@inproceedings{69e553635dc2470d8fb71de004dfc39c,
title = "Securing Mobile Systems GPS and Camera Functions Using TrustZone Framework",
abstract = "Mobile phone devices constantly face new vulnerabilities for attackers to exploit. Many vulnerabilities allow attackers to gain full control over the operating system and thus putting security critical operations at risk. Mobile payment systems are gaining more traction and security countermeasures cannot rely on operating systems for protection. ARM TrustZone provides hardware-based security which is often used to protect key operations. In this work, we extended TrustZone functionality to offer robust security measures for specific I/O peripherals, namely, camera and location, to any application on demand. The work mainly ensures integrity of data retrieved by the peripherals. Applications that can utilize this functionality include merchant-presented QR payment systems, location attestation for payments and other applications. The work is designed to offer seamless integration for application developers, and transparency to end users. We demonstrated functionality on custom and modified existing applications. The added overhead is within expected margins. The work provides a feasible design for industrial implementations, where the vendors installed services do not need coordination with potential application developers, and that offers flexibility for both vendors and developers.",
keywords = "ARM TrustZone, Android, Attack surface, GPS, Mobile security, OP-TEE, QR payments, REE, Threat model, TruZ-Droid",
author = "Salman, {Ammar S.} and Du, {Wenliang (Kevin)}",
note = "Publisher Copyright: {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.; Computing Conference, 2021 ; Conference date: 15-07-2021 Through 16-07-2021",
year = "2021",
doi = "10.1007/978-3-030-80129-8_58",
language = "English (US)",
isbn = "9783030801281",
series = "Lecture Notes in Networks and Systems",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "868--884",
editor = "Kohei Arai",
booktitle = "Intelligent Computing - Proceedings of the 2021 Computing Conference",
address = "Germany",
}