TrustShadow: Secure execution of unmodified applications with ARM TrustZone

Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, Trent Jaeger

Research output: Chapter in Book/Report/Conference proceedingConference contribution

25 Citations (Scopus)

Abstract

The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make them smarter. A variety of applications now run simultaneously on an ARMbased processor. For example, devices on the edge of the Internet are provided with higher horsepower to be entrusted with storing, processing and analyzing data collected from IoT devices. This significantly improves efficiency and reduces the amount of data that needs to be transported to the cloud for data processing, analysis and storage. However, commodity OSes are prone to compromise. Once they are exploited, attackers can access the data on these devices. Since the data stored and processed on the devices can be sensitive, left untackled, this is particularly disconcerting. In this paper, we propose a new system, TrustShadow that shields legacy applications from untrusted OSes. Trust-Shadow takes advantage of ARM TrustZone technology and partitions resources into the secure and normal worlds. In the secure world, TrustShadow constructs a trusted execution environment for security-critical applications. This trusted environment is maintained by a lightweight runtime system that coordinates the communication between applications and the ordinary OS running in the normal world. The runtime system does not provide system services itself. Rather, it forwards requests for system services to the ordinary OS, and verifies the correctness of the responses. To demonstrate the efficiency of this design, we prototyped TrustShadow on a real chip board with ARM TrustZone support, and evaluated its performance using both microbenchmarks and real-world applications. We showed TrustShadow introduces only negligible overhead to real-world applications.

Original languageEnglish (US)
Title of host publicationMobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services
PublisherAssociation for Computing Machinery, Inc
Pages488-501
Number of pages14
ISBN (Electronic)9781450349284
DOIs
StatePublished - Jun 16 2017
Event15th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2017 - Niagara Falls, United States
Duration: Jun 19 2017Jun 23 2017

Publication series

NameMobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services

Other

Other15th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2017
CountryUnited States
CityNiagara Falls
Period6/19/176/23/17

Fingerprint

Internet
Communication
Processing
Internet of things

All Science Journal Classification (ASJC) codes

  • Information Systems
  • Computer Networks and Communications
  • Software
  • Hardware and Architecture

Cite this

Guan, L., Liu, P., Xing, X., Ge, X., Zhang, S., Yu, M., & Jaeger, T. (2017). TrustShadow: Secure execution of unmodified applications with ARM TrustZone. In MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services (pp. 488-501). (MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services). Association for Computing Machinery, Inc. https://doi.org/10.1145/3081333.3081349
Guan, Le ; Liu, Peng ; Xing, Xinyu ; Ge, Xinyang ; Zhang, Shengzhi ; Yu, Meng ; Jaeger, Trent. / TrustShadow : Secure execution of unmodified applications with ARM TrustZone. MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services. Association for Computing Machinery, Inc, 2017. pp. 488-501 (MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services).
@inproceedings{aea59e252bfa459a8b3373cbff477e45,
title = "TrustShadow: Secure execution of unmodified applications with ARM TrustZone",
abstract = "The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make them smarter. A variety of applications now run simultaneously on an ARMbased processor. For example, devices on the edge of the Internet are provided with higher horsepower to be entrusted with storing, processing and analyzing data collected from IoT devices. This significantly improves efficiency and reduces the amount of data that needs to be transported to the cloud for data processing, analysis and storage. However, commodity OSes are prone to compromise. Once they are exploited, attackers can access the data on these devices. Since the data stored and processed on the devices can be sensitive, left untackled, this is particularly disconcerting. In this paper, we propose a new system, TrustShadow that shields legacy applications from untrusted OSes. Trust-Shadow takes advantage of ARM TrustZone technology and partitions resources into the secure and normal worlds. In the secure world, TrustShadow constructs a trusted execution environment for security-critical applications. This trusted environment is maintained by a lightweight runtime system that coordinates the communication between applications and the ordinary OS running in the normal world. The runtime system does not provide system services itself. Rather, it forwards requests for system services to the ordinary OS, and verifies the correctness of the responses. To demonstrate the efficiency of this design, we prototyped TrustShadow on a real chip board with ARM TrustZone support, and evaluated its performance using both microbenchmarks and real-world applications. We showed TrustShadow introduces only negligible overhead to real-world applications.",
author = "Le Guan and Peng Liu and Xinyu Xing and Xinyang Ge and Shengzhi Zhang and Meng Yu and Trent Jaeger",
year = "2017",
month = "6",
day = "16",
doi = "10.1145/3081333.3081349",
language = "English (US)",
series = "MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services",
publisher = "Association for Computing Machinery, Inc",
pages = "488--501",
booktitle = "MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services",

}

Guan, L, Liu, P, Xing, X, Ge, X, Zhang, S, Yu, M & Jaeger, T 2017, TrustShadow: Secure execution of unmodified applications with ARM TrustZone. in MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services. MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services, Association for Computing Machinery, Inc, pp. 488-501, 15th ACM International Conference on Mobile Systems, Applications, and Services, MobiSys 2017, Niagara Falls, United States, 6/19/17. https://doi.org/10.1145/3081333.3081349

TrustShadow : Secure execution of unmodified applications with ARM TrustZone. / Guan, Le; Liu, Peng; Xing, Xinyu; Ge, Xinyang; Zhang, Shengzhi; Yu, Meng; Jaeger, Trent.

MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services. Association for Computing Machinery, Inc, 2017. p. 488-501 (MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - TrustShadow

T2 - Secure execution of unmodified applications with ARM TrustZone

AU - Guan, Le

AU - Liu, Peng

AU - Xing, Xinyu

AU - Ge, Xinyang

AU - Zhang, Shengzhi

AU - Yu, Meng

AU - Jaeger, Trent

PY - 2017/6/16

Y1 - 2017/6/16

N2 - The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make them smarter. A variety of applications now run simultaneously on an ARMbased processor. For example, devices on the edge of the Internet are provided with higher horsepower to be entrusted with storing, processing and analyzing data collected from IoT devices. This significantly improves efficiency and reduces the amount of data that needs to be transported to the cloud for data processing, analysis and storage. However, commodity OSes are prone to compromise. Once they are exploited, attackers can access the data on these devices. Since the data stored and processed on the devices can be sensitive, left untackled, this is particularly disconcerting. In this paper, we propose a new system, TrustShadow that shields legacy applications from untrusted OSes. Trust-Shadow takes advantage of ARM TrustZone technology and partitions resources into the secure and normal worlds. In the secure world, TrustShadow constructs a trusted execution environment for security-critical applications. This trusted environment is maintained by a lightweight runtime system that coordinates the communication between applications and the ordinary OS running in the normal world. The runtime system does not provide system services itself. Rather, it forwards requests for system services to the ordinary OS, and verifies the correctness of the responses. To demonstrate the efficiency of this design, we prototyped TrustShadow on a real chip board with ARM TrustZone support, and evaluated its performance using both microbenchmarks and real-world applications. We showed TrustShadow introduces only negligible overhead to real-world applications.

AB - The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make them smarter. A variety of applications now run simultaneously on an ARMbased processor. For example, devices on the edge of the Internet are provided with higher horsepower to be entrusted with storing, processing and analyzing data collected from IoT devices. This significantly improves efficiency and reduces the amount of data that needs to be transported to the cloud for data processing, analysis and storage. However, commodity OSes are prone to compromise. Once they are exploited, attackers can access the data on these devices. Since the data stored and processed on the devices can be sensitive, left untackled, this is particularly disconcerting. In this paper, we propose a new system, TrustShadow that shields legacy applications from untrusted OSes. Trust-Shadow takes advantage of ARM TrustZone technology and partitions resources into the secure and normal worlds. In the secure world, TrustShadow constructs a trusted execution environment for security-critical applications. This trusted environment is maintained by a lightweight runtime system that coordinates the communication between applications and the ordinary OS running in the normal world. The runtime system does not provide system services itself. Rather, it forwards requests for system services to the ordinary OS, and verifies the correctness of the responses. To demonstrate the efficiency of this design, we prototyped TrustShadow on a real chip board with ARM TrustZone support, and evaluated its performance using both microbenchmarks and real-world applications. We showed TrustShadow introduces only negligible overhead to real-world applications.

UR - http://www.scopus.com/inward/record.url?scp=85026209717&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85026209717&partnerID=8YFLogxK

U2 - 10.1145/3081333.3081349

DO - 10.1145/3081333.3081349

M3 - Conference contribution

AN - SCOPUS:85026209717

T3 - MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services

SP - 488

EP - 501

BT - MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services

PB - Association for Computing Machinery, Inc

ER -

Guan L, Liu P, Xing X, Ge X, Zhang S, Yu M et al. TrustShadow: Secure execution of unmodified applications with ARM TrustZone. In MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services. Association for Computing Machinery, Inc. 2017. p. 488-501. (MobiSys 2017 - Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services). https://doi.org/10.1145/3081333.3081349