The Trade-Off Between Performance and Security of Virtualized Trusted Execution Environment on Android  

作　　者：Thien-Phuc Doan Ngoc-Tu Chau Jungsoo Park Souhwan Jung 

机构地区：[1]Soongsil University,Seoul,06978,Korea

出　　处：《Computer Systems Science & Engineering》2023年第9期3059-3073,共15页计算机系统科学与工程（英文）

基　　金：This work was partly supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea Government(MSIT),(No.2020-0-00952,Development of 5G edge security technology for ensuring 5G+service stability and availability,50%);the Institute of Information and Communications Technology Planning and Evaluation(IITP)grant funded by the MSIT(Ministry of Science and ICT),Korea(No.IITP-2022-2020-0-01602,ITRC(Information Technology Research Center)support program,50%).

摘　　要：Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.

关 键 词：Mobile security trusted execution model virtualized trusted execution environment HYPERVISOR 

分 类 号：TP39[自动化与计算机技术—计算机应用技术]