skip to main content
10.1145/2527317.2527321acmconferencesArticle/Chapter ViewAbstractPublication PagesesweekConference Proceedingsconference-collections
research-article

Secure RPC in embedded systems: evaluation of some GlobalPlatform implementation alternatives

Published: 29 September 2013 Publication History

Abstract

In secure computing systems, isolation between different components is normally the basis for security. However, absolute isolation is seldom desired nor practical. Often for the system to function, a secure communication channel between otherwise isolated components is also needed. In this work, we will consider implementation of the secure Remote Procedure Call (RPC) mechanism defined by the GlobalPlatform specification on top of some different isolation mechanisms. Furthermore, implementation details, performance and security will be discussed.

References

[1]
C. Gehrmann, H. Douglas, and D. K. Nilsson. Are there good reasons for protecting mobile phones with hypervisors? In Consumer Communications and Networking Conference (CCNC), 2011 IEEE, pages 906--911, jan. 2011.
[2]
GlobalPlatform. TEE Client API Specification. GlobalPlatform, July 2010.
[3]
GlobalPlatform. TEE Internal API Specification v1.0. GlobalPlatform, December 2011.
[4]
GlobalPlatform. TEE System Architecture v1.0. GlobalPlatform, December 2011.
[5]
James Greene. Intel Trusted Execution Technology - Hardware-based Technology for Enhancing Server Platform Security. Intel, 2012.
[6]
Trusted Computing Group. TPM specification - Design Principles. Trusted Computing Group, 2011.
[7]
TU Dresden Operating Systems Group. The fiasco microkernel, 2011.
[8]
J. Liedtke. Improving ipc by kernel design. In Proceedings of the fourteenth ACM symposium on Operating systems principles, SOSP '93, 1993.
[9]
N. Nagappan, T. Ball, and A. Zeller. Mining metrics to predict component failures. In Proceedings of the 28th international conference on Software engineering, ICSE '06, pages 452--461, New York, NY, USA, 2006. ACM.
[10]
John Rushby. The design and verification of secure systems. In Eighth ACM Symposium on Operating System Principles (SOSP), pages 12--21, Asilomar, CA, December 1981. (ACM Operating Systems Review, Vol. 15, No. 5).
[11]
Casey Schaufler. Smack in embedded computing. In Proceedings of the Linux Symposium, pages 179--186, 2008.
[12]
Y. Shin and L. Williams. An initial study on the use of execution complexity metrics as indicators of software vulnerabilities. In Proceedings of the 7th International Workshop on Software Engineering for Secure Systems, SESS '11, pages 1--7, New York, NY, USA, 2011. ACM.
[13]
Sierraware. SierraTEE for ARM TrustZone. Sierraware LLC, 2013.
[14]
Sierraware. SierraVisor Hypervisor. Sierraware LLC, 2013.
[15]
S. Smalley and R. Craig. Security enhanced (se) android: Bringing flexible mac to android. 20th Annual Network and Distributed System Security Symposium (NDSS '13), February 2013.
[16]
ST-Ericsson. The NovaThor platforms for smartphones and tablets. ST-Ericsson, 2011.
[17]
ARM technical documentation. ARM Security Technology - Building a Secure System using TrustZone Technology. ARM, 2009.
[18]
Julien Tinnes. Linux null pointer dereference due to incorrect proto-ops initializations (cve-2009-2692), 2009.
[19]
Takashi Horie Toshiharu Harada and Kazuo Tanaka. Towards a manageable linux security, 2005.
[20]
Sander Van Vugt and Rick Clark. Pro Ubuntu Server Administration. Apress, 2009.
[21]
M. Weiss, B. Heinz, and F. Stumpf. A cache timing attack on aes in virtualization environments. In 14th International Conference on Financial Cryptography and Data Security (Financial Crypto 2012), Lecture Notes in Computer Science. Springer, 2012.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
WESS '13: Proceedings of the Workshop on Embedded Systems Security
September 2013
71 pages
ISBN:9781450321457
DOI:10.1145/2527317
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 September 2013

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. GlobalPlatform
  2. SELinux
  3. embedded systems
  4. hypervisors
  5. trusted execution environment

Qualifiers

  • Research-article

Conference

ESWEEK'13
ESWEEK'13: Ninth Embedded System Week
September 29 - October 4, 2013
Quebec, Montreal, Canada

Acceptance Rates

WESS '13 Paper Acceptance Rate 8 of 21 submissions, 38%;
Overall Acceptance Rate 8 of 21 submissions, 38%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 170
    Total Downloads
  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media