Cited By
View all- Shuja JGani ABilal KKhan AMadani SKhan SZomaya A(2016)A Survey of Mobile Device VirtualizationACM Computing Surveys10.1145/289716449:1(1-36)Online publication date: 5-Apr-2016
Poster: TVisor - A Practical and Lightweight Mobile Red-Green Dual-OS Architecture
Page 485
Abstract
Mobile and embedded system software designer are often torn between choosing security and functionality. In particular, the security of out-of-band execution environment is sensitive to rich functionality. ARM TrustZone has been used to develop a Trusted Execution Environment (TEE), which runs in parallel with rich functionality commodity OS and provides an isolated and tamper-resistant execution context for trusted applications. ARM TrustZone splits access of the processor, memory and peripherals into two different worlds, namely normal world and secure world. The secure world is more privileged and the recommended context to implement TEE. However, despite the security of TrustZone TEE, the functionality is very limited.
Hardware virtualization could balance the tradeoff between security and functionality by creating two VMes atop of the hardware. However, most of embedded and mobile devices lack hardware virtualization support, which makes it hard to deploy.
Red-green dual-OS design, which provides a highly-protected and constrained trusted environment ("green" OS) to perform secure sensitive tasks and a general purpose environment ("red" OS) for all other tasks and applications, is an attractive design to achieve both security and functionality. Red-green dual-OS architecture uses resources partition instead of virtualization to achieve its goal and has been deployed in many mobile devices by running the red OS in normal world and the green OS in secure world of ARM TrustZone. However, even red-green dual-OS provides an isolated environment and rich functionality, the two OSes are not created equally: a compromise of the green OS would also result in the compromise of the red OS since secure world is more privileged.
We show that how TVisor, a lightweight dual-OS architecture that creates two born-equal OS and each of them could still use the secure services of TEE in secure world, balances security and functionality for mobile devices. TVisor could be deployed to many low-cost embedded and mobile devices which are equipped with ARM TrustZone but without hardware virtualization support.
Reference
[1]
T6: an arm trustzone based secure os for mobile devices. http://www.trustkernel.org, 2015.
Index Terms
- Poster: TVisor - A Practical and Lightweight Mobile Red-Green Dual-OS Architecture
Recommendations
POSTER: Towards Exposing Internet of Things: A Roadmap
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityConsidering the exponential increase of Internet of Things (IoT) devices there is also unforeseen vulnerabilities associated with these IoT devices. One of the major problems in the IoT is the security testing and analysis due to the heterogeneous ...
Poster: A Lightweight Live Migration Platform with Container-based Virtualization for System Resilience
MobiSys '17: Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and ServicesWhen integrated with push notifications, a live migration function can be used to ensure that systems have a high reliability in cases of hardware failures. However, the dependencies for a large range of hardware devices need to be addressed before ...
Student Research Poster: Network Controller Emulation on a Sidecore for Unmodified Virtual Machines
PACT '16: Proceedings of the 2016 International Conference on Parallel Architectures and CompilationParavirtual I/O devices are known to outperform emulated I/O devices but this performance improvement comes with two major drawbacks: Guest machine owners must install hypervisor-specific device drivers every time they switch hypervisors, and these ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
May 2015
516 pages
ISBN:9781450334945
DOI:10.1145/2742647
- General Chairs:
- Gaetano Borriello,
- Giovanni Pau,
- Program Chairs:
- Marco Gruteser,
- Jason Hong
Copyright © 2015 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 18 May 2015
Check for updates
Qualifiers
- Poster
Conference
MobiSys'15
Sponsor:
MobiSys'15: The 13th Annual International Conference on Mobile Systems, Applications, and Services
May 18 - 22, 2015
Florence, Italy
Acceptance Rates
MobiSys '15 Paper Acceptance Rate 29 of 219 submissions, 13%;
Overall Acceptance Rate 274 of 1,679 submissions, 16%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 210Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)1
Reflects downloads up to 20 Nov 2024
Other Metrics
Citations
Cited By
View all- Shuja JGani ABilal KKhan AMadani SKhan SZomaya A(2016)A Survey of Mobile Device VirtualizationACM Computing Surveys10.1145/289716449:1(1-36)Online publication date: 5-Apr-2016
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in