Utilize este identificador para referenciar este registo:
https://hdl.handle.net/1822/81636
Título: | Self-secured devices: high performance and secure I/O access in TrustZone-based systems |
Autor(es): | Pinto, Sandro Machado, Pedro Miguel Silvestre Oliveira, Daniel José Cunha Cerdeira, David Martins Gomes, Tiago Manuel Ribeiro |
Palavras-chave: | TrustZone Security Virtualization TEE Self-secured devices |
Data: | 15-Jul-2021 |
Editora: | Elsevier 1 |
Revista: | Journal of Systems Architecture |
Resumo(s): | Arm TrustZone is a hardware technology that adds significant value to the ongoing security picture. TrustZone-based systems typically consolidate multiple environments into the same platform, requiring resources to be shared among them. Currently, hardware devices on TrustZone-enabled system-on-chip (SoC) solutions can only be configured as secure or non-secure, which means the dual-world concept of TrustZone is not spread to the inner logic of the devices. The traditional passthrough model dictates that both worlds cannot use the same device concurrently. Furthermore, existing shared device access methods have been proven to cause a negative impact on the overall system in terms of security and performance.This work introduces the concept of self-secured devices, a novel approach for shared device access in TrustZone-based architectures. This concept extends the TrustZone dual-world model to the device itself, providing a secure and non-secure logical interface in a single device instance. The solution was deployed and evaluated on the LTZVisor, an open-source and lightweight TrustZone-assisted hypervisor. The obtained results are encouraging, demonstrating that our solution requires only a few additional hardware resources when compared with the native device implementation, while providing a secure solution for device sharing. |
Tipo: | Artigo |
URI: | https://hdl.handle.net/1822/81636 |
DOI: | 10.1016/j.sysarc.2021.102238 |
ISSN: | 1383-7621 |
Versão da editora: | https://www.sciencedirect.com/science/article/pii/S138376212100165X?via%3Dihub |
Arbitragem científica: | yes |
Acesso: | Acesso aberto |
Aparece nas coleções: | CAlg - Artigos em revistas internacionais / Papers in international journals |
Ficheiros deste registo:
Ficheiro | Descrição | Tamanho | Formato | |
---|---|---|---|---|
1-s2.0-S138376212100165X-main.pdf | 945,24 kB | Adobe PDF | Ver/Abrir |