Secure key management in a trusted domain on mobile devices
Institution: | Linköping University |
---|---|
Department: | |
Year: | 2015 |
Keywords: | TPM; TEE; Common Criteria; Evaluation; Engineering and Technology; Other Engineering and Technologies; Teknik och teknologier; Annan teknik; Engineering and Technology; Other Engineering and Technologies; Other Engineering and Technologies not elsewhere specified; Teknik och teknologier; Annan teknik; Övrig annan teknik; Computer science; Datavetenskap |
Record ID: | 1370766 |
Full text PDF: | http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-118501 |
As mobile devices manage more and more sensitive information they have become a more targeted platform to exploit. To maintain system integrity while providing a highly responsive product, platform developers have developed hardware as well as software solutions to improve security. Until recently however, it was only possible to devise hardware solutions to achieve the security requirements of EU’s Restricted VoIP protocol. This thesis investigates whether a software solution can provide the necessary levels of assurance to protect EU Restricted Voice over Internet Protocol (VoIP) communications. The thesis covers a literature study over possible approaches to protect sensitive information, which was used in the risk analysis to derive five tests to evaluate the trusted execution environment. The tests show that the trusted execution environment does provide good protection but that the implementation and design greatly influence the robustness and level of assurance that can be expected from the trusted execution environment.