Show simple item record

dc.contributor.authorLoughlin, Kevin
dc.date.accessioned2019-03-26T11:07:52Z
dc.date.created2018-05
dc.date.issued2018-06-29
dc.date.submitted2018
dc.identifier.urihttp://nrs.harvard.edu/urn-3:HUL.InstRepos:38811558*
dc.description.abstractModern device manufacturers often rely on a combination of hardware-assisted virtualization and privileged software to isolate a security-critical trusted execution environment (TEE) from a general-purpose rich execution environment (REE). Prior EE isolation technologies have required software support due to both the complexity of their models and a lack of fully-virtualizable phones (i.e., phones in which every physical resource can be virtualized by the hardware). Unfortunately, EE isolation models such as ARM TrustZone expect the privileged software to manage a complex set of inter-EE tasks, resulting in a large threat surface for attackers wishing to bypass EE isolation. We propose that by removing unnecessary inter-EE functionality and expanding native hardware virtualization throughout the device, we can achieve EE isolation purely via hardware-based isolation mechanisms. We present TEE-BONE, the first smartphone EE isolation technology to implement all EE isolation mechanisms and policies in the device's hardware. At phone manufacture time, the manufacturer creates a static, immutable partitioning of the virtual resources belonging to each hardware component. TEE-BONE provides no mechanisms for inter-EE communication, prohibits simultaneous execution of EEs, and requires human-hardware interaction to switch between EEs. By placing these restrictions on EE usage, TEE-BONE can eliminate complex trusted software and its associated threat surface. We argue that this approach will improve security while imposing minimal degradation of phone usability.
dc.format.mimetypeapplication/pdf
dc.language.isoen
dash.licenseLAA
dc.subjectComputer Science
dc.titleTEE-BONE: Securing Smartphone Apps Using Hardware-Only Isolation Primitives
dc.typeThesis or Dissertation
dash.depositing.authorLoughlin, Kevin
dc.date.available2019-03-26T11:07:52Z
thesis.degree.date2018
thesis.degree.grantorHarvard College
thesis.degree.levelUndergraduate
thesis.degree.nameAB
dc.type.materialtext
thesis.degree.departmentComputer Science
dash.identifier.vireohttp://etds.lib.harvard.edu/college/admin/view/292
dash.author.emailkevin@kevinloughlin.org


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record