loading
Papers

Research.Publish.Connect.

Paper

Authors: Pedro S. Ribeiro 1 ; Nuno Santos 1 and Nuno O. Duarte 2

Affiliations: 1 INESC-ID / Instituto Superior Técnico, University of Lisbon, Lisbon and Portugal ; 2 Max-Planck Institute for Software Systems, Saarbruecken and Germany

ISBN: 978-989-758-319-3

Keyword(s): Trusted Execution Environments, ARM TrustZone, Security, Android Applications, Mobile Ticketing.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Data Protection ; Information and Systems Security ; Security and Privacy in Mobile Systems

Abstract: ARM TrustZone technology has been widely use to enhance the security of mobile devices by allowing for the creation of Trusted Execution Environments (TEE). However, existing TEE solutions tend to struggle with a trade-off between security and functionality: they either expose a larger attack surface to favor dynamic code loading inside the TEE, or depend on the static deployment of trusted services inside the TEE which is more cumbersome and error-prone to maintain. This paper proposes the deployment of a trusted service which aims to serve a broad range of applications by offering secure database storage capability inside the TEE. We present DBStore, a TrustZone-backed database management system for mobile applications. Applications can create and operate DBStore databases inside a TEE that provides confidentiality and integrity protection of databases and respective SQL queries without depending on the integrity of the mobile OS. We present a case study where DBStore is used in ord er to thwart existing attacks in HCE-based mobile ticketing applications. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.210.28.227

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
S. Ribeiro, P.; Santos, N. and O. Duarte, N. (2018). DBStore: A TrustZone-backed Database Management System for Mobile Applications.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT, ISBN 978-989-758-319-3, pages 396-403. DOI: 10.5220/0006883605620569

@conference{secrypt18,
author={Pedro S. Ribeiro. and Nuno Santos. and Nuno O. Duarte.},
title={DBStore: A TrustZone-backed Database Management System for Mobile Applications},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,},
year={2018},
pages={396-403},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006883605620569},
isbn={978-989-758-319-3},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,
TI - DBStore: A TrustZone-backed Database Management System for Mobile Applications
SN - 978-989-758-319-3
AU - S. Ribeiro, P.
AU - Santos, N.
AU - O. Duarte, N.
PY - 2018
SP - 396
EP - 403
DO - 10.5220/0006883605620569

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.