Secure mobile device structure for trust IoT

被引:3
|
作者
Lee, Yun-kyung [1 ,2 ]
Kim, Jeong-nyeo [2 ]
Lim, Kyung-Soo [2 ]
Yoon, Hyunsoo [1 ]
机构
[1] Korea Adv Inst Sci & Technol, Sch Comp, 291 Daehak Ro, Daejeon 34141, South Korea
[2] ETRI, 218 Gajeong Ro, Daejeon 34129, South Korea
来源
JOURNAL OF SUPERCOMPUTING | 2018年 / 74卷 / 12期
关键词
Mobile security; Domain separation; Secure execution engine; Trust IoT;
D O I
10.1007/s11227-017-2155-y
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In the IoT environment, all devices are connected to each other, and mobile device is considered as key device. But hacking into mobile devices is increasing rapidly with the increase in mobile device users. As the market share of Android OS increases, hacking of mobile devices has focused on Android devices. Although there are many security solutions for mobile devices, they are fragmentary for mobile threats; that is, they are solutions for only several threats rather than comprehensive solutions. There is hence a limit to protecting user's and company's data stored or used on mobile devices from various types of hacking. To address this, we propose a mobile device protection technology based on domain isolation. Virtualization technology has emerged to increase CPU utilization in server-class PCs and to run various OSs in one system. As these virtualization technologies become lightweight, they are beginning to be applied to embedded devices. In this paper, we applied this lightweight embedded virtualization technology to mobile devices to divide mobile devices into two areas. Therefore, users can have hidden area from hacker attack in addition to Android OS area which can use same as existing mobile device. There is a hardware-based mobile security solution using an secure element, but this has to be reflected in the manufacturing process of the mobile device. However, since the domain separation technology using the virtualization, proposed in this paper, is a software solution, it has an advantage that it can be applied to a device that is already in use. In addition, to protect the hidden area, application authentication/authorization and user authentication technology were applied. And we use white-box cryptography to get root of trust of the key which is used for secure storage and data encryption/decryption. We believe this is a fundamental solution for protecting the mobile device users from hacking. We implemented and tested various mobile applications operating on a mobile device that incorporates our proposed structure based on domain isolation. There is some performance degradation caused by the domain separation, but it is negligible. According to https://www.wired.com/insights/2012/11/mobile-supercomputers/, the chips for mobile phones have evolved and mobile phones will soon become supercomputers. In this case, the addition of virtualization to the mobile device will have less impact on the computing power of the mobile device, and data protection stored in mobile devices and secure execution environment of security programs will become more important issues. Therefore, our TeeMo structure is a necessary technology to protect mobile device users.
引用
收藏
页码:6646 / 6664
页数:19
相关论文
共 50 条
  • [21] A Secure Device Access Based on Blockchain for IoT in Smart City
    Li, Chao
    Yang, Hui
    Bao, Bowen
    Sun, Zhengjie
    Dong, Shuai
    Zhang, Jie
    IWCMC 2021: 2021 17TH INTERNATIONAL WIRELESS COMMUNICATIONS & MOBILE COMPUTING CONFERENCE (IWCMC), 2021, : 1172 - 1174
  • [22] Study of Secure Boot with a FPGA-based IoT Device
    Liu, Yuan
    Briones, Jed
    Zhou, Ruolin
    Magotra, Neeraj
    2017 IEEE 60TH INTERNATIONAL MIDWEST SYMPOSIUM ON CIRCUITS AND SYSTEMS (MWSCAS), 2017, : 1053 - 1056
  • [23] Secure Lightweight IoT Integrated RFID Mobile Healthcare System
    Naresh, Vankamamidi S.
    Reddi, Sivaranjani
    Murthy, Nistala V. E. S.
    WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2020, 2020
  • [24] Secure Bitcoin Transaction and IoT Device usage in Decentralized Application
    Swamy, Sanathkumar A.
    Jayapandian, N.
    PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON COMMUNICATION AND ELECTRONICS SYSTEMS (ICCES 2018), 2018, : 271 - 274
  • [25] Secure Protocol for Resource-Constrained IoT Device Authentication
    Nyangaresi, Vincent Omollo
    Rodrigues, Anthony Joachim
    Al Rababah, Ahmad A.
    INTERNATIONAL JOURNAL OF INTERDISCIPLINARY TELECOMMUNICATIONS AND NETWORKING, 2022, 14 (01)
  • [26] Secure Coded Computation for Efficient Distributed Learning in Mobile IoT
    Yang, Yilin
    D'Oliveira, Rafael G. L.
    El Rouayheb, Salim
    Yang, Xin
    Seferoglu, Hulya
    Chen, Yingying
    2021 18TH ANNUAL IEEE INTERNATIONAL CONFERENCE ON SENSING, COMMUNICATION, AND NETWORKING (SECON), 2021,
  • [27] Device Identity and Trust in IoT-sphere Forsaking Cryptography
    Ray, Indrajit
    Kar, Diptendu M.
    Peterson, Jordan
    Goeringer, Steve
    2019 IEEE 5TH INTERNATIONAL CONFERENCE ON COLLABORATION AND INTERNET COMPUTING (CIC 2019), 2019, : 204 - 213
  • [28] Secure Computation Offloading Based on Social Trust in Mobile Networks
    Su, Wei-Tsung
    Liang, Chiang-Sheng
    Dai, Cheng-Yi
    2014 SIXTH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS (ICUFN 2014), 2014, : 75 - 80
  • [29] A Trust Management Model for Sensor enabled Mobile Devices in IoT
    Rehiman, Rafidha K., V
    Veni, S.
    2017 INTERNATIONAL CONFERENCE ON I-SMAC (IOT IN SOCIAL, MOBILE, ANALYTICS AND CLOUD) (I-SMAC), 2017, : 807 - 810
  • [30] A Mobile Cloud Hierarchical Trust Management Protocol for IoT Systems
    Guo, Jia
    Chen, Ing-Ray
    Tsai, Jeffrey J. P.
    2017 5TH IEEE INTERNATIONAL CONFERENCE ON MOBILE CLOUD COMPUTING, SERVICES, AND ENGINEERING (MOBILECLOUD), 2017, : 125 - 130