Regulating ARM Trust Zone Devices in Restricted Spaces
- Slides: 18
Regulating ARM Trust. Zone Devices in Restricted Spaces Ferdinand Brasser, Christopher Liebchen, Ahmad-Reza Sadeghi Vinod Ganapathy, Liviu Iftode, Daeyoung Kim Technische Universität Darmstadt Rutgers University
2
Practical and Proof-Of-Concept Attacks are published 3
Current Solution: Not really exciting! 4
Restricted Spaces Host needs guarantee that guest devices respect the policies A host wants to define policies for smart devices of guests The guest can verify that the policies are Public notspace malicious ✘ ✘ Restricted space 5
Adversary and Trust Model • Hosts and guests are mutually-distrusting • Malicious user • Malicious sensors • Malicious host (policies) • Trusted hardware module • ARM Trust. Zone 6
Phase 1 a: Check-in (Memory Examination) Vetting service Mutual Authentication Request Memory Content Forward Request Memory ✔ or ✘ Send (Kernel) Memory Image Restricted space 7
Phase 1 b: Check-in (Policy Enforcement) ✘ ✘ Vetting service Request Memory Changes Forward Memory Changes ✔ or ✘ Apply Changes Restricted space 8
Phase 2: Policy Enforcement Verification Vetting service ✘ ✘ Restricted space 9
Phase 2: Policy Enforecmant Verification ✘ ✘ Request proof of policy compliance Verification Token t Request proof of policy compliance Verification Token Restricted space 10
Phase 3: 2: Check-out Policy Enforcement Verification ✘ ✘ Request proof of policy compliance Verification Token Request proof of policy compliance ✘ ✘ t Verification Token Public space Restricted space 11
Phase 3: Check-out Revert Changes Public space ✘ ✘ Restricted space 12
Implementation
ARM Trust. Zone (TZ) Normal World A p p Secure World A CPU p Kernel p Library Memory Camera Microphone Wi. Fi 14
Analysis of Guest Kernel Memory App RS-App TZ Kernel Image HMAC Cam-Drv Wi. Fi-Drv Drv-N Kernel Space copy Based on prior work; see paper for details. 15
Enforcing Host Policies App RS-App TZ HMAC Cam-Drv Null-Drv Wi. Fi-Drv Drv-N Kernel Space copy PEE Kernel Image Null PEE: Policy Enforcement Engine 16
Evaluation • Robustness Evaluation • Samsung Galaxy Nexus • Android 4. 3 • Performance Evaluation • i. MX. 53 • Android 2. 3. 4 All Apps either failed gracefully or continued to work Copy <1 s HMAC 54 sec • Trusted Computing Base • 3. 5 k. LOC: Crypto (SHA 1/HMAC/RSA/X 509) • 4. 0 k. LOC: Environment 17
Take Away & Future Research • Systematic regulation of device capabilities in restricted spaces • Balance between security and privacy • Improve performance of implementation • Use hardware accelerators, multi-core systems support, etc. • Automated kernel image analysis tool • Identify relevant drivers, generation of dummy drivers • How can other humans know that policy is enforced? [Mirzamohammadi, Mobisys’ 16] 18
- Cjis level 4 certification
- Ncic hosts restricted files and non-restricted files
- Countries in temperate zone
- Neritic zone climate
- Source zone transition zone and floodplain zone
- Linker arm left arm
- Circumferential clasp
- Circumferential clasp and bar clasp
- How do machines make work easier
- Third class lever
- Third class lever sporting examples
- Goole valve
- Fasting plasma glucose concentration
- Factors affecting stroke volume
- The process of evaluating and regulating ongoing activities
- Regulating body temperature
- 10-3 regulating the cell cycle
- Regulating body temperature
- 10-3 regulating the cell cycle