DroidVault: A Trusted Data Vault for Android Devices

Mobile OSes and applications form a large, complex and vulnerability-prone software stack. In such an environment, security techniques to strongly protect sensitive data in mobile devices are important and challenging. To address such challenges, we introduce the concept of the trusted data vault, a small trusted engine that securely manages the storage and usage of sensitive data in an untrusted mobile device. In this paper, we design and build Droid Vault - the first realization of a trusted data vault on the Android platform. Droid Vault establishes a secure channel between data owners and data users while allowing data owners to enforce strong control over the sensitive data with a minimal trusted computing base (TCB). We prototype Droid Vault via the novel use of hardware security features of ARM processors, i.e., Trust Zone. Our evaluation demonstrates its functionality for processing sensitive data and its practicality for adoption in the real world.

[1]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[2]  Eva M. Sevick-Muraca,et al.  In vivo fluorescence imaging of cyanine derivative modified with epidermal growth factor EGF-Cy5.5 in a murine model of carcinogenesis , 2003, SPIE BiOS.

[3]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[4]  Joe Grand,et al.  A hardware-based memory acquisition procedure for digital investigations , 2004, Digit. Investig..

[5]  Paul England,et al.  NGSCB: A Trusted Open System , 2004, ACISP.

[6]  David Lie,et al.  Splitting interfaces: making trust between applications and operating systems configurable , 2006, OSDI '06.

[7]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[8]  Jean-Pierre Seifert,et al.  A trusted mobile phone reference architecturevia secure kernel , 2007, STC '07.

[9]  William Enck,et al.  Mitigating Android Software Misuse Before It Happens , 2008 .

[10]  Johannes Winter,et al.  Trusted computing building blocks for embedded linux-based ARM trustzone platforms , 2008, STC '08.

[11]  Hermann Härtig,et al.  VPFS: building a virtual private file system with a small trusted computing base , 2008, Eurosys '08.

[12]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[13]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[14]  Patrick D. McDaniel,et al.  Semantically Rich Application-Centric Security in Android , 2009, 2009 Annual Computer Security Applications Conference.

[15]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[16]  Butler W. Lampson,et al.  Usable Security: How to Get It , 2009 .

[17]  N. Asokan,et al.  On-board credentials with open provisioning , 2009, ASIACCS '09.

[18]  Ahmad-Reza Sadeghi,et al.  Privilege Escalation Attacks on Android , 2010, ISC.

[19]  Arati Baliga,et al.  Rootkits on smart phones: attacks, implications and opportunities , 2010, HotMobile '10.

[20]  Johannes Winter,et al.  Towards customizable, application specific mobile trusted modules , 2010, STC '10.

[21]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[22]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.

[23]  Matthias Lange,et al.  L4Android: a generic operating system framework for secure smartphones , 2011, SPSM '11.

[24]  Helen J. Wang,et al.  Permission Re-Delegation: Attacks and Defenses , 2011, USENIX Security Symposium.

[25]  Sri Vasavi AES Algorithm Implementation using ARM Processor , 2011 .

[26]  Jeremy Andrus,et al.  Cells: a virtual mobile smartphone architecture , 2011, SOSP '11.

[27]  Alec Wolman,et al.  Trusted language runtime (TLR): enabling trusted applications on smartphones , 2011, HotMobile '11.

[28]  Yajin Zhou,et al.  Taming Information-Stealing Smartphone Applications (on Android) , 2011, TRUST.

[29]  Helen J. Wang,et al.  Enabling Security in Cloud Storage SLAs with CloudProof , 2011, USENIX Annual Technical Conference.

[30]  Ahmad-Reza Sadeghi,et al.  Practical and lightweight domain isolation on Android , 2011, SPSM '11.

[31]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[32]  T. R. Babu AES Algorithm Implementation using ARM Processor , 2011 .

[33]  Alastair R. Beresford,et al.  MockDroid: trading privacy for application functionality on smartphones , 2011, HotMobile '11.

[34]  Seungyeop Han,et al.  These aren't the droids you're looking for: retrofitting android to protect data from imperious applications , 2011, CCS '11.

[35]  Elaine Shi,et al.  Do You Know Where Your Data Are? Secure Data Capsules for Deployable Data Protection , 2011, HotOS.

[36]  T. R. Babu,et al.  Implementation of AES algorithm on ARM , 2011, ICWET.

[37]  Yang Tang,et al.  CleanOS: Limiting Mobile Data Exposure with Idle Eviction , 2012, OSDI.

[38]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[39]  David A. Wagner,et al.  AdDroid: privilege separation for applications and advertisers in Android , 2012, ASIACCS '12.

[40]  Krishna P. Gummadi,et al.  Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services , 2012, USENIX Security Symposium.

[41]  David A. Wagner,et al.  Reducing attack surfaces for intra-application communication in android , 2012, SPSM '12.

[42]  Xuxian Jiang,et al.  Unsafe exposure analysis of mobile in-app advertisements , 2012, WISEC '12.

[43]  Joachim Posegga,et al.  Kynoid: Real-Time Enforcement of Fine-Grained, User-Defined, and Data-Centric Security Policies for Android , 2012, WISTP.

[44]  James Newsome,et al.  Trustworthy Execution on Mobile Devices: What Security Properties Can My Mobile Platform Give Me? , 2012, TRUST.

[45]  Wenke Lee,et al.  CHEX: statically vetting Android apps for component hijacking vulnerabilities , 2012, CCS.

[46]  Shashi Shekhar,et al.  AdSplit: Separating Smartphone Advertising from Applications , 2012, USENIX Security Symposium.

[47]  Joachim Posegga,et al.  Constroid: data-centric access control for android , 2012, SAC '12.

[48]  Yajin Zhou,et al.  Systematic Detection of Capability Leaks in Stock Android Smartphones , 2012, NDSS.

[49]  Ruby B. Lee,et al.  A software-hardware architecture for self-protecting data , 2012, CCS.

[50]  Adrian Perrig,et al.  Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms , 2012, TRUST.

[51]  Vitaly Shmatikov,et al.  The most dangerous code in the world: validating SSL certificates in non-browser software , 2012, CCS.

[52]  Mads Dam,et al.  TreeDroid: a tree automaton based approach to enforcing data processing policies , 2012, CCS '12.

[53]  James Newsome,et al.  Building Verifiable Trusted Path on Commodity x86 Computers , 2012, 2012 IEEE Symposium on Security and Privacy.

[54]  Ross J. Anderson,et al.  Aurasium: Practical Policy Enforcement for Android Applications , 2012, USENIX Security Symposium.

[55]  Johannes Köstler,et al.  Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android , 2013, Inf. Secur. Tech. Rep..