Trusted execution environments (TEEs) are becoming a requirement to protect a wide range of platforms, from cloud servers to embedded sensors. In this paper, we take a first step towards providing a pure-software Trusted Execution Environment (TEE) for resource-constrained embedded devices that lack basic hardware-based security features, such as Memory Protection Units (MPUs). Our key instrument in providing the features of TEEs is a formally-verified software-based memory isolation technique called the Security MicroVisor (SµV), that serves as a programmable trusted layer, which provides isolation by policing and regulating the execution of assembly-level instructions. This paper contributes the first architecture of a pure software TEE that supports all of the features that have been standardized by the GlobalPlatform Organization. Our implementation and evaluation results demonstrate the feasibility of implementing a standards-compliant software-based TEE for low-end embedded devices without hardware support or modification that has proven security against all networked attacks.

Towards a standards-compliant pure-software trusted execution environment for resource-constrained embedded devices / Janjua, H.; Ammar, M.; Crispo, B.; Hughes, D.. - (2019), pp. 1-6. (Intervento presentato al convegno 4th Workshop on System Software for Trusted Execution, SysTEX 2019 tenutosi a can nel 2019) [10.1145/3342559.3365338].

Towards a standards-compliant pure-software trusted execution environment for resource-constrained embedded devices

Crispo B.;
2019-01-01

Abstract

Trusted execution environments (TEEs) are becoming a requirement to protect a wide range of platforms, from cloud servers to embedded sensors. In this paper, we take a first step towards providing a pure-software Trusted Execution Environment (TEE) for resource-constrained embedded devices that lack basic hardware-based security features, such as Memory Protection Units (MPUs). Our key instrument in providing the features of TEEs is a formally-verified software-based memory isolation technique called the Security MicroVisor (SµV), that serves as a programmable trusted layer, which provides isolation by policing and regulating the execution of assembly-level instructions. This paper contributes the first architecture of a pure software TEE that supports all of the features that have been standardized by the GlobalPlatform Organization. Our implementation and evaluation results demonstrate the feasibility of implementing a standards-compliant software-based TEE for low-end embedded devices without hardware support or modification that has proven security against all networked attacks.
2019
Proceedings of the 4th Workshop on System Software for Trusted Execution, SysTEX 2019
Huntsville, Ontario, Canada
Association for Computing Machinery, Inc
9781450368889
Janjua, H.; Ammar, M.; Crispo, B.; Hughes, D.
Towards a standards-compliant pure-software trusted execution environment for resource-constrained embedded devices / Janjua, H.; Ammar, M.; Crispo, B.; Hughes, D.. - (2019), pp. 1-6. (Intervento presentato al convegno 4th Workshop on System Software for Trusted Execution, SysTEX 2019 tenutosi a can nel 2019) [10.1145/3342559.3365338].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/288987
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact