DOI QR코드

DOI QR Code

Implementation of Domain Separation-based Security Platform for Smart Device

안전한 스마트 단말을 위한 도메인 분리 기반 보안 플랫폼 구현

  • Received : 2016.10.17
  • Accepted : 2016.12.20
  • Published : 2016.12.28

Abstract

Recently, important information related with smart work such as office and video conference are handled in smart device quite a lot compare with before. Also, execution environment of smart devices is getting developed as open software environment. It brought convenience to download and use any kind of application software. By that, security side of smart devices became vulnerable. This paper will discuss characteristics of smart device security technology based on virtualization that is a mobile device platform with isolated secure execution area based on TEE (Trusted Execution Environment). Also, this paper will suggest an implementation method about safe smart device security platform based on domain separation for application software which can be executed in smart devices. The domain separation based smart device security platform technology in this paper blocks unauthorized access and leakage of sensitive information in device. Also it will be the solution can block transmission and execution of malicious code in various area including variety of IoT devices in internet rather than just smart devices.

최근 들어, 스마트 단말에서 오피스, 화상회의 등 스마트워크 업무와 관련된 중요한 정보들을 다루는 경우가 많아졌다. 또한 스마트 단말의 실행환경이 공개 소프트웨어 환경 위주로 발전하면서, 사용자들이 임의의 응용소프트웨어를 다운받아 사용하는 것이 용이하게 됨에 따라, 스마트 단말이 보안적 측면에서 취약하게 되었다. 본 논문에서는 TEE(Trusted Execution Environment) 기반의 격리된 안전실행환경 영역을 가지는 모바일 단말 플랫폼인 가상화 기반 스마트 단말 보안 기술의 특징을 알아본다. 또한, 본 논문에서는 스마트 단말에서 실행되는 응용프로그램을 위한 도메인 분리 기반의 안전한 스마트 단말 보안 플랫폼에 대한 구현방법을 제안한다. 본 논문의 도메인 분리 기반 스마트 단말 보안 플랫폼 기술은 단말내의 민감 정보 유출과 비인가 접근을 차단한다. 또한 이 기술은 스마트 단말뿐만 아니라 인터넷 상의 다양한 IoT를 포함한 다양한 기기에서 악성코드의 실행과 전파를 막을 수 있는 솔루션이 될 것이다.

Keywords

References

  1. Mobey Forum Mobile Financial Services, " Alternatives for Banks to offer Secure Mobile Payments version 1.0," Aug. 2010.
  2. TCG mobile reference architecture specification version 1.0, (https://www.trustedcomputinggroup.org)
  3. Siani Pearson, "Trusted Computing Platforms", 2003.
  4. TCG, "TCG Mobile Trusted Module Specification. Version 1.0, Revision 7.02, April 28, 2010
  5. Bickford J., O'Hare R, Baliga A, Ganapathy V, and Iftode L, "Rootkits on Smart Phones: Attacks, Implications and Opportunities," in Workshop on Mobile Computing Sys. and Appl. (HotMobile'10). ACM, Feb. 2010.
  6. Global Platform Device Technology, "The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market," Global Platform WhitePaper, Feb. 2011.
  7. Kim Y.-H, Lee Y.-G, Kim J.-N, "TeeMo: A Generic Trusted Execution Framework for Mobile Devices," International Conference on Computer, Networks, Systems, and Industrial Applications (CNSI), pp.579-583, July 2012.
  8. Kim Y.-H, Kim J.-N. "Building Secure Execution Environment for Mobile Platform," First ACIS/JNU International Conference on Computers, Networks, Systems, and Industrial Engineering, pp.119-122, 2011
  9. Onechul Na, Hyojik Lee, Soyoung Sung, Hangbae Chang, "A Study on Construction of Optimal Wireless Sensor System for Enhancing Organization Security Level on Industry Convergence Environment", Journal of the Korea Convergence Society, Vol. 6, No. 4, pp. 139-146, 2015 https://doi.org/10.15207/JKCS.2015.6.4.139
  10. Keun-Ho Lee, "A Security Threats in Wireless Charger Systems in M2M", Journal of the Korea Convergence Society, Vol. 4, No. 1, pp. 27-31, 2013. https://doi.org/10.15207/JKCS.2013.4.1.027
  11. Sik-Wan Cho, Won-Jun Jang, Hyung-Woo Lee, "Development of User Oriented Vulnerability Analysis Application on Smart Phone", Journal of the Korea Convergence Society, Vol. 3, No. 2, pp. 7-12, 2012.
  12. Seong-Gwon Yeo, Keun-Ho Lee, "Smart Phone and Vehicle Authentication Scheme with M2M Device", Journal of the Korea Convergence Society, Vol. 2, No. 4, pp. 1-7, 2011.
  13. Keun-Ho Lee, "Analysis of Threats Factor in IT Convergence Security", Journal of the Korea Convergence Society, Vol. 1, No. 1, pp. 49-55, 2010.
  14. Seong-Ryeol Kim, "Design of a User Authentication System using the Device Constant Information", Journal of IT Convergence Society for SMB, Vol. 6, No. 3, pp. 29-35, 2016. https://doi.org/10.22156/CS4SMB.2016.6.3.029
  15. Hyung-Jin Mun, Gwang-Houn Choi, Yooncheol Hwang, "Countermeasure to Underlying Security Threats in IoT communication", Journal of IT Convergence Society for SMB, Vol. 6, No. 2, pp. 37-44, 2016.