Takayuki Sasaki, Koki Tomita, Yuto Hayaki, Seng Pei Liew, Norio Yamagaki
{"title":"Secure IoT Device Architecture Using TrustZone","authors":"Takayuki Sasaki, Koki Tomita, Yuto Hayaki, Seng Pei Liew, Norio Yamagaki","doi":"10.1109/SECONWorkshops50264.2020.9149772","DOIUrl":null,"url":null,"abstract":"IoT realizes efficient system such as smart cities, smart factories, and smart agriculture. However, there are risks of cyber attacks against the IoT with the potential to cause serious damage. To protect the IoT systems, protection of the entire system including end-point IoT devices is essential. However, existing software-based protection is insufficient against recent sophisticated attackers who disable or bypass security mechanisms. In this paper, to ensure correct operations of security mechanisms, we propose a secure IoT device architecture using TrustZone. A monitoring engine can be protected from attacks by deploying the engine in a secure world which is isolated from a non-secure. Here, a problem is that each secure and non-secure world has its own virtual memory and OS, thus the monitoring engine in the secure world cannot directly monitor software in the non-secure world. To cope with the semantic gap between the non-secure world and the secure world, the proposed architecture has two monitoring engines: a monitoring engine in the non-secure world for measuring software in the non-secure world and a monitoring engine in secure world for attesting the engine in non-secure world. Moreover, we implement the architecture and show the proposed architecture is feasible on the basis of its evaluation results.","PeriodicalId":341927,"journal":{"name":"2020 IEEE International Conference on Sensing, Communication and Networking (SECON Workshops)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE International Conference on Sensing, Communication and Networking (SECON Workshops)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECONWorkshops50264.2020.9149772","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
IoT realizes efficient system such as smart cities, smart factories, and smart agriculture. However, there are risks of cyber attacks against the IoT with the potential to cause serious damage. To protect the IoT systems, protection of the entire system including end-point IoT devices is essential. However, existing software-based protection is insufficient against recent sophisticated attackers who disable or bypass security mechanisms. In this paper, to ensure correct operations of security mechanisms, we propose a secure IoT device architecture using TrustZone. A monitoring engine can be protected from attacks by deploying the engine in a secure world which is isolated from a non-secure. Here, a problem is that each secure and non-secure world has its own virtual memory and OS, thus the monitoring engine in the secure world cannot directly monitor software in the non-secure world. To cope with the semantic gap between the non-secure world and the secure world, the proposed architecture has two monitoring engines: a monitoring engine in the non-secure world for measuring software in the non-secure world and a monitoring engine in secure world for attesting the engine in non-secure world. Moreover, we implement the architecture and show the proposed architecture is feasible on the basis of its evaluation results.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
