TruZ-view: Developing trustZone user interface for mobile oS using delegation integration model

Kailiang Ying, Priyank Thavai, Wenliang Du

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

When OS and hypervisor are compromised, mobile devices currently provide a hardware protected mode called Trusted Execution Environment (TEE) to guarantee the confidentiality and integrity of the User Interface (UI). The present TEE UI solutions adopt a self-contained design model, which provides a fully functional UI stack in the TEE, but they fail to manage one critical design principle of TEE: a small Trusted Computing Base (TCB), which should be more easily verified in comparison to a rich OS. The TCB size of the self-contained model is large as a result of the size of an individual UI stack. To reduce the TCB size of the TEE UI solution, we proposed a novel TEE UI design model called delegation model. To be specific, our design reuses the majority of the rich OS UI stack. Unlike the existing UI solutions protecting 3-dimensional UI processing in the TEE, our design protects the UI solely as a 2-dimensional surface and thus reduces the TCB size. Our system, called TruZ-View, allows application developers to use the rich OS UI development environment to develop TEE UI with consistent UI looks across the TEE and the rich OS. We successfully implemented our design on HiKey board. Moreover, we developed several TEE UI use cases to protect the confidentiality and integrity of UI. We performed a thorough security analysis to prove the security of the delegation UI model. Our real-world application evaluation shows that developers can leverage our TEE UI with few changes to the existing app’s UI logic.

Original languageEnglish (US)
Title of host publicationCODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy
PublisherAssociation for Computing Machinery, Inc
Pages1-12
Number of pages12
ISBN (Electronic)9781450360999
DOIs
StatePublished - Mar 13 2019
Event9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019 - Richardson, United States
Duration: Mar 25 2019Mar 27 2019

Publication series

NameCODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy

Conference

Conference9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019
CountryUnited States
CityRichardson
Period3/25/193/27/19

Fingerprint

User interfaces
Application programs
Mobile devices

Keywords

  • Android
  • TrustZone
  • UI safety

ASJC Scopus subject areas

  • Information Systems
  • Computer Science Applications
  • Software

Cite this

Ying, K., Thavai, P., & Du, W. (2019). TruZ-view: Developing trustZone user interface for mobile oS using delegation integration model. In CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (pp. 1-12). (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy). Association for Computing Machinery, Inc. https://doi.org/10.1145/3292006.3300035

TruZ-view : Developing trustZone user interface for mobile oS using delegation integration model. / Ying, Kailiang; Thavai, Priyank; Du, Wenliang.

CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2019. p. 1-12 (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ying, K, Thavai, P & Du, W 2019, TruZ-view: Developing trustZone user interface for mobile oS using delegation integration model. in CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery, Inc, pp. 1-12, 9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019, Richardson, United States, 3/25/19. https://doi.org/10.1145/3292006.3300035
Ying K, Thavai P, Du W. TruZ-view: Developing trustZone user interface for mobile oS using delegation integration model. In CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc. 2019. p. 1-12. (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy). https://doi.org/10.1145/3292006.3300035
Ying, Kailiang ; Thavai, Priyank ; Du, Wenliang. / TruZ-view : Developing trustZone user interface for mobile oS using delegation integration model. CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, Inc, 2019. pp. 1-12 (CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy).
@inproceedings{a6dbe74a602b40b896e27cefb6199b8a,
title = "TruZ-view: Developing trustZone user interface for mobile oS using delegation integration model",
abstract = "When OS and hypervisor are compromised, mobile devices currently provide a hardware protected mode called Trusted Execution Environment (TEE) to guarantee the confidentiality and integrity of the User Interface (UI). The present TEE UI solutions adopt a self-contained design model, which provides a fully functional UI stack in the TEE, but they fail to manage one critical design principle of TEE: a small Trusted Computing Base (TCB), which should be more easily verified in comparison to a rich OS. The TCB size of the self-contained model is large as a result of the size of an individual UI stack. To reduce the TCB size of the TEE UI solution, we proposed a novel TEE UI design model called delegation model. To be specific, our design reuses the majority of the rich OS UI stack. Unlike the existing UI solutions protecting 3-dimensional UI processing in the TEE, our design protects the UI solely as a 2-dimensional surface and thus reduces the TCB size. Our system, called TruZ-View, allows application developers to use the rich OS UI development environment to develop TEE UI with consistent UI looks across the TEE and the rich OS. We successfully implemented our design on HiKey board. Moreover, we developed several TEE UI use cases to protect the confidentiality and integrity of UI. We performed a thorough security analysis to prove the security of the delegation UI model. Our real-world application evaluation shows that developers can leverage our TEE UI with few changes to the existing app’s UI logic.",
keywords = "Android, TrustZone, UI safety",
author = "Kailiang Ying and Priyank Thavai and Wenliang Du",
year = "2019",
month = "3",
day = "13",
doi = "10.1145/3292006.3300035",
language = "English (US)",
series = "CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy",
publisher = "Association for Computing Machinery, Inc",
pages = "1--12",
booktitle = "CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy",

}

TY - GEN

T1 - TruZ-view

T2 - Developing trustZone user interface for mobile oS using delegation integration model

AU - Ying, Kailiang

AU - Thavai, Priyank

AU - Du, Wenliang

PY - 2019/3/13

Y1 - 2019/3/13

N2 - When OS and hypervisor are compromised, mobile devices currently provide a hardware protected mode called Trusted Execution Environment (TEE) to guarantee the confidentiality and integrity of the User Interface (UI). The present TEE UI solutions adopt a self-contained design model, which provides a fully functional UI stack in the TEE, but they fail to manage one critical design principle of TEE: a small Trusted Computing Base (TCB), which should be more easily verified in comparison to a rich OS. The TCB size of the self-contained model is large as a result of the size of an individual UI stack. To reduce the TCB size of the TEE UI solution, we proposed a novel TEE UI design model called delegation model. To be specific, our design reuses the majority of the rich OS UI stack. Unlike the existing UI solutions protecting 3-dimensional UI processing in the TEE, our design protects the UI solely as a 2-dimensional surface and thus reduces the TCB size. Our system, called TruZ-View, allows application developers to use the rich OS UI development environment to develop TEE UI with consistent UI looks across the TEE and the rich OS. We successfully implemented our design on HiKey board. Moreover, we developed several TEE UI use cases to protect the confidentiality and integrity of UI. We performed a thorough security analysis to prove the security of the delegation UI model. Our real-world application evaluation shows that developers can leverage our TEE UI with few changes to the existing app’s UI logic.

AB - When OS and hypervisor are compromised, mobile devices currently provide a hardware protected mode called Trusted Execution Environment (TEE) to guarantee the confidentiality and integrity of the User Interface (UI). The present TEE UI solutions adopt a self-contained design model, which provides a fully functional UI stack in the TEE, but they fail to manage one critical design principle of TEE: a small Trusted Computing Base (TCB), which should be more easily verified in comparison to a rich OS. The TCB size of the self-contained model is large as a result of the size of an individual UI stack. To reduce the TCB size of the TEE UI solution, we proposed a novel TEE UI design model called delegation model. To be specific, our design reuses the majority of the rich OS UI stack. Unlike the existing UI solutions protecting 3-dimensional UI processing in the TEE, our design protects the UI solely as a 2-dimensional surface and thus reduces the TCB size. Our system, called TruZ-View, allows application developers to use the rich OS UI development environment to develop TEE UI with consistent UI looks across the TEE and the rich OS. We successfully implemented our design on HiKey board. Moreover, we developed several TEE UI use cases to protect the confidentiality and integrity of UI. We performed a thorough security analysis to prove the security of the delegation UI model. Our real-world application evaluation shows that developers can leverage our TEE UI with few changes to the existing app’s UI logic.

KW - Android

KW - TrustZone

KW - UI safety

UR - http://www.scopus.com/inward/record.url?scp=85063899818&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85063899818&partnerID=8YFLogxK

U2 - 10.1145/3292006.3300035

DO - 10.1145/3292006.3300035

M3 - Conference contribution

AN - SCOPUS:85063899818

T3 - CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy

SP - 1

EP - 12

BT - CODASPY 2019 - Proceedings of the 9th ACM Conference on Data and Application Security and Privacy

PB - Association for Computing Machinery, Inc

ER -