run-time security, trusted execution environment, hardware isolation, TrustZone
The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.
Tsinghua University Press
Rui Chang, Liehui Jiang, Wenzhi Chen et al. A TrustEnclave-Based Architecture for Ensuring Run-Time Security in Embedded Terminals. Tsinghua Science and Technology 2017, 22(5): 447-457.