Publication

TEEzz: Fuzzing Trusted Applications on COTS Android Devices

Mathias Josef Payer, Marcel Busch
2023
Conference Papers

Abstract

Security and privacy-sensitive smartphone applications use trusted execution environments (TEEs) to protect sensitive operations from malicious code. By design, TEEs have privileged access to the entire system but expose little to no insight into their inner workings. Moreover, real-world TEEs enforce strict format and protocol interactions when communicating with trusted applications (TAs), which prohibits effective automated testing.

Official source

https://infoscience.epfl.ch/entities/publication/cb1d00b8-08ee-428b-842c-0d010bc17dad

About this result

This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Mathias Josef Payer, Marcel Busch
2023
Conference Papers

Abstract

Official source

https://infoscience.epfl.ch/entities/publication/cb1d00b8-08ee-428b-842c-0d010bc17dad

About this result

Related concepts (26)

Trusted Execution Technology

Intel Trusted Execution Technology (Intel TXT, formerly known as LaGrande Technology) is a computer hardware technology of which the primary goals are: Attestation of the authenticity of a platform and its operating system. Assuring that an authentic operating system starts in a trusted environment, which can then be considered trusted. Provision of a trusted operating system with additional security capabilities not available to an unproven one.

Smartphone

A smartphone is a portable computer device that combines mobile telephone functions and computing functions into one unit. They are distinguished from older-design feature phones by their more advanced hardware capabilities and extensive mobile operating systems, which facilitate wider software, access to the internet (including web browsing over mobile broadband), and multimedia functionality (including music, video, cameras, and gaming), alongside core phone functions such as voice calls and text messaging.

Trusted Computing

Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of confidential computing. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key that is inaccessible to the rest of the system and the owner.

Related publications (18)

A RISC-V Extension to Minimize Privileges of Enclave Runtimes

Edouard Bugnion, Neelu Shivprakash Kalani

In confidential computing, the view of the system software is Manichean: the host operating system is untrusted and the TEE runtime system is fully trusted. However, the runtime system is often as complex as a full operating system, and thus is not free fr ...

ACM2023

Creating Trust by Abolishing Hierarchies

Adrien Ghosn, Edouard Bugnion, Evangelos Marios Kogias, Mathias Josef Payer, Charly Nicolas Lucien Castes, Yuchen Qian, Neelu Shivprakash Kalani

Software is going through a trust crisis. Privileged code is no longer trusted and processes insufficiently protect user code from unverified libraries. While usually treated separately, confidential computing and program compartmentalization are both symp ...

Association for Computing Machinery2023

Bridging the gap between theoretical and practical privacy technologies for at-risk populations

Kasra Edalatnejadkhamene

With the pervasive digitalization of modern life, we benefit from efficient access to information and services. Yet, this digitalization poses severe privacy challenges, especially for special-needs individuals. Beyond being a fundamental human right, priv ...

EPFL2023