TY - CHAP
T1 - Secure Application Execution in Mobile Devices
AU - Msgna, Mehari
AU - Ferradi, Houda
AU - Akram, Raja
AU - Markantonakis, Konstantinos
PY - 2016/3/18
Y1 - 2016/3/18
N2 - Smart phones have rapidly become hand-held mobile devices capable of sustaining multiple applications. Some of these applications allow access to services including healthcare, financial and online social networks and are becoming common in the smart phone environment. From a security and privacy point of view, this seismic shift is creating new challenges, as the smart phone environment is becoming a suitable platform for security- and privacy-sensitive applications. The need for a strong security architecture for this environment is becoming paramount, especially from the point of view of Secure Application Execution (SAE). In this chapter, we explore SAE for applications on smart phone platforms, to ensure application execution is undertaken as expected by the application provider. Most of the proposed SAE proposals are based on having a secure and trusted embedded chip on the smart phone. Examples include the GlobalPlatform Trusted Execution Environment, M-Shield and Mobile Trusted Module. These additional hardware components, referred to as secure and trusted devices, provide a secure environment in which the applications can execute security-critical code and/or store data. These secure and trusted devices can become the target of malicious entities; therefore, we need to have a strong framework to validate and secure the code execution on such devices. This chapter discusses how we can provide an assurance that applications executing on such devices are secure by validating the secure and trusted hardware.
AB - Smart phones have rapidly become hand-held mobile devices capable of sustaining multiple applications. Some of these applications allow access to services including healthcare, financial and online social networks and are becoming common in the smart phone environment. From a security and privacy point of view, this seismic shift is creating new challenges, as the smart phone environment is becoming a suitable platform for security- and privacy-sensitive applications. The need for a strong security architecture for this environment is becoming paramount, especially from the point of view of Secure Application Execution (SAE). In this chapter, we explore SAE for applications on smart phone platforms, to ensure application execution is undertaken as expected by the application provider. Most of the proposed SAE proposals are based on having a secure and trusted embedded chip on the smart phone. Examples include the GlobalPlatform Trusted Execution Environment, M-Shield and Mobile Trusted Module. These additional hardware components, referred to as secure and trusted devices, provide a secure environment in which the applications can execute security-critical code and/or store data. These secure and trusted devices can become the target of malicious entities; therefore, we need to have a strong framework to validate and secure the code execution on such devices. This chapter discusses how we can provide an assurance that applications executing on such devices are secure by validating the secure and trusted hardware.
U2 - 10.1007/978-3-662-49301-4_26
DO - 10.1007/978-3-662-49301-4_26
M3 - Chapter
SN - 978-3-662-49300-7
T3 - Lecture Notes in Computer Science
SP - 417
EP - 438
BT - The New Codebreakers
A2 - Ryan, Peter A.
A2 - Naccache, David
A2 - Quisquater, Jean-Jacques
PB - Springer
ER -