Trust is vital for arbitrary entities to interact and cooperate. These entities may have different security requirements. Trust allows them to ensure that they will behave correctly and fulfill each other's security requirements as well as assure their privacy. A Trusted Execution Environment (TEE) is one available technology that can be used to establish trust between entities. TEEs are widely deployed on device platforms, and recently they have also begun to appear on server platforms. In multilateral scenarios, hardware-based TEEs allow us to build efficient protocols and systems for ensuring security requirements of the non-trusting entities and assuring their privacy. In this dissertation, I consider two separate use cases where trust is required at the user's end: hosting credentials such as electronic identity on users' devices (e.g. mobile phones), and using NFC-enabled devices for hosting public transport ticketing credentials. I present a TEE-based architecture for hosting different types of credentials securely on users' devices, and using them from the devices over various communication channels (e.g. USB and NFC). I also show how to use TEEs to assure user-to-device binding, and attest the level of security on devices for remote credential provisioning. These solutions are supported by implementations on real mobile devices with hardware TEEs based on ARM TrustZone. I also show an example of how to use TEEs to ensure users' data privacy while accessing services on third-party infrastructure. For this, I consider the use case of cloud-based mobile malware checking where users submit queries about their mobile applications to an untrusted server, which processes users' queries in a TEE and returns the results without learning anything about the content of the queries. A prototype of this service was built using two different hardware TEE platforms: ARM TrustZone and Intel SGX. The work described in this dissertation takes advantage of the programmability offered by TEEs to implement application-specific security functionality. However, other non-programmable trusted hardware, such as TPMs, can also be used as trust anchors. I compare and contrast programmable versus non-programmable trusted hardware, considering the functionality and interfaces each offers. Further, I present a categorization of credentials based on their migration policies and discuss possible mechanisms to migrate/share credentials among other devices belonging to the same users. I also discuss the importance of a trusted path for user-to-TEE interactions and present an overview of the currently available mechanisms to establish a trusted path. Finally, I describe how to leverage a combination of TEEs on users' devices as well as the infrastructure to enhance the security of applications and further develop new types of services.
|Julkaisun otsikon käännös||Applications of Trusted Execution Environments (TEEs)|
|Tila||Julkaistu - 2017|
|OKM-julkaisutyyppi||G5 Tohtorinväitöskirja (artikkeli)|