More Web Proxy on the site http://driver.im/

Article

Towards a trusted mobile desktop

Authors:

Marcel Selhorst,

Christian Stüble,

Florian Feldmann,

Utz GnaidaAuthors Info & Claims

TRUST'10: Proceedings of the 3rd international conference on Trust and trustworthy computing

Pages 78 - 94

Published: 21 June 2010 Publication History

Abstract

Today's mobile phone platforms are powerful enough to be used as personal assistants that render and edit even complex document formats. However, short development cycles in combination with high complexity and extendability make these devices not secure enough for security-critical tasks. Therefore, end-users either have to use another secure device, or to accept the risk of losing sensitive information in the case of a loss of the device or a successful attack against it.

We propose a security architecture to operate on security-critical documents using a commercial off-the-shelf (COTS) mobile phone hardware platform offering two working environments. The first one is under full control of the user while the second is isolated and restricted by additional security and mobile trusted computing services.

The realizability of such an architecture has been proven based on a 'TrustedSMS' prototype developed on top of an OMAP-35xx development board, a hardware platform similar to many actual mobile phone platforms. The prototype includes nearly all components required to securely isolate the two compartments and implements use cases such as SMS writing, signing, receiving, verification, and key management.

References

[1]

Alkassar, A., Gnaida, U., Quirin, T.: MoTrust-TCG: Manipulationsschutz für mobile Signaturanwendungen mittels Trusted Computing. In: Sicherheit 2008, pp. 575-580 (2008).

[2]

Alkassar, A., Husseiki, R.: Data Leakage Prevention in Trusted Virtual Domains. In: Pohlmann, N., Reimer, H., Schneider, W. (eds.) Information Security Solutions Europe (ISSE 2009). Vieweg + Teubner Verlag (2009).

[3]

Alkassar, A., Scheibel, M., Sadeghi, A.-R., Stüble, C., Winandy, M.: Security architecture for device encryption and VPN. In: Information Security Solution Europe (ISSE 2006). Vieweg Verlag (2006).

[4]

Alves, T., Felton, D.: TrustZone: Integrated hardware and software security. Technical report, ARM (July 2004).

[5]

Armknecht, F., Gasmi, Y., Sadeghi, A.-R., Ramunno, G., Vernizzi, D., Stewin, P., Unger, M.: An Efficient Implementation of Trusted Channels based on OpenSSL. In: Proceedings of ACM STC 2008 (2008).

Digital Library

[6]

Azema, J., Fayad, G.: M-Shield: Mobile Security Technology: making wireless secure. Technical report, Texas Instruments (June 2008).

[7]

Basili, V., Perricone, B.: Software Errors and Complexity: An Empirical Investigation. Communications of the ACM, 42-52 (1984).

Digital Library

[8]

Brygier, J., Fuchsen, R., Blasum, H.: PikeOS: Safe and Secure Virtualization in a Separation Microkernel. Technical report, Sysgo (September 2009).

[9]

Cheng, Z.: Mobile Malware: Threats and Prevention (2007), http://www.mcafee.com/us/local_content/white_papers/threat_center/ wp_malware_r2_en.pdf

[10]

Diedrich, K., Winter, J.: Implementation Aspects of Mobile and Embedded Trusted Computing. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 29-44. Springer, Heidelberg (2009).

Digital Library

[11]

Ekberg, J.-E., Bugiel, S.: Trust in a small package: minimized MRTM software implementation for mobile secure environments. In: STC 2009: Proceedings of the 2009 ACM workshop on Scalable Trusted Computing, pp. 9-18. ACM, New York (2009).

Digital Library

[12]

Epstein, J.: A bibliography of windowing systems and security. ACM SIGSAC Review 10(4), 7-11 (1992).

Digital Library

[13]

Epstein, J., McHugh, J., Orman, H., Pascale, R., Marmor-Squires, A., Danner, B., Martin, C.R., Branstad, M., Benson, G., Rothnie, D.: A high assurance window system prototype. Journal of Computer Security 2(2), 159-190 (1993).

[14]

Feske, N., Helmuth, C.: A nitpicker's guide to a minimal-complexity secure GUI. In: 21st Annual Computer Security Applications Conference. ACM, New York (2005).

Digital Library

[15]

Fischer, T., Sadeghi, A.-R., Winandy, M.: A Pattern for Secure Graphical User Interface Systems. In: 3rd International Workshop on Secure Systems Methodologies Using Patterns (2009).

Digital Library

[16]

Forler, C., Käß, S.: D03.5 - Embedded TSS: Technical specification. Technical report, Trusted Embedded Computing (January 2009).

[17]

Heiser, G., Elphinstone, K., Kuz, I., Klein, G., Petters, S.M.: Towards trustworthy computing systems: taking microkernels to the next level. ACM Operating Systems Review 4, 3-11 (2007).

Digital Library

[18]

Liedtke, J.: Towards real micro-kernels. Communications of the ACM 39(9) (1996).

Digital Library

[19]

Mobile Phone Working Group. TCG Mobile Trusted Module Specification. Technical Report version 1.0, Trusted Computing Group (June 2008).

[20]

Pfitzmann, B., Riordan, J., Stüble, C., Waidner, M., Weber, A.: The PERSEUS system architecture. Technical Report RZ 3335 (#93381), IBM Research Division, Zurich Laboratory (April 2001).

[21]

Sadeghi, A.-R., Stüble, C., Pohlmann, N.: European multilateral secure computing base - open trusted computing for you and me. Datenschutz und Datensicherheit DuD, Verlag Friedrich Vieweg & Sohn, Wiesbaden 28(9), 548-554 (2004).

[22]

Schulz, S., Sadeghi, A.-R.: Extending IPsec for Efficient Remote Attestation. In: 14th International Conference on Financial Cryptography and Data Security, FC 2010 (2010).

Digital Library

[23]

Shapiro, J.S., Vanderburgh, J., Northup, E.: Design of the EROS trusted window system. In: Proceedings of the 13th USENIX Security Symposium, August 2004, USENIX (2004).

Digital Library

[24]

Stüble, C., Zaerin, A.: µTSS - A Simplied Trusted Software Stack. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 124-140. Springer, Heidelberg (2010).

Digital Library

[25]

Trusted Computing Group. TPM main specification. Main Specification Version 1.2 rev. 85, Trusted Computing Group (February 2005).

[26]

Trusted Computing Group. Trusted Network Connect. Specification Version 1.2 (2007).

Cited By

Malisa LKostiainen KCapkun SAhn GPretschner AGhinita G(2017)Detecting Mobile Application Spoofing Attacks by Leveraging User Visual Similarity PerceptionProceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029819(289-300)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029819
Marforio CMasti RSoriente CKostiainen KCapkun SLu LMannan M(2016)Hardened Setup of Personalized Security Indicators to Counter Phishing Attacks in Mobile BankingProceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices10.1145/2994459.2994462(83-92)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2994459.2994462
Marforio CJayaram Masti RSoriente CKostiainen KČapkun SKaye JDruin ALampe CMorris DHourcade J(2016)Evaluation of Personalized Security Indicators as an Anti-Phishing Mechanism for Smartphone ApplicationsProceedings of the 2016 CHI Conference on Human Factors in Computing Systems10.1145/2858036.2858085(540-551)Online publication date: 7-May-2016
https://dl.acm.org/doi/10.1145/2858036.2858085
Show More Cited By

Index Terms

Towards a trusted mobile desktop
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Index terms have been assigned to the content through auto-classification.

Recommendations

From desktop to mobile: Examining the security experience

The use of mobile devices is becoming more commonplace, with data regularly able to make the transition from desktop systems to pocket and handheld devices such as smartphones and PDAs. However, although these devices may consequently contain or ...
Mobile or desktop websites?: website usage on multitouch devices
NordiCHI '10: Proceedings of the 6th Nordic Conference on Human-Computer Interaction: Extending Boundaries

Mobile Internet is nearly a standard nowadays. Due to former bandwidth, input and screen limitations, website providers often created special versions of their websites for mobile devices. New hardware and interactions techniques like multitouch ...
A trusted mobile phone reference architecturevia secure kernel
STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing

Driven by the ever increasing information security demands in mobile devices, the Trusted Computing Group (TCG) formed a dedicated group - Mobile Phone Working Group (MPWG). to address the security needs of mobile platforms. Along this direction, the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

TRUST'10: Proceedings of the 3rd international conference on Trust and trustworthy computing

June 2010

441 pages

ISBN:3642138683

Editors:
Alessandro Acquisti
Carnegie Mellon University, Heinz College, Pittsburgh, PA
,
Sean W. Smith
Dartmouth College, Department of Computer Science, Hanover, NH
,
Ahmad-Reza Sadeghi
Ruhr University Bochum, System Security Lab, Bochum, Germany

Sponsors

TCG: Trusted Computing Group
Sirrix AG security technologies
Hewlett-Packard
Microsoft Research: Microsoft Research
Intel: Intel

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 21 June 2010

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Malisa LKostiainen KCapkun SAhn GPretschner AGhinita G(2017)Detecting Mobile Application Spoofing Attacks by Leveraging User Visual Similarity PerceptionProceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029819(289-300)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029819
Marforio CMasti RSoriente CKostiainen KCapkun SLu LMannan M(2016)Hardened Setup of Personalized Security Indicators to Counter Phishing Attacks in Mobile BankingProceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices10.1145/2994459.2994462(83-92)Online publication date: 24-Oct-2016
https://dl.acm.org/doi/10.1145/2994459.2994462
Marforio CJayaram Masti RSoriente CKostiainen KČapkun SKaye JDruin ALampe CMorris DHourcade J(2016)Evaluation of Personalized Security Indicators as an Anti-Phishing Mechanism for Smartphone ApplicationsProceedings of the 2016 CHI Conference on Human Factors in Computing Systems10.1145/2858036.2858085(540-551)Online publication date: 7-May-2016
https://dl.acm.org/doi/10.1145/2858036.2858085
Lange MLiebergeld SPayne C(2013)CrossoverProceedings of the 29th Annual Computer Security Applications Conference10.1145/2523649.2523667(249-257)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1145/2523649.2523667
Marforio CKarapanos NSoriente CKostiainen KCapkun SEnck WFelt AAsokan N(2013)Secure enrollment and practical migration for mobile trusted execution environmentsProceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices10.1145/2516760.2516764(93-98)Online publication date: 8-Nov-2013
https://dl.acm.org/doi/10.1145/2516760.2516764
Kostiainen KAsokan NAfanasyeva A(2011)Towards user-friendly credential transfer on open credential platformsProceedings of the 9th international conference on Applied cryptography and network security10.5555/2025968.2026000(395-412)Online publication date: 7-Jun-2011
https://dl.acm.org/doi/10.5555/2025968.2026000
Bugiel SDavi LDmitrienko AHeuser SSadeghi AShastry BJiang XBhattacharya ADasgupta PEnck W(2011)Practical and lightweight domain isolation on AndroidProceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices10.1145/2046614.2046624(51-62)Online publication date: 17-Oct-2011
https://dl.acm.org/doi/10.1145/2046614.2046624
Davi LDmitrienko AKowalski CWinandy MXu SChen YSadeghi AZhang X(2011)Trusted virtual domains on OKL4Proceedings of the sixth ACM workshop on Scalable trusted computing10.1145/2046582.2046592(49-58)Online publication date: 17-Oct-2011
https://dl.acm.org/doi/10.1145/2046582.2046592
Bugiel SDmitrienko AKostiainen KSadeghi AWinandy M(2010)TruWalletMProceedings of the Second international conference on Trusted Systems10.1007/978-3-642-25283-9_15(219-236)Online publication date: 13-Dec-2010
https://dl.acm.org/doi/10.1007/978-3-642-25283-9_15

View Options

View options

Media

Figures

Other

Tables

View Table of Contents