This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Design and Implementation of Efficient Integrity Protection for Open Mobile Platforms
Jan. 2014 (vol. 13 no. 1)
pp. 188-201
Xinwen Zhang, Huawei Research Center, Santa Clara
Jean-Pierre Seifert, Deutsche Telekom Laboratories and Technical University of Berlin, Berlin
Onur Aciicmez, Samsung Information Systems America, San Jose
The security of mobile devices such as cellular phones and smartphones has gained extensive attention due to their increasing usage in people's daily life. The problem is challenging as the computing environments of these devices have become more open and general-purpose while at the same time they have the constraints of performance and user experience. We propose and implement SEIP, a simple and efficient but yet effective solution for the integrity protection of real-world cellular phone platforms, which is motivated by the disadvantages of applying traditional integrity models on these performance and user experience constrained devices. The major security objective of SEIP is to protect trusted services and resources (e.g., those belonging to cellular service providers and device manufacturers) from third-party code. We propose a set of simple integrity protection rules based upon open mobile operating system environments and application behaviors. Our design leverages the unique features of mobile devices, such as service convergence and limited permissions of user installed applications, and easily identifies the borderline between trusted and untrusted domains on mobile platforms. Our approach, thus, significantly simplifies policy specifications while still achieves a high assurance of platform integrity. SEIP is deployed within a commercially available Linux-based smartphone and demonstrates that it can effectively prevent certain malware. The security policy of our implementation is less than 20 kB, and a performance study shows that it is lightweight.
Index Terms:
Mobile communication,Malware,Bluetooth,Mobile computing,Smart phones,open mobile platforms,Mobile communication,Malware,Bluetooth,Mobile computing,Smart phones,smartphone security,Integrity protection
Citation:
Xinwen Zhang, Jean-Pierre Seifert, Onur Aciicmez, "Design and Implementation of Efficient Integrity Protection for Open Mobile Platforms," IEEE Transactions on Mobile Computing, vol. 13, no. 1, pp. 188-201, Jan. 2014, doi:10.1109/TMC.2012.232
Usage of this product signifies your acceptance of the Terms of Use.