On the Deployment of Mobile Trusted Modules

Schmidt, Andreas; Kuntze, Nicolai; Kasper, Michael

doi:10.1109/wcnc.2008.553

Cited by 30 publications

(18 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that we have designed the architecture in such a way that our technique would be able to use an mtm directly without any change to its working. We envision the deployment of our attestation technique probably as a separate trusted sub-system [28] that acts on behalf of either the service provider or the local owner of the device to provide attestation responses.…”

Section: Discussionmentioning

confidence: 99%

Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform

Nauman

Khan

Zhang

et al. 2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Increasing adoption of smartphones in recent times has begun to attract more and more malware writers towards these devices. Among the most prominent and widely adopted open source software stacks for smartphones is Android that comes with a strong security infrastructure for mobile devices. However, as with any remote platform, a service provider or device owner needs assurance that the device is in a trustworthy state before releasing sensitive information to it. Trusted Computing provides a mechanism of establishing such an assurance. Through remote attestation, tc allows a service provider or a device owner to determine whether the device is in a trusted state before releasing protected data to or storing private information on the phone. However, existing remote attestation techniques cannot be deployed on Android due to the unique, vm-based architecture of the software stack. In this paper, we present an attestation mechanism tailored specifically for Android that can measure the integrity of a device at two levels of granularity. Our approach allows a challenger to verify the integrity of Android not only at the operating system level but also that of code executing on top of the vm. We present the implementation details of our architecture and show through evaluation that our architecture is feasible both in terms of time complexity and battery consumption.

show abstract

Section: Discussionmentioning

confidence: 99%

Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform

Nauman

Khan

Zhang

et al. 2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…They do not provide means for protecting the cellular network from malicious behavior of the User Linux partition. Schmidt et al [25] describe how a trusted mobile platform can be built on a trustworthy platform. The authors employ the Turaya security kernel to run a virtualized legacy operating system (Linux) side-by-side with multiple trusted engines.…”

Section: Related Workmentioning

confidence: 99%

Taming Mr Hayes: Mitigating signaling based attacks on smartphones

Mulliner

Liebergeld

Lange

et al. 2012

IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012)

View full text Add to dashboard Cite

Abstract-Malicious injection of cellular signaling traffic from mobile phones is an emerging security issue. The respective attacks can be performed by hijacked smartphones and by malware resident on mobile phones. Until today there are no protection mechanisms in place to prevent signaling based attacks other than implementing expensive additions to the cellular core network. In this work we present a protection system that resides on the mobile phone. Our solution works by partitioning the phone software stack into the application operating system and the communication partition. The application system is a standard fully featured Android system. On the other side, communication to the cellular network is mediated by a flexible monitoring and enforcement system running on the communication partition. We implemented and evaluated our protection system on a real smartphone. Our evaluation shows that it can mitigate all currently known signaling based attacks and in addition can protect users from cellular Trojans.

show abstract

“…Further, it has been shown, that compartmentalised applications under a hypervisor are also suitable to implement platforms like MTM [29,9,21]. Such compartments are also easy to measure, enabling advanced security features, as shown by, e.g., TruWallet.…”

Section: Related Workmentioning

confidence: 99%

Implementing an application-specific credential platform using late-launched mobile trusted module

Bugiel

Ekberg

2010

Proceedings of the Fifth ACM Workshop on Scalable Trusted Computing

View full text Add to dashboard Cite

Contemporary trusted execution environments provide a good foundation for implementing secure user credentials, but these are not properly bound to the application instances that implement their use. This paper introduces a framework for application-specific credentials and provides a prototype implementation using TCG MTM and DRTM technologies. Measurements and a security analysis is presented for the realised architecture.

show abstract

On the Deployment of Mobile Trusted Modules

Cited by 30 publications

References 4 publications

Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform

Beyond Kernel-Level Integrity Measurement: Enabling Remote Attestation for the Android Platform

Taming Mr Hayes: Mitigating signaling based attacks on smartphones

Implementing an application-specific credential platform using late-launched mobile trusted module

Contact Info

Product

Resources

About