Ecosystems of Trusted Execution Environment on smartphones - a potentially bumpy road

Assad Umar, Raja Naeem Akram, Keith Mayes, Konstantinos Markantonakis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

450 Downloads (Pure)

Abstract

The advent of smartphones and the flexibility to have multiple applications serving the user's needs, has started a convergence of different services into a single device. Traditional services provided by mobile phones like voice and text communication became secondary to other domains like Online Social Network (OSN) and entertainment applications on smartphones. A similar trend is also happening for smart card services, in which traditional smart card services like banking, transport-ticketing and access control, are moving to smartphones. This transition from smart cards to smartphone is to a large extent, facilitated by Near Field Communication (NFC) technology which enables a smartphone to emulate a smart card. As the smart card services require a comparatively higher level of security than other applications on the smartphone. Initial proposals for this convergences were focused on secure elements. However, the ownership issues reminiscent of traditional smart card domain became the Achilles' heel. A potential way forward has been proposed by the Google Andriod in the shape of Host Card Emulation (HCE) to allow mobile phone applications to communicate via NFC. However to provide higher-level of security as required by smart card applications, a number of proposals have been put forward including the Trusted Execution Environment (TEE). In this paper, we will look into how the TEE fits into the overall picture of smart card services on a smartphone - provisioned via the HCE. We also analyse the current state of the art of TEE proposal and what potential ecosystem hurdles it might face due to the nature of current trends. Finally, we provide a potential pathway to overcome the ecosystem issues to achieve wide scale deployment, enabling secure services to individual users.
Original languageEnglish
Title of host publicationMobile and Secure Services (MobiSecServ), 2017 Third International Conference on
EditorsP Urien, S Piramuthu
PublisherIEEE
Pages1-8
Number of pages8
ISBN (Electronic)978-1-5090-3632-5
ISBN (Print)978-1-5090-3633-2
DOIs
Publication statusPublished - 27 Mar 2017
Event3rd International Conference on Mobile and Secure Services (MobiSecServ) - Miami Beach
Duration: 11 Feb 201712 Feb 2017

Conference

Conference3rd International Conference on Mobile and Secure Services (MobiSecServ)
CityMiami Beach
Period11/02/1712/02/17

Cite this