TY  - EJOU
AU  - Cui, Jinhua  
AU  - Zhang, Yuanyuan  
AU  - Cai, Zhiping  
AU  - Liu, Anfeng  
AU  - Li, Yangyang  

TI  - Securing Display Path for Security-Sensitive Applications on Mobile Devices
T2  - Computers, Materials \& Continua

PY  - 2018
VL  - 55
IS  - 1
SN  - 1546-2226

AB  - While smart devices based on ARM processor bring us a lot of convenience, they also become an attractive target of cyber-attacks. The threat is exaggerated as commodity OSes usually have a large code base and suffer from various software vulnerabilities. Nowadays, adversaries prefer to steal sensitive data by leaking the content of display output by a security-sensitive application. A promising solution is to exploit the hardware visualization extensions provided by modern ARM processors to construct a secure display path between the applications and the display device. In this work, we present a scheme named SecDisplay for trusted display service, it protects sensitive data displayed from being stolen or tampered surreptitiously by a compromised OS. The TCB of SecDisplay mainly consists of a tiny hypervisor and a super light-weight rendering painter, and has only ~1400 lines of code. We implemented a prototype of SecDisplay and evaluated its performance overhead. The results show that SecDisplay only incurs an average drop of 3.4%.
KW  - Mobile device
KW  -  secure display
KW  -  virtualization
KW  -  trusted computing base
KW  -  display path
KW  -  trust anchor

DO  - 10.3970/cmc.2018.055.017