Research on Trusted Execution Environment Building Technology Based on TrustZone

doi:10.3969/j.issn.1671-1122.2016.03.004

Abstract

Abstract:

As a technique for protecting data and programs, compared with the traditional security technology, the trusted execution environment (TEE) can actively prevent threats from outside and ensure the safety of host more effectively by means of hardware aided isolation. With the extensive application of the ARM processor with the built-in TrustZone, trusted execution environment development has been paid increasing attentions. At present, there have been many open source TEE projects based on TrustZone, but their applications still face with problems because of the lack of corresponding standards. Taking Open-TEE as an example, this paper deeply studies the overall structure of TEE, analyzes the architecture of software layer and operational process, and proposes the development method of trusted application. The performances of deployment, development and memory footprint of some TEEs are compared through experiments. The development method of TEE proposed in this paper has good software architecture and is easy to be developed.

Key words: TrustZone, trusted execution environment, Open-TEE, ARM

CLC Number:

TP309

Guannan FAN, Pan DONG. Research on Trusted Execution Environment Building Technology Based on TrustZone[J]. Netinfo Security, 2016, 16(3): 21-27.

Figures/Tables 7

References 17

[1]	GlobalPlatform.
[2]	EKBERG J E. Securing Software Architectures for Trusted Processor Environments [EB/OL]. .
[3]	GlobalPlatform. Home Page [EB/OL]. .
[4]	Intel. SEP Driver[EB/OL]. ,2015-6-12.
[5]	Apple. iOS Security[EB/OL].,2015-12-1.
[6]	AZEMA J, FAYAD G. Shield Mobile Security Technology [EB/OL]. .
[7]	MCKEEB F,ALEXANDROVICH L,BERENZON A, et al. Innovative Instructions and Software Model for Isolated Execution [EB/OL]. .
[8]	马威,韩臻,成阳. 可信云计算中的多级管理机制研究[J]. 信息网络安全,2015(7):20-25.
[9]	ARM. ARM Security Technology-Building a Secure System Using TrustZone Technology[EB/OL]. .
[10]	ARM.TrustZone [EB/OL]. .
[11]	黄强,张德华,汪伦伟.可信计算硬件设备虚拟化关键保障机制研究[J]. 信息网络安全,2015(9):70-73.
[12]	ARM. ARM Security Technology Building a Secure System Using TrustZone Technology [EB/OL]. .
[13]	李海威,范博,李文锋. 一种可信虚拟平台构建方法的研究和改进[J]. 信息网络安全,2015(1):1-5.
[14]	Linaro. OP-TEE[EB/OL]. ,2015-12-1.
[15]	MCGILLION B, DETTENBORN T, NYMAN T, et al. Open-TEE--An Open Virtual Trusted Execution Environment[C]// IEEE.Trustcom/BigDataSE/ISPA, 2015, August 20-22, 2015, Helsinki, Finland. New York:IEEE,2015(1): 400-407.
[16]	TrustKernel. T6[EB/OL].2015-8-23.
[17]	Android Open Source Project. Managing Your App's Memory[EB/OL]. .