Graphical User Interface for Virtualized Mobile Handsets

Type-1 hypervisors have been suggested as a solution to bring your own device (BYOD) for their ability to enforce strong isolation. However, the lack of graphics acceleration support, crucial to good user experience, in mobile virtual machines (VMs) has limited the appeal of such solutions. We present a system architecture for providing access to graphics acceleration hardware to mobile VMs as well as a trusted and identifiable input and output path between the user and a VM. We built a prototype based on a small type-1 hypervisor and determined the GPU virtualization penalty on the performance to be only 5 %. A small impact on the trusted computing base (TCB) makes our architecture a viable solution even for high security demands.

[1]  Harvey Tuch,et al.  The VMware mobile virtualization platform: is that a hypervisor in your pocket? , 2010, OPSR.

[2]  Yaozu Dong,et al.  A Full GPU Virtualization Solution with Mediated Pass-Through , 2014, USENIX Annual Technical Conference.

[3]  Sang-Bum Suh,et al.  Xen on ARM: System Virtualization Using Xen Hypervisor for ARM-Based Secure Mobile Phones , 2008, 2008 5th IEEE Consumer Communications and Networking Conference.

[4]  Marta Piekarska,et al.  A Metric for the Evaluation and Comparison of Keylogger Performance , 2014, CSET.

[5]  Matthias Lange,et al.  Crossover: secure and usable user interface for mobile devices with multiple isolated OS personalities , 2013, ACSAC.

[6]  Andy Hopper,et al.  Virtual Network Computing , 1998, IEEE Internet Comput..

[7]  A. Porter Phishing on Mobile Devices , 2011 .

[8]  Jean-Pierre Seifert,et al.  Dark Side of the Shader: Mobile GPU-Aided Malware Delivery , 2013, ICISC.

[9]  Aurélien Francillon,et al.  Confidentiality Issues on a GPU in a Virtualized Environment , 2014, Financial Cryptography.

[10]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[11]  Jeremy Andrus,et al.  Cells: a virtual mobile smartphone architecture , 2011, SOSP '11.

[12]  Hongyang Li,et al.  Screenmilker: How to Milk Your Android Screen for Secrets , 2014, NDSS.

[13]  Matthias Lange,et al.  L4Android: a generic operating system framework for secure smartphones , 2011, SPSM '11.

[14]  Jian Li,et al.  A Virtualization Solution for BYOD With Dynamic Platform Context Switching , 2015, IEEE Micro.

[15]  Eyal de Lara,et al.  VMM-independent graphics acceleration , 2007, VEE '07.

[16]  Gordon Stoll,et al.  WireGL: a scalable graphics system for clusters , 2001, SIGGRAPH.

[17]  Ole Agesen,et al.  A comparison of software and hardware techniques for x86 virtualization , 2006, ASPLOS XII.

[18]  Jacob Gorm Hansen,et al.  Blink: Advanced Display Multiplexing for Virtualized Applications , 2007 .

[19]  Martin Schäler,et al.  Forensics on GPU Coprocessing in Databases - Research Challenges, First Experiments, and Countermeasures , 2013, BTW Workshops.

[20]  Norman Feske,et al.  A Nitpicker’s guide to a minimal-complexity secure GUI , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[21]  Steven Hand,et al.  Improving Xen security through disaggregation , 2008, VEE '08.

[22]  Ka-Ping Yee,et al.  User Interaction Design for Secure Systems , 2002, ICICS.

[23]  Jonathan S. Shapiro,et al.  Design of the EROS Trusted Window System , 2004, USENIX Security Symposium.

[24]  Jeremy Sugerman,et al.  GPU virtualization on VMware's hosted I/O architecture , 2008, OPSR.

[25]  Christopher Smowton Secure 3D graphics for virtual machines , 2009, EUROSEC '09.