Abstract | Keywords | Export | Availability | Bookmark

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Smartphone devices are used more and more for tasks that rely on sensitive data, online banking, e-health and so on. While this is a natural evolution with respect to functionality, the security features of a smartphone are not as extensive as those of a personal computer. Many smartphone devices have an ARM System on Chip, equipped with ARM TrustZone by which the manufacturer attempts to increase the security of these devices. ARM TrustZone is a hardware security solution which provides a Trusted Execution Environment. With this capability, features like secure memory, trusted Input and Output, and process execution isolation are available. Smartphone manufacturers like Samsung utilize this ARM TrustZone framework to build up a security solution like Samsung KNOX. The downside of these solutions is that the manufacturer stays in control of the smartphone even after it has been sold. They decide which software is allowed to run on the device and which is not. To return the control and ownership to the users, the PinePhone has been introduced, an open smartphone with ARM TrustZone features. To access these Trusted Execution Environment functionalities a kernel is required. For this, there are also open source solutions like OP-TEE. The tools to obtain a secure open smartphone device exist, but they need to be put together along with security implementations to become a complete product. In this work, a crucial part of Remote Attestation has been looked at, namely measuring the integrity of applications running in the Normal World of the ARM TrustZone framework. Lots of research has been done to isolate applications in the Secure World from the rich Operating System. Also securing the data storage or the Input and Output channels related to these applications are common practice and well understood. Of course, the security of these applications is of utmost importance but this Secure World could also increase the security guarantees for the Normal World. One way of doing this is by allowing the Secure World to attest processes in the Normal World.