DroidVault: A Trusted Data Vault for Android Devices

Author

Xiaolei Li ; Hong Hu ; Guangdong Bai ; Yaoqi Jia ; Zhenkai Liang ; Saxena, Pratiksha

Author_Institution

Dept. of Comput. Sci., Nat. Univ. of Singapore, Singapore, Singapore

fYear

2014

fDate

4-7 Aug. 2014

Firstpage

29

Lastpage

38

Abstract

Mobile OSes and applications form a large, complex and vulnerability-prone software stack. In such an environment, security techniques to strongly protect sensitive data in mobile devices are important and challenging. To address such challenges, we introduce the concept of the trusted data vault, a small trusted engine that securely manages the storage and usage of sensitive data in an untrusted mobile device. In this paper, we design and build Droid Vault - the first realization of a trusted data vault on the Android platform. Droid Vault establishes a secure channel between data owners and data users while allowing data owners to enforce strong control over the sensitive data with a minimal trusted computing base (TCB). We prototype Droid Vault via the novel use of hardware security features of ARM processors, i.e., Trust Zone. Our evaluation demonstrates its functionality for processing sensitive data and its practicality for adoption in the real world.

Keywords

security of data; smart phones; trusted computing; ARM processors; Android platform; DroidVault; TCB; hardware security features; mobile devices; trusted computing base; trusted data vault; Androids; Bridges; Cryptography; Hardware; Humanoid robots; Servers; Mobile system security; Operating system security; Technologies for trustworthy computing;

fLanguage

English

Publisher

ieee

Conference_Titel

Engineering of Complex Computer Systems (ICECCS), 2014 19th International Conference on

Conference_Location

Tianjin

Print_ISBN

978-1-4799-5481-0

Type

conf

DOI

10.1109/ICECCS.2014.13

Filename

6923115