Establishing Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments. / Shepherd, Carlton; Akram, Raja; Markantonakis, Konstantinos.

12th International Conference on Availability, Reliability and Security (ARES '17). ACM, 2017. p. 1-10.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Documents

Abstract

Remote and largely unattended sensing devices are being deployed rapidly in sensitive environments, such as healthcare, in the home, and on corporate premises. A major challenge, however, is trusting data from such devices to inform critical decision-making using standardised trust mechanisms. Previous attempts have focused heavily on Trusted Platform Modules (TPMs) as a root of trust, but these forgo desirable features of recent developments, namely Trusted Execution Environments (TEEs), such as Intel SGX and the GlobalPlatform TEE. In this paper, we contrast the application of TEEs in trusted sensing devices with TPMs, and raise the challenge of secure TEE-to-TEE communication between remote devices with mutual trust assurances. To this end, we present a novel secure and trusted channel protocol that performs mutual remote attestation in a single run for small-scale devices with TEEs. This is evaluated on two ARM development boards hosting GlobalPlatform-compliant TEEs, yielding approximately four-times overhead versus untrusted world TLS and SSH. Our work provides strong resilience to integrity and confidentiality attacks from untrusted world adversaries, facilitates TEE interoperability, and is subjected to mechanical formal analysis using Scyther.
Original languageEnglish
Title of host publication12th International Conference on Availability, Reliability and Security (ARES '17)
PublisherACM
Pages1-10
Number of pages10
DOIs
StatePublished - 29 Aug 2017
Event12th International Conference on Availability, Reliability and Security - Reggio Calabria, Italy

Conference

Conference12th International Conference on Availability, Reliability and Security
Abbreviated titleARES '17
CountryItaly
CityReggio Calabria
Period29/08/1731/08/17
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 28168234