Tee 从手机端到云端的系统安全增强

TEE
TEE
ARM TrustZoneIntel SGX
/ 2015.11
TEE
TEE (Trusted Execution Environment)
GlobalPlatform2013
REE (Rich Execution Environment)
TEE
PIN

DRM

TrustZone
2003
ARM
TrustZone
TrustZone
2003
ARM
TrustZone
2008
2009
2010
TrustZone
2003
ARM
TrustZone
2008
2009
2010
TrustZone
2010
TrustZone
TrustZone
2015
TEE
TEE
TEE
Root
AppleiOS Enclave
iPhone 5s
TrustZoneEnclave
Enclave
* Apple
TEETEE
TEE
REEAndroid
TEEREEOS/
TEE
TEETA
TEESecure OS + + +
T6TrustZone
T6ARM TrustZone
ARM TrustZone
ARMv6
ARM11Cortex A

OSOS

OS
TrustZone

TEE REE
TEE
TA (Trusted Application)
TUI
TEE

TA

CPU

TEE
Samsung TIMA
Apple: iOS Enclave
Qualcomm: Zeroth
DRM
TEE
TEE

CPURing-0
Hypervisor
CPUVT-x
Flicker[EuroSys08]
SVM/TXT & TPM
TEE
TrustZone
Flicker[EuroSys-08]SVMTEE
CPUIntel TXT, AMD SVM

TPM

CPUTEE
2
Intel SGX
Software Guard Extension
Enclave

XOMHyperCoffer

[1] AppleEnclave

XOM [ASPLOS-00]
Rogers [MICRO-07]
Bastion [HPCA-10]
HyperCoffer [HPCA-13]

TEE
ARM
X86
TrustZone
Virtualization
SVM/TXT/SGX
TEE

Flicker
[Eurosys-08]ProxOS [STC-10]

VMI
[NDSS-03]
Virtual Machine Introspection

VMI

VMware
VMI Tool
Introspect
Hypervisor
T. Garfinkel, M. Rosenblum et al. , A virtual machine introspection based architecture for intrusion detection. in Proc. NDSS, 2003.
KNOXTrustZone

TIMA: TrustZone-based Integrity Measurement Architecture

TrustZone

Zeroth
NPU

820
Haven
TEE
TEECVE
http://www.extremetech.com/mobile/211985-htc-caught-storingfingerprint-data-in-unencrypted-plain-text
TEE

TEE
TA

TEEREE
Toolkit
TEE
REE
RootKingRoot
Introspection
Androguard
DecompilerJEB
Instrumenting
ADBI
DisassemblerIDA DebuggerGDB
TEE SDK
TEE
Moto
2013
TrustZone
Bootloader
: http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html
TEE
QSEE CVE-2014-4322
drivers/misc/qseecom.c
offsetlength
DoS
RTOSck CVE-2015-4422
ASLRNX
TA
HTCAndroid

Blackhat15: S5Android
TEEREE
TEE Driver CVE-2015-4421

SamsungTEEMITM
SGXSide Channel [S&P15]

SGX
OS
SGX
100%

TEE
TEE
1TrustZone
TEE
2TEE
TEE
3TA
TEETA
4TEE
TEE

TEE
TEE
TEE
TEE
TEE100%
TEE
TEECVE
ARMTrustZone
TEE
X86VT-xSGX
TEE
TEE

Tee 从手机端到云端的系统安全增强

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tee 从手机端到云端的系统安全增强

Uploaded by

Copyright:

Available Formats

TEE

Apple: iOS Enclave

SVM/TXT & TPM

Virtual Machine Introspection

SGXSide Channel [S&P15]

You might also like