Author(s): Stephen Smalley

Download: Paper (PDF)

Date: 23 Apr 2013

Document Type: Presentations

Associated Event: NDSS Symposium 2013

Abstract:

Modern mobile devices such as smartphones and tablets have become fully general computing systems with a rich third party application ecosystem and user experience.  As such, the same security problems that have long plagued the personal computer (PC) industry are becoming increasingly evident on mobile devices. Addressing these threats effectively requires a secure foundation, including both hardware and software mechanisms.  Device OEMs and mobile operating system developers have an opportunity to establish such a foundation by providing the right primitives for constructing secure systems and enabling their use in commodity mobile devices.  Many of the same security constructs that have been applied in the space of client and server PCs can and should be brought to the mobile arena.  In this talk, we lay out a vision for secure mobile computing, including a discussion of the roles that virtualization, trusted computing, and secure operating systems play in an overall security architecture and how these mechanisms can be realized in mobile devices today.