Securing display path for security-sensitive applications on mobile devices
While smart devices based on ARM processor bring us a lot of convenience, they also become an attractive target of cyber-attacks. The threat is exaggerated as commodity OSes usually have a large code base and suffer from various software vulnerabilities. Nowadays, adversaries prefer to steal sensiti...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2018
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4114 https://ink.library.smu.edu.sg/context/sis_research/article/5117/viewcontent/cmc.2018.055.017.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-5117 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-51172018-09-11T02:03:38Z Securing display path for security-sensitive applications on mobile devices CUI, Jinhua ZHANG, Yuanyuan CAI, Zhiping LIU, Anfeng LI, Yangyang While smart devices based on ARM processor bring us a lot of convenience, they also become an attractive target of cyber-attacks. The threat is exaggerated as commodity OSes usually have a large code base and suffer from various software vulnerabilities. Nowadays, adversaries prefer to steal sensitive data by leaking the content of display output by a security-sensitive application. A promising solution is to exploit the hardware visualization extensions provided by modern ARM processors to construct a secure display path between the applications and the display device. In this work, we present a scheme named SecDisplay for trusted display service, it protects sensitive data displayed from being stolen or tampered surreptitiously by a compromised OS. The TCB of SecDisplay mainly consists of a tiny hypervisor and a super light-weight rendering painter, and has only ∼1400 lines of code. We implemented a prototype of SecDisplay and evaluated its performance overhead. The results show that SecDisplay only incurs an average drop of 3.4%. 2018-01-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4114 info:doi/10.3970/cmc.2018.055.017 https://ink.library.smu.edu.sg/context/sis_research/article/5117/viewcontent/cmc.2018.055.017.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Mobile device secure display virtualization trusted computing base display path trust anchor Information Security Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Mobile device secure display virtualization trusted computing base display path trust anchor Information Security Software Engineering |
| spellingShingle |
Mobile device secure display virtualization trusted computing base display path trust anchor Information Security Software Engineering CUI, Jinhua ZHANG, Yuanyuan CAI, Zhiping LIU, Anfeng LI, Yangyang Securing display path for security-sensitive applications on mobile devices |
| description |
While smart devices based on ARM processor bring us a lot of convenience, they also become an attractive target of cyber-attacks. The threat is exaggerated as commodity OSes usually have a large code base and suffer from various software vulnerabilities. Nowadays, adversaries prefer to steal sensitive data by leaking the content of display output by a security-sensitive application. A promising solution is to exploit the hardware visualization extensions provided by modern ARM processors to construct a secure display path between the applications and the display device. In this work, we present a scheme named SecDisplay for trusted display service, it protects sensitive data displayed from being stolen or tampered surreptitiously by a compromised OS. The TCB of SecDisplay mainly consists of a tiny hypervisor and a super light-weight rendering painter, and has only ∼1400 lines of code. We implemented a prototype of SecDisplay and evaluated its performance overhead. The results show that SecDisplay only incurs an average drop of 3.4%. |
| format |
text |
| author |
CUI, Jinhua ZHANG, Yuanyuan CAI, Zhiping LIU, Anfeng LI, Yangyang |
| author_facet |
CUI, Jinhua ZHANG, Yuanyuan CAI, Zhiping LIU, Anfeng LI, Yangyang |
| author_sort |
CUI, Jinhua |
| title |
Securing display path for security-sensitive applications on mobile devices |
| title_short |
Securing display path for security-sensitive applications on mobile devices |
| title_full |
Securing display path for security-sensitive applications on mobile devices |
| title_fullStr |
Securing display path for security-sensitive applications on mobile devices |
| title_full_unstemmed |
Securing display path for security-sensitive applications on mobile devices |
| title_sort |
securing display path for security-sensitive applications on mobile devices |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2018 |
| url |
https://ink.library.smu.edu.sg/sis_research/4114 https://ink.library.smu.edu.sg/context/sis_research/article/5117/viewcontent/cmc.2018.055.017.pdf |
| _version_ |
1770574313496248320 |