TY - GEN
T1 - DroidVault
T2 - 19th International Conference on Engineering of Complex Computer Systems, ICECCS 2014
AU - Li, Xiaolei
AU - Hu, Hong
AU - Bai, Guangdong
AU - Jia, Yaoqi
AU - Liang, Zhenkai
AU - Saxena, Prateek
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014/10/13
Y1 - 2014/10/13
N2 - Mobile OSes and applications form a large, complex and vulnerability-prone software stack. In such an environment, security techniques to strongly protect sensitive data in mobile devices are important and challenging. To address such challenges, we introduce the concept of the trusted data vault, a small trusted engine that securely manages the storage and usage of sensitive data in an untrusted mobile device. In this paper, we design and build Droid Vault-the first realization of a trusted data vault on the Android platform. Droid Vault establishes a secure channel between data owners and data users while allowing data owners to enforce strong control over the sensitive data with a minimal trusted computing base (TCB). We prototype Droid Vault via the novel use of hardware security features of ARM processors, i.e., Trust Zone. Our evaluation demonstrates its functionality for processing sensitive data and its practicality for adoption in the real world.
AB - Mobile OSes and applications form a large, complex and vulnerability-prone software stack. In such an environment, security techniques to strongly protect sensitive data in mobile devices are important and challenging. To address such challenges, we introduce the concept of the trusted data vault, a small trusted engine that securely manages the storage and usage of sensitive data in an untrusted mobile device. In this paper, we design and build Droid Vault-the first realization of a trusted data vault on the Android platform. Droid Vault establishes a secure channel between data owners and data users while allowing data owners to enforce strong control over the sensitive data with a minimal trusted computing base (TCB). We prototype Droid Vault via the novel use of hardware security features of ARM processors, i.e., Trust Zone. Our evaluation demonstrates its functionality for processing sensitive data and its practicality for adoption in the real world.
UR - http://www.scopus.com/inward/record.url?scp=84908455914&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84908455914&partnerID=8YFLogxK
U2 - 10.1109/ICECCS.2014.13
DO - 10.1109/ICECCS.2014.13
M3 - Conference contribution
AN - SCOPUS:84908455914
T3 - Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems, ICECCS
SP - 29
EP - 38
BT - Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems, ICECCS
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 4 August 2014 through 7 August 2014
ER -