ARM TRUSTZONE AS A SECURITY FOR USER INTERACTION ON THE MOBILE PLATFORM

Lukman Santoso; Moh Muthohir; Ahmad Ashifudin Aqham

doi:10.55606/jeei.v2i2.911

Lukman Santoso Universitas Sains dan Teknologi Komputer
Moh Muthohir Universitas Sains dan Teknologi Komputer
Ahmad Ashifudin Aqham Universitas Sains dan Teknologi Komputer

DOI: https://doi.org/10.55606/jeei.v2i2.911

Keywords: Android, Smartphone, ARM TrustZone, Securing User Interaction.

Abstract

Smartphones have become an important part of human life until now, apart from making phone calls and other communication functions, smartphones are also used as tools for shopping, conducting banking transactions, and so on. This makes security Software on smartphones becoming more critical. trust execution environment technology was popularized to support care for users if the Operation System is compromised namely trust execution environment ARM TrustZone. This research focuses on User-Interaction and Input/Output audio input user interaction channels and proposes an application-transparent solution to keep the user communication strategy on mobile platforms using ARM TrustZone.

This research advantage the ARM TrustZone to bring a defended architecture for User Interface input for user interaction channels (T-User-Interaction) and Audio-Input/Output for VoIP calls (T-VoIP-C). The main objective is to establish that the architecture is clear for cellular utilization. All along trust execution environment-established research, one of the critical objections faced was the ability to safely prototype designs. In a trust execution environment study, it is generally necessary to cross hardware factors with the trust execution environment-Operation System, which could be impressive for non-hardware specialists, conditional on the base applicable from trust execution environment Operation System vendors. This research considers a simulation-based model (T-simulation) that cuts down the composition time and hardware background appropriate to frame a hardware situation for expectation execution situation prototyping.

References

A. Amiri Sani, K. Boos, MH Yun, and L. Zhong. Rio: A System Solution for Sharing Input/Output between Mobile Systems. In Proceedings of the 12th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 14, page 259272, New York, NY, USA, 2014. Association for Computing Machinery. ISBN 9781450327930. doi: 10:1145/2594368:2594370. URLs https://doi:org/10:1145/2594368:2594370.
A. Barth, C. Jackson, and C. Reis. The Security Architecture of the Chromium Browsers. Technical report, 2008. URL http://css:csail:mit:edu/6:858/2018/readings/chromium:pdf .
D. Liu and LP Cox. VeriUI: Attested Login for Mobile Devices. In Proceedings of the 15th Workshop on Mobile Computing Systems and Applications, HotMobile' 14, Santa Barbara, CA, USA, February 26-27 2014.
D. Zhang. Trustfa: TrustZone-Assisted Facial Authentication on Smartphones. Technical report, 2014. URL http://www:donglizhang:org/trustfa:pdf .
M. Ender , G. Duppmann, A. Wild, T. Poppelmann, and T. Guneysu. A Hardware-Assisted Proof-of-Concept for Secure VoIP Clients on Untrusted Operating Systems. In Proceedings of 2014 International Conference on ReConFigurable Computing and FPGAs, ReConFig' 14, Cancun, Mexico, Dec 8-10 2014. URL https://doi:org/10:1109/ReConFig:2014:7032489 .
R. Buhren, J. Vetter, and J. Nordholz . The Threats of Virtualization: Hypervisor-Based Rootkits on the ARM Architecture. volume 9977, 11 2016. doi:10:1007/978-3-319-50011-929.
S. Oh, H. Yoo, DR Jeong, DH BUser-interference, and I. Shin. Mobile Plus: Multi-Device Mobile Platform for Cross-Device Functionality Sharing. In Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys 17, page 332344, New York, NY, USA, 2017. Association for Computing Machinery. ISBN 9781450349284. doi: 10:1145/3081333:3081348. URL https://doi:org/10:1145/3081333:3081348 .
W. Li, M. Ma, J. Han, Y. Xia, B. Zang, C.-K. Chu, and T. Li. Building Trusted Path on Untrusted Device Drivers for Mobile Devices. In Proceedings of 5th Asia-Pacific Workshop on Systems, APSys '14, pages 8:1–8:7, New York, NY, USA, 2014. ACM. ISBN 978-1-4503-3024-4. doi: 10:1145/2637166:2637225. URL http://doi:acm:org/10:1145/2637166:2637225 .
X. Li, H. Hu, G. Bai, Y. Jia, Z. Liang, and P. Saxena. DroidVault: A Trusted Data Vault for Android Devices. In Proceedings of the 2014 19th International Conference on Engineering of Complex Computer Systems, ICECCS' 14, Tianjin, China, Aug 4-7 2014. URL https://doi:org/10:1109/ICECCS:2014:13 .
Y. Jong, P. Hsiu, S. Cheng, and T. Kuo. A Semantics-Aware Design for Mounting Remote Sensors on Mobile Systems. In 2016 53rd ACM/EDAC/IEEE Design Automation Conference (DAC), pages 1–6, 2016. URL https://ieeexplore:ieee:org/document/7544382 .
Y. Li and W. Gao. Interconnecting Heterogeneous Devices in the Personal Mobile cloud. In IEEE INFOCOM 2017 - IEEE Conference on Computer Communications, pages 1–9, 2017. URL https://ieeexplore:ieee:org/document/8057083 .