Table of Content

Open Access

ARTICLE

Securing Display Path for Security-Sensitive Applications on Mobile Devices

Jinhua Cui1,2, Yuanyuan Zhang3, Zhiping Cai1,*, Anfeng Liu4, Yangyang Li5
College of Computer, National University of Defense Technology, Changsha 410073, China.
SMU Labs, Singapore Management University, Singapore 178895, Singapore.
College of Mathematics and Informatics, Fujian Normal University, Fuzhou 350117, China.
School of Information Science and Engineering, Central South University, Changsha 410083, China.
Innovation Center, China Academy of Electronics and Information Technology, Beijing 100041, China.
* Corresponding author: Zhiping Cai. Email: .

Computers, Materials & Continua 2018, 55(1), 17-35. https://doi.org/10.3970/cmc.2018.055.017

Abstract

While smart devices based on ARM processor bring us a lot of convenience, they also become an attractive target of cyber-attacks. The threat is exaggerated as commodity OSes usually have a large code base and suffer from various software vulnerabilities. Nowadays, adversaries prefer to steal sensitive data by leaking the content of display output by a security-sensitive application. A promising solution is to exploit the hardware visualization extensions provided by modern ARM processors to construct a secure display path between the applications and the display device. In this work, we present a scheme named SecDisplay for trusted display service, it protects sensitive data displayed from being stolen or tampered surreptitiously by a compromised OS. The TCB of SecDisplay mainly consists of a tiny hypervisor and a super light-weight rendering painter, and has only ~1400 lines of code. We implemented a prototype of SecDisplay and evaluated its performance overhead. The results show that SecDisplay only incurs an average drop of 3.4%.

Keywords

Mobile device, secure display, virtualization, trusted computing base, display path, trust anchor.

Cite This Article

J. . Cui, Y. . Zhang, Z. . Cai, A. . Liu and Y. . Li, "Securing display path for security-sensitive applications on mobile devices," Computers, Materials & Continua, vol. 55, no.1, pp. 17–35, 2018.



This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1525

    View

  • 1007

    Download

  • 0

    Like

Related articles

Share Link

WeChat scan