ITU

A Practical Hardware-Assisted Approach to Customize Trusted Boot for Mobile Devices

Research output: Journal Article or Conference Article in JournalConference articleResearchpeer-review

Standard

A Practical Hardware-Assisted Approach to Customize Trusted Boot for Mobile Devices. / Gonzalez, Javier; Hölzl, Michael; Riedl, Peter; Bonnet, Philippe; Mayrhofer, René.

In: Lecture Notes in Computer Science, Vol. 8783, 2014, p. 542-554.

Research output: Journal Article or Conference Article in JournalConference articleResearchpeer-review

Harvard

APA

Vancouver

Author

Bibtex

@inproceedings{f70fbbae3882419780b12a0adfb18575,
title = "A Practical Hardware-Assisted Approach to Customize Trusted Boot for Mobile Devices",
abstract = "Current efforts to increase the security of the boot sequence for mobile devices fall into two main categories: (i) secure boot: where each stage in the boot sequence is evaluated, aborting the boot process if a non expected component attempts to be loaded; and (ii) trusted boot: where a log is maintained with the components that have been loaded in the boot process for later audit. The first approach is often criticized for locking down devices, thus reducing users{\textquoteright} freedom to choose software. The second lacks the mechanisms to enforce any form of run-time verification. In this paper, we present the architecture for a two-phase boot verification that addresses these shortcomings. In the first phase, at boot-time the integrity of the bootloader and OS images are verified and logged; in the second phase, at run-time applications can check the boot traces and verify that the running software satisfies their security requirements. This is a first step towards supporting usage control primitives for running applications. Our approach relies on off-the-shelf secure hardware that is available in a multitude of mobile devices: ARM TrustZone as a Trusted Execution Environment, and Secure Element as a tamper-resistant unit.",
author = "Javier Gonzalez and Michael H{\"o}lzl and Peter Riedl and Philippe Bonnet and Ren{\'e} Mayrhofer",
note = "ISBN 978-3-319-13256-3",
year = "2014",
doi = "10.1007/978-3-319-13257-0_35",
language = "English",
volume = "8783",
pages = "542--554",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer",

}

RIS

TY - GEN

T1 - A Practical Hardware-Assisted Approach to Customize Trusted Boot for Mobile Devices

AU - Gonzalez, Javier

AU - Hölzl, Michael

AU - Riedl, Peter

AU - Bonnet, Philippe

AU - Mayrhofer, René

N1 - ISBN 978-3-319-13256-3

PY - 2014

Y1 - 2014

N2 - Current efforts to increase the security of the boot sequence for mobile devices fall into two main categories: (i) secure boot: where each stage in the boot sequence is evaluated, aborting the boot process if a non expected component attempts to be loaded; and (ii) trusted boot: where a log is maintained with the components that have been loaded in the boot process for later audit. The first approach is often criticized for locking down devices, thus reducing users’ freedom to choose software. The second lacks the mechanisms to enforce any form of run-time verification. In this paper, we present the architecture for a two-phase boot verification that addresses these shortcomings. In the first phase, at boot-time the integrity of the bootloader and OS images are verified and logged; in the second phase, at run-time applications can check the boot traces and verify that the running software satisfies their security requirements. This is a first step towards supporting usage control primitives for running applications. Our approach relies on off-the-shelf secure hardware that is available in a multitude of mobile devices: ARM TrustZone as a Trusted Execution Environment, and Secure Element as a tamper-resistant unit.

AB - Current efforts to increase the security of the boot sequence for mobile devices fall into two main categories: (i) secure boot: where each stage in the boot sequence is evaluated, aborting the boot process if a non expected component attempts to be loaded; and (ii) trusted boot: where a log is maintained with the components that have been loaded in the boot process for later audit. The first approach is often criticized for locking down devices, thus reducing users’ freedom to choose software. The second lacks the mechanisms to enforce any form of run-time verification. In this paper, we present the architecture for a two-phase boot verification that addresses these shortcomings. In the first phase, at boot-time the integrity of the bootloader and OS images are verified and logged; in the second phase, at run-time applications can check the boot traces and verify that the running software satisfies their security requirements. This is a first step towards supporting usage control primitives for running applications. Our approach relies on off-the-shelf secure hardware that is available in a multitude of mobile devices: ARM TrustZone as a Trusted Execution Environment, and Secure Element as a tamper-resistant unit.

U2 - 10.1007/978-3-319-13257-0_35

DO - 10.1007/978-3-319-13257-0_35

M3 - Conference article

VL - 8783

SP - 542

EP - 554

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -

ID: 80167803