPGA to build a secondary TEE for arbitrary third-parties, which otherwise should be expelled to the Normal World. This paper describes many design challenges that we have overcome to fully implement <sc xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Ambassy</small> on an FPGA. Our experiments demonstrate the practicality of <sc xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Ambassy</small> by presenting the security analysis and performance results of third-party application samples. The samples all run safely on <sc xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Ambassy</small> , with shorter execution times than regular TEE applications in TrustZone (by a factor of 5.5–52).
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
