TruZ-Droid: Integrating TrustZone with mobile operating system

Kailiang Ying, Amit Ahlawat, Bilal Alsharifi, Yuexin Jiang, Priyank Thavai, Wenliang Du

Research output: Chapter in Book/Entry/PoemConference contribution

32 Scopus citations

Abstract

Mobile devices today provide a hardware-protected mode called Trusted Execution Environment (TEE) to help protect users from a compromised OS and hypervisor. Today TEE can only be leveraged either by vendor apps or by developers who work with the vendor. Since vendors consider third-party app code untrusted inside the TEE, to allow an app to leverage TEE, app developers have to write the app code in a tailored way to work with the vendor’s SDK. We proposed a novel design to integrate TEE with mobile OS to allow any app to leverage the TEE. Our design incorporates TEE support at the OS level, allowing apps to leverage the TEE without adding app-specific code into the TEE, and while using existing interface to interact with the mobile OS. We implemented our design, called TruZ-Droid, by integrating TrustZone TEE with the Android OS. TruZ-Droid allows apps to leverage the TEE to protect the following: (i) user’s secret input and confirmation, and (ii) sending of user’s secrets to the authorized server. We built a prototype using the TrustZone-enabled HiKey board to evaluate our design. We demonstrated TruZ-Droid’s effectiveness by adding new security features to existing apps to protect user’s sensitive information and attest user’s confirmation. TruZ-Droid’s real-world use case evaluation shows that apps can leverage TrustZone while using existing OS APIs. Our usability study proves that users can correctly interact with TruZ-Droid to protect their security sensitive activities and data.

Original languageEnglish (US)
Title of host publicationMobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services
PublisherAssociation for Computing Machinery, Inc
Pages14-27
Number of pages14
ISBN (Electronic)9781450357203
DOIs
StatePublished - Jun 10 2018
Event16th ACM International Conference on Mobile Systems, Applications, and Services,MobiSys 2018 - Munich, Germany
Duration: Jun 10 2018Jun 15 2018

Publication series

NameMobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services

Other

Other16th ACM International Conference on Mobile Systems, Applications, and Services,MobiSys 2018
Country/TerritoryGermany
CityMunich
Period6/10/186/15/18

Keywords

  • Android
  • TrustZone

ASJC Scopus subject areas

  • Information Systems
  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'TruZ-Droid: Integrating TrustZone with mobile operating system'. Together they form a unique fingerprint.

Cite this