Ecosystems of Trusted Execution Environment on smartphones - a potentially bumpy road. / Umar, Assad; Akram, Raja Naeem; Mayes, Keith; Markantonakis, Konstantinos.
Mobile and Secure Services (MobiSecServ), 2017 Third International Conference on. ed. / P Urien; S Piramuthu. IEEE, 2017. p. 1-8.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Standard
Ecosystems of Trusted Execution Environment on smartphones - a potentially bumpy road. / Umar, Assad; Akram, Raja Naeem; Mayes, Keith; Markantonakis, Konstantinos.
Mobile and Secure Services (MobiSecServ), 2017 Third International Conference on. ed. / P Urien; S Piramuthu. IEEE, 2017. p. 1-8.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Harvard
APA
Vancouver
Author
BibTeX
}
RIS
TY - GEN
T1 - Ecosystems of Trusted Execution Environment on smartphones - a potentially bumpy road
AU - Umar, Assad
AU - Akram, Raja Naeem
AU - Mayes, Keith
AU - Markantonakis, Konstantinos
PY - 2017/3/27
Y1 - 2017/3/27
N2 - The advent of smartphones and the flexibility to have multiple applications serving the user's needs, has started a convergence of different services into a single device. Traditional services provided by mobile phones like voice and text communication became secondary to other domains like Online Social Network (OSN) and entertainment applications on smartphones. A similar trend is also happening for smart card services, in which traditional smart card services like banking, transport-ticketing and access control, are moving to smartphones. This transition from smart cards to smartphone is to a large extent, facilitated by Near Field Communication (NFC) technology which enables a smartphone to emulate a smart card. As the smart card services require a comparatively higher level of security than other applications on the smartphone. Initial proposals for this convergences were focused on secure elements. However, the ownership issues reminiscent of traditional smart card domain became the Achilles' heel. A potential way forward has been proposed by the Google Andriod in the shape of Host Card Emulation (HCE) to allow mobile phone applications to communicate via NFC. However to provide higher-level of security as required by smart card applications, a number of proposals have been put forward including the Trusted Execution Environment (TEE). In this paper, we will look into how the TEE fits into the overall picture of smart card services on a smartphone - provisioned via the HCE. We also analyse the current state of the art of TEE proposal and what potential ecosystem hurdles it might face due to the nature of current trends. Finally, we provide a potential pathway to overcome the ecosystem issues to achieve wide scale deployment, enabling secure services to individual users.
AB - The advent of smartphones and the flexibility to have multiple applications serving the user's needs, has started a convergence of different services into a single device. Traditional services provided by mobile phones like voice and text communication became secondary to other domains like Online Social Network (OSN) and entertainment applications on smartphones. A similar trend is also happening for smart card services, in which traditional smart card services like banking, transport-ticketing and access control, are moving to smartphones. This transition from smart cards to smartphone is to a large extent, facilitated by Near Field Communication (NFC) technology which enables a smartphone to emulate a smart card. As the smart card services require a comparatively higher level of security than other applications on the smartphone. Initial proposals for this convergences were focused on secure elements. However, the ownership issues reminiscent of traditional smart card domain became the Achilles' heel. A potential way forward has been proposed by the Google Andriod in the shape of Host Card Emulation (HCE) to allow mobile phone applications to communicate via NFC. However to provide higher-level of security as required by smart card applications, a number of proposals have been put forward including the Trusted Execution Environment (TEE). In this paper, we will look into how the TEE fits into the overall picture of smart card services on a smartphone - provisioned via the HCE. We also analyse the current state of the art of TEE proposal and what potential ecosystem hurdles it might face due to the nature of current trends. Finally, we provide a potential pathway to overcome the ecosystem issues to achieve wide scale deployment, enabling secure services to individual users.
U2 - 10.1109/MOBISECSERV.2017.7886559
DO - 10.1109/MOBISECSERV.2017.7886559
M3 - Conference contribution
SN - 978-1-5090-3633-2
SP - 1
EP - 8
BT - Mobile and Secure Services (MobiSecServ), 2017 Third International Conference on
A2 - Urien, P
A2 - Piramuthu, S
PB - IEEE
T2 - 3rd International Conference on Mobile and Secure Services (MobiSecServ)
Y2 - 11 February 2017 through 12 February 2017
ER -