Trusted Execution Environment-Enabled Platform for 5G Security and Privacy Enhancement

2021 ◽  
pp. 203-223
Author(s):  
José María Jorquera Valero ◽  
Pedro Miguel Sánchez Sánchez ◽  
Alexios Lekidis ◽  
Pedro Martins ◽  
Pedro Diogo ◽  
...  
Keyword(s):  
Security And Privacy ◽  
Execution Environment ◽  
5G Security ◽  
Trusted Execution Environment

scholarly journals A Blockchain-Based Spatial Data Trading Framework

2021 ◽  
Author(s):  
liu hui ◽  
WeiPeng Tai ◽  
Yaofei Wang ◽  
Wang Shenling
Keyword(s):  
Data Storage ◽  
Spatial Data ◽  
Security And Privacy ◽  
Distributed Data ◽  
Distributed Data Storage ◽  
Related Data ◽  
Data Market ◽  
Spatial Big Data ◽  
Execution Environment ◽  
Trusted Execution Environment

Abstract With the increasing utilization of space related data, the demand for spatial big data sharing and trading is growing rapidly, which promotes the emergence of spatial data market. However, in conventional data markets, both data buyers and data sellers have to use a centralized trading platform which might be dishonest. Blockchain is a decentralized distributed data storage technology, which uses the traceability and unforgeability to confirm and record each transaction, can solve the disadvantages of the centralized data market, however, it also introduces the problems of security and privacy. To address this issue, we propose a blockchain-based spatial data trading framework with Trusted Execution Environment to provide a trusted decentralized platform, including data storage, data query, data pricing and security computing. Based on this framework, a spatial data trading demonstration system was implemented and its feasibility and security were verified.

scholarly journals PDoT

2021 ◽  
Vol 2 (1) ◽  
pp. 1-22
Author(s):  
Yoshimichi Nakatsuka ◽  
Andrew Paverd ◽  
Gene Tsudik
Keyword(s):  
Transport Layer ◽  
Security And Privacy ◽  
The Internet ◽  
Domain Name System ◽  
Proof Of Concept ◽  
Remote Attestation ◽  
Domain Name ◽  
Transport Layer Security ◽  
Execution Environment ◽  
Trusted Execution Environment

Security and privacy of the Internet Domain Name System (DNS) have been longstanding concerns. Recently, there is a trend to protect DNS traffic using Transport Layer Security (TLS). However, at least two major issues remain: (1) How do clients authenticate DNS-over-TLS endpoints in a scalable and extensible manner? and (2) How can clients trust endpoints to behave as expected? In this article, we propose a novel Private DNS-over-TLS (PDoT) architecture. PDoT includes a DNS Recursive Resolver (RecRes) that operates within a Trusted Execution Environment. Using Remote Attestation , DNS clients can authenticate and receive strong assurance of trustworthiness of PDoT RecRes. We provide an open source proof-of-concept implementation of PDoT and experimentally demonstrate that its latency and throughput match that of the popular Unbound DNS-over-TLS resolver.

IIoTEED: An Enhanced, Trusted Execution Environment for Industrial IoT Edge Devices

2017 ◽  
Vol 21 (1) ◽  
pp. 40-47 ◽  
Author(s):  
Sandro Pinto ◽  
Tiago Gomes ◽  
Jorge Pereira ◽  
Jorge Cabral ◽  
Adriano Tavares
Keyword(s):  
Industrial Iot ◽  
Execution Environment ◽  
Trusted Execution Environment

Enhancing the Security of FPGA-SoCs via the Usage of ARM TrustZone and a Hybrid-TPM

2022 ◽  
Vol 15 (1) ◽  
pp. 1-26
Author(s):  
Mathieu Gross ◽  
Konrad Hohentanner ◽  
Stefan Wiehler ◽  
Georg Sigl
Keyword(s):  
Software Design ◽  
Hardware Accelerators ◽  
Biometric Authentication ◽  
Trusted Platform Module ◽  
Start Up ◽  
Execution Environment ◽  
On Chip ◽  
Trusted Platform ◽  
Trusted Execution Environment ◽  
Entropy Source

Isolated execution is a concept commonly used for increasing the security of a computer system. In the embedded world, ARM TrustZone technology enables this goal and is currently used on mobile devices for applications such as secure payment or biometric authentication. In this work, we investigate the security benefits achievable through the usage of ARM TrustZone on FPGA-SoCs. We first adapt Microsoft’s implementation of a firmware Trusted Platform Module (fTPM) running inside ARM TrustZone for the Zynq UltraScale+ platform. This adaptation consists in integrating hardware accelerators available on the device to fTPM’s implementation and to enhance fTPM with an entropy source derived from on-chip SRAM start-up patterns. With our approach, we transform a software implementation of a TPM into a hybrid hardware/software design that could address some of the security drawbacks of the original implementation while keeping its flexibility. To demonstrate the security gains obtained via the usage of ARM TrustZone and our hybrid-TPM on FPGA-SoCs, we propose a framework that combines them for enabling a secure remote bitstream loading. The approach consists in preventing the insecure usages of a bitstream reconfiguration interface that are made possible by the manufacturer and to integrate the interface inside a Trusted Execution Environment.

Sign in / Sign up

Export Citation Format

Share Document