Abstract
Currently, trusted execution environment technologies are widely used to enhance the security of connected devices such as mobile phones and tablets. The trusted operating system is the core component of a trusted execution environment solution, but the trusted operating system itself may face security challenges. The main reason is that the trusted operating system needs to provide different services for different application scenarios, which makes its function more complicated and further increases the code size. In most trusted execution environment solutions, the trusted operating system is based on Monolithic kernel architecture. This will inevitably face security issues such as software defects and lack of isolation between components. In this paper, we propose a scheme for design secure trusted operating system based on a microkernel architecture. In our scheme, we take the modified take-grant model as the system security model and design a discretionary access control mechanism based on the capability system. We implemented our secure trusted operating system on the i.MX6Q platform. The test results show that it works properly and meets the requirements of the GP TEE specifications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ekberg JE, Kostiainen K, Asokan N (2013) Trusted execution environments on mobile devices. In: Proceedings of the 2013 ACM SIGSAC conference on computer and communications security. ACM, pp 1497–1498
GlobalPlatform (2018) TEE System Architecture, version 1.0 [EB/OL]. https://globalplatform.org/specs-library/?filter-committee=tee
Arm A (2009) Security technology-building a secure system using TrustZone technology. ARM Technical White Paper
Sabt M, Achemlal M, Bouabdallah A (2015) Trusted execution environment: what it is, and what it is not. In: 14th IEEE international conference on trust, security and privacy in computing and communications
GlobalPlatform (2018) TEE Internal Core API Specification, version 1.2 [EB/OL]. https://globalplatform.org/specs-library/?filter-committee=tee
Roch B (2004) Monolithic kernel versus microkernel: TU Wien 10(4):1–6
De Goyeneche JM, De Sousa EAF (1999) Loadable Kernel Modules. IEEE Softw 16(1):65–71
Golftheman (2008) Monolith-, Micro- and a Hybrid Kernel [EB/OL]. https://upload.wikimedia.org/wikipedia/commons/d/d0/OS-structure2.svg:Wikipedia
Li W, Ma M, Han J et al (2014) Building trusted path on untrusted device drivers for mobile devices. In: Proceedings of 5th Asia-Pacific workshop on systems. ACM, p 8
Qualcomm (2018) Snapdragon security [EB/OL]. https://www.qualcomm.com/solutions/mobile-computing/features/security
Lee Y, Kim J, Lim KS et al (2018) Secure mobile device structure for trust IoT. J Supercomput 74(12):6646–6664
Trustonic. Trustonic Kinibi technology [EB/OL]. https://developer.trustonic.com/discover/technology.
Sierraware (2014) Open virtualization build and boot guide for arm V7 AND arm V8, Version 2.5.0.1 [EB/OL]. http://www.openvirtualization.org/SierraTEE_build_and_boot_guide.pdf
Mendoza S (2018) Open portable trusted execution environment [EB/OL]. https://www.op-tee.org/
Malaiya YK, Denton J (1997) Estimating defect density using test coverage. Rapport Technique CS-98–104 6, Colorado State University
Atamli-Reineh A, Borgaonkar R, Balisane RA et al (2016) Analysis of trusted execution environment usage in samsung KNOX. In: Proceedings of the 1st workshop on system software for trusted execution. ACM, p 7.
Kim D, Jung Y, Toh KA et al (2016) An empirical study on iris recognition in a mobile phone. Expert Syst Appl 54:328–339
Heiser G (2005) Secure embedded systems need microkernels. USENIX; Login 30(6):9–13
Heiser G, Elphinstone K, Kuz I et al (2007) Towards trustworthy computing systems: taking microkernels to the next level. ACM SIGOPS Oper Syst Rev 41(4):3–11
Heiser G, Elphinstone K (2016) L4 microkernels: The lessons from 20 years of research and deployment. ACM Trans Comput Syst (TOCS) 34(1):1
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Li, D.J., Wang, H., Tang, X.K., Yang, L.X., Shen, C.F., Xiao, K. (2022). Secure Trusted Operating System Based on Microkernel Architecture. In: Yang, XS., Sherratt, S., Dey, N., Joshi, A. (eds) Proceedings of Sixth International Congress on Information and Communication Technology. Lecture Notes in Networks and Systems, vol 216. Springer, Singapore. https://doi.org/10.1007/978-981-16-1781-2_17
Download citation
DOI: https://doi.org/10.1007/978-981-16-1781-2_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-1780-5
Online ISBN: 978-981-16-1781-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)