TY - GEN
T1 - Regulating ARM TrustZone devices in restricted spaces
AU - Brasser, Ferdinand
AU - Kim, Daeyoung
AU - Liebchen, Christopher
AU - Ganapathy, Vinod
AU - Iftode, Liviu
AU - Sadeghi, Ahmad Reza
N1 - Publisher Copyright:
© 2016 ACM.
PY - 2016/6/20
Y1 - 2016/6/20
N2 - Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.
AB - Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.
KW - ARM TrustZone
KW - Mobile device security
KW - Restricted spaces
UR - http://www.scopus.com/inward/record.url?scp=84979895566&partnerID=8YFLogxK
U2 - 10.1145/2906388.2906390
DO - 10.1145/2906388.2906390
M3 - Conference contribution
AN - SCOPUS:84979895566
T3 - MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services
SP - 413
EP - 425
BT - MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services
PB - Association for Computing Machinery, Inc
T2 - 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016
Y2 - 25 June 2016 through 30 June 2016
ER -