Johannes Winter
ABSTRACT
Security is an emerging topic in the field of mobile and embedded platforms. The Trusted Computing Group (TCG) has outlined one possible approach to mobile platform security by recently extending their set of Trusted Computing specifications with Mobile Trusted Modules (MTMs). The MTM specification [13] published by the TCG is a platform independent approach to Trusted Computing explicitly allowing for a wide range of potential implementations. ARM follows a different approach to mobile platform security, by extending platforms with hardware supported ARM TrustZone security [3] mechanisms. This paper outlines an approach to merge TCG-style Trusted Computing concepts with ARM TrustZone technology in order to build an open Linux-based embedded trusted computing platform.
- Embedded XEN. Available online at: http://sourceforge.net/projects/embeddedxen/.Google Scholar
- Secure Architecture and Implementation of Xen on ARM for Mobile Devices. Presentation slides available online at: http://xensource.com/files/xensummit_4/Secure_Xen_ARM_xen--summit--04_07_Suh.pdf.Google Scholar
- T. Alves and D. Felton. TrustZone: Integrated Hardware and Software Security -- Enabling Trusted Computing in Embedded Systems. Available online at: http://www.arm.com/pdfs/TZ_Whitepaper.pdf, July 2004.Google Scholar
- A. Arcangeli. seccomp. Import into mainstream Linux kernels: http://kernel.org/hg/linux-2.6/file/cfe426c10480/kernel/seccomp.c, 2005.Google Scholar
- ARM. Trustzone api specification, June 2006. PRD29-USGC-000089, v2.0.Google Scholar
- ARM Ltd. TrustZone Technology Overview. Introduction available at: http://www.arm.com/products/esd/trustzone_home.html.Google Scholar
- ARM Ltd. ARM1176JZF--S Technical Reference Manual, Revision: r0p7. Available online at: http://infocenter.arm.com/help/topic/com.arm.doc.ddi0301g/DDI0301G_arm1176jzfs_r0p7_trm.pdf, 2008.Google Scholar
- F. Bellard. Qemu open source processor emulator. Available online at: http://bellard.org/qemu/.Google Scholar
- W. Denk et al. Das u-boot -- the universal boot loader. Available online at: http://www.denx.de/wiki/UBoot/WebHome.Google Scholar
- K. Dietrich. An integrated architecture for trusted computing for java enabled embedded devices. In STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 2--6, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
- S. B. et al. vTPM: Virtualizing the Trusted Platform Module. Available online at: http://www.research.ibm.com/, February 14 2006.Google Scholar
- T. C. G. .-M. W. Group. TCG Mobile Reference Architecture Version 1.0 Revision 1. Specification available online at: https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf, 12 June 2007.Google Scholar
- T. C. G. .-M. W. Group. TCG Mobile Trusted Module Sepecification Version 1 rev. 1.0. Specification available online at: https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-trusted-module-1.0.pdf, 12 June 2007.Google Scholar
- T. C. G.-T. W. Group. TCG Software Stack (TSS) Specification Version 1.2 Level 1. Specification available online at: https://www.trustedcomputinggroup.org/specs/TSS/TSS_Version_1.2_Level_1_FINAL.pdf, 6 January 2006. Part1: Commands and Structures.Google Scholar
- T. C. G.-T. W. Group. TPM Main Part 2 Structures. Specification available at: https://www.trustedcomputinggroup.org/specs/TPM/mainP2Structrev103.zip, 9 July 2007. Specification version 1.2 Level 2 Revision 103.Google Scholar
- T. C. G.-T. W. Group. TPM Main Part 3 Commands. Specification available online at: https://www.trustedcomputinggroup.org/specs/TPM/mainP3Commandsrev103.zip, 9 July 2007. Specification version 1.2 Level 2 Revision 103.Google Scholar
- M.K. Jan-Erik Ekberg. MTM implementation on the TPM emulator. Available online at: http://hemviken.fi/mtm/index.html.Google Scholar
- M. K. Jan-Erik Ekberg. Mobile Trusted Module (MTM) -- an introduction. Available online at: http://research.nokia.com/files/NRCTR2007015.pdf, November 14 2007.Google Scholar
- O. K. Labs. OKL4. Available only at: http://www.ok-labs.com/products/okl4.Google Scholar
- O. K. Labs. OKL4 microkernel source code, release 1.5.2. Available online at: http://wiki.ok-labs.com/images/2/20/Okl4_release_1.5.2.tar.gz.Google Scholar
- A. U. Schmidt, N. Kuntze, and M. Kasper. On the deployment of mobile trusted modules, 2007.Google Scholar
- M. Strasser. TPM Emulator. Software package available at: http://tpm--emulator.berlios.de/.Google Scholar
- L. Torvalds et al. The linux kernel archives. Available online at: http://www.kernel.org/.Google Scholar
- P. Wilson, A. Frey, T. Mihm, D. Kershaw, and T. Alves. Implementing embedded security on dual-virtual-cpu systems. IEEE Design and Test of Computers, 24(6):582--591, 2007. Google ScholarDigital Library
- XEN Hypervisor. Available online at: http://xen.org/.Google Scholar
- X. Zhang, O. Aciicmez, and J.-P. Seifert. A trusted mobile phone reference architecture via secure kernel. In STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 7--14, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
Index Terms
- Trusted computing building blocks for embedded linux-based ARM trustzone platforms
Recommendations
Implementation Aspects of Mobile and Embedded Trusted Computing
Trust '09: Proceedings of the 2nd International Conference on Trusted ComputingNowadays, trusted platform modules (TPMs) are usually deployed together with desktop PCs and notebooks. However, these platforms are not the only ones that can host TPMs. Mobile and embedded platforms like cell phones can also host TPMs but may have ...
Trusted mobile computing
Nowadays, smartphones are able to process large amounts of data enabling the use of applications for personal or professional use. In these contexts, the smartphone needs to process, store and transfer sensitive data in a secure way. Encryption is a ...
Comments