Secure mobile device structure for trust IoT

被引:3
|
作者
Lee, Yun-kyung [1 ,2 ]
Kim, Jeong-nyeo [2 ]
Lim, Kyung-Soo [2 ]
Yoon, Hyunsoo [1 ]
机构
[1] Korea Adv Inst Sci & Technol, Sch Comp, 291 Daehak Ro, Daejeon 34141, South Korea
[2] ETRI, 218 Gajeong Ro, Daejeon 34129, South Korea
来源
JOURNAL OF SUPERCOMPUTING | 2018年 / 74卷 / 12期
关键词
Mobile security; Domain separation; Secure execution engine; Trust IoT;
D O I
10.1007/s11227-017-2155-y
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In the IoT environment, all devices are connected to each other, and mobile device is considered as key device. But hacking into mobile devices is increasing rapidly with the increase in mobile device users. As the market share of Android OS increases, hacking of mobile devices has focused on Android devices. Although there are many security solutions for mobile devices, they are fragmentary for mobile threats; that is, they are solutions for only several threats rather than comprehensive solutions. There is hence a limit to protecting user's and company's data stored or used on mobile devices from various types of hacking. To address this, we propose a mobile device protection technology based on domain isolation. Virtualization technology has emerged to increase CPU utilization in server-class PCs and to run various OSs in one system. As these virtualization technologies become lightweight, they are beginning to be applied to embedded devices. In this paper, we applied this lightweight embedded virtualization technology to mobile devices to divide mobile devices into two areas. Therefore, users can have hidden area from hacker attack in addition to Android OS area which can use same as existing mobile device. There is a hardware-based mobile security solution using an secure element, but this has to be reflected in the manufacturing process of the mobile device. However, since the domain separation technology using the virtualization, proposed in this paper, is a software solution, it has an advantage that it can be applied to a device that is already in use. In addition, to protect the hidden area, application authentication/authorization and user authentication technology were applied. And we use white-box cryptography to get root of trust of the key which is used for secure storage and data encryption/decryption. We believe this is a fundamental solution for protecting the mobile device users from hacking. We implemented and tested various mobile applications operating on a mobile device that incorporates our proposed structure based on domain isolation. There is some performance degradation caused by the domain separation, but it is negligible. According to https://www.wired.com/insights/2012/11/mobile-supercomputers/, the chips for mobile phones have evolved and mobile phones will soon become supercomputers. In this case, the addition of virtualization to the mobile device will have less impact on the computing power of the mobile device, and data protection stored in mobile devices and secure execution environment of security programs will become more important issues. Therefore, our TeeMo structure is a necessary technology to protect mobile device users.
引用
收藏
页码:6646 / 6664
页数:19
相关论文
共 50 条
  • [31] A trust management scheme to secure mobile information centric networks
    Rathee, Geetanjali
    Sharma, Ashutosh
    Kumar, Rajiv
    Ahmad, Farhan
    Iqbal, Razi
    COMPUTER COMMUNICATIONS, 2020, 151 : 66 - 75
  • [32] Cloud of Secure Elements: An Infrastructure For The Trust of Mobile NFC Services
    Urien, Pascal
    2014 IEEE 10TH INTERNATIONAL CONFERENCE ON WIRELESS AND MOBILE COMPUTING, NETWORKING AND COMMUNICATIONS (WIMOB), 2014, : 213 - 218
  • [33] SECURE TRUST: a blockchain-enabled trust and reputation system for malicious node detection in IOT networks
    Simpson S.V.
    Ravi Raju Y.
    Bhanu Rajesh Naidu K.
    Venu G.
    International Journal of Information Technology, 2023, 15 (8) : 4323 - 4336
  • [34] Secure Location Distribution on Mobile Device For Private Meeting
    Chavan, Amita
    Deshmukh, Smita
    PROCEEDINGS OF THE 2018 SECOND INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTING AND CONTROL SYSTEMS (ICICCS), 2018, : 1765 - 1768
  • [35] A Development of UHF RFID Device for Mobile IoT Service
    Park, SeongSoo
    2016 IEEE 7TH ANNUAL UBIQUITOUS COMPUTING, ELECTRONICS MOBILE COMMUNICATION CONFERENCE (UEMCON), 2016,
  • [36] Secure Mobile Device Management Based on Domain Separation
    Kim, GeonLyang
    Jeon, YongSung
    Kim, JeongNyeo
    2016 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC 2016): TOWARDS SMARTER HYPER-CONNECTED WORLD, 2016, : 918 - 920
  • [37] Secure cash withdrawal through mobile phone/device
    Arabo, Abdullahi
    2008 INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATION ENGINEERING, VOLS 1-3, 2008, : 818 - 822
  • [38] SEEMQTT: Secure End-to-End MQTT-Based Communication for Mobile IoT Systems Using Secret Sharing and Trust Delegation
    Hamad, Mohammad
    Finkenzeller, Andreas
    Liu, Hangmao
    Lauinger, Jan
    Prevelakis, Vassilis
    Steinhorst, Sebastian
    IEEE INTERNET OF THINGS JOURNAL, 2023, 10 (04) : 3384 - 3406
  • [39] A Secure IoT-Fog-Cloud Framework Using Blockchain Based on DAT for Mobile IoT
    Lee, Joong-Lyul
    Kerns, Stephen C.
    Hong, Sangjin
    2019 IEEE 10TH ANNUAL UBIQUITOUS COMPUTING, ELECTRONICS & MOBILE COMMUNICATION CONFERENCE (UEMCON), 2019, : 213 - 218
  • [40] Trust assessment for mobile crowdsensing via device fingerprinting
    Cui, Helei
    Liao, Jiahao
    Yu, Zhiwen
    Xie, Yanze
    Liu, Xiaoning
    Guo, Bin
    ISA TRANSACTIONS, 2023, 141 : 93 - 102