Disarming TrustZone with TEE Privilege Reduction | David Cerdeira & Sandro Pinto | hardwear.io скачать в хорошем качестве

Disarming TrustZone with TEE Privilege Reduction | David Cerdeira & Sandro Pinto | hardwear.io

Abstract: ---------------- In TrustZone-assisted TEEs, the trusted OS has unrestricted access to both secure and normal world memory. Unfortunately, this architectural limitation has opened an aisle of exploration for attackers, which have demonstrated how to leverage a chain of exploits to hijack the trusted OS and gain full control of the system, targeting (i) the rich execution environment (REE), (ii) all trusted applications (TAs), and (iii) the secure monitor. In this talk, we present and discuss ReZone, a new security architecture that can effectively counter ongoing privilege escalation attacks by reducing the privileges of a potentially compromised trusted OS. With ReZone, a monolithic TEE is restructured and partitioned into multiple sandboxed domains named zones, which have only access to private resources. The main novelty behind ReZone design relies on the observation that by leveraging TrustZone-agnostic hardware primitives available on commercially off-the-shelf (COTS) platforms it is possible to restrict the privileges of the trusted OS. We have implemented and deployed ReZone for the i.MX 8MQuad EVK platform and integrated it with Android OS and OP-TEE. We extensively evaluated ReZone using real-world applications and concluded that popular applications like DRM-protected video encoding can run with acceptable performance overheads. We have surveyed 80 CVE vulnerability reports and estimate that ReZone can mitigate 86.84% of potential privilege escalation attacks arising from exploiting these bugs. Speaker Bio: --------------------- David Cerdeira is a PhD candidate at the University of Minho. He worked as a researcher developing innovative human machine interfaces for vehicles, granting him a strong background in embedded systems, and system programming. Having specialized in embedded systems, and studying the development of secure systems in his master’s thesis, right now he is focused on improving Trusted Execution Environments for edge computing and the IoT. Sandro Pinto is an Associate Research Professor at the University of Minho, Portugal. He holds a Ph.D. in Electronics and Computer Engineering. Sandro has a deep academic background and several years of industry collaboration focusing on operating systems, virtualization, and security for embedded, cyber-physical, and IoT-based systems. He has published several scientific papers in top-tier conferences/journals and is a skilled presenter with speaking experience in several academic and industrial conferences (Black Hat, Hardwear.io, Embedded World, RISC-V Summit, etc). Sandro is a long-term supporter of open source projects and is currently helping several companies and institutions to make security practical at scale. #TEE #securityarchitecture #hardwaresecurity #hardwear_io ----------------------------------------------------------------------------------------- Website: https://hardwear.io Twitter:   / hardwear_io   Facebook:   / hardwear.io   LinkedIn:   / hardwear.io-hardwaresecurityconferenceandt...