• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.05a
• /
• pp.168-169
• /
• 2019

Trusted Execution Environment(TEE), such as Intel SGX, AMD Secure Processor and ARM TrustZone, has recently been a rising issue. Trusted Execution Environment provides a secure and independent code execution, hardware-based, environment for untrusted OS. In this paper, we show that Trusted Execution Environment's research trends on its vulnerability and attack models. We classify the previous attack models, and summarize mitigations for each TEE environment.

• Smart Media Journal
• /
• v.5 no.4
• /
• pp.116-123
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices.

• Journal of Digital Convergence
• /
• v.14 no.12
• /
• pp.471-476
• /
• 2016

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2024.05a
• /
• pp.57-60
• /
• 2024

오늘날 데이터 보안이 점점 중요한 요소로 강조되고 있으며, 기술의 발전에 따라 데이터 중심의 워크로드 증가로 인해 메모리 대역폭의 병목 현상의 문제로 데이터 처리 속도의 제약이 발생하고 있다. 이에 따라 Processing-In-Memory(PIM) 라는 새로운 형태의 메모리가 연구 및 개발되고 있다. 본 논문은 새로운 메모리인 PIM 의 취약점을 파악하고 안전하게 데이터를 처리할 수 있도록 TEE(Trusted Execution Environment) 환경을 적용하여 PIM 의 보안성을 강화하는 새로운 보호 체계를 제안한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.4
• /
• pp.545-558
• /
• 2021

Recently, Confidential computing plays an important role in next-generation cloud technology along with the development of trusted execution environments(TEEs), as it guarantees the trustworthiness of applications despite of untrusted nature of the cloud. Both academia and industry have actively proposed commercialized confidential computing solutions based on Intel SGX technology. However, the lack of clear criteria makes developers difficult to select a proper confidential computing framework among the possible options when implementing TEE-based cloud applications. In this paper, we derive baseline metrics that help to clarify the pros and cons of each framework through in-depth comparative analysis against existing confidential computing frameworks. Based on the comparison, we propose criteria to application developers for effectively selecting an appropriate confidential computing framework according to the design purpose of TEE-based applications.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2022.11a
• /
• pp.234-236
• /
• 2022

딥러닝 원격 컴퓨팅 서비스(Deep Learning as a Service, DLaaS)가 널리 활용되면서 클라우드에서의 개인 정보 보호에 대한 우려가 커졌다. 신뢰실행환경(Trusted Execution Environment, TEE)는 운영체제의 접근까지 차단한 메인 프로세서의 보안 영역으로 DLaaS 환경에서의 개인 정보 보호 기법으로 채택되고 있다. 사용자의 데이터를 보호하면서 고성능 클라우드 환경을 활용하기 위해 신뢰실행환경을 활용한 딥러닝 모델 추론 연구들을 살펴보고자 한다.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.9
• /
• pp.305-316
• /
• 2022

With the flood of digital data owing to the Internet of Things and big data, cloud service providers that process and store vast amount of data from multiple users can apply duplicate data elimination technique for efficient data management. The user experience can be improved as the notion of edge computing paradigm is introduced as an extension of the cloud computing to improve problems such as network congestion to a central cloud server and reduced computational efficiency. However, the addition of a new edge device that is not entirely reliable in the edge computing may cause increase in the computational complexity for additional cryptographic operations to preserve data privacy in duplicate identification and elimination process. In this paper, we propose an efficiency-improved duplicate data elimination protocol while preserving data privacy with an optimized user-edge-cloud communication framework by utilizing a trusted execution environment. Direct sharing of secret information between the user and the central cloud server can minimize the computational complexity in edge devices and enables the use of efficient encryption algorithms at the side of cloud service providers. Users also improve the user experience by offloading data to edge devices, enabling duplicate elimination and independent activity. Through experiments, efficiency of the proposed scheme has been analyzed such as up to 78x improvements in computation during data outsourcing process compared to the previous study which does not exploit trusted execution environment in edge computing architecture.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.31 no.1
• /
• pp.73-81
• /
• 2021

When downloading files using an app or web-based application on the user's mobile phone, the path is set to be saved in the pre-defined default directory. Many applications requiring access to storage, including file managers, require a write or read permission of storage to provide numerous functions and services. This means that the application will have direct access to the download folder where the numerous files downloaded. In this paper, to prove our feasibility of attack using the security vulnerabilities mentioned above, we developed a file hacking function disguised as an encryption function in the file management application. The file that encrypted will be sent to hackers via E-mail simultaneously on the background. The developed application was evaluated from VirusTotal, a malicious analysis engine, was not detected as a malicious application in all 74 engines. Finally, in this paper, we propose a defense technique and an algorithm based on the Trusted Execution Environment (TEE) to supplement these storage vulnerabilities.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.267-269
• /
• 2021

Trusted Execution Environment(TEE) is an execution environment provided by CPU hardware to gain guarantee that the execution context is as expected by the execution requester. Remote attestation of the execution context naturally arises from the concept of TEEs. Many implementations of TEEs use cryptographic remote attestation methods. Though the implementation of attestation may be simple, the implementation of verification may be very complex and heavy. By using a server delegating the verification process of attestation information, one may produce lightweight binaries that may verify peers and establish a secure channel with verified peers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1455-1459
• /
• 2016

Recently, the frequency of dealing important information regarding financial services like paying through smart device or internet banking on smart device has been increasing. Also, with the development of smart device execution environment towards open software environment, it became easier for users to download and use random application software, and its security aspect appears to be weakening. This study will inspect features of hardware-based smart device security technology. Furthermore, this study will propose a realization method in MTM hardware-based secure smart device execution environment for application software runs that in smart device.