A Novel Trusted Software Base for Commercial Android Devices Using Secure TF Card

Abstract

With the help of edge computing, the Internet of Things (IoT) provides users with efficient data transmission and processing capabilities. As a main control device of the IoT and the communication portal of edge computing, user terminals represented by Android devices have potential security risks in IoT. Trusted computing is a universal method to construct trusted environment for computing platforms. However, due to the strict space, cost, and power limitations, commercial Android devices would not be applicable to implement a dedicated onboard chip or the software Trusted Platform Module (TPM) by modifying its firmware. We have designed a practical Trusted Software Base (TSB) for mobile devices to enhance their security. By using the secure TF card as the hardware to provide secure storage and cryptographic capabilities, we implement the trusted boot and trust extension for applications on a commercial device to verify the feasibility of the TSB to ensure a trusted environment for users. Our implementation does not require any modification to the firmware or any additional hardware other than the secure TF card. Experimental evaluation shows that our method can provide trusted computing capability for commercial Android devices with low performance overheads.