JOURNAL BROWSE
Search
Advanced SearchSearch Tips
SeBo: Secure Boot System for Preventing Compromised Android Linux
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
SeBo: Secure Boot System for Preventing Compromised Android Linux
Kim, Tong Min; Kim, Se Won; Yoo, Chuck;
  PDF(new window)
 Abstract
As the usage of mobile devices becomes diverse, a number of attacks on Android also have increased. Among the attacks, Android can be compromised by flashing a new image of compromised Android Linux. In order to solve this problem, we propose SeBo (Secure Boot System) which prevents compromised Android Linux by guaranteeing secure boot environment for mobile devices based on ARM TrustZone architecture. SeBo checks the hash value of the Android Linux image before the Android Linux executes. SeBo detects all the attacks within 5 seconds. Moreover, since SeBo only trusts the Secure Bootloader from Secure World, SeBo can reduce the additional overhead of checking the Normal Bootloader from Normal World.
 Keywords
Secure boot;Embedded system;Embedded security;Android;Linux;ARM TrustZone;
 Language
English
 Cited by
 References
1.
S. Yuru, X. Luo, C. Qian. "Rootguard: Protecting rooted android phones," IEEE Computer Vol. 47, No. 6, pp. 32-40, 2014.

2.
S. Smalley, "The case for SE Android," In Linux Security Summit 2011. http://selinuxproject.org/-jmorris/lss2011_slides/caseforseandroid.pdf.

3.
S. Smalley, R. Craig. "Security Enhanced (SE) Android: Bringing Flexible MAC to Android," NDSS (Vol. 310, pp. 20-38), 2013.

4.
T.M. Kim, S.W. Kim, C. Yoo, "Tiny Monitoring Platform for Protecting Data against Compromised Mobile Operating Systems," Proceeding of Autumn Conference on IEMEK (in Korean).

5.
Technologies, A.R.M "ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition, " URL: ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition

6.
Technologies, A.R.M "ARM Security Technology Building a Secure System using TrustZone(R) Technology," http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.prd29-genc-009492c/index.html

7.
Aghera, P., Bok, A., Chintada, S., Rao, S., & Rinaldi, A. (2003). U.S. Patent Application 10/652,352.

8.
Technologies, A.R.M "Chapter 4. Global timer, private timers, and watchdog registers," http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0407i/BEJHAGEE.html

9.
LWN.net, "ARM:global_timer: Add ARM global timer support," https://lwn.net/Articles/549648/

10.
D. Menasce, "Security performance." IEEE Internet Computing, Vol. 7, No. 3, pp. 84-87, 2003. crossref(new window)

11.
R. Rivest, "The MD5 message-digest algorithm," http://tools.ietf.org/html/rfc1321?ref=driverlayer.com, 1992.

12.
Technologies, Samsung "Samsung KNOX Workspace" https://www.samsungknox.com/en/products/knox-workspace/technical

13.
J. Shin, Y. Kim, W. Park, C. Park, "A Secure Data Management Framwork based on ARM TrustZone for Cloud Storage Services," Proceeding of Autumn Conference on IEMEK (in Korean).

14.
J. Shin, Y. Kim, W. Park, C. Park, "A Method for Data Access Control and Key Management in Mobile Cloud Storage Services," J. IEMEK Embed. Syst. Appl., Vol. 8, No. 6, pp. 303-309, 2013 (in Korean). crossref(new window)