English

Securing Smartphones: A Micro-TCB Approach

Cryptography and Security 2014-01-30 v1

Abstract

As mobile phones have evolved into `smartphones', with complex operating systems running third- party software, they have become increasingly vulnerable to malicious applications (malware). We introduce a new design for mitigating malware attacks against smartphone users, based on a small trusted computing base module, denoted uTCB. The uTCB manages sensitive data and sensors, and provides core services to applications, independently of the operating system. The user invokes uTCB using a simple secure attention key, which is pressed in order to validate physical possession of the device and authorize a sensitive action; this protects private information even if the device is infected with malware. We present a proof-of-concept implementation of uTCB based on ARM's TrustZone, a secure execution environment increasingly found in smartphones, and evaluate our implementation using simulations.

Keywords

Cite

@article{arxiv.1401.7444,
  title  = {Securing Smartphones: A Micro-TCB Approach},
  author = {Yossi Gilad and Amir Herzberg and Ari Trachtenberg},
  journal= {arXiv preprint arXiv:1401.7444},
  year   = {2014}
}
R2 v1 2026-06-22T02:56:54.353Z