Regulating ARM TrustZone devices in restricted spaces

Ferdinand Brasser; Daeyoung Kim; Christopher Liebchen; Vinod Ganapathy; Liviu Iftode; Ahmad Reza Sadeghi

doi:10.1145/2906388.2906390

Regulating ARM TrustZone devices in restricted spaces

Ferdinand Brasser, Daeyoung Kim, Christopher Liebchen, Vinod Ganapathy, Liviu Iftode, Ahmad Reza Sadeghi

Montclair State University, Rutgers, The State University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.

Original language	English
Title of host publication	MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services
Publisher	Association for Computing Machinery, Inc
Pages	413-425
Number of pages	13
ISBN (Electronic)	9781450342698
DOIs	https://doi.org/10.1145/2906388.2906390
State	Published - Jun 20 2016
Event	14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016 - Singapore, Singapore Duration: Jun 25 2016 → Jun 30 2016

Publication series

Name	MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services

Conference

Conference	14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016
Country/Territory	Singapore
City	Singapore
Period	6/25/16 → 6/30/16

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications
Electrical and Electronic Engineering

Keywords

ARM TrustZone
Mobile device security
Restricted spaces

Access to Document

10.1145/2906388.2906390

Cite this

Brasser, F., Kim, D., Liebchen, C., Ganapathy, V., Iftode, L., & Sadeghi, A. R. (2016). Regulating ARM TrustZone devices in restricted spaces. In MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services (pp. 413-425). (MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services). Association for Computing Machinery, Inc. https://doi.org/10.1145/2906388.2906390

Brasser, Ferdinand ; Kim, Daeyoung ; Liebchen, Christopher et al. / Regulating ARM TrustZone devices in restricted spaces. MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. Association for Computing Machinery, Inc, 2016. pp. 413-425 (MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services).

@inproceedings{d7d1fa12807845d998f6a2b543b1af2c,

title = "Regulating ARM TrustZone devices in restricted spaces",

abstract = "Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.",

keywords = "ARM TrustZone, Mobile device security, Restricted spaces",

author = "Ferdinand Brasser and Daeyoung Kim and Christopher Liebchen and Vinod Ganapathy and Liviu Iftode and Sadeghi, {Ahmad Reza}",

note = "Publisher Copyright: {\textcopyright} 2016 ACM.; 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016 ; Conference date: 25-06-2016 Through 30-06-2016",

year = "2016",

month = jun,

day = "20",

doi = "10.1145/2906388.2906390",

language = "English",

series = "MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services",

publisher = "Association for Computing Machinery, Inc",

pages = "413--425",

booktitle = "MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services",

}

Brasser, F, Kim, D, Liebchen, C, Ganapathy, V, Iftode, L & Sadeghi, AR 2016, Regulating ARM TrustZone devices in restricted spaces. in MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services, Association for Computing Machinery, Inc, pp. 413-425, 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016, Singapore, Singapore, 6/25/16. https://doi.org/10.1145/2906388.2906390

Regulating ARM TrustZone devices in restricted spaces. / Brasser, Ferdinand; Kim, Daeyoung; Liebchen, Christopher et al.
MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. Association for Computing Machinery, Inc, 2016. p. 413-425 (MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Regulating ARM TrustZone devices in restricted spaces

AU - Brasser, Ferdinand

AU - Kim, Daeyoung

AU - Liebchen, Christopher

AU - Ganapathy, Vinod

AU - Iftode, Liviu

AU - Sadeghi, Ahmad Reza

PY - 2016/6/20

Y1 - 2016/6/20

N2 - Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.

AB - Smart personal devices equipped with a wide range of sensors and peripherals can potentially be misused in various environments. They can be used to exfiltrate sensitive information from enterprises and federal offices or be used to smuggle unauthorized information into classrooms and examination halls. One way to prevent these situations is to regulate how smart devices are used in such restricted spaces. In this paper, we present an approach that robustly achieves this goal for ARM TrustZone-based personal devices. In our approach, restricted space hosts use remote memory operations to analyze and regulate guest devices within the restricted space. We show that the ARM TrustZone allows our approach to obtain strong security guarantees while only requiring a small trusted computing base to execute on guest devices.

KW - ARM TrustZone

KW - Mobile device security

KW - Restricted spaces

UR - http://www.scopus.com/inward/record.url?scp=84979895566&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84979895566&partnerID=8YFLogxK

U2 - 10.1145/2906388.2906390

DO - 10.1145/2906388.2906390

M3 - Conference contribution

T3 - MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services

SP - 413

EP - 425

BT - MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services

PB - Association for Computing Machinery, Inc

T2 - 14th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 2016

Y2 - 25 June 2016 through 30 June 2016

ER -

Brasser F, Kim D, Liebchen C, Ganapathy V, Iftode L, Sadeghi AR. Regulating ARM TrustZone devices in restricted spaces. In MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services. Association for Computing Machinery, Inc. 2016. p. 413-425. (MobiSys 2016 - Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services). doi: 10.1145/2906388.2906390

Regulating ARM TrustZone devices in restricted spaces

Abstract

Publication series

Conference

ASJC Scopus subject areas

Keywords

Access to Document

Other files and links

Fingerprint

Cite this