TEEv: virtualizing trusted execution environments on mobile platforms

Li, Wenhao; Xia, Yubin; Lu, Long; Chen, Haibo; Zang, Binyu

doi:10.1145/3313808.3313810

Cited by 27 publications

(16 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This way, a need for a more effective solution arises in order to maintain the security of each trusted application. In [ 91 , 112 ], the researchers have identified this issue and they proposed a TEE virtualization (TEEv) architecture that supports multiple isolated and restricted TEE instances running under the same CPU with a minimal hypervisor. TEEv allows different TEE implementations to run in isolation on the same smartphone and to host their own set of trusted applications.…”

Section: Discussion and Observationsmentioning

confidence: 99%

Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

Koutroumpouchos

Ntantogian

Xenakis

2021

Sensors

View full text Add to dashboard Cite

TrustZone-based Trusted Execution Environments (TEEs) have been utilized extensively for the implementation of security-oriented solutions for several smart intra and inter-connected devices. Although TEEs have been promoted as the starting point for establishing a device root of trust, a number of published attacks against the most broadly utilized TEE implementations request a second view on their security. The aim of this research is to provide an analytical and educational exploration of TrustZone-based TEE vulnerabilities with the goal of pinpointing design and implementation flaws. To this end, we provide a taxonomy of TrustZone attacks, analyze them, and more importantly derive a set of critical observations regarding their nature. We perform a critical appraisal of the vulnerabilities to shed light on their underlying causes and we deduce that their manifestation is the joint effect of several parameters that lead to this situation. The most important ones are the closed implementations, the lack of security mechanisms, the shared resource architecture, and the absence of tools to audit trusted applications. Finally, given the severity of the identified issues, we propose possible improvements that could be adopted by TEE implementers to remedy and improve the security posture of TrustZone and future research directions.

show abstract

Section: Discussion and Observationsmentioning

confidence: 99%

Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

Koutroumpouchos

Ntantogian

Xenakis

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…TEEv [78] PrOS [79] SANCTUARY [80] Ginseng [81] K. Ryan [61] Table VIII Examples of representative papers that contribute with relevant defense techniques (Dxx) for overcoming reported TrustZone-assisted TEE issues. For architectural issues, filled circle in attack surface, world isolation, memory protection, or trust bootstrapping: the paper proposes D01, D02, D03, D04, respectively.…”

Section: Defenses For Trustzone-assisted Teesmentioning

confidence: 99%

“…OSP [70], PrivateZone [76], and vTZ [3] instead, explore the hardware virtualization extensions available in NW (NS-EL2) to implement isolated environments. A second line of research retains TAs within the SW but aims to strengthen the isolation between them, e.g., TEEv [78] and PrOS [79] implement a minimalist hypervisor in SW, allowing TAs to run on multiple isolated secure guest OSes. Due to the current lack of hardware virtualization support in SW, both systems use same-privilege isolation to secure the hypervisor from secure guest OSes.…”

Section: D01 Multi-isolated Environmentsmentioning

confidence: 99%

“…TFence [75] further removes this kernel dependency by creating a partially privileged process -a shielded portion of the REE application processwhich can directly communicate with TEE. Both TEEv [78] and SANCTUARY [80] implement exclusive shared memory, and PrivateZone [76] enables communication without sharing memory, i.e. through data copies.…”

Section: D01 Multi-isolated Environmentsmentioning

confidence: 99%

See 1 more Smart Citation

SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems

Cerdeira

Santos

Fonseca

et al. 2020

2020 IEEE Symposium on Security and Privacy (SP)

115

View full text Add to dashboard Cite

Hundreds of millions of mobile devices worldwide rely on Trusted Execution Environments (TEEs) built with Arm TrustZone for the protection of security-critical applications (e.g., DRM) and operating system (OS) components (e.g., Android keystore). TEEs are often assumed to be highly secure; however, over the past years, TEEs have been successfully attacked multiple times, with highly damaging impact across various platforms. Unfortunately, these attacks have been possible by the presence of security flaws in TEE systems. In this paper, we aim to understand which types of vulnerabilities and limitations affect existing TrustZone-assisted TEE systems, what are the main challenges to build them correctly, and what contributions can be borrowed from the research community to overcome them. To this end, we present a security analysis of popular TrustZone-assisted TEE systems (targeting Cortex-A processors) developed by Qualcomm, Trustonic, Huawei, Nvidia, and Linaro. By studying publicly documented exploits and vulnerabilities as well as by reverse engineering the TEE firmware, we identified several critical vulnerabilities across existing systems which makes it legitimate to raise reasonable concerns about the security of commercial TEE implementations.

show abstract

“…secTEE [44] proposes an Enclave-like design in SW to isolate the security-critical services from other SW softwares. TEEv [33] and PrOS [32] introduce the virtualization technology to the SW through the softwarebased isolation. However, these works import the third-party executable code into SW and enlarge the TCB.…”

Section: Previous Solutionsmentioning

confidence: 99%

App Developer Centric Trusted Execution Environment

Sun¹,

Wang²,

Wu³

et al. 2021

Preprint

View full text Add to dashboard Cite

ARM TrustZone is the de-facto hardware TEE implementation on mobile devices like smartphones. As a vendor-centric TEE, Trust-Zone greatly overlooks the strong protection demands and requirements from the App developers. Several security solutions have been proposed to enable the TEE-assisted isolation in the Normal World of ARM, attempting to balance the security and usability. However, they are still not full-fledged in serving Apps' needs. In this paper, we introduce LEAP which is a lightweight App developer Centric TEE solution in the Normal World. LEAP offers the auto DevOps tool to help developers to prepare the codes running on it, enables isolated codes to execute in parallel and access peripheral (e.g. mobile GPUs) with ease, and dynamically manage system resources upon Apps' requests. We implement the LEAP prototype on the off-the-shelf ARM platform without any hardware change. We perform the comprehensive analyses and experiments to demonstrate that LEAP is efficient in design, comprehensive in support, and convenient in adoption.

show abstract

TEEv: virtualizing trusted execution environments on mobile platforms

Cited by 27 publications

References 14 publications

Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

Building Trust for Smart Connected Devices: The Challenges and Pitfalls of TrustZone

SoK: Understanding the Prevailing Security Vulnerabilities in TrustZone-assisted TEE Systems

App Developer Centric Trusted Execution Environment

Contact Info

Product

Resources

About