Secure Application Execution in Mobile Devices

Mehari Msgna, Houda Ferradi, Raja Akram, Konstantinos Markantonakis

Research output: Chapter in Book/Report/Conference proceedingChapter

148 Downloads (Pure)

Abstract

Smart phones have rapidly become hand-held mobile devices capable of sustaining multiple applications. Some of these applications allow access to services including healthcare, financial and online social networks and are becoming common in the smart phone environment. From a security and privacy point of view, this seismic shift is creating new challenges, as the smart phone environment is becoming a suitable platform for security- and privacy-sensitive applications. The need for a strong security architecture for this environment is becoming paramount, especially from the point of view of Secure Application Execution (SAE). In this chapter, we explore SAE for applications on smart phone platforms, to ensure application execution is undertaken as expected by the application provider. Most of the proposed SAE proposals are based on having a secure and trusted embedded chip on the smart phone. Examples include the GlobalPlatform Trusted Execution Environment, M-Shield and Mobile Trusted Module. These additional hardware components, referred to as secure and trusted devices, provide a secure environment in which the applications can execute security-critical code and/or store data. These secure and trusted devices can become the target of malicious entities; therefore, we need to have a strong framework to validate and secure the code execution on such devices. This chapter discusses how we can provide an assurance that applications executing on such devices are secure by validating the secure and trusted hardware.
Original languageEnglish
Title of host publicationThe New Codebreakers
Subtitle of host publicationEssays Dedicated to David Kahn on the Occasion of His 85th Birthday
EditorsPeter A. Ryan, David Naccache, Jean-Jacques Quisquater
PublisherSpringer
Pages417-438
Number of pages22
ISBN (Electronic)978-3-662-49301-4
ISBN (Print)978-3-662-49300-7
DOIs
Publication statusPublished - 18 Mar 2016

Publication series

NameLecture Notes in Computer Science
Volume9100
NameSecurity and Cryptology - sub series

Cite this