DOI QR코드

DOI QR Code

Efficient Security Method Using Mobile Virtualization Technology And Trustzone of ARM

모바일 가상화 기술과 ARM의 Trustzone을 사용한 효율적인 보안 방법

  • Received : 2014.08.12
  • Accepted : 2014.10.20
  • Published : 2014.10.28

Abstract

Today, a number of users using smartphone is very rapidly increasing by development of smartphone performance and providing various services. Also, they are using it for enjoying various services(cloud service, game, banking service, mobile office, etc.). today's mobile security solution is simply to detect malicious code or stay on the level of mobile device management. In particular, the services which use sensitive information, such as certificate, corporation document, personal credit card number, need the technology which are prevented from hacking and leaking it. Recently, interest of these mobile security problems are increasing, as the damage cases been occurred. To solve the problem, there is various security research such as mobile virtualization, ARM trustzone, GlobalPlatform for mobile device. Therefore, in this paper, I suggested efficient method that uses the mobile virtualization techniques of certification, security policy and access control, password/key management, safe storage, etc. and Trustzone of ARM for preventing information leakage and hacking.

최근, 스마트폰의 사용자 수는 스마트폰 성능 향상 및 다양한 서비스 제공으로 인해 매우 빠르게 증가하고 있다. 스마트폰 사용자들은 클라우드 서비스, 게임, 뱅킹 서비스, 모바일 서비스 등의 다양한 서비스를 사용한다. 오늘날의 모바일 보안 솔루션은 악성코드를 검출하거나 모바일 장치를 관리하는 수준에 그치고 있다. 이에 인증서, 법인 문서, 개인의 신용 카드 번호와 같은 보안에 민감한 정보에 대해 서비스 해킹 및 누설을 방지하는 기술이 필요하다. 모바일 보안 기술은 피해가 발생한 사례가 있었던 만큼 최근에 관심이 증가하고 있다. 이러한 문제를 해결하기 위해서 모바일 가상화, ARM Trustzone, Globalplatform과 같은 다양한 모바일 장치의 보안 기술이 연구되었다. 따라서 본 논문에서는 정보 유출 및 해킹을 방지하기 위한 인증, 보안 정책 및 액세스 제어, 암호/키 관리, 세이프 스토리지 등의 모바일 가상화 기술과 ARM의 Trustzone의 효율적인 방법을 제안한다.

Keywords

References

  1. Changbok Jang, Euiin Choi, "Context Model Based on Ontology in Mobile Cloud Computing", Communications in Computer and Information Science, Vol. 199, pp. 146-151, 2011 https://doi.org/10.1007/978-3-642-23312-8_18
  2. Hongbin Liang, "Resource allocation for security services in mobile cloud computing", Computer Communications Workshops(INFOCOM WKSHPS), pp. 191-195, 2011
  3. Guan Le, Ke Xu, Song Meina, Song, Junde, "A Survey of Research on Mobile Cloud Computing", Computer and Information Science (ICIS), pp. 387-392, 2011
  4. AMIT GOYAL and SARA DADIZADEH, "A Survey on Cloud Computing", University of British Columbia Technical Report for CS 508, 2009
  5. Young-Ho Kim, Jeong-Nyeo Kim, "Building Secure Execution Environment for Mobile Platform Computers", 2011 First ACIS/JNU International Conference, IEEE, pp.119-122, 2011.
  6. Young-Ho Kim, Yun-Kyung Lee, and Jeong-Nye Kim. "TeeMo: A Generic Trusted Execution Framework for Mobile Devices", Computers, Networks, Systems, and Industrial Application International Conference, SERSC, Vol. 8, pp. 579-583, 2012
  7. J. Bickford, R. O'Hare, A. Baliga, V. Ganapathy, and L. Iftode, "Rootkits on Smart Phones: Attacks, Implications and Opportunities," HotMobile '10 Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications, pp. 49-54, 2010.
  8. Trusted Computing Group, TCG Specification Architecture Overview Specification, revision 1.4, Aug., 2007.
  9. C. Linn and S. Debray, "Obfuscation of Executable Code to Improve Resistance to Static Disassembly," CCS '03 Proceedings of the 10th ACM conference on Computer and communications security, pp. 290-299, Oct. 2003.
  10. P. Barham et al., "Xen and the Art of Virtualization," ACM SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles, pp. 164-177, Oct. 2003.
  11. TCG, Mobile Trusted Module Specification, ver. 1.0, revision 6, June 2008.
  12. S. M. Lee, S. B. Suh, and B. Jeong, S. Mo, "A Multi-Layer Mandatory Access Control Mechanism for Mobile Devices Based on Virtualization," IEEE Consumer Communications and Networking Conference, pp. 251-256, Jan. 2008.
  13. J. Y. Hwang and S. B. Suh, "Xen-On-ARM: System Virtualization using Xen Hypervisor for ARM-based Secure Mobile Phones," IEEE Consumer Communications and Networking Conference, pp. 257-161, Jan. 2008.
  14. NFC mobile service standard consortium, "Dynamic management of multi-application secure elements," White Paper, 2008.
  15. R. Sailer, X. Zhang, T. Jeager, and L. Doorn, "Design and Implementation of a TCG-based Integrity Measurement Architecture," 13th USENIX Security Symposium, Vol. 13, Aug. 2004.
  16. T. Garfinkel and B. Pfaff, "Terra: A Virtual Machine-Based Platform for Trusted Computing,'' SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles, Vol. 37, No. 5, pp. 193-206, 2003.
  17. http://www.samsung.com/global/business/mobile/solution/security/samsung-knox
  18. http://searchmobilecomputing.techtarget.com/definition/mobile-device-management
  19. ARM Security Technology : Building a Secure System using TrustZone Technology, April 2009, ARM
  20. TrustZone API Specification Version 3.0, February 2009, ARM