Abstract
Due to increasing demands for mobile security, the Trusted Computing Group organized a special group—Mobile Phone Working Group (MPWG) to deal with mobile security specification business. Though MPWG proposes an architecture of trusted mobile platform (TMP), it does not indicate specific technology for TMP. A general method to build a TMP is adopting virtualization method in a system, but it is very resource consuming. In this paper, we propose a new trusted mobile model using Domain Type Enforcement (DTE) to construct a secure surrounding with complete isolation and controlled communication between different entities of the system. The proposed DTE model is composed of two parts: the basic rules of configuring DTE and the system status transition. The former sets up corresponding domains and types of the DTE model, and the latter describes how to maintain security invariants of the systems’ status. Comparing with the conventional virtualization methods, the DTE model-based trusted mobile platform is more efficient and flexible in resource using and also easily realized in a SELinux operating system.
Similar content being viewed by others
References
Leavitt, N.: Mobile security: finally a serious problem? IEEE Comput. 44(6), 11–12 (2011)
Open Mobile Terminal Platform: Open source industry collaboration for widget and web technologies. http://bondi.omtp.org (2009). Accessed 26 June 2011
Morita, M., Ichikawa, Y., Terunuma, K., Seung, H.: LiMo foundation: toward a common Linux-based mobile platform. NTT DoCoMo Tech. J. 9(2), 41–46 (2007)
Buhse, W., van der Meer, J.: The open mobile alliance digital rights management. IEEE Signal Process. Mag. 24(1), 140–143 (2007)
Krishnaswamy, D., Hasbun, R.N., Brizek, J.P.: Secure manageable mobile handset platform architectures. IEEE Comm. Mag. 44(9), 158–165 (2006)
Schiffman, J., Moyer, T., Jaeger, T., McDaniel, P.: Network-based root of trust for installation. IEEE Secur. Priv. 9(1), 40–48 (2011)
Sadeghi, A.: Trusted computing—special aspects and challenges. In: Proceedings of SOFSEM 2008, High Tetras, LNCS 4910, Springer, pp. 98–117 (2008)
Aciicmez, O., Latifi, A, Seifert, J., Zhang, X.: A trusted mobile phone prototype. In: Proceedings of 5th IEEE Consumer Communications and Networking Conference (CCNC 2008), pp. 1208–1209 (2008)
Schmidt, A., Kuntze, N., Kasper, M.: On the deployment of mobile trusted modules. In: Proceedings of Wireless Communications and Networking Conference (WCNC 2008), pp. 3169–3174 (2008)
Carbone, M., Wenke, L., Zamboni, D.: Taming virtualization. IEEE Secur. Priv. 6(1), 65–67 (2008)
Sadeghi, A., Stble, C.: Taming “trusted computing” by operating system design. In: Proceddings of 4th International Workshop for Information Security Applications (LNCS 2908), pp. 286–302 (2003)
Dirk, K., Rainer, L., Hari, V. R., Matthias, S., Gianluca, R., Davide, V.: An open trusted computing architecturesecure virtual machines enabling userdefined policy enforcement. Technical Report RZ 3655, IBM Research (2006)
Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: Proceedings of the nineteenth ACM symposium on Operating systems principles, pp. 193–206 (2003)
Sailer, R., Jaeger, T., Valdez, E., Caceres, R., Perez, R., Berger, S., Grifen, J., van Doorn, L.: Building a MAC-based security architecture for the Xen opensource hypervisor. In: Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 276–285 (2005)
Weiwei, F., Changshegn, Z., Ying, Z., Liang, Z.: Research and application of trusted computing platform based on portable TPM. In: Processding of 2nd IEEE International Conference on Computing Science and Information Technology, pp. 506–509 (2009)
Alves, T., Felton, D.: TrustZone: integrated hardware and software securityenabling trusted computing in embedded systems. White paper, ARM (2004)
Caimu, T., Wu, D.O.: An efficient mobile authentication scheme for wireless networks. IEEE Trans. Wirel. Commun. 7(4), 1408–1416 (2008)
Bell, D.E.: Modeling the multipolicy machine. In: Proceedings of the New Security Paradigm Workshop, p. 2C9 (1994)
Daniel, M., Fernndez-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29(2), 244–253 (2007)
Jingwei, H., Nicol, D.: A formal-semantics CBased calculus of trust. IEEE Internet Comput. 14(5), 38–46 (2010)
Ji, M., Orgun, M.A.: Trust management and trust theory revision. IEEE Trans. Syst. Man Cybern. 36(3), 451–460 (2006)
Boebert, W.E., Kain, R.Y.: A practical alternative to hierarchical integrity policies. In: Proceedings of the 8th National Computer Security Conference, pp. 18–27 (1985)
OBrien, R., Rogers, C.: Developing applications on LOCK. In: Proceedings of 14th National Computer Security Conference, pp. 147–156 (1991)
Lavrac, N., Ljubic, P., Urbancic, T., Papa, G., Jermol, M., Bollhalter, S.: Trust modeling for networked organizations using reputation and collaboration estimates. IEEE Trans. Syst. Man Cybern. 37(3), 429–439 (2007)
Hallyn, S., Kearns, P.: Domain and type enforcement for Linux. In: Proceedings of the 4th Annual Linux Showcase and Conference, pp. 247–260 (2000)
Biba, K.J.: Integrity considerations for the secure computer systems. Bedford: ESD-TR-76-732 (1977)
Bell, D.E., LaPadula, L.J.: Secure computer systems: mathematical foundations and model. Mitre Corp. Report No. M74-244, Bedford, Mass (1975)
Clark, D.D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: Proceedings of IEEE Symposium on Security and Privacy, p. 184C194 (1987)
Fraser, T.: LOMAC: MAC you can live with. In: Proceedings of the 2001 Usenix Annual Technical Conference (2001)
Barr, K., Bungale, P., Deasy, S., Gyuris, V., Hung, P., Newell, C., Tuch, H., Zoppis, B.: The VMware mobile virtualization platform: is that a hypervisor in your pocket? SIGOPS Operating Systems Review (2010)
Selhorst, M., Stuble, C., Feldmann, F., Gnaida, U.: Towards a trusted mobile desktop. In TRUST (2010)
Xinwen, Z., Aciicmez, O, Seifert, J.P.: A trusted mobile phone reference architecture via secure kernel. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing (STC 07), pp. 7–14 (2007).
Liang, X., Xinwen, Z., Ashwin, C., et al.: Designing system-level defenses aganst cellphone malware. In: Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems (SRDS 09), pp. 83–90 (2009)
Google Inc.: Google Android. http://www.android.com/. Accessed 08 Feb 2012
Sven, B., Lucas, D., Alexandra, D., et al.: Practical and lightweight domain isolation on Android. In: Proceedings of the 1st ACM Workshop on Security and Provacy in Smartphones and Mobile Devices, pp. 51–62 (2011)
Shabtai, A., Fledel, Y., Elovici, Y.: Securing android-powered mobile devices using SELinux. IEEE Secur. Priv. 8(3), 36–44 (2010)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Li, T., Hu, A. Trusted mobile model based on DTE technology. Int. J. Inf. Secur. 14, 457–469 (2015). https://doi.org/10.1007/s10207-014-0266-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-014-0266-5