Skip to main content
SpringerLink
Log in

Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms

  • Conference paper
Security and Privacy in Mobile Information and Communication Systems (MobiSec 2009)

Abstract

Integrity measurement and attestation mechanisms have already been developed for PC and server platforms, however, porting these technologies directly on mobile and resource-limited devices does not truly satisfy their performance constraints. Therefore, there are ongoing research efforts on mobile-efficient integrity measurement and attestation mechanisms. In this paper we propose a simple and efficient solution for this problem by considering the unique features of mobile phone devices. Our customized secure boot mechanism ensures that a platform can boot to a secure state. During runtime an information flow–based integrity model is leveraged to maintain high integrity status of the system. Our solution satisfies identified security goals of integrity measurement and attestation. We have implemented our solution on a LiMo compatible mobile phone platform.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Android, http://code.google.com/android/

  2. Cabir, http://www.f-secure.com/v-descs/cabir.shtml

  3. Cardblock, http://www.f-secure.com/v-descs/cardblock_a.shtml

  4. Dampig, http://www.f-secure.com/v-descs/dampig_a.shtml

  5. Doomboot, http://www.f-secure.com/v-descs/doomboot_a.shtml

  6. Fontal, http://www.f-secure.com/v-descs/fontal_a.shtml

  7. IBM integrity measurement architecture, http://domino.research.ibm.com/comm/research_projects.nsf/pages/ssd_ima.index.html

  8. Limo Foundation, http://www.limofoundation.org/en/technical-documents.html

  9. Locknut, http://www.f-secure.com/v-descs/locknut_e.shtml

  10. Mabir, http://www.f-secure.com/v-descs/mabir.shtml

  11. Mcafee Mobile Security Report (2008), http://www.mcafee.com/us/research/mobile_security_report_2008.html

  12. MTM Emulator, http://hemviken.fi/mtm/

  13. NSA Security-Enhanced Linux Example Policy, http://www.nsa.gov/selinux/

  14. OpenEZX, http://wiki.openezx.org/main_page

  15. Setools–policy analysis tools for selinux, http://oss.tresys.com/projects/setools

  16. Skulls, http://www.f-secure.com/v-descs/skulls.shtml

  17. TCG Mobile Reference Architecture Specification Version 1.0, https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf

  18. TCG TPM Main Part 1 Design Principles Specification Version 1.2, https://www.trustedcomputinggroup.org

  19. Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proc. of IEEE Conference on Security and Privacy, pp. 65–71 (1997)

    Google Scholar 

  20. Fraser, T.: LOMAC: MAC you can live with. In: Proc. of the 2001 Usenix Annual Technical Conference (2001)

    Google Scholar 

  21. Grawrock, D.: The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press (2006)

    Google Scholar 

  22. Hypponen, M.: State of cell phone malware in 2007 (2007), http://www.usenix.org/events/sec07/tech/hypponen.pdf

  23. Li, N., Mao, Z., Chen, H.: Usable mandatory integrity protections for operating systems. In: Proc. of IEEE Symposium on Security and Privacy (2007)

    Google Scholar 

  24. Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the linux operating system. In: Proc. of USENIX Annual Technical Conference, June 25-30, pp. 29–42 (2001)

    Google Scholar 

  25. Muthukumaran, D., Sawani, A., Schiffman, J., Jung, B.M., Jaeger, T.: Measuring integrity on mobile phone systems. In: Proc. of the 13th ACM Symposium on Access Control Models and Technologies (2008)

    Google Scholar 

  26. Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: USENIX Security Symposium (2004)

    Google Scholar 

  27. Strasser, M.: Software-based TPM emulator for linux. Semester Thesis, Department of Computer Science, Swiss Federal Institute of Technology Zurich (2004)

    Google Scholar 

  28. Thober, M., Pendergrass, J.A., McDonell, C.D.: Improving coherency of runtime integrity measurement. In: Proc. of the 3rd ACM workshop on Scalable Trusted Computing (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Samsung Information Systems America, San Jose, CA, USA

    Xinwen Zhang & Onur Acıiçmez

  2. Deutsche Telekom Laboratories and Technical University of Berlin, Germany

    Jean-Pierre Seifert

Authors
  1. Xinwen Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Onur Acıiçmez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jean-Pierre Seifert
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. novalyst IT AG, Robert-Bosch Str. 38, 61184, Karben, Germany

    Andreas U. Schmidt

  2. France Telecom R&D, Haidian District, 10F, South Twr., Raycom Infotech, Park C, 2 Science Institute South Rd.,, 100080, Beijing, China

    Shiguo Lian

Rights and permissions

Reprints and permissions

Copyright information

© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Zhang, X., Acıiçmez, O., Seifert, JP. (2009). Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms. In: Schmidt, A.U., Lian, S. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 17. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04434-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04434-2_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04433-5

  • Online ISBN: 978-3-642-04434-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation