No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Trusted Execution Environment: What It is, and What It is Not
... In summary, arXiv:2502.18535v1 [cs.CR] 25 Feb 2025 due to the trust and data privacy concerns between clients and machine learning service providers, there is a need for privacypreserving solutions that allow the encrypted data of clients to be used in machine learning tasks while preventing attacks and fraudulent activities on the models of ML service providers, serving trust assurances [5]. ...
... However, FL has a significant vulnerability: it cannot prevent participants from submitting false or malicious data, which can irreparably compromise the final trained model. TEE [25] is a secure, independent processing environment with computation and storage capabilities, designed to provide robust security and integrity protection. It utilizes isolated memory to store private data and perform computations, ensuring that only authorized interfaces can access the data. ...
As machine learning technologies advance rapidly across various domains, concerns over data privacy and model security have grown significantly. These challenges are particularly pronounced when models are trained and deployed on cloud platforms or third-party servers due to the computational resource limitations of users' end devices. In response, zero-knowledge proof (ZKP) technology has emerged as a promising solution, enabling effective validation of model performance and authenticity in both training and inference processes without disclosing sensitive data. Thus, ZKP ensures the verifiability and security of machine learning models, making it a valuable tool for privacy-preserving AI. Although some research has explored the verifiable machine learning solutions that exploit ZKP, a comprehensive survey and summary of these efforts remain absent. This survey paper aims to bridge this gap by reviewing and analyzing all the existing Zero-Knowledge Machine Learning (ZKML) research from June 2017 to December 2024. We begin by introducing the concept of ZKML and outlining its ZKP algorithmic setups under three key categories: verifiable training, verifiable inference, and verifiable testing. Next, we provide a comprehensive categorization of existing ZKML research within these categories and analyze the works in detail. Furthermore, we explore the implementation challenges faced in this field and discuss the improvement works to address these obstacles. Additionally, we highlight several commercial applications of ZKML technology. Finally, we propose promising directions for future advancements in this domain.
... Moreover, the development of more secure and resilient architectures and protocols for edge-based LLMs is crucial to prevent unauthorized access, tampering, and attacks on these systems [5]. This includes the use of trusted execution environments (TEEs) [50], blockchain-based authentication and access control [37], and anomaly detection and mitigation techniques [28]. Additionally, the incorporation of explainable and interpretable AI techniques [51] can enhance the transparency and accountability of edge-based LLMs, enabling users to understand and trust the decisions and actions of these systems. ...
The advent of large language models (LLMs) has revolutionized natural language processing, enabling unprecedented capabilities in text generation, reasoning, and human-machine interaction. However, their deployment on resource-constrained edge devices presents significant challenges due to high computational complexity, large model sizes, and stringent latency and privacy requirements. This survey provides a comprehensive examination of the emerging field of edge-based LLMs, exploring the techniques, frameworks, hardware solutions, and real-world applications that enable their efficient deployment at the edge. We review key strategies such as model quantization, pruning, knowledge distillation, and adapter tuning, alongside edge-cloud collaborative architectures like EdgeShard, Edge-LLM, and PAC. Additionally, we analyze hardware acceleration solutions, including Cambricon-LLM, AxLaM, and DTATrans/DTQAtten, and their role in overcoming resource limitations. The survey highlights diverse applications, from IoT and smart cities to personalized services and multi-modal intelligence, supported by case studies of real-world deployments. Finally, we discuss open challenges-such as resource efficiency, privacy, security, and scalability-and propose future research directions to advance this transformative technology.
... Despite their effectiveness, both methods face high resource demands, posing challenges for widespread implementation. In the realm of trusted computing, (Ali-Eldin, 2022) and (Braeken et al., 2024) demonstrated the potential of hardware-level isolation protection using Trusted Execution Environments (TEE) (Costan, 2016;Sabt et al., 2015), and proposed MPVCNet, which innovatively combines visual cryptography with trusted computing for secure medical image transmission and privacy protection. However, these methods still exhibit limitations in handling data heterogeneity and timeliness within medical scenarios. ...
With the proliferation of multi-source data and heightened privacy protection demands, securing data while preserving privacy has emerged as a critical challenge for organizations. Current multi-source data analysis approaches frequently fail to adequately capture temporal dependencies and inter-data correlations, limiting their ability to identify patterns and forecast trends effectively. To address these challenges, this paper proposes the Federated Trusted Network (FTN), which combines a Variable Forgetting LSTM module (VF-LSTM) and a Heterogeneous Aggregation GCN module (HA-GCN). The VF-LSTM module introduces a dynamic forgetting mechanism to flexibly capture temporal dependencies across different data types, while the HA-GCN module mines inherent correlations between different types of data through meta-path-based feature aggregation. Furthermore, FTN ensures data privacy and security by deploying trusted computing technology on local models across different application scenarios. Secure aggregation techniques are employed to integrate local model updates and generate a global model on the central server, enabling the identification of cross-domain patterns and insights. Across three healthcare scenarios, FTN demonstrates superior performance with ACC improvements of 1.1-1.3% and F1 improvements of 1.7-2.3% compared to state-of-the-art models. In the hospital healthcare scenario, FTN achieves 93.7% ACC and 93.1% F1 while maintaining privacy protection. These results validate FTN’s effectiveness in addressing temporal dependency and data correlation challenges.
... A TEE is a secure and tamper-resistant processing environment, which guarantees the authenticity and integrity of the system's dynamic state as well as code and data confidentiality [9]. ARM TrustZone [1] provides hardware support for several TEEs on ARMbased systems. ...
The ever-evolving computing landscape gets more complex in every moment and the need for heterogeneous compute systems becomes more relevant. As the usability of such systems grew, finding methods for securing them became more relevant. Commercial vendors already introduced Trusted Execution Environments (TEEs) for those systems. TEEs serve the need for isolation, where sensitive data are processed in a secure world, and non-trusted applications are executed in the normal world. In this paper, we introduce Through Fabric: a novel attack against TEE-enhanced FPGA-MPSoCs. We show that existing benign hardware accelerators can be manipulated from the secure world to implement a temperature-based covert channel. We successfully run this attack on a commercial FPGA-MPSoC within the OP-TEE environment without additional access rights. We use an open-source implementation of AES for the accelerator and we reach a transmission speed of 2 bits per second with bit error rate of 1.9% and packet error rate of 4.3%. We are the first to show that a TEE can be bypassed on FPGA-MPSoCs via temperature-based covert channel communication.
... Some of these attack vectors are also made possible due to the inherent untrustworthiness of the aggregator's host machine. To address this lack of trust Trusted Execution Environment (TEE) [31,40] have emerged. TEEs, with their controlled enclaves, contain a verification mechanism to ensure that only the program designated to handle a data runs inside, thus preserving the privacy of the client's data. ...
The privacy vulnerabilities of the federated learning (FL) paradigm, primarily caused by gradient leakage, have prompted the development of various defensive measures. Nonetheless, these solutions have predominantly been crafted for and assessed in the context of synchronous FL systems, with minimal focus on asynchronous FL. This gap arises in part due to the unique challenges posed by the asynchronous setting, such as the lack of coordinated updates, increased variability in client participation, and the potential for more severe privacy risks. These concerns have stymied the adoption of asynchronous FL. In this work, we first demonstrate the privacy vulnerabilities of asynchronous FL through a novel data reconstruction attack that exploits gradient updates to recover sensitive client data. To address these vulnerabilities, we propose a privacy-preserving framework that combines a gradient obfuscation mechanism with Trusted Execution Environments (TEEs) for secure asynchronous FL aggregation at the network edge. To overcome the limitations of conventional enclave attestation, we introduce a novel data-centric attestation mechanism based on Multi-Authority Attribute-Based Encryption. This mechanism enables clients to implicitly verify TEE-based aggregation services, effectively handle on-demand client participation, and scale seamlessly with an increasing number of asynchronous connections. Our gradient obfuscation mechanism reduces the structural similarity index of data reconstruction by 85% and increases reconstruction error by 400%, while our framework improves attestation efficiency by lowering average latency by up to 1500% compared to RA-TLS, without additional overhead.
... As it will be shown in Section 5.3, several WebAssembly usecases and enhancements entail an integration with processor security features. A trusted execution environment (TEE) is a hardened memory section of the processor aimed at protecting the confidentiality and integrity of both code and data [38]. One of the most utilized technologies that implement TEEs is the Intel Security Guard Extension (SGX) [39]. ...
WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its capabilities are extensively exploited in multiple and heterogeneous use-case scenarios. With the extensive effort of the community, new toolkits make the use of this technology more suitable for real-world applications. In this context, it is crucial to study the liaisons between the WebAssembly ecosystem and software security. Indeed, WebAssembly can be a medium for improving the security of a system, but it can also be exploited to evade detection systems or for performing crypto-mining activities. In addition, programs developed in low-level languages such as C can be compiled in WebAssembly binaries, and it is interesting to evaluate the security impacts of executing programs vulnerable to attacks against memory in the WebAssembly sandboxed environment. Also, WebAssembly has been designed to provide a secure and isolated environment, but such capabilities should be assessed in order to analyze their weaknesses and propose new mechanisms for addressing them. Although some research works have provided surveys of the most relevant solutions aimed at discovering WebAssembly vulnerabilities or detecting attacks, at the time of writing there is no comprehensive review of security-related literature in the WebAssembly ecosystem. We aim to fill this gap by proposing a comprehensive review of research works dealing with security in WebAssembly. We analyze 147 papers by identifying seven different security categories.
We hope that our work will provide insights into the complex landscape of WebAssembly and guide researchers, developers, and security professionals towards novel avenues in the realm of the WebAssembly ecosystem.
... -Mobile devices, e.g., Motorola [51], Huawei [29], and others, use a RoT to establish trust in the device's boot process. This is critical for maintaining the security and integrity of mobile devices, which are often used to access sensitive information. ...
The proliferation of Internet of Things and cyberphysical systems has introduced unprecedented challenges in ensuring the integrity and confidentiality of critical data, making robust security mechanisms essential. There are several mechanisms intended to assure trust with respect to the software loaded into the system and the trustworthiness of the boot process. These mechanisms start from a Root of Trust (RoT), from where all the other trusts, e.g., for components and software are derived. As part of the RoT, a Secure Storage is needed. This Secure Storage can be considered as part of the RoT or considered a separate component. After a RoT is established, a Trusted Boot can be performed. The execution of computational processes can then be supported by using separate execution zones (Zone Isolation). More complex trust functions such as remote attestation can be performed by a Trusted Platform Module(TPM). In this paper, we propose security patterns for these components. The abstraction power of patterns can be used to define the basic aspects that each of these components must have, thus serving as reference for designers and for security evaluation.
... With the expansion of IoT and edge intelligence computing, ensuring the security and privacy of the massive amount of data generated and processed by these devices has become a significant challenge [14]. Trusted Execution Environment (TEE) provides a secure, isolated space within a processor where sensitive data and code can be processed, safeguarding them from unauthorized access or tampering [15]. TEE is crucial for protecting the growing volume of sensitive data generated by billions of interconnected devices in IoT. ...
With the extensive deployment and application of the Internet of Things (IoT), 5G and 6G technologies and edge intelligence, the volume of data generated by IoT and the number of intelligence applications derived from these data are rapidly growing. However, the absence of effective mechanisms to safeguard the vast data generated by IoT, along with the security and privacy of edge intelligence applications, hinders their further development and adoption. In recent years, Trusted Execution Environment (TEE) has emerged as a promising technology for securing cloud data storage and cloud processing, demonstrating significant potential for ensuring data and application confidentiality in more scenarios. Nevertheless, applying TEE technology to enhance security in IoT and edge intelligence scenarios still presents several challenges. This paper investigates the technical challenges faced by current TEE solutions, such as performance overhead and I/O security issues, in the context of the resource constraints and data mobility that are inherent to IoT and edge intelligence applications. Using Intel Software Guard Extensions (SGX) technology as a case study, this paper validates these challenges through extensive experiments. The results provide critical assessments and analyses essential for advancing the development and usage of TEE in IoT and edge intelligence scenarios.
... Critical operations can take place in a "safe space" created by a TEE, which isolates data and programs inside a private enclave within the main CPU. In cloud computing, TEEs can be utilized to offer secure operating environments, protecting sensitive activities from users and various cloud services [7]. ...
Focussing on two different use cases-Quality Control methods in industrial contexts and Neural Network algorithms for healthcare diagnostics-this research investigates the inclusion of Fully Homomorphic Encryption into real-world applications in the healthcare sector. We evaluate the performance, resource requirements, and viability of deploying FHE in these settings through extensive testing and analysis, highlighting the progress made in FHE tooling and the obstacles still facing addressing the gap between conceptual research and practical applications. We start our research by describing the specific case study and trust model were working with. Choosing the two FHE frameworks most appropriate for industry development, we assess the resources and performance requirements for implementing each of the two FHE frameworks in the first scenario, Quality Control algorithms. In conclusion, our findings demonstrate the effectiveness and resource consumption of the two use cases-complex NN models and simple QC algorithms-when implemented in an FHE setting.
... An alternative to software-based encryption is using Trusted Execution Environments (TEEs) [97]. TEEs provide confidentiality and integrity at the hardware level by creating isolated secure environments, or enclaves, ensuring more robust isolation than virtualization-based techniques [60,67]. ...
Key-Value Stores (KVSs) are No-SQL databases that store data as key-value pairs and have gained popularity due to their simplicity, scalability, and fast retrieval capabilities. However, storing sensitive data in KVSs requires strong security properties to prevent data leakage and unauthorized tampering. While software (SW)-based encryption techniques are commonly used to maintain data confidentiality and integrity, they suffer from several drawbacks. They strongly assume trust in the hosting system stack and do not secure data during processing unless using performance-heavy techniques (e.g., homomorphic encryption). Alternatively, Trusted Execution Environments (TEEs) provide a solution that enforces the confidentiality and integrity of code and data at the CPU level, allowing users to build trusted applications in an untrusted environment. They also secure data in use by providing an encapsulated processing environment called enclave. Nevertheless, TEEs come with their own set of drawbacks, including performance issues due to memory size limitations and CPU context switching. This paper examines the state of the art in TEE-based confidential KVSs and highlights common design strategies used in KVSs to leverage TEE security features while overcoming their inherent limitations. This work aims to provide a comprehensive understanding of the use of TEEs in KVSs and to identify research directions for future work.
... Secure computation. Trusted execution environments (TEE) create secure environments on the processors to safeguard data and calculations from untrusted administrative domains [71]. Systems such as ShuffleFL [94], Flatee [61], GradSec [59] and Papaya [42] use secure hardware for enhancing the privacy of model updates. ...
Decentralized learning (DL) enables collaborative learning without a server and without training data leaving the users' devices. However, the models shared in DL can still be used to infer training data. Conventional defenses such as differential privacy and secure aggregation fall short in effectively safeguarding user privacy in DL, either sacrificing model utility or efficiency. We introduce Shatter, a novel DL approach in which nodes create virtual nodes (VNs) to disseminate chunks of their full model on their behalf. This enhances privacy by (i) preventing attackers from collecting full models from other nodes, and (ii) hiding the identity of the original node that produced a given model chunk. We theoretically prove the convergence of Shatter and provide a formal analysis demonstrating how Shatter reduces the efficacy of attacks compared to when exchanging full models between nodes. We evaluate the convergence and attack resilience of Shatter with existing DL algorithms, with heterogeneous datasets, and against three standard privacy attacks. Our evaluation shows that Shatter not only renders these privacy attacks infeasible when each node operates 16 VNs but also exhibits a positive impact on model utility compared to standard DL. In summary, Shatter enhances the privacy of DL while maintaining the utility and efficiency of the model.
... The later framework includes the Trusted Execution Environment (TEE) with the previous framework that provides a secure environment for the user to enter the data into the blockchain network [12], [13] . The TEE adds a secure environment for cryptographic operations that gives protection to cryptographic failures and broken authentication more efficiently and protects against security misconfiguration, web security vulnerabilities and humanrelated vulnerabilities also. ...
... However, the underlying system must meet specific hardware requirements to support secure enclaves, which may limit their adoption. A closely related concept is trusted execution environments (TEEs) (Sabt et al., 2015), which define a secure area of the main system processor and allow isolated execution of applications. The main difference between a security enclave and a TEE is that the former is hardware-based, whereas a TEE can be implemented either in hardware or software. ...
... An alternative to software-based encryption is using Trusted Execution Environments (TEEs) [95]. TEEs provide confidentiality and integrity at the hardware level by creating isolated secure environments, or enclaves, ensuring more robust isolation than virtualization-based techniques [58,65]. ...
Key-Value Stores (KVSs) are No-SQL databases that store data as key-value pairs and have gained popularity due to their simplicity, scalability, and fast retrieval capabilities. However, storing sensitive data in KVSs requires strong security properties to prevent data leakage and unauthorized tampering. While software (SW)-based encryption techniques are commonly used to maintain data confidentiality and integrity, they suffer from several drawbacks. They strongly assume trust in the hosting system stack and do not secure data during processing unless using performance-heavy techniques (e.g.,homomorphic encryption). Alternatively, Trusted Execution Environments (TEEs) provide a solution that enforces the confidentiality and integrity of code and data at the CPU level, allowing users to build trusted applications in an untrusted environment. They also secure data in use by providing an encapsulated processing environment called enclave. Nevertheless, TEEs come with their own set of drawbacks, including performance issues due to memory size limitations and CPU context switching. This paper examines the state of the art in TEE-based confidential KVSs and highlights common design strategies used in KVSs to leverage TEE security features while overcoming their inherent limitations. This work aims to provide a comprehensive understanding of the use of TEEs in KVSs and to identify research directions for future work.
... Most, if not all, of the payment solutions have application logic that can be manipulated on the user's device and poses a severe threat. The Trusted Execution Environment (TEE) [23] provides a solution against this threat. A Trusted Execution Environment (TEE) is a secure area within a main processor. ...
The widespread reliance on paper-based currency poses significant drawbacks, such as counterfeiting, lack of transparency, and environmental impacts. While Central Bank Digital Currencies (CBDCs) address many of these issues, their dependence on continuous internet connectivity limits their usability in scenarios with poor or no network access. To overcome such limitations, this paper introduces ElasticPay, a novel Peer-to-Peer (P2P) Offline Digital Payment System that leverages advanced hardware security measures realised through Trusted Platform Modules (TPMs), Trusted Execution Environments (TEEs), and Secure Elements (SEs). ElasticPay ensures transaction privacy, unforgeability, and immediate settlement while preventing double spending. Our approach integrates robust recovery mechanisms and provides a scalable solution for diverse environments. Extensive experimentation validates the system’s reliability and practicality, highlighting its potential to advance secure and inclusive CBDC ecosystems. We demonstrate the proposed solution implementation on the iPhone mobilephone because it has an inbuilt Secure Enclave, which is an integrated implementation of the necessary TPM, TEE, and SE functionalities.
... TEEs represent a promising class of secure hardware which brings security to data storage and data-oriented computations. TEEs achieve security through the creation of a tamper-resistant processing environment [26]. In the last two decades we have witness a proliferation of TEE hardware which is now largely available inside general-public devices such as smartphones and personal computers, and also inside high-end servers. ...
In a rapidly evolving landscape, Personal Data Management Systems (PDMSs) provide individuals with the necessary tools to collect, manage and share their personal data. At the same time, the emergence of Trusted Execution Environments (TEEs) offers a way to address the critical challenge of securing user data while fostering a thriving ecosystem of data-driven applications. In this paper, we employ a PDMS architecture leveraging TEEs as a fundamental security foundation. Unlike conventional approaches, our architecture enables extensible data processing by integrating user-defined functions (UDFs), even from untrusted sources. Our focus is on UDFs involving potentially large sets of personal database objects, with a novel proposal to mitigate the potential risk of data leakage. We introduce security building blocks to impose an upper bound on data leakage and investigate the efficiency of several execution strategies considering different scenarios relevant to personal data management. We validate the proposed solutions through an implementation using Intel SGX on real datasets, demonstrating its effectiveness in achieving secure and efficient computations in diverse environments.
... A TEE is a confidential computing paradigm that is based on hardware isolation and encryption. It offers a tamper-resistant computation environment that runs on a separation kernel [11]. A TEE aims to provide the following guarantees: (i) Data Confidentiality, (ii) Data Integrity, and (iii) Code Integrity. ...
Data de-identification makes it possible to glean insights from data while preserving user privacy. The use of Trusted Execution Environments (TEEs) allow for the execution of de-identification applications on the cloud without the need for a user to trust the third-party application provider. In this paper, we present \textit{SPIDEr - Secure Pipeline for Information De-Identification with End-to-End Encryption}, our implementation of an end-to-end encrypted data de-identification pipeline. SPIDEr supports classical anonymisation techniques such as suppression, pseudonymisation, generalisation, and aggregation, as well as techniques that offer a formal privacy guarantee such as k-anonymisation and differential privacy. To enable scalability and improve performance on constrained TEE hardware, we enable batch processing of data for differential privacy computations. We present our design of the control flows for end-to-end secure execution of de-identification operations within a TEE. As part of the control flow for running SPIDEr within the TEE, we perform attestation, a process that verifies that the software binaries were properly instantiated on a known, trusted platform.
... With the improvement of AI infrastructure, cloud-based AI training is becoming increasingly popular due to its superior efficiency and more stable performance compared to edge devices. Moreover, advances in Trusted Execution Environment (TEE) [5] technology have effectively addressed concerns about data privacy leakage, making cloud-based model training more secure. Leveraging cloud services and TEEs, data owners can securely upload their data to the cloud and perform FL using cloud-based AI services. ...
With advancements in AI infrastructure and Trusted Execution Environment (TEE) technology, Federated Learning as a Service (FLaaS) through JointCloud Computing (JCC) is promising to break through the resource constraints caused by heterogeneous edge devices in the traditional Federated Learning (FL) paradigm. Specifically, with the protection from TEE, data owners can achieve efficient model training with high-performance AI services in the cloud. By providing additional FL services, cloud service providers can achieve collaborative learning among data owners. However, FLaaS still faces three challenges, i.e., i) low training performance caused by heterogeneous data among data owners, ii) high communication overhead among different clouds (i.e., data centers), and iii) lack of efficient resource scheduling strategies to balance training time and cost. To address these challenges, this paper presents a novel asynchronous FL approach named NebulaFL for collaborative model training among multiple clouds. To address data heterogeneity issues, NebulaFL adopts a version control-based asynchronous FL training scheme in each data center to balance training time among data owners. To reduce communication overhead, NebulaFL adopts a decentralized model rotation mechanism to achieve effective knowledge sharing among data centers. To balance training time and cost, NebulaFL integrates a reward-guided strategy for data owners selection and resource scheduling. The experimental results demonstrate that, compared to the state-of-the-art FL methods, NebulaFL can achieve up to 5.71\% accuracy improvement. In addition, NebulaFL can reduce up to 50% communication overhead and 61.94% costs under a target accuracy.
... TEEs are isolated partitions within semiconductors that aim to protect a subset of a device's memory and CPU using the concept of a trusted enclave [SAB15]. Trusted enclaves are hardware based security modules designed to only run code that is cryptographically signed, and encrypted, reducing the risk of the code being altered or read by any other code running externally from the trusted environment [Mic23]. ...
Trusted Execution Environments (TEEs) are critical components of modern secure computing, providing isolated zones in processors to safeguard sensitive data and execute secure operations. Despite their importance, TEEs are increasingly vulnerable to fault injection (FI) attacks, including both physical methods, such as Electromagnetic Fault Injection (EMFI), and software-based techniques. This survey examines these FI methodologies, exploring their ability to disrupt TEE operations and expose vulnerabilities in devices ranging from smartphones and IoT systems to cloud platforms. The study highlights the evolution and effectiveness of non-invasive techniques, such as EMFI, which induce faults through electromagnetic disturbances without physical modifications to hardware, making them harder to detect and mitigate. Real-world case studies illustrate the significant risks posed by these attacks, including unauthorised access, privilege escalation, and data corruption. In addition, the survey identifies gaps in existing TEE security architectures and emphasises the need for enhanced countermeasures, such as dynamic anomaly detection and updated threat models. The findings underline the importance of interdisciplinary collaboration to address these vulnerabilities, involving researchers, manufacturers, and policymakers. This survey provides actionable insights and recommendations to guide the development of more robust TEE architectures in mobile devices, fortify FI resilience, and shape global security standards. By advancing TEE security, this research aims to protect critical digital infrastructure and maintain trust in secure computing systems worldwide.
... Section 4 shifts the focus on the methods of traffic redirection for LiMi and the challenges faced to obtain seamless session-based, long-lived connection handovers. Section 5 presents the state of the art (SOTA) on LiMi, the technical novelty for its democratization to include GPU-dependent AI applications (using CUDA cores [18]), high-performance network interfaces and protocols (for telecommunication core network functions), and applications running on TEE [19]. This section also covers its application in cloud computing, fog computing, and multi-access edge computing (MEC) [20]. ...
Emerging cloud-centric networks span from edge clouds to large-scale datacenters with shared infrastructure among multiple tenants and applications with high availability, isolation, fault tolerance, security, and energy efficiency demands. Live migration (LiMi) plays an increasingly critical role in these environments by enabling seamless application mobility covering the edge-to-cloud continuum and maintaining these requirements. This survey presents a comprehensive survey of recent advancements that democratize LiMi, making it more applicable to a broader range of scenarios and network environments both for virtual machines (VMs) and containers, and analyzes LiMi’s technical underpinnings and optimization techniques. It also delves into the issue of connections handover, presenting a taxonomy to categorize methods of traffic redirection synthesized from the existing literature. Finally, it identifies technical challenges and paves the way for future research directions in this key technology.
Deep neural networks (DNNs) are increasingly used in time-critical, learning-enabled cyber-physical applications such as autonomous driving and robotics. Despite the growing use of various deep learning models, protecting DNN inference from adversarial threats while preserving model privacy and confidentiality remains a key concern for resource and timing-constrained autonomous cyber-physical systems. One potential solution, primarily used in general-purpose systems, is the execution of the DNN workloads within trusted enclaves available on current off-the-shelf processors. However, ensuring temporal guarantees when running DNN inference within these enclaves poses significant challenges in real-time applications due to (a) the large computational and memory demands of DNN models and (b) the overhead introduced by frequent context switches between “normal” and “trusted” execution modes. This paper introduces new time-aware schemes for dynamic (EDF) and fixed-priority (RM) schedulers to preserve the confidentiality of DNN tasks by running them inside trusted enclaves. We first propose a technique that slices each DNN layer and runs them sequentially in the enclave. However, due to the extra context switch overheads of individual layer slices, we further introduce a novel layer fusion technique. Layer fusion improves real-time guarantees by grouping multiple layers of DNN workload from multiple tasks, thus allowing them to fit and run concurrently within the enclaves while maintaining timing constraints. We implemented and tested our ideas on the Raspberry Pi platform running a DNN-enabled trusted operating system (OP-TEE with DarkNet-TZ) and three DNN architectures (AlexNet-squeezed, Tiny Darknet, YOLOv3-tiny). Compared to the layer-wise partitioning approach, layer fusion can (a) schedule up to 3x more tasksets for EDF and 5x for RM and (b) reduce context switches by up to 11.12x for EDF and by up to 11.06x for RM.
In recent years, the widely collected spatial-textual data has given rise to numerous applications centered on spatial keyword queries. However, securely providing spatial keyword query services in an outsourcing environment has been challenging. Existing schemes struggle to enable top- k spatial keyword queries on encrypted data while hiding search, access, and volume patterns, which raises concerns about availability and security. To address the above issue, this paper proposes OBIR-tree, a novel index structure for oblivious (provably hides search, access, and volume patterns) top- k spatial keyword queries on encrypted data. As a tight spatial-textual index tailored from the IR-tree and PathORAM, OBIR-tree can support sublinear search without revealing any useful information. Furthermore, we present extension designs to optimize the query latency of the OBIR-tree: (1) combine the OBIR-tree with hardware secure enclaves ( e.g., Intel SGX) to minimize client-server interactions; (2) build a Real/Dummy block Tree (RDT) to reduce the computational cost of oblivious operations within enclaves. Extensive experimental evaluations on real-world datasets demonstrate that the search efficiency of OBIR-tree outperforms state-of-the-art baselines by 25x ~ 723× and is practical for real-world applications.
In database applications involving sensitive data, the dual imperatives of data confidentiality and provable (verifiable) query processing are important. This paper introduces PoneglyphDB, a database system that leverages non-interactive zero-knowledge proofs (ZKP) to support both confidentiality and provability. Unlike traditional databases, PoneglyphDB enhances confidentiality by ensuring that raw data remains exclusively with the host, while also enabling verifying the correctness of query responses by providing proofs to clients.
The main innovation in this paper is proposing efficient ZKP designs (called circuits) for basic operations in SQL query processing. These basic operation circuits are then combined to form ZKP circuits for larger, more complex queries. PoneglyphDB's circuits are carefully designed to be efficient by utilizing advances in cryptography such as PLONKish-based circuits, recursive proof composition techniques, and designing with low-order polynomial constraints. We demonstrate the performance of PoneglyphDB with the standard TPC-H benchmark. Our experimental results show that PoneglyphDB can efficiently achieve both confidentiality and provability, outperforming existing state-of-the-art ZKP methods.
With the growing demand for enhanced performance and scalability in cloud applications and systems, data center architectures are evolving to incorporate heterogeneous computing fabrics that leverage CPUs, GPUs, and FPGAs. Unlike traditional processing platforms like CPUs and GPUs, FPGAs offer the unique ability for hardware reconfiguration at run-time, enabling improved and tailored performance, flexibility, and acceleration. FPGAs excel at executing large-scale search optimization, acceleration, and signal processing tasks while consuming low power and minimizing latency. Major public cloud providers, such as Amazon, Huawei, Microsoft, Alibaba, and others, have already begun integrating FPGA-based cloud acceleration services into their offerings. Although FPGAs in cloud applications facilitate customized hardware acceleration, they also introduce new security challenges that demand attention. Granting cloud users the capability to reconfigure hardware designs after deployment may create potential vulnerabilities for malicious users, thereby jeopardizing entire cloud platforms. In particular, multi-tenant FPGA services, where a single FPGA is divided spatially among multiple users, are highly vulnerable to such attacks. This paper examines the security concerns associated with multi-tenant cloud FPGAs, provides a comprehensive overview of the related security, privacy and trust issues, and discusses forthcoming challenges in this evolving field of study.
Containerization significantly boosts cloud computing efficiency by reducing resource consumption, enhancing scalability, and simplifying orchestration. Yet, these same features introduce notable security vulnerabilities due to the shared Linux kernel and reduced isolation compared to traditional virtual machines (VMs). This architecture, while resource-efficient, increases susceptibility to software vulnerabilities, exposing containers to potential breaches; a single kernel vulnerability could compromise all containers on the same host. Existing academic research on container security is often theoretical and lacks empirical data on the nature of attacks, exploits, and vulnerabilities. Studies that do look at vulnerabilities often focus on specific types. This lack of detailed data and breadth hampers the development of effective mitigation strategies and restricts insights into the inherent weaknesses of containers. To address these gaps, our study introduces a novel taxonomy integrating academic knowledge with industry insights and real-world vulnerabilities, creating a comprehensive and actionable framework for container security. We analyzed over 200 container-related vulnerabilities, categorizing them into 47 exploit types across 11 distinct attack vectors. This taxonomy not only advances theoretical understanding but also facilitates the identification of vulnerabilities and the implementation of effective mitigation strategies in containerized environments. Our approach enhances the resilience of these environments by mapping vulnerabilities to their corresponding exploits and mitigation strategies, especially in complex, multi-tenant cloud settings. By providing actionable insights, our taxonomy helps practitioners enhance container security. Our findings have identified critical areas for further investigation, thereby laying a comprehensive foundation for future research and improving container security in cloud environments.
When mobile meets LLMs, mobile app users deserve to have more intelligent usage experiences. For this to happen, we argue that there is a strong need to apply LLMs for the mobile ecosystem. We therefore provide a research roadmap for guiding our fellow researchers to achieve that as a whole. In this roadmap, we sum up six directions that we believe are urgently required for research to enable native intelligence in mobile devices. In each direction, we further summarize the current research progress and the gaps that still need to be filled by our fellow researchers.
As the parameter size of large language models (LLMs) continues to expand, there is an urgent need to address the scarcity of high-quality data. In response, existing research has attempted to make a breakthrough by incorporating federated learning (FL) into LLMs. Conversely, considering the outstanding performance of LLMs in task generalization, researchers have also tried applying LLMs within FL to tackle challenges in relevant domains. The complementarity between LLMs and FL has already ignited widespread research interest. In this review, we aim to deeply explore the integration of LLMs and FL. We propose a research framework dividing the fusion of LLMs and FL into three parts: the combination of LLM sub-technologies with FL, the integration of FL sub-technologies with LLMs, and the overall merger of LLMs and FL. We first provide a comprehensive review of the current state of research in the domain of LLMs combined with FL, including their typical applications, integration advantages, challenges faced, and future directions for resolution. Subsequently, we discuss the practical applications of the combination of LLMs and FL in critical scenarios such as healthcare, finance, and education and provide new perspectives and insights into future research directions for LLMs and FL.
Federated multi-task learning (FMTL) has emerged as a promising framework for learning multiple tasks simultaneously with client-aware personalized models. While the majority of studies have focused on dealing with the non-independent and identically distributed (Non-IID) characteristics of client datasets, the issue of task heterogeneity has largely been overlooked. Dealing with task heterogeneity often requires complex models, making it impractical for federated learning in resource-constrained environments. In addition, the varying nature of these heterogeneous tasks introduces inductive biases, leading to interference during aggregation and potentially resulting in biased global models. To address these issues, we propose a hierarchical FMTL framework, referred to as FedBone, to facilitate the construction of large-scale models with improved generalization. FedBone leverages server-client split learning and gradient projection to split the entire model into two components: 1) a large-scale general model (referred to as the general model) on the cloud server, and 2) multiple task-specific models (referred to as client models) on edge clients, accommodating devices with limited compute power. To enhance the robustness of the large-scale general model, we incorporate the conflicting gradient projection technique into FedBone to rectify the skewed gradient direction caused by aggregating gradients from heterogeneous tasks. The proposed FedBone framework is evaluated on three benchmark datasets and one real ophthalmic dataset. The comprehensive experiments demonstrate that FedBone efficiently adapts to the heterogeneous local tasks of each client and outperforms existing federated learning algorithms in various dense prediction and classification tasks while utilizing off-the-shelf computational resources on the client side.
The demand for mobile terminals to participate in data services is increasingly vital. The General Data Protection Regulation (GDPR) has established several principled requirements for data services. Existing studies focusing on data service put emphasis on data privacy and accessibility. However, they face challenges in achieving data forgetability and portability on mobile devices under GDPR and lack consideration of usage control. In this paper, we propose ADSS, an app-level data service scheme for mobile devices that can be
available-but-invisible
and guarantee fine-grained usage control. ADSS addresses the challenges by executing the logic of data usage in the Trusted Execution Environment (TEE) and managing the TEE states (i.e., data usage states) in the blockchain smart contracts. It not only satisfies the requirements of GDPR, ensuring strong security and confidentiality guarantees, but also enables the functionality of “pay-per-use”. We implement a prototype of the ADSS framework based on ARM Trustzone and conduct experimental evaluations. The results demonstrate that our scheme brings high efficiency compared with other data service schemes and exhibits feasibility on mobile-grade devices.
We present the design, implementation and evaluation of the root of trust for the Trusted Execution Environment (TEE) provided by ARM TrustZone based on the on-chip SRAM Physical Unclonable Functions (PUFs). We first implement a building block which provides the foundations for the root of trust: secure key storage and truly random source. The building block doesn't require on or off-chip secure non-volatile memory to store secrets, but provides a high-level security: resistance to physical attackers capable of controlling all external interfaces of the system on chip (SoC). Based on the building block, we build the root of trust consisting of seal/unseal primitives for secure services running in the TEE, and a software-only TPM service running in the TEE which provides rich TPM functionalities for the rich OS running in the normal world of TrustZone. The root of trust resists software attackers capable of compromising the entire rich OS. Besides, both the building block and the root of trust run on the powerful ARM processor. In one word, we leverage the on-chip SRAM, commonly available on mobile devices, to achieve a low-cost, secure, and efficient design of the root of trust.
Mobile devices are frequently used as terminals to interact with many security-critical services such as mobile payment and online banking. However, the large client software stack and the continuous proliferation of malware expose such interaction under various threats, including passive attacks like phishing and active ones like direct code manipulation. This paper proposes TrustUI, a new trusted path design for mobile devices that enables secure interaction between end users and services based on ARM's TrustZone technology. TrustUI is built with a combination of key techniques including cooperative randomization of the trusted path and secure delegation of network interaction. With such techniques, TrustUI not only requires no trust of the commodity software stack, but also takes a step further by excluding drivers for user-interacting devices like touch screen from its trusted computing base (TCB). Hence, TrustUI has a much smaller TCB, requires no access to device driver code, and may easily adapt to many devices. A prototype of TrustUI has been implemented on a Samsung Exynos 4412 board and evaluation shows that TrustUI provides strong protection of users interaction.
Classic two-factor authentication has been around for a long time and has enjoyed success in certain markets (such as the corporate and the banking environ- ment). A reason for this success are the strong security properties, particularly where user interaction is concerned. These properties hinge on a security token being a physi- cally separate device. This paper investigates whether Trusted Execution Environments (TEE) can be used to achieve a comparable level of security without the need to have a separate device. To do this, we introduce a model that shows the security properties of user interaction in two-factor authentication. The model is used to examine two TEE technologies, Intel’s IPT and ARM TrustZone, revealing that, although it is possible to get close to classic two-factor authentication in terms of user interaction security, both technologies have distinct drawbacks. The model also clearly shows an open problem shared by many TEEs: how to prove to the user that they are dealing with a trusted application when trusted and untrusted applications share the same display.
Trusted computing technologies for mobile devices have been researched, developed, and deployed over the past decade. Although their use has been limited so far, ongoing standardization may change this by opening up these technologies for easy access by developers and users. In this survey, we describe the current state of trusted computing solutions for mobile devices from research, standardization, and deployment perspectives.
This paper presents the design, implementation, and evaluation of the Trusted Language Runtime (TLR), a system that protects the confidentiality and integrity of .NET mobile applications from OS security breaches. TLR enables separating an application's security-sensitive logic from the rest of the application, and isolates it from the OS and other apps. TLR provides runtime support for the secure component based on a .NET implementation for embedded devices. TLR reduces the TCB of an open source .NET implementation by a factor of 78 with a tolerable performance cost. The main benefit of the TLR is to bring the developer benefits of managed code to trusted computing. With the TLR, developers can build their trusted components with the productivity benefits of modern high level languages, such as strong typing and garbage collection.
The continuing advancements in microprocessor technologies are putting more and more computing power into small devices. Today smartphones are especially popular. Nevertheless, for resource intensive tasks such devices are still too constrained. However, the simultaneous trend of providing computing resources as a commodity on a pay-as-you-go basis (cloud computing) combined with such mobile devices facilitates interesting applications: Mobile clients can simply outsource resource intensive tasks to the cloud. Since clients have to pay a cloud provider (CP) for consumed resources, e.g. instance hours of virtual machines, clients may consider it as privacy intrusive that the CP is able to record the activity pattern of users, i.e. how often and how much resources are consumed by a specific client. In this paper we present a solution to this dilemma which allows clients to anonymously consume resources of a CP such that the CP is not able to track users' activity patterns. We present a scenario which integrates up-to-date security enhanced platforms as processing nodes and a recent cloud payment scheme together with a concrete implementation supporting the practicality of the proposed approach.
With rapid growth of mobile devices and the emergency of mobile cloud services, it is a trend to use mobile devices for mobile-centric applications, and expand the mobile capabilities and provide needed security by mobile cloud services. However, due to the mobility of the device and the semitrust of the mobile cloud, how to build trust in the mobile applications is a big concern. In this paper, we propose a dual-root trust online transaction model that provides a dualroot trust model including both the user's mobile device and a delegation mobile cloud. We design a dual-root trust protocol by leveraging a modified CP-ABE cryptography and the trust execution environment embedded in a mobile device to provide device-specific transaction confirmations for online transactions initiated by the mobile user. The performance evaluation of the protocol demonstrates that it is a lightweight scheme for mobile devices since most cryptographic functions are delegated from users to the mobile cloud.
In contrast to testing, mathematical reasoning and formal verification can show the absence of whole classes of security vulnerabilities. We present the, to our knowledge, first complete, formal, machine-checked verification of information flow security for the implementation of a general-purpose microkernel; namely seL4. Unlike previous proofs of information flow security for operating system kernels, ours applies to the actual 8, 830 lines of C code that implement seL4, and so rules out the possibility of invalidation by implementation errors in this code. We assume correctness of compiler, assembly code, hardware, and boot code. We prove everything else. This proof is strong evidence of seL4's utility as a separation kernel, and describes precisely how the general purpose kernel should be configured to enforce isolation and mandatory information flow control. We describe the information flow security statement we proved (a variant of intransitive noninterference), including the assumptions on which it rests, as well as the modifications that had to be made to seL4 to ensure it was enforced. We discuss the practical limitations and implications of this result, including covert channels not covered by the formal proof.
Sensor data is a core component of big data. The abundance of sensor data combined with advances in data integration and data mining raise is a great opportunity to develop innovative applications. However, data about our movements, our energy consumption or our biometry are personal data that we should have full control over. Likewise, companies face a trade-off as the benefits of innovative services must be weighted against the risk of exposing data that reveal core internal processes. How to design a data platform that enables innovative
data services and yet enforce access and usage control? The solutions proposed in the literature to this trade-off all involve some form of trusted execution environment, where data and processing is trusted and safe from corruption by users or attackers. The hardware that could support such trusted execution environments is however closed to the research community: OEMs disable security extensions from their development
boards and the software handling these security extensions is not open. In this paper we present a framework that combines commercially available hardware and open source software. It can be used today by the research community as a trusted execution environment to investigate future big data platforms.
With the proliferation of e-commerce, e-wallet, and e-health smartphone applications, the need for trusted mobile applications is greater than ever. Unlike their desktop counterparts, many mobile applications rely heavily on sensor inputs. As a result, trust often requires authenticity and integrity of sensor readings. For example, applications may need trusted readings from sensors such as a GPS, camera, or microphone. Recent research has started to recognize the need for "trusted sensors", yet providing the right programming abstractions and system support for building mobile trusted applications is an open problem.
This paper proposes two software abstractions for offering trusted sensors to mobile applications. We present the design and implementation of these abstractions on both x86 and ARM platforms. We implement a trusted GPS sensor on both platforms, and we provide a privacy control for trusted location using differential privacy. Our evaluation shows that implementing these abstractions comes with moderate overhead on both x86 and ARM platforms. We find these software abstractions to be versatile and practical - using them we implement one novel enterprise mobile application.
How do you keep a secret about your personal life in an age
where your daughter’s glasses record and share everything she
senses, your wallet records and shares your financial transactions,
and your set-top box records and shares your family’s energy
consumption? Your personal data has become a prime asset for
many companies around the Internet, but can you avoid -- or even
detect -- abusive usage? Today, there is a wide consensus that
individuals should have increased control on how their personal
data is collected, managed and shared. Yet there is no appropriate
technical solution to implement such personal data services:
centralized solutions sacrifice security for innovative applications,
while decentralized solutions sacrifice innovative applications for
security. In this paper, we argue that the advent of secure
hardware in all personal IT devices, at the edges of the Internet,
could trigger a sea change. We propose the vision of trusted cells:
personal data servers running on secure smart phones, set-top
boxes, secure portable tokens or smart cards to form a global,
decentralized data platform that provides security yet enables
innovative applications. We motivate our approach, describe the
trusted cells architecture and define a range of challenges for
future research.
Most memory corruption attacks and Internet worms follow a familiar pattern known as the control-data attack. Hence, many defensive techniques are designed to protect program control flow integrity. Although earlier work did suggest the existence of attacks that do not alter control flow, such attacks are generally believed to be rare against real-world software. The key contribution of this paper is to show that non-control-data attacks are realistic. We demonstrate that many real-world applications, including FTP, SSH, Telnet, and HTTP servers, are vulnerable to such attacks. In each case, the generated attack results in a security compromise equivalent to that due to the control-data attack exploiting the same security bug. Non-control-data attacks corrupt a variety of application data including user identity data, configuration data, user input data, and decision-making data. The success of these attacks and the variety of applications and target data suggest that potential attack patterns are diverse. Attackers are currently focused on control-data attacks, but it is clear that when control flow protection techniques shut them down, they have incentives to study and employ non-control-data attacks. This paper emphasizes the importance of future research efforts to address this realistic threat.
Abstract Securely storing and using credentials is critical for ensuring the security of many modern dis- tributed applications. Existing approaches to address this problem fall short. User memorizable passwords are flexible and cheap, but they suer from bad usability and low security. On the other hand, dedicated hardware tokens provide high levels of security, but the logistics of manufactur- ing and provisioning such tokens are expensive, which makes them unattractive for most service providers. A new approach to address the problem has become possible due to the fact that several types of general-purpose secure hardware, like TPM and M-shield, are becoming widely deployed. These platforms enable, to dierent degrees, a strongly isolated secure environment. In this paper, we describe how we use general-purpose secure hardware to develop an architecture for credentials which we call On-board Credentials (ObCs). ObCs combine the flexibility of virtual credentials with the higher levels of protection due to the use of secure hardware. A distinguishing feature of the ObC architecture is that it is open: it allows anyone to design and deploy new credential algorithms to ObC-capable devices without approval from the device manufacturer or any other third party. The primary contribution of this paper is showing and solving the technical challenges in achieving openness while avoiding additional costs (by making use of already deployed secure hardware) and without compromising security (e.g., ensuring strong isolation) Our proposed archi- tecture is designed with the constraints existing secure hardware in mind and has been prototyped on several dierent platforms including mobile devices based on M-Shield secure hardware.
Trusted Computing aims at enhancing the security of IT systems by using a combination of trusted hardware and software components to provide security guarantees. This includes system state integrity and the secure link between the software and hardware of a computing platform. Although security patterns exist for operating system security, access control, and authentication, there is still none of Trusted Computing aspects. In this paper, we introduce security patterns for secure boot and for secure storage, which are important basic Trusted Computing concepts. Secure boot is at the heart of most security solutions and secure storage is fundamental for application-level security: it ensures that the integrity of software is verified before accessing stored data. Our paper aims at complementing existing system security patterns by presenting the common patterns underlying the different realizations of secure boot and secure storage.
The mobile phone industry has established a large customer base market, providing a wide range of mobile applications from voice and data services to digital media such as digital music, video and mobile gaming. As content becomes more widely available in digital form, it becomes easier to share, distribute, manipulate and copy if it is not properly controlled and encrypted. This development has triggered the concern over the issue of digital right management (DRM) that appears to be overlooked until recently. DRM is becoming increasingly important because it focuses on the protection of copyrighted data circulated via digital media. The awareness has motivated mobile phone manufacturers to invest and concentrate more on developing solutions to best protect the content of digital media on mobile devices which would benefit everyone involved in the market. Therefore, this paper will address the issue of protecting the content of digital media in Symbian OS mobile phones. It will analyse the features of Symbian DRM and TrustZone technology. Then, it suggests how the adoption of these technologies can be used in a theme park entrance using a secured E-pass stored on Symbian v8 OS mobile devices.
Security in mobile commerce is becoming more important due to increasing demand from users wishing to perform online transactions over mobile devices. Security is one of the critical issues for successful adoption of mobile commerce both from an operator and user perspective. Although there are many aspects relating to security in this paper we concentrate on one of the current difficulties concerned with the provision of mobile receipt. Current systems depend entirely on the merchant providing the proof of purchase relating to a particular item or service and many users can experience difficulty if the system fails. Further, as current mobile devices do not offer any verifiable security over the data stored means that merchants can have little confidence in receipts stored on the device. In this paper we present a simple mobile receipt system that offers security both for customer and merchant based on the new TrustZone architecture for ARM devices.
Separation kernels mediate interaction between partitions in a secure system. System security policies can be developed about systems that use separation kernels that rely only on the appropriate separation kernel operation. We introduce a formal security policy for a separation kernel in ACL2, and argue for its usefulness by comparing it with other formalisms and by using it in a proof involving the correctness of a rewall application.
In a computer system, the integrity of lower luyers is tyuically treated as axiomatic by higher liwers. Under the presumption that the hardware coniprising the muchine (the lowest layer) is valid, integrity of a hyer car1 be guaranteed if and only if: (1) rhe integrity qf the lower layers is checked, and (2) transitions to higher Iiiyers occur only after integrity checks on thein are coniplete. The resulting integrity “chain ” inductively guarunteer svsteni integrity. When these conditions are not met, us tliey typically are not in the bootstrapping (initiulixition) qf a coniputer system, no integrity guarantees cun 174 tilade. Yet, lliese guarantees are increasingly important to diverse applications such as Internet coinmerce, securily systems, und “active networks.” In this papel; we describe the AEGIS nrckitecture for initializing a coniputer system. If vriliciutes integriy at each layer transition in the bootstrap process. AEGIS also includes a recovery process for iritegritv check.failures. and we show how this results in robust systems.
Dual-OS communications allow a real-time operating system (RTOS) and a general-purpose operating system (GPOS)-sharing the same processor through virtualization-to collaborate in complex distributed applications. However, they also introduce new threats to the reliability (e.g., memory and time isolation) of the RTOS that need to be considered. Traditional dual-OS communication architectures follow essentially the same conservative approach which consists of extending the virtualization layer with new communication primitives. Although this approach may be able to address the aforementioned reliability threats, it imposes a rather big overhead on communications due to unnecessary data copies and context switches. In this paper, we propose a new dual-OS communications approach able to accomplish efficient communications without compromising the reliability of the RTOS. We implemented our architecture on a physical platform using a highly reliable dual-OS system (SafeG) which leverages ARM TrustZone hardware to guarantee the reliability of the RTOS. We observed from the evaluation results that our approach is effective at minimizing communication overhead while satisfying the strict reliability requirements of the RTOS.
This chapter summarizes the modeling and formal analysis effort that led to an EAL6+ certification for a commercial real-time operating system kernel. We begin by describing the INTEGRITY-178B kernel, as well as the approach taken for the Common Criteria evaluation effort. We present a generalization of the GWV theorem, formulated in order to capture the meaning of separation in a dynamic system. We detail how the INTEGRITY-178B kernel was modeled, including System State, Behavior, and Information Flow. We discuss the proof architecture used to demonstrate correspondence and conclude with a description of the informal analysis of the hardware abstraction layer.
Virtualization solutions aimed at the consolidation of a real-time operating system (RTOS) and a generalpurpose operating system (GPOS) onto the same platform are gaining momentum as high-end embedded systems increase their computation power. Among them, the most extended approach for scheduling both operating systems consists of executing the GPOS only when the RTOS becomes idle. Although this approach can guarantee the real-time performance of the RTOS tasks and interrupt handlers, the responsiveness of GPOS time-sensitive activities is negatively affected when the RTOS contains compute-bound activities executing with low priority. In this paper, we modify a reliable hardware-assisted dual-OS virtualization technique to implement an integrated scheduling architecture where the execution priority level of the GPOS and RTOS activities can be mixed with high granularity. The evaluation results show that the proposed approach is suitable for enhancing the responsiveness of the GPOS time-sensitive activities without compromising the reliability and real-time performance of the RTOS.
Mobile devices have become powerful and user-friendly. At the same time they have become a hosting platform for a wide variety of services. Naturally, the interests of the various stakeholders on a mobile platform are not the same. Thus, there is demand for a strict separation model of services on mobile devices. In this paper, we outline a possible approach to enable a Secure Media Path on mobile devices. Our approach aims to support the needs of the di erent stakeholders, with respect to openness, content protection and client privacy. The architecture takes into account the resource constraints of mobile devices.
TrustZone-based Real-time Kernel Protection (TZ-RKP) is a novel system that provides real-time protection of the OS kernel using the ARM TrustZone secure world. TZ-RKP is more secure than current approaches that use hypervisors to host kernel protection tools. Although hypervisors provide privilege and isolation, they face fundamental security challenges due to their growing complexity and code size. TZ-RKP puts its security monitor, which represents its entire Trusted Computing Base (TCB), in the TrustZone secure world; a safe isolated environment that is dedicated to security services. Hence, the security monitor is safe from attacks that can potentially compromise the kernel, which runs in the normal world. Using the secure world for kernel protection has been crippled by the lack of control over targets that run in the normal world. TZ-RKP solves this prominent challenge using novel techniques that deprive the normal world from the ability to control certain privileged system functions. These functions are forced to route through the secure world for inspection and approval before being executed. TZ-RKP's control of the normal world is non-bypassable. It can effectively stop attacks that aim at modifying or injecting kernel binaries. It can also stop attacks that involve modifying the system memory layout, e.g, through memory double mapping. This paper presents the implementation and evaluation of TZ-RKP, which has gone through rigorous and thorough evaluation of effectiveness and performance. It is currently deployed on the latest models of the Samsung Galaxy series smart phones and tablets, which clearly demonstrates that it is a practical real-world system.
The dual-execution-environment approach (dual-EE) is a trusted model that was defined to allow mobile smart devices to guarantee tamper-resistant execution for highly sensitive applications. Although various solutions implementing dual-EE have been proposed in the literature, this model has not been formalized yet. In this paper, we revisit the dual-EE approach and propose a theoretical framework to systematize the design of dual-EE solutions regarding well-established primitives defined in the Multiple Independent Levels of Security (MILS) architecture. We provide a general classification of the different dual- EE proposals based on their isolation properties. We introduce a comparative framework allowing dual-EE solutions to be evaluated across a common set of criteria. The relevance of our framework is examined by applying it on three technologies, each one represents one category in our classification. Results are consistent and explain some hidden and unexpected properties of each technology. For instance, we find that baremetal hypervisors are ill-adapted to provide high assurance security even though they might improve the overall security level of the system. © IFIP International Federation for Information Processing 2015.
We present a flexible architecture for trusted computing, called Terra, that allows applications with a wide range of security requirements to run simultaneously on commodity hardware. Applications on Terra enjoy the semantics of running on a separate, dedicated, tamper-resistant hardware platform, while retaining the ability to run side-by-side with normal applications on a general-purpose computing platform. Terra achieves this synthesis by use of a trusted virtual machine monitor (TVMM) that partitions a tamper-resistant hardware platform into multiple, isolated virtual machines (VM), providing the appearance of multiple boxes on a single, general-purpose platform. To each VM, the TVMM provides the semantics of either an "open box," i.e. a general-purpose hardware platform like today's PCs and workstations, or a "closed box," an opaque special-purpose platform that protects the privacy and integrity of its contents like today's game consoles and cellular phones. The software stack in each VM can be tailored from the hardware interface up to meet the security requirements of its application(s). The hardware and TVMM can act as a trusted party to allow closed-box VMs to cryptographically identify the software they run, i.e. what is in the box, to remote parties. We explore the strengths and limitations of this architecture by describing our prototype implementation and several applications that we developed for it.
Smartphones are now handling personal and extremely important data and applications. This increases mobile environment threats and makes smartphones one of attackers' preferred targets. To mitigate threats, many proposals and counter-measures have been proposed. In this paper, we focus on one of them, the Trusted Execution Environment (TEE) which is a new family of architecture having its own hardware and software environment completely isolated from the mobile ones. It intends to offer better security than the one provided by mobile platforms. It proposes for example secure storage to applications running on top of the mobile Operating System. We give a complete overview of standardization activities on TEE. We first detail the software and hardware architecture of the TEE as introduced by GlobalPlatform specifications. Then, we describe the different available TEE solutions. Finally, we compare these solutions according to key performance parameters with a special interest to security aspects.
Many smartphones now deploy conventional operating systems, so the rootkit
attacks so prevalent on desktop and server systems are now a threat to
smartphones. While researchers have advocated using virtualization to detect
and prevent attacks on operating systems (e.g., VM introspection and trusted
virtual domains), virtualization is not practical on smartphone systems due to
the lack of virtualization support and/or the expense of virtualization.
Current smartphone processors do have hardware support for running a protected
environment, such as the ARM TrustZone extensions, but such hardware does not
control the operating system operations sufficiently to enable VM
introspection. In particular, a conventional operating system running with
TrustZone still retains full control of memory management, which a rootkit can
use to prevent traps on sensitive instructions or memory accesses necessary for
effective introspection. In this paper, we present SPROBES, a novel primitive
that enables introspection of operating systems running on ARM TrustZone
hardware. Using SPROBES, an introspection mechanism protected by TrustZone can
instrument individual operating system instructions of its choice, receiving an
unforgeable trap whenever any SPROBE is executed. The key challenge in
designing SPROBES is preventing the rootkit from removing them, but we identify
a set of five invariants whose enforcement is sufficient to restrict rootkits
to execute only approved, SPROBE-injected kernel code. We implemented a
proof-of-concept version of SPROBES for the ARM Fast Models emulator,
demonstrating that in Linux kernel 2.6.38, only 12 SPROBES are sufficient to
enforce all five of these invariants. With SPROBES we show that it is possible
to leverage the limited TrustZone extensions to limit conventional kernel
execution to approved code comprehensively.
Using the cloud storage services, users can access their data in any time, at any place, even with any computing device including mobile devices. Although these properties provide flexibility and scalability in handling data, security issues should be handled especially when mobile devices try to access data stored in cloud storage. Currently, a typical cloud storage service, Dropbox, offers server-side data encryption for security purpose. However, we think such method is not secure enough because all the encryption keys are managed by software and there is no attestation on the client software integrity. Moreover, a simple user identification based on user ID and Password is also easy to be compromised. Data sharing which is critical in enterprise environment is significantly restricted because it is not easy to share encryption key among users. In this paper, we propose DFCloud, a secure data access control method of cloud storage services to handle these problems found in the typical cloud storage service Dropbox. DFCloud relies on Trusted Platform Module (TPM) [1] to manage all the encryption keys and define a key sharing protocol among legal users. We assume that each client is mobile device using ARM TrustZone [2] technology. The DFCloud server prototype is implemented using ARM Fastmodel 7.1 and Open Virtualization software stack for ARM TrustZone. For DFCloud client, TPM functions are developed in the secure domain of ARM TrustZone because most ARM-based mobile devices are not equipped with TPM chip. The DFCloud framework defines TPM-based secure channel setup, TPM-based key management, remote client attestation, and a secure key share protocol across multiple users/devices. It is shown that our concept works correctly through a prototype implementation.
Mobile apps increasingly require users to login to remote services such as Facebook and Twitter. Unfortunately, today's mobile platforms provide weak protection for login credentials such as passwords. To address this problem, we introduce the idea of an attested login and an embodiment of this idea called VeriUI. Attested login augments user credentials with a certificate describing the software and hardware that handled the credentials. Experiments with a VeriUI prototype found that it avoids the sluggish responsiveness of a thin-client approach, while a small app study indicates that VeriUI would require minor changes to existing apps.
Trusted execution environments (TEEs) are widely deployed both on mobile devices as well as in personal computers. TEEs typically have a small amount of physically secure memory but they are not enough to realize certain algorithms, such as authenticated encryption modes, in the standard manner. TEEs can however access the much larger but untrusted system memory using which "pipelined" variants of these algorithms can be realized by gradually reading input from, and/or writing output to the untrusted memory. In this paper, we motivate the need for pipelined variants of authenticated encryption modes in TEEs, describe a pipelined version of the EAX mode, and prove that it is as secure as standard, "baseline", EAX. We point out potential pitfalls in mapping the abstract description of a pipelined variant to concrete implementation and discuss how these can be avoided. We also discuss other algorithms which can be adapted to the pipelined setting and proved correct in a similar fashion.
Mobile phone platforms are increasingly becoming vulnerable to security attacks and is untrusted to host security sensitive applications, content, and services. Open source mobile ecosystems such as Android allow increased flexibility for developing and deploying applications. However, there are industry-led initiatives to increase the security of mobile phone platforms by using virtualisation and hardware abstraction techniques. In this paper, we explore the potential of the recently introduced Trusted Execution Environment (TEE) ecosystem for mobile phones in order to compliment the security-proven (U)SIM based security functions. We present a security architecture and a novel mobile payment and multimedia content playback solution leveraging on the existing post-paid billing method. We integrate TEE with (U)SIM based security techniques to provide enhanced security for user authentication, content purchase, protected storage and secure content viewing.
This paper proposes ViMoExpress that is a lightweight virtualization solution for embedded systems. ViMoExpress accelerates dual OSes in single embedded system by utilizing TrustZone function of ARM. Two guest OSes are located on secure and normal worlds of TrustZone, and ViMoExpress is run on monitor mode. Two guest OSes can be run without any intervention except switches between the guest OSes. Thus, ViMoExpress generates little overhead. The code of ViMoExpress is very compact that is under 1,000 lines.
Modern smartphones with the capability to be always online and equipped with data transfer interfaces such as NFC allow to take advantage of a wide variety of services and pave the way for new classes of services. Naturally, not every service will be available for free, some providers will charge money for the services provided. Usually, users are uniquely identified by the provider of a service for billing purposes and providers therefore maintain user profiles. This allows to personalize services with respect to user's interests and preferences. However, it is problematic regarding user's privacy since users disclose lots of sensitive information to the service provider. Different mobile payment solutions have been proposed to date, but privacy aspects are usually not considered at all. In this paper, we demonstrate how privacy friendly payment can be realized using a recent payment mechanisms in combination with an ARM processor platform with TrustZone enhancements. We discuss the public transport ticket domain as an example. Then we propose a platform framework that can be used for arbitrary applications requiring a privacy preserving online remote prepaid payment system suitable for micro as well as macro payments.
Public transport ticketing with mobile phones has in recent years become a possible reality as the standards for Near-Field Communications (NFC) are being taken up in mass transport ticketing, and the use of contactless smartcards for small value payments like ticketing is as well being deployed. We examine the feasibility of using mobile phone with a hardware Trusted Execution Environment for identity verification of transport ticketing with a perspective focusing on security and performance. We provide measurements based on an implementation in contemporary mobile phone hardware, and discuss our results by comparing with other proposed identity-verification ticketing solutions in light of the constraints set by usability and practical considerations as indicated by transport authorities.
This paper reviews some of the difficulties that arise in the verification of kernelized secure systems and suggests new techniques for their resolution.
It is proposed that secure systems should be conceived as distributed systems in which security is achieved partly through the physical separation of its individual components and partly through the mediation of trusted functions performed within some of those components. The purpose of a security kernel is simply to allow such a 'distributed' system to actually run within a single processor; policy enforcement is not the concern of a security kernel.
This approach decouples verification of components which perform trusted functions from verification of the security kernel. This latter task may be accomplished by a new verification technique called 'proof of separability' which explicitly addresses the security relevant aspects of interrupt handling and other issues ignored by present methods.
Performance guarantees can be given to tasks in an embedded system by ensuring that access to each shared resource is mediated by an appropriate scheduler. However, almost all previous work on CPU scheduling has focused on thread-level scheduling, resulting in systems that are vulnerable to a lower-level form of overload that occurs when too many interrupts arrive. This paper describes three new techniques, two software-based and one hardware-based, for creating systems that delay or drop excessive interrupt requests before they can overload a processor. Our interrupt schedulers bound both the amount of work performed in interrupt context and its granularity, making it possible to provide strong progress guarantees to thread-level processing. We show that our solutions work and are efficient when implemented on embedded processors. We have also taken a description for a microprocessor in VHDL, modified it to include logic that prevents interrupt overload, synthesized the processor, and verified that it works using simulation. By allowing developers to avoid making assumptions about the worst-case interrupt rates of peripherals, our work fills an important gap in the chain of reasoning leading to a validated system. These techniques cannot replace careful system design, but they do provide a last-ditch safety guarantee in the presence of a serious malfunction.
Nowadays, trusted platform modules (TPMs) are usually deployed together with desktop PCs and notebooks. However, these platforms
are not the only ones that can host TPMs. Mobile and embedded platforms like cell phones can also host TPMs but may have different
requirements and different use-case scenarios. In contrast to common TPMs, TPMs for mobile platforms do not need to be implemented
as micro controllers, leading to different security assumptions. In order to find these differences, we have designed and
implemented two approaches for mobile TPMs that are analyzed in detail in the context of this paper.
Security is an emerging topic in the field of mobile and embedded platforms. The Trusted Computing Group (TCG) has outlined one possible approach to mobile platform security by recently extending their set of Trusted Computing specifications with Mobile Trusted Modules (MTMs). The MTM specification [13] published by the TCG is a platform independent approach to Trusted Computing explicitly allowing for a wide range of potential implementations. ARM follows a different approach to mobile platform security, by extending platforms with hardware supported ARM TrustZone security [3] mechanisms. This paper outlines an approach to merge TCG-style Trusted Computing concepts with ARM TrustZone technology in order to build an open Linux-based embedded trusted computing platform.
To protect computation, a security architecture must safeguard not only the software that performs it but also the state on which the software operates. This requires more than just preserving state confidentiality and integrity, since, e.g., software may err if its state is rolled back to a correct but stale version. For this reason, we present Memoir, the first system that fully ensures the continuity of a protected software module's state. In other words, it ensures that a module's state remains persistently and completely inviolate. A key contribution of Memoir is a technique to ensure rollback resistance without making the system vulnerable to system crashes. It does this by using a deterministic module, storing a concise summary of the module's request history in protected NVRAM, and allowing only safe request replays after crashes. Since frequent NVRAM writes are impractical on modern hardware, we present a novel way to leverage limited trusted hardware to minimize such writes. To ensure the correctness of our design, we develop formal, machine-verified proofs of safety. To demonstrate Memoir's practicality, we have built it and conducted evaluations demon- strating that it achieves reasonable performance on real hard- ware. Furthermore, by building three useful Memoir-protected modules that rely critically on state continuity, we demonstrate Memoir's versatility.
Security requirements for embedded systems such as consumer devices are becoming stronger. Current designs need an isolated environment that stores and processes sensitive data. New hardware technologies are arriving that provide low-cost, high-performance, isolated environments. Standard open APIs are providing a route to interoperability, defragmentation. and reduced software development costs. Securely, flexibly, and efficiently taking advantage of these standards is a complex software design problem. This article is an introduction to one such hardware technology, and a case study of the design of a programmable security software framework. The discussion will be of interest to all types of system designers, from SoC to software, because security must be designed into the system from the outset.
We present a flexible architecture for trusted computing, called Terra, that allows applications with a wide range of security requirements to run simultaneously on commodity hardware. Applications on Terra enjoy the semantics of running on a separate, dedicated, tamper-resistant hardware platform, while retaining the ability to run side-by-side with normal applications on a generalpurpose computing platform. Terra achieves this synthesis by use of a trusted virtual machine monitor (TVMM) that partitions a tamper-resistant hardware platform into multiple, isolated virtual machines (VM), providing the appearance of multiple boxes on a single, general-purpose platform. To each VM, the TVMM provides the semantics of either an "open box," i.e. a general-purpose hardware platform like today's PCs and workstations, or a "closed box," an opaque special-purpose platform that protects the privacy and integrity of its contents like today's game consoles and cellular phones. The software stack in each VM can be tailored from the hardware interface up to meet the security requirements of its application (s). The hardware and TVMM can act as a trusted party to allow closed-box VMs to cryptographically identify the software they run, i.e. what is in the box, to remote parties. We explore the strengths and limitations of this architecture by describing our prototype implementation and several applications that we developed for it.
Unlocking the motorola bootloader
- D Rosenberg
emmc v4.41 and v4.5. architecture for high speed functions and features
- V Tsai
Dual operating system architecture for real-time embedded systems
- D Sangorín
- S Honda
- H Takada
Here be dragons: vulnerabilities in trust-zone
- N Keltner
- C Holmes
Application of formal methods for designing a separation kernel for embedded systems
- K Kawamorita
- R Kasahara
- Y Mochizuki
- K Noguchi
A software level analysis of trustzone os and trustlets in samsung galaxy phone
- S Blog