Reconciling Security with Virtualization: A Dual-Hypervisor Design for ARM TrustZone

被引:6
|
作者
Cicero, Giorgiomaria [1 ]
Biondi, Alessandro [1 ]
Buttazzo, Giorgio [1 ]
Patel, Anup
机构
[1] Scuola Super Sant Anna, Pisa, Italy
来源
2018 IEEE INTERNATIONAL CONFERENCE ON INDUSTRIAL TECHNOLOGY (ICIT) | 2018年
关键词
D O I
10.1109/ICIT.2018.8352425
中图分类号
T [工业技术];
学科分类号
08 ;
摘要
This paper proposes a novel design to enable the virtualization of both secure and non-secure worlds offered by ARM platforms with TrustZone technology. The design is based on a dual-hypervisor scheme that allows executing multiple two-world domains in isolation, where each of them can comprise both a standard (i.e., non-secure) execution environment, and a trusted execution environment (TEE). An implementation of the proposed design is presented and discussed by building upon Xvisor, a Type-1 open-source hypervisor. Experimental results to assess the performance of the implementation are finally reported and discussed.
引用
收藏
页码:1628 / 1633
页数:6
相关论文
共 50 条
  • [1] Lightweight Multicore Virtualization Architecture exploiting ARM TrustZone
    Pinto, S.
    Oliveira, A.
    Pereira, J.
    Cabral, J.
    Monteiro, J.
    Tavares, A.
    [J]. IECON 2017 - 43RD ANNUAL CONFERENCE OF THE IEEE INDUSTRIAL ELECTRONICS SOCIETY, 2017, : 3562 - 3567
  • [2] Towards a Lightweight Embedded Virtualization Architecture Exploiting ARM TrustZone
    Pinto, S.
    Oliveira, D.
    Pereira, J.
    Cardoso, N.
    Ekpanyapong, M.
    Cabral, J.
    Tavares, A.
    [J]. 2014 IEEE EMERGING TECHNOLOGY AND FACTORY AUTOMATION (ETFA), 2014,
  • [3] Improving Virtualization Security by Splitting Hypervisor into Smaller Components
    Pan, Wuqiong
    Zhang, Yulong
    Yu, Meng
    Jing, Jiwu
    [J]. DATA AND APPLICATIONS SECURITY AND PRIVACY XXVI, 2012, 7371 : 298 - 313
  • [4] The Threat of Virtualization: Hypervisor-Based Rootkits on the ARM Architecture
    Buhren, Robert
    Vetter, Julian
    Nordholz, Jan
    [J]. INFORMATION AND COMMUNICATIONS SECURITY, ICICS 2016, 2016, 9977 : 376 - 391
  • [5] TZMon: Improving mobile game security with ARM trustzone
    Jeon, Sanghoon
    Kim, Huy Kang
    [J]. COMPUTERS & SECURITY, 2021, 109
  • [6] On the Security Evaluation of the ARM TrustZone Extension in a Heterogeneous SoC
    Benhani, El Mehdi
    Marchand, Cedric
    Aubert, Alain
    Bossuet, Lilian
    [J]. 2017 30TH IEEE INTERNATIONAL SYSTEM-ON-CHIP CONFERENCE (SOCC), 2017, : 108 - 113
  • [7] The Security of ARM TrustZone in a FPGA-Based SoC
    Benhani, E. M.
    Bossuet, L.
    Aubert, A.
    [J]. IEEE TRANSACTIONS ON COMPUTERS, 2019, 68 (08) : 1238 - 1248
  • [8] KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor
    Dall, Christoffer
    Nieh, Jason
    [J]. ACM SIGPLAN NOTICES, 2014, 49 (04) : 333 - 347
  • [9] On the Integration of Physically Unclonable Functions into ARM TrustZone Security Technology
    Aitchison, Callum
    Buckle, Roman
    Ch'ng, Alvin
    Clarke, Christian
    Malley, Jacob
    Halak, Basel
    [J]. 24TH IEEE EUROPEAN CONFERENCE ON CIRCUIT THEORY AND DESIGN (ECCTD 2020), 2020,
  • [10] Xen on ARM: System virtualization using Xen hypervisor for ARM-based secure mobile phones
    Hwang, Joo-Young
    Suh, Sang-Bum
    Heo, Sung-Kwan
    Park, Chan-Ju
    Ryu, Jae-Min
    Park, Seong-Yeol
    Kim, Chul-Ryun
    [J]. 2008 5TH IEEE CONSUMER COMMUNICATIONS AND NETWORKING CONFERENCE, VOLS 1-3, 2008, : 257 - 261
12345