Article

A trusted mobile phone reference architecturevia secure kernel

Authors:
Xinwen Zhang

Samsung Information Systems America

Samsung Information Systems America
View Profile

,
Onur Acıiçmez

Samsung Information Systems America

Samsung Information Systems America
View Profile

,
Jean-Pierre Seifert

Samsung Information Systems America

Samsung Information Systems America
View Profile

STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computingNovember 2007Pages 7–14https://doi.org/10.1145/1314354.1314359

Published:02 November 2007Publication History

STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing

Pages 7–14

ABSTRACT

Driven by the ever increasing information security demands in mobile devices, the Trusted Computing Group (TCG) formed a dedicated group - Mobile Phone Working Group (MPWG). to address the security needs of mobile platforms. Along this direction, the MPWG has recently released a Trusted Mobile Phone Reference Architecture Specification. In order to realize trusted mobile platforms, they adapt well-known concepts like TPM, isolation, integrity measurement, etc. from the trusted PC world - with slight modifications due to the characteristics and resource limitations of mobile devices - into generic mobile phone platforms. The business needs of mobile phone industry mandate 4 different stakeholders(platform owners): device manufacturer, cellular service provider, general service provider, and of course the end-user. The specification requires separate trusted and isolated operational domains, so called Trusted Engines, for each of these stakeholders. Although the TCG MPWG does not explicitly prescribe a specific technical realization of these Trusted Engines, a general perception suggests reusing the very well established (Trusted) Virtualization concept from corresponding PC architectures. However, despite of all its merits, the current "resource devourer" Virtualization is not very well suited for mobile devices. Thus, in this paper, we propose another isolation technique, which is specifically crafted for mobile phone platforms and respects its resource limitations. We achieve this goal by realizing the TCG's Trusted Mobile Phone specification by leveraging SELinux which provides a generic domain isolation concept at the kernel level. Additional to harnessing the potential of SELinux to realize mobile phone specific (isolated) operational domains, we are also able to seamlessly integrate the important integrity measurement and verification concept into our SELinux-based Trusted Mobile Phone architecture. This is achieved by defining some SELinux policy language extensions. Thus, the present paper provides a novel, efficient and inherently secure TCG-aware Mobile Phone reference architecture

References

M. Alam, M. Hafner, J.-P. Seifert, and X. Zhang. Extending SELinux Policy Model and Enforcement Architecture for Trusted Platforms Paradigms. In Annual SELinux Symposium 2007.Google Scholar
Apparmor. http://en.opensuse.org/AppArmor.Google Scholar
J. Brizek, M. Khan, J.-P. Seifert, and D. A. Wheeler. A Platform-level Trust-Architecture for Hand-held Devices. In CRASH (2005).Google Scholar
CDS Framework IDE. http://oss.tresys.com/projects/cdsframework.Google Scholar
T. Eisenbarth, T. Güneysu, C. Paar, A. R. Sadeghi, D. Schellekens, and M. Wolf. Reconfigurable Trusted Computing in Hardware. In ACM STC '07. Google ScholarDigital Library
HP NetTop: A technical overview. http://h20338.www2.hp.com/enterprise/downloads/ HP_NetTop_Whitepaper2.pdf.Google Scholar
Limo foundation. https://www.limofoundation.org.Google Scholar
NSA Security-Enhanced Linux Example Policy. http://www.nsa.gov/selinux/.Google Scholar
Open Mobile Alliance. http://www.openmobilealliance.org.Google Scholar
Open trusted computing (opentc) consortium. http://www.opentc.net/.Google Scholar
SELinux Reference Policy. http://oss.tresys.com/projects/refpolicy.Google Scholar
The Linux Intrusion Defence System (LIDS). http://www.lids.org/.Google Scholar
Linux phone market opening up? http://www.linuxdevices.com/news/NS8591201260.html, 2007.Google Scholar
TCG mobile reference architecture specification version 1.0. https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobilereference-architecture-1.0.pdf, June 2007Google Scholar
TCG Mobile Trusted Module Specification Version 1.0. https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobiletrusted-module-1.0.pdf, June 2007.Google Scholar
K. Adams and O. Agesen. A comparison of software and hardware techniques for x86 virtualization. In Proceedings of the Twelfth International Conference on Architectural Support for Programming Languages and Operating Systems, pages 2--13, San Jose, CA, USA, October 21-25 2006. Google ScholarDigital Library
D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Mitre Corp. Report No.M74--244, Bedford, Mass., 1975.Google Scholar
K. J. Biba. Integrity considerations for secure computer systems. Technical Report TR-3153, The Mitre Corporation, Bedford, MA, April 1977.Google Scholar
W. Boebert and R. Kain. A practical alternative to hierarchical integrity policies. In Proc. of the 8th National Computer Security Conference, 1985.Google Scholar
D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. In Proceedings of IEEE Symposium on Security and Privacy, pages 184--194, Oakland, CA, May 1987.Google ScholarCross Ref
Department of Defense National Computer Security Center. Department of Defense Trusted Computer Systems Evaluation Criteria, December 1985. DoD 5200.28-STD.Google Scholar
T. Fraser. LOMAC: MAC you can live with. In Proc. of the 2001 Usenix Annual Technical Conference, Jun 2001. Google ScholarDigital Library
T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A virtual machine-based platform for trusted computing. In Proceedings of the 19th ACM Symposium on Operating Systems Principles, pages 193--206, Bolton Landing, New York, USA, October 19-22 2003. Google ScholarDigital Library
T. Jaeger, R. Sailer, and U. Shankar. PRIMA: Policy-reduced integrity measurement architecture. In Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, pages 19--28, June 2006. Google ScholarDigital Library
N. L. Kelem and R. J. Feiertag. A separation model for virtual machine monitors. In IEEE Symposium on Research in Security and Privacy, 1991.Google ScholarCross Ref
P. Loscocco and S. Smalley. Integrating flexible support for security policies into the linux operating system. In Proceedings of USENIX Annual Technical Conference, pages 29--42, June 25-30 2001. Google ScholarDigital Library
K. MacMillan, S. Shimko, C. Sellers, F. Mayer, and A. Wilson. Lessons learned developing cross-domain solutions on selinux. In Proc. of SELinux Symposium, 2006.Google Scholar
F. Mayer, K. MacMillan, and D. Caplan. SELinux by Example: Using Security Enhanced Linux. Prentice Hall, 2007. Google ScholarDigital Library
OMTP. Application security framework. http://www.omtp.org/docs/OMTP_Application_Security_Framework_v2_0.pdf, 2007.Google Scholar
C. J. PeBenito, F. Mayer, and K. MacMillan. Reference policy for security enhanced linux. In Proc. of SELinux Symposium, 2006.Google Scholar
R. Sailer, T. Jaeger, E. Valdez, R. Perez, S. Berger, J. L. Griffin, and L. van Doorn. Building a mac-based security architecture for the xen opensource hypervisor. Technical report, IBM Research Report RC23629, 2005.Google Scholar
J. M. Rushby. Proof of separability: A verification technique for a class of security kernels. In Computing Laboratory, University of Newcastle Upon Tyne, May 5 1981.Google Scholar
A. Sadeghi and C. Stuble. Taming trusted platforms by operating system design. In Proceedings of the 4th International Workshop for Information Security Applications, LNCS 2908, pages 286--302, Berlin, Germany, August 2003.Google Scholar
R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In USENIX Security Symposium, pages 223--238, 2004. Google ScholarDigital Library
J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278--1308, 1975.Google Scholar
A. Wilson. SEFramework: A new policy development framework and tool to support security engineering. In Proc. of SELinux Symposium, 2005.Google Scholar

Index Terms

A trusted mobile phone reference architecturevia secure kernel
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Trusted Computing Based Mobile DRM Authentication Scheme
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 01

Rapid development of mobile communications business leads to greater focus on effective mobile DRM (digital right management) for providing improved content protection. To be able to guarantee DRM policies enforcement, the trusted mobile working ...
Read More
Measuring integrity on mobile phone systems
SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologies

Mobile phone security is a relatively new field that is gathering momentum in the wake of rapid advancements in phone system technology. Mobile phones are now becoming sophisticated smart phones that provide services beyond basic telephony, such as ...
Read More
An Advanced Trusted Platform for mobile phone devices

The intent of trusted computing is to ensure that an information-processing device functions according to expectations. If the device has been designed to offer security protections, then it is reasonable for these expectations to include some assurance ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing
November 2007
82 pages
ISBN:9781595938886
DOI:10.1145/1314354
General Chair:
Peng Ning
NC State University, USA
,
Program Chairs:
Vijay Atluri
Rutgers University, USA
,
Shouhuai Xu
University of Texas, San Antonio, USA
,
Moti Yung
Columbia University, USA
Copyright © 2007 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 2 November 2007
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
SELinux
isolation
secure kernel
security architecture
trusted mobile computing
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate17of31submissions,55%
Upcoming Conference
CCS '24

Sponsor:

sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 33
  Total Citations
  View Citations
- 1,233
  Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A trusted mobile phone reference architecturevia secure kernel

STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

Trusted Computing Based Mobile DRM Authentication Scheme

Measuring integrity on mobile phone systems

An Advanced Trusted Platform for mobile phone devices