Publications

Publications

Type of Publication: Article in Collected Edition

Trusted Virtual Domains on OKL4: Secure Information Sharing on Smartphones

Author(s):
Davi, Lucas; Dmitrienko, Alexandra; Kowalski, Christoph; Winandy, Marcel
Title of Anthology:
Proc. of 6th ACM Workshop on Scalable Trusted Computing (STC)
Publication Date:
2011
Digital Object Identifier (DOI):
doi:10.1145/2046582.2046592
Link to complete version:
https://dl.acm.org/authorize?N28555
Citation:
Download BibTeX

Abstract

The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns. Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence, data leakage and unwanted information flow may occur.

In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones, but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.