On-board credentials with open provisioning

Kostiainen, Kari; Ekberg, Jan-Erik; Asokan, N.; Rantala, Aarne

doi:10.1145/1533057.1533074

Cited by 78 publications

(42 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At present, millions of devices integrate TrustZone-based technologies. Examples are ObC in Lumia phones [17], TIMA/TZ-RKP in Samsung smartphones [6], and <t-base of Trustonic [2].…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation

Sabt

Achemlal

Bouabdallah

2015

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

Abstract. The dual-execution-environment approach (dual-EE) is a trusted model that was defined to allow mobile smart devices to guarantee tamper-resistant execution for highly sensitive applications. Although various solutions implementing dual-EE have been proposed in the literature, this model has not been formalized yet. In this paper, we revisit the dual-EE approach and propose a theoretical framework to systematize the design of dual-EE solutions regarding well-established primitives defined in the Multiple Independent Levels of Security (MILS) architecture. We provide a general classification of the different dual-EE proposals based on their isolation properties. We introduce a comparative framework allowing dual-EE solutions to be evaluated across a common set of criteria. The relevance of our framework is examined by applying it on three technologies, each one represents one category in our classification. Results are consistent and explain some hidden and unexpected properties of each technology. For instance, we find that bare-metal hypervisors are ill-adapted to provide high assurance security even though they might improve the overall security level of the system.

show abstract

“…At present, millions of devices integrate TrustZone-based technologies. Examples are ObC in Lumia phones [17], TIMA/TZ-RKP in Samsung smartphones [6], and <t-base of Trustonic [2].…”

Section: Discussionmentioning

confidence: 99%

“…The literature is full of proposals [2,10,13,17,27]. However, proposals differ substantially from each other in their design objectives.…”

Section: Introductionmentioning

confidence: 99%

The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation

Sabt

Achemlal

Bouabdallah

2015

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

show abstract

“…For ARM TrustZone, the closest piece of work to TLR is Nokia's OnBoard Credentials (ObC) [25]. ObC can execute programs written in a modified variant of the LUA scripting language running in an isolated environment protected by TrustZone.…”

Section: Related Workmentioning

confidence: 99%

Using ARM trustzone to build a trusted language runtime for mobile applications

Santos

Raj

Saroiu

et al. 2014

Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems

147

View full text Add to dashboard Cite

This paper presents the design, implementation, and evaluation of the Trusted Language Runtime (TLR), a system that protects the confidentiality and integrity of .NET mobile applications from OS security breaches. TLR enables separating an application's security-sensitive logic from the rest of the application, and isolates it from the OS and other apps. TLR provides runtime support for the secure component based on a .NET implementation for embedded devices. TLR reduces the TCB of an open source .NET implementation by a factor of 78 with a tolerable performance cost. The main benefit of the TLR is to bring the developer benefits of managed code to trusted computing. With the TLR, developers can build their trusted components with the productivity benefits of modern high-level languages, such as strong typing and garbage collection.

show abstract

“…The on-board credentials (ObC) approach is developed by Ekberg et al and Kostiainen et al [32,33]. The authors develop a security architecture for hosting credentials (secret keys and algorithms) on multi-tenant secure hardware platforms.…”

Section: Related Workmentioning

confidence: 99%

Load time code validation for mobile phone Java Cards

Gadyatskaya

Massacci

Nguyen³

et al. 2013

Journal of Information Security and Applications

View full text Add to dashboard Cite

Over-the-air (OTA) application installation and updates have become a common experience for many endusers of mobile phones. In contrast, OTA updates for applications on the secure elements (such as smart cards) are still hindered by the challenging hardware and certification requirements.The paper describes a security framework for Java Card-based secure element applications. Each application can declare a set of services it provides and a set of services it wishes to call, and its own security policy. An on-card checker verifies compliance and enforces the policy; thus an off-card validation of the application is no longer required.The framework has been optimized in order to be integrated with the run-time environment embedded into a concrete card. This integration has been tried and tested by a smart card manufacturer. In this paper we present the formal security model of the approach, its overall architecture and the implementation footprint which can fit on a real secure element. We also report the lessons learned and the intricacies of integrating a research prototype with a protected loader of the manufacturer.

show abstract

On-board credentials with open provisioning

Cited by 78 publications

References 10 publications

The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation

The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation

Using ARM trustzone to build a trusted language runtime for mobile applications

Load time code validation for mobile phone Java Cards

Contact Info

Product

Resources

About