Abstract
Integrity measurement and attestation mechanisms have already been developed for PC and server platforms, however, porting these technologies directly on mobile and resource-limited devices does not truly satisfy their performance constraints. Therefore, there are ongoing research efforts on mobile-efficient integrity measurement and attestation mechanisms. In this paper we propose a simple and efficient solution for this problem by considering the unique features of mobile phone devices. Our customized secure boot mechanism ensures that a platform can boot to a secure state. During runtime an information flow–based integrity model is leveraged to maintain high integrity status of the system. Our solution satisfies identified security goals of integrity measurement and attestation. We have implemented our solution on a LiMo compatible mobile phone platform.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Android, http://code.google.com/android/
Cardblock, http://www.f-secure.com/v-descs/cardblock_a.shtml
IBM integrity measurement architecture, http://domino.research.ibm.com/comm/research_projects.nsf/pages/ssd_ima.index.html
Limo Foundation, http://www.limofoundation.org/en/technical-documents.html
Mcafee Mobile Security Report (2008), http://www.mcafee.com/us/research/mobile_security_report_2008.html
MTM Emulator, http://hemviken.fi/mtm/
NSA Security-Enhanced Linux Example Policy, http://www.nsa.gov/selinux/
OpenEZX, http://wiki.openezx.org/main_page
Setools–policy analysis tools for selinux, http://oss.tresys.com/projects/setools
TCG Mobile Reference Architecture Specification Version 1.0, https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf
TCG TPM Main Part 1 Design Principles Specification Version 1.2, https://www.trustedcomputinggroup.org
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proc. of IEEE Conference on Security and Privacy, pp. 65–71 (1997)
Fraser, T.: LOMAC: MAC you can live with. In: Proc. of the 2001 Usenix Annual Technical Conference (2001)
Grawrock, D.: The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press (2006)
Hypponen, M.: State of cell phone malware in 2007 (2007), http://www.usenix.org/events/sec07/tech/hypponen.pdf
Li, N., Mao, Z., Chen, H.: Usable mandatory integrity protections for operating systems. In: Proc. of IEEE Symposium on Security and Privacy (2007)
Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the linux operating system. In: Proc. of USENIX Annual Technical Conference, June 25-30, pp. 29–42 (2001)
Muthukumaran, D., Sawani, A., Schiffman, J., Jung, B.M., Jaeger, T.: Measuring integrity on mobile phone systems. In: Proc. of the 13th ACM Symposium on Access Control Models and Technologies (2008)
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: USENIX Security Symposium (2004)
Strasser, M.: Software-based TPM emulator for linux. Semester Thesis, Department of Computer Science, Swiss Federal Institute of Technology Zurich (2004)
Thober, M., Pendergrass, J.A., McDonell, C.D.: Improving coherency of runtime integrity measurement. In: Proc. of the 3rd ACM workshop on Scalable Trusted Computing (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Zhang, X., Acıiçmez, O., Seifert, JP. (2009). Building Efficient Integrity Measurement and Attestation for Mobile Phone Platforms. In: Schmidt, A.U., Lian, S. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 17. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04434-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-04434-2_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04433-5
Online ISBN: 978-3-642-04434-2
eBook Packages: Computer ScienceComputer Science (R0)