A survey of Intel SGX and its applications

doi:10.1007/s11704-019-9096-y

Frontiers of Computer Science

2021, Vol. 15

Issue (3): 153808 https://doi.org/10.1007/s11704-019-9096-y

本期目录

A survey of Intel SGX and its applications

Wei ZHENG¹(

), Ying WU¹, Xiaoxue WU¹, Chen FENG¹, Yulei SUI², Xiapu LUO³, Yajin ZHOU⁴

¹. School of Software and Microelectronics, Northwestern Polytechnical University, Xi’an 710129, China
². Faculty of Engineering and Information Technology, University of Technology Sydney, Sydney 2007, Australia
³. Department of Computing, The Hong Kong Polytechnic University, Hong Kong 999077, China
⁴. College of Computer Science and Technology, Zhejiang University, Hangzhou 310027, China

全文: PDF(432 KB)

Abstract：

This paper presents a comprehensive survey on the development of Intel SGX (software guard extensions) processors and its applications. With the advent of SGX in 2013 and its subsequent development, the corresponding research works are also increasing rapidly. In order to get a more comprehensive literature review related to SGX, we have made a systematic analysis of the related papers in this area. We first search through five large-scale paper retrieval libraries by keywords (i.e., ACM Digital Library, IEEE/IET Electronic Library, SpringerLink, Web of Science, and Elsevier Science Direct). We read and analyze a total of 128 SGX-related papers. The first round of extensive study is conducted to classify them. The second round of intensive study is carried out to complete a comprehensive analysis of the paper from various aspects. We start with the working environment of SGX and make a conclusive summary of trusted execution environment (TEE).We then focus on the applications of SGX. We also review and study multifarious attack methods to SGX framework and some recent security improvementsmade on SGX. Finally, we summarize the advantages and disadvantages of SGX with some future research opportunities. We hope this review could help the existing and future research works on SGX and its application for both developers and users.

Key words： Intel SGX cloud computing trusted execution environment TrustZone AMD SEV

收稿日期: 2019-03-19 出版日期: 2020-12-24

Corresponding Author(s): Wei ZHENG

引用本文:

. [J]. Frontiers of Computer Science, 2021, 15(3): 153808.
Wei ZHENG, Ying WU, Xiaoxue WU, Chen FENG, Yulei SUI, Xiapu LUO, Yajin ZHOU. A survey of Intel SGX and its applications. Front. Comput. Sci., 2021, 15(3): 153808.

链接本文:

https://academic.hep.com.cn/fcs/CN/10.1007/s11704-019-9096-y
https://academic.hep.com.cn/fcs/CN/Y2021/V15/I3/153808

1	Y Lou, W Wang. The research of trusted technology under cloud environment. In: Proceedings of International Conference on Information Sci ence and Cloud Computing Companion. 2013, 231–235 https://doi.org/10.1109/ISCC-C.2013.144
2	C Y Liu, M Feng, X J Dai, D Y Li. A new algorithm of backward cloud. Acta Simulata Systematica Sinica, 2004, 16(11): 2417–2420
3	B Hayes. Cloud computing. Communications of the ACM, 2008, 51(7): 9–11 https://doi.org/10.1145/1364782.1364786
4	W Futral, J Greene. Intel Trusted Execution Technology for Server Platforms: A Guide to More Secure Datacenters. Apress, 2013 https://doi.org/10.1007/978-1-4302-6149-0
5	Z Ning, F Zhang, W Shi. Position paper: challenges towards securing hardware-assisted execution environments. In: Proceedings of the Hardware and Architectural Support for Security and Privacy. 2017 https://doi.org/10.1145/3092627.3092633
6	Z Pei, D Ruan, J Liu, Y Xu. A linguistic aggregation operator with three kinds of weights for nuclear safeguards evaluation. Knowledge-Based Systems, 2012, 28: 19–26 https://doi.org/10.1016/j.knosys.2011.10.016
7	D Meng, Z Pei. Extracting linguistic rules from data sets using fuzzy logic and genetic algorithms. Neurocomputing, 2012, 78(1): 48–54 https://doi.org/10.1016/j.neucom.2011.05.029
8	A Baumann, M Peinado, G Hunt. Shielding applications from an untrusted cloud with haven. ACM Transactions on Computer Systems (TOCS), 2015, 33(3): 8 https://doi.org/10.1145/2799647
9	C C Tsai, D E Porter, M Vij. Graphene-SGX: a practical library OS for unmodified applications on SGX. In: Proceedings of USENIX Annual Technical Conference. 2017, 645–658
10	S Arnautov, B Trach, F Gregor, T Knauth, A Martin, C Priebe, J Lind, D Muthukumaran, D O’keeffe, M Stillwell. SCONE: secure linux containers with Intel SGX. In: Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 2016, 689–703
11	J Götzfried, M Eckert, S Schinzel, T Müller. Cache attacks on Intel SGX. In: Proceedings of the 10th European Workshop on Systems Security. 2017 https://doi.org/10.1145/3065913.3065915
12	F McKeen, I Alexandrovich, I Anati, D Caspi, S Johnson, H R Leslie, C Rozas. intel® software guard extensions (intel® sgx) support for dynamic memory management inside an enclave. In: Proceedings of the Hardware and Architectural Support for Security and Privacy. 2016 https://doi.org/10.1145/2948618.2954331
13	B C Xing, M Shanahan, H R Leslie. Intel® software guard extensions (Intel® SGX) software support for dynamic memory allocation inside an enclave. In: Proceedings of the Hardware and Architectural Support for Security and Privacy. 2016 https://doi.org/10.1145/2948618.2954330
14	F Schuster, M Costa, C Fournet, C Gkantsidis, M Peinado, R G Mainar, M Russinovich. VC3: trustworthy data analytics in the cloud using SGX. In: Proceedings of IEEE Symposium on Security and Privacy. 2015, 38–54 https://doi.org/10.1109/SP.2015.10
15	C Shepherd, G Arfaoui, I Gurulian, R Lee, K Markantonakis, R Akram, D Sauveron, E Conchon. Secure and trusted execution: past, present and future – a critical review in the context of the internet of things and cyberphysical systems. In: Proceedings of IEEE Trustcom/BigDataSE/ISPA. 2016, 168–177 https://doi.org/10.1109/TrustCom.2016.0060
16	J Wang, Z Hong, Y Zhang, Y Jin. Enabling security-enhanced attestation with Intel SGX for remote terminal and IoT. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2018, 37(1): 88–96 https://doi.org/10.1109/TCAD.2017.2750067
17	M Hoekstra, R Lal, P Pappachan, V Phegade, J Del Cuvillo. Using innovative instructions to create trustworthy software solutions. HASP@ ISCA, 2013, 11 https://doi.org/10.1145/2487726.2488370
18	B Ngabonziza, D Martin, A Bailey, H Cho, S Martin. Trustzone explained: architectural features and use cases. In: Proceedings of the 2nd IEEE International Conference on Collaboration and Internet Computing. 2016, 445–451 https://doi.org/10.1109/CIC.2016.065
19	G Platform. Global platform made simple guide: trusted execution environment (tee) guide. Derniere Visite, 2013
20	T Kobayashi, T Sasaki, A Jada, D E Asoni, A Perrig. SAFES: sand-boxed architecture for frequent environment self-measurement. In: Proceedings of the 3rd Workshop on System Software for Trusted Execution. 2018, 37–41 https://doi.org/10.1145/3268935.3268939
21	Z H Du, Z Ying, Z Ma, Y Mai, P Wang, J Liu, J Fang. Secure encrypted virtualization is unsecure. 2017, arXiv preprint arXiv:1712.05090
22	S Mofrad, F Zhang, S Lu, W Shi. A comparison study of intel SGX and AMD memory encryption technology. In: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy. 2018 https://doi.org/10.1145/3214292.3214301
23	S Kim, J Han, J Ha, T Kim, D Han. SGX-Tor: a secure and practical tor anonymity network with SGX enclaves. IEEE/ACM Transactions on Networking, 2018, 26(5): 2174–2187 https://doi.org/10.1109/TNET.2018.2868054
24	B Fisch, D Vinayagamurthy, D Boneh, S Gorbunov. Iron: functional encryption using Intel SGX. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 2017, 765–782
25	D Tychalas, N G Tsoutsos, M Maniatakos. Sgxcrypter: IP protection for portable executables using Intel’s SGX technology. In: Proceedings of the 22nd Asia and South Pacific Design Automation Conference. 2017, 354–359 https://doi.org/10.1109/ASPDAC.2017.7858348
26	A Atamli-Reineh, A Martin. Securing application with software partitioning:a case study using SGX. In: Proceedings of International Conference on Security and Privacy in Communication Systems. 2015, 605–621 https://doi.org/10.1007/978-3-319-28865-9_40
27	J Lind, C Priebe, D Muthukumaran, D O’Keeffe, P L Aublin, F Kelbert, T Reiher, D Goltzsche, D Eyers, R Kapitza. Glamdring: automatic application partitioning for Intel SGX. In: Proceedings of USENIX Annual Technical Conference. 2017, 285–298
28	E Bauman, Z Lin. A case for protecting computer games with SGX. In: Proceedings of the 1st Workshop on System Software for Trusted Execution. 2016, 1–6 https://doi.org/10.1145/3007788.3007792
29	J G Beekman, J L Manferdelli, D Wagner. Attestation transparency: building secure internet services for legacy clients. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. 2016, 687–698 https://doi.org/10.1145/2897845.2897895
30	J Manferdelli, T Roeder, F Schneider. The cloudproxy tao for trusted computing. Technical Rep. UCB/EECS-2013-135, 2013
31	J Behl, T Distler, R Kapitza. Hybrids on steroids: SGX-based high performance BFT. In: Proceedings of European Conference on Computer Systems. 2017, 222–237 https://doi.org/10.1145/3064176.3064213
32	B Fuhry, R Bahmani, F Brasser, F Hahn, F Kerschbaum, A R Sadeghi. HardIDX: practical and secure index with SGX. In: Proceedings of IFIP Annual Conference on Data and Applications Security and Privacy. 2017, 386–408 https://doi.org/10.1007/978-3-319-61176-1_22
33	C Priebe, K Vaswani, M Costa. EnclaveDB: a secure database using SGX. In: Proceedings of IEEE Symposium on Security and Privacy. 2018, 264–278 https://doi.org/10.1109/SP.2018.00025
34	T Peters, R Lal, S Varadarajan, P Pappachan, D Kotz. BASTION-SGX: bluetooth and architectural support for trusted I/O on SGX. In: Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy. 2018, 1–9 https://doi.org/10.1145/3214292.3214295
35	S Yoo, H Kim, J Kim. Secure compute-VM: secure big data processing with SGX and compute accelerators. In: Proceedings of the 3rdWorkshop on System Software for Trusted Execution. 2018, 34–36 https://doi.org/10.1145/3268935.3268945
36	Y Swami. Intel SGX remote attestation is not sufficient. IACR, Cryptology ePrint Archive, 2017
37	I Sfyrakis, T Gross. UniGuard: protecting unikernels using Intel SGX. In: Proceedings of IEEE International Conference on Cloud Engineering. 2018, 99–105 https://doi.org/10.1109/IC2E.2018.00032
38	J Gu, Z Hua, Y Xia, H Chen, B Zang, H Guan, J Li. Secure live migration of SGX enclaves on untrusted cloud. In: Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 2017, 225–236 https://doi.org/10.1109/DSN.2017.37
39	F Chen, C Wang, W Dai, X Jiang, N Mohammed, M M Al Aziz, M N Sadat, C Sahinalp, K Lauter, S Wang. PRESAGE: privacy-preserving genetic testing via software guard extension. BMC Medical Genomics, 2017, 10(2): 48 https://doi.org/10.1186/s12920-017-0281-2
40	F Kelbert, F Gregor, R Pires, S Köpsell, M Pasin, A Havet, V Schiavoni, P Felber, C Fetzer, P Pietzuch. SecureCloud: secure big data processing in untrusted clouds. In: Proceedings of the Conference on Design, Automation & Test in Europe. 2017, 282–285 https://doi.org/10.23919/DATE.2017.7926999
41	L V Silva, P Barbosa, R Marinho, A Brito. Security and privacy aware data aggregation on cloud computing. Journal of Internet Services and Applications, 2018, 9(1): 6 https://doi.org/10.1186/s13174-018-0078-3
42	M Coughlin, E Keller, E Wustrow. Trusted click: overcoming security issues of NFV in the cloud. In: Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. 2017, 31–36 https://doi.org/10.1145/3040992.3040994
43	S Chakrabarti, R Leslie-Hurd, M Vij, F McKeen, C Rozas, D Caspi, I Alexandrovich, I Anati. Intel® software guard extensions (Intel® SGX) architecture for oversubscription of secure memory in a virtualized environment. In: Proceedings of the Hardware and Architectural Support for Security and Privacy. 2017 https://doi.org/10.1145/3092627.3092634
44	S Alansari, F Paci, V Sassone. A distributed access control system for cloud federations. In: Proceedings of the 37th IEEE International Conference on Distributed Computing Systems. 2017, 2131–2136 https://doi.org/10.1109/ICDCS.2017.241
45	H Nguyen, V Ganapathy. EnGarde: mutually-trusted inspection of SGX enclaves. In: Proceedings of the 37th IEEE International Conference on Distributed Computing Systems. 2017, 2458–2465 https://doi.org/10.1109/ICDCS.2017.35
46	R Bahmani, M Barbosa, F Brasser, B Portela, A R Sadeghi, G Scerri, B Warinschi. Secure multiparty computation from SGX. In: Proceedings of International Conference on Financial Cryptography and Data Security. 2017, 477–497 https://doi.org/10.1007/978-3-319-70972-7_27
47	H Brekalo, R Strackx, F Piessens. Mitigating password database breaches with Intel SGX. In: Proceedings of the 1stWorkshop on System Software for Trusted Execution. 2016 https://doi.org/10.1145/3007788.3007789
48	K Bhardwaj, M W Shih, P Agarwal, A Gavrilovska, T Kim, K Schwan. Fast, scalable and secure onloading of edge functions using airbox. In: Proceedings of IEEE/ACM Symposium on Edge Computing. 2016, 14–27 https://doi.org/10.1109/SEC.2016.15
49	H Dang, E Purwanto, E C Chang. Proofs of data residency: checking whether your cloud files have been relocated. In: Proceedings of the ACM on Asia Conference on Computer and Communications Security. 2017, 408–422 https://doi.org/10.1145/3052973.3053016
50	D Lie, P Maniatis. Glimmers: resolving the privacy/trust quagmire. In: Proceedings of the 16th Workshop on Hot Topics in Operating Systems. 2017, 94–99 https://doi.org/10.1145/3102980.3102996
51	A Martin, A Britoy, C Fetzer. Elastic and secure energy forecasting in cloud environments. 2017, arXiv preprint arXiv:1705.06453
52	H Duan, X Yuan, C Wang. Lightbox: SGX-assisted secure network functions at near-native speed. 2017, arXiv preprint arXiv:1706.06261
53	J Han, S Kim, J Ha, D Han. SGX-Box: enabling visibility on encrypted traffic using a secure middlebox module. In: Proceedings of the 1st Asia- Pacific Workshop on Networking. 2017, 99–105 https://doi.org/10.1145/3106989.3106994
54	M Barbosa, B Portela, G Scerri, B Warinschi. Foundations of hardwarebased attested computation and application to SGX. In: Proceedings of IEEE European Symposium on Security and Privacy. 2016, 245–260 https://doi.org/10.1109/EuroSP.2016.28
55	S E Coull, K P Dyer. Traffic analysis of encrypted messaging services: apple imessage and beyond. ACM SIGCOMM Computer Communication Review, 2014, 44(5): 5–11 https://doi.org/10.1145/2677046.2677048
56	B J Van, N Weichbrodt, R Kapitza, F Piessens, R Strackx. Telling your secrets without page faults: stealthy page table-based attacks on enclaved execution. In: Proceedings of the 26th USENIX Security Symposium. 2017, 1041–1056
57	W Wang, G Chen, X Pan, Y Zhang, X Wang, V Bindschaedler, H Tang, C A Gunter. Leaky cauldron on the dark land: understanding memory side-channel hazards in SGX. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. 2017, 2421–2434 https://doi.org/10.1145/3133956.3134038
58	S Chen, X Zhang, MK Reiter, Y Zhang. Detecting privileged side-channel attacks in shielded execution with Deja Vu. In: Proceedings of the ACM on Asia Conference on Computer and Communications Security. 2017, 7–18 https://doi.org/10.1145/3052973.3053007
59	M Schwarz, S Weiser, D Gruss, C Maurice, S Mangard. Malware guard extension: using SGX to conceal cache attacks. In: Proceedings of International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment. 2017, 3–24 https://doi.org/10.1007/978-3-319-60876-1_1
60	A Moghimi, G Irazoqui, T Eisenbarth. CacheZoom: how SGX amplifies the power of cache attacks. In: Proceedings of International Conference on Cryptographic Hardware and Embedded Systems. 2017, 69–90 https://doi.org/10.1007/978-3-319-66787-4_4
61	Y Xu, W Cui, M Peinado. Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: Proceedings of IEEE Symposium on Security and Privacy. 2015, 640–656 https://doi.org/10.1109/SP.2015.45
62	S Shinde, Z L Chua, V Narayanan, P Saxena. Preventing page faults from telling your secrets. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security. 2016, 317–328 https://doi.org/10.1145/2897845.2897885
63	V Costan, S Devadas. Intel SGX explained. IACR, Cryptology ePrint Archive, 2016, 2016(086): 1–118
64	S Lee, M W Shih, P Gera, T Kim, H Kim, M Peinado. Inferring finegrained control flow inside SGX enclaves with branch shadowing. In: Proceedings of the 26th USENIX Security Symposium. 2017, 16–18
65	G Chen, S Chen, X Yuan, Y Zhang, T H Lai. SgxPectre attacks: leaking enclave secrets via speculative execution. 2018, arXiv preprint arXiv:1802.09085
66	B J Van, M Minkin, O Weisse, D Genkin, B Kasikci, F Piessens, M Silberstein, T F Wenisch, Y Yarom, R Strackx. Foreshadow: extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In: Proceedings of the 27th USENIX Security Symposium. 2018
67	O Weisse, B J Van, M Minkin, D Genkin, B Kasikci, F Piessens, M Silberstein, R Strackx, T F Wenisch, Y Yarom. Foreshadow-NG: breaking the virtual memory abstraction with transient out-of-order execution. Technical Report, 2018
68	N Weichbrodt, A Kurmus, P Pietzuch, R Kapitza. AsyncShock: exploiting synchronisation bugs in Intel SGX enclaves. In: Proceedings of European Symposium on Research in Computer Security. 2016, 440–457 https://doi.org/10.1007/978-3-319-45744-4_22
69	J Lee, J Jang, Y Jang, N Kwak, Y Choi, C Choi, T Kim, M Peinado, B B Kang. Hacking in darkness: return-oriented programming against secure enclaves. In: Proceedings of USENIX Security Symposium. 2017, 523–539
70	A Biondo, M Conti, L Davi, T Frassetto, A R Sadeghi. The guard’s dilemma: efficient code-reuse attacks against Intel SGX. In: Proceedings of the 27th USENIX Security Symposium. 2018, 1213–1227
71	J Seo, B Lee, S M Kim, M W Shih, I Shin, D Han, T Kim. SGXshield: enabling address space layout randomization for SGX programs. In: Proceedings of Network and Distributed System Security Symposium (NDSS). 2017 https://doi.org/10.14722/ndss.2017.23037
72	R Sinha, S Rajamani, S Seshia, K Vaswani. Moat: verifying confidentiality of enclave programs. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 2015, 1169–1184 https://doi.org/10.1145/2810103.2813608
73	R Buhren, F Hetzelt, N Pirnay. On the detectability of control flow using memory access patterns. In: Proceedings of the 3rd Workshop on System Software for Trusted Execution. 2018, 48–53 https://doi.org/10.1145/3268935.3268941
74	S Chandra, V Karande, Z Lin, L Khan, M Kantarcioglu, B Thuraisingham. Securing data analytics on sgx with randomization. In: Proceedings of European Symposium on Research in Computer Security. 2017, 352–369 https://doi.org/10.1007/978-3-319-66402-6_21
75	R Strackx, F Piessens. Ariadne: aminimal approach to state continuity. In: Proceedings of the 25th USENIX Security Symposium. 2016, 875–892
76	V Costan, I A Lebedev, S Devadas. Sanctum: minimal hardware extensions for strong software isolation. In: Proceedings of the USENIX Security Symposium. 2016, 857–874
77	S Sasy, S Gorbunov, C W Fletcher. ZeroTrace: oblivious memory primitives from Intel SGX. In: Proceedings of Symposium on Network and Distributed System Security. 2017 https://doi.org/10.14722/ndss.2018.23239
78	M Völp, A Lackorzynski, J Decouchant, V Rahli, F Rocha, V P Esteves. Avoiding leakage and synchronization attacks through enclave-side preemption control. In: Proceedings of the 1stWorkshop on System Software for Trusted Execution. 2016, 1–6 https://doi.org/10.1145/3007788.3007794
79	S Weiser, M Werner. SGXIO: generic trusted I/O path for Intel SGX. In: Proceedings of the 7th ACM on Conference on Data and Application Security and Privacy. 2017, 261–268 https://doi.org/10.1145/3029806.3029822
80	R Strackx, F Piessens. Developing secure SGX enclaves: new challenges on the horizon. In: Proceedings of the 1st Workshop on System Software for Trusted Execution. 2016 https://doi.org/10.1145/3007788.3007791
81	D Boneh, S Gueron. Surnaming schemes, fast verification, and applications to SGX technology. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2017, 149–164 https://doi.org/10.1007/978-3-319-52153-4_9
82	O Weisse, V Bertacco, T Austin. Regaining lost cycles with HotCalls: a fast interface for SGX secure enclaves. ACM SIGARCH Computer Architecture News, 2017, 45(2): 81–93 https://doi.org/10.1145/3140659.3080208
83	M Brandenburger, C Cachin, M Lorenz, R Kapitza. Rollback and forking detection for trusted execution environments using lightweight collective memory. In: Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 2017, 157–168 https://doi.org/10.1109/DSN.2017.45
84	H Tian, Q Zhang, S Yan, A Rudnitsky, L Shacham, R Yariv, N Milshten. Switchless calls made practical in Intel SGX. In: Proceedings of the 3rd Workshop on System Software for Trusted Execution. 2018, 22–27 https://doi.org/10.1145/3268935.3268942
85	S Brenner, M Behlendorf, R Kapitza. Trusted execution, and the impact of security on performance. In: Proceedings of the 3rdWorkshop on System Software for Trusted Execution. 2018, 28–33 https://doi.org/10.1145/3268935.3268943
86	S Tamrakar, J Liu, A Paverd, J E Ekberg, B Pinkas, N Asokan. The circle game: scalable private membership test using trusted hardware. In: Proceedings of ACM on Asia Conference on Computer and Communications Security. 2017, 31–44 https://doi.org/10.1145/3052973.3053006
87	J H Saltzer, M D Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 1975, 63(9): 1278–1308 https://doi.org/10.1109/PROC.1975.9939
88	M Pirker, D Slamanig. A framework for privacy-preserving mobile payment on security enhanced ARM TrustZone platforms. In: Proceedings of the 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 2012, 1155–1160 https://doi.org/10.1109/TrustCom.2012.28
89	S Smalley, R Craig. Security enhanced (SE) Android: bring flexible MAC to Android. In: Proceedings of the 20th Annual Network and Distributed System Symposium. 2013, 20–38
90	C Zheng. Overview of security Enhanced Android’s security architecture. In: Proceedings of the 2nd International Conference on Teaching and Computational Science. 2014 https://doi.org/10.2991/ictcs-14.2014.12
91	R Liu, M Srivastava. PROTC: PROTeCting drone’s peripherals through ARM trustzone. In: Proceedings of the 3rd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications. 2017, 1–6 https://doi.org/10.1145/3086439.3086443
92	A Fitzek, F Achleitner, J Winter, D Hein. The ANDIX research OS-ARM TrustZone meets industrial control systems security. In: Proceedings of the 13th IEEE International Conference on Industrial Informatics. 2015, 88–93 https://doi.org/10.1109/INDIN.2015.7281715
93	K Ying, A Ahlawat, B Alsharifi, Y Jiang, P Thavai, W Du. TruZ-Droid: integrating TrustZone with mobile operating system. In: Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services. 2018, 14–27 https://doi.org/10.1145/3210240.3210338
94	J Winter. Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing. 2008, 21–30 https://doi.org/10.1145/1456455.1456460
95	L Jia, M Zhu, B Tu. T-VMI: trusted virtual machine introspection in cloud environments. In: Proceedings of the 17th IEEE/ACMInternational Symposium on Cluster, Cloud and Grid Computing. 2017, 478–487 https://doi.org/10.1109/CCGRID.2017.48
96	H Cho, P Zhang, D Kim, J Park, C H Lee, Z Zhao, A Doupé, G J Ahn. Prime+ count: novel cross-world covert channels on arm trustzone. In: Proceedings of the 34th Annual Computer Security Applications Conference. 2018, 441–452 https://doi.org/10.1145/3274694.3274704

Viewed

Full text

Abstract

Cited

Shared

Discussed