MIPE: a practical memory integrity protection method in a trusted execution environment

With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.

[1]  Quan Chen,et al.  Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World , 2014, CCS.

[2]  Ahmad-Reza Sadeghi,et al.  Market-Driven Code Provisioning to Mobile Secure Hardware , 2015, Financial Cryptography.

[3]  Juan del Cuvillo,et al.  Using innovative instructions to create trustworthy software solutions , 2013, HASP '13.

[4]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[5]  Trent Jaeger,et al.  Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture , 2014, ArXiv.

[6]  Xiangyu Zhang,et al.  SPIDER: stealthy binary program instrumentation and debugging via hardware virtualization , 2013, ACSAC.

[7]  Alec Wolman,et al.  Using ARM trustzone to build a trusted language runtime for mobile applications , 2014, ASPLOS.

[8]  Sushil Jajodia,et al.  TrustDump: Reliable Memory Acquisition on Smartphones , 2014, ESORICS.

[9]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[10]  Tao Jiang,et al.  Security Analysis and Improvements on Two Homomorphic Authentication Schemes for Network Coding , 2016, IEEE Transactions on Information Forensics and Security.

[11]  Johannes Winter,et al.  Hardware-security technologies for industrial IoT: TrustZone and security controller , 2015, IECON 2015 - 41st Annual Conference of the IEEE Industrial Electronics Society.

[12]  Dianxiang Xu,et al.  Threat-driven modeling and verification of secure software using aspect-oriented Petri nets , 2006, IEEE Transactions on Software Engineering.

[13]  Diego Galar,et al.  TPM framework for underground mobile mining equipment; A case study , 2011 .

[14]  Tao Jiang,et al.  Security analysis of a homomorphic signature scheme for network coding , 2015, Secur. Commun. Networks.

[15]  Patrick Schaumont,et al.  Securing embedded systems , 2006, IEEE Security & Privacy.

[16]  R.F. Mills,et al.  Analyzing Attack Trees using Generalized Stochastic Petri Nets , 2006, 2006 IEEE Information Assurance Workshop.

[17]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[18]  Wei Ren,et al.  uLeepp: An Ultra-Lightweight Energy-Efficient and Privacy-Protected Scheme for Pervasive and Mobile WBSN-Cloud Communications , 2015, Ad Hoc Sens. Wirel. Networks.

[19]  Dianxiang Xu,et al.  A threat-driven approach to modeling and verifying secure software , 2005, ASE.

[20]  Philippe Bonnet,et al.  Towards an Open Framework Leveraging a Trusted Execution Environment , 2013, CSS.

[21]  Jiman Park,et al.  Design and implementation of Mobile Trusted Module for trusted mobile computing , 2010, 2010 Digest of Technical Papers International Conference on Consumer Electronics (ICCE).

[22]  Dongsu Han,et al.  A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications , 2015, HotNets.

[23]  Wei Ren,et al.  F2AC: A Lightweight, Fine-Grained, and Flexible Access Control Scheme for File Storage in Mobile Cloud Computing , 2016, Mob. Inf. Syst..

[24]  Sean W. Smith Secure Coprocessor , 2011, Encyclopedia of Cryptography and Security.

[25]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[26]  Shiyan Hu,et al.  A Computing Perspective on Smart City [Guest Editorial] , 2016, IEEE Trans. Computers.

[27]  Dianxiang Xu,et al.  A Threat Model Driven Approach for Security Testing , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[28]  Shiyan Hu,et al.  A Computing Perspective on Smart City , 2016 .