Seungkyun Han (Chungnam National University), Jinsoo Jang (Chungnam National University)

We propose a solution, MyTEE, that enables a trusted execution environment (TEE) to be built even in worst-case environments wherein major hardware security primitives (e.g., ARM TrustZone extensions for memory access control) are absent. Crafting page tables for memory isolation, filtering DMA packets, and enabling secure IO exist at the core of MyTEE. Particularly for secure IO, we shield the IO buffers and memory-mapped registers of the controllers and securely escalate the privilege of the partial code block of the device drivers to provide permission to access the protected objects. By doing so, the need to host the device driver in the TEE (in whole or in part), which can potentially introduce a new attack surface, is exempted. The proof-of-concept (PoC) of MyTEE is implemented on the Raspberry Pi 3 board, which does not support most of the important security primitives for building the TEE. Additionally, three secure IO examples with the hardware TPM, framebuffer, and USB keyboard are demonstrated to show the feasibility of our approach.

View More Papers

Short: Certifiably Robust Perception Against Adversarial Patch Attacks: A...

Chong Xiang (Princeton University), Chawin Sitawarin (University of California, Berkeley), Tong Wu (Princeton University), Prateek Mittal (Princeton University)

Read More

Operationalizing Cybersecurity Research Ethics Review: From Principles and Guidelines...

Dennis Reidsma, Jeroen van der Ham, and Andrea Continella (University of Twente)

Read More

Applying Accessibility Metrics to Measure the Threat Landscape for...

John Breton, AbdelRahman Abdou (Carleton University)

Read More