KEVLAR-TZ: A Secure Cache for ARM TrustZone

04/27/2021
by   Oscar Benedito, et al.
0

Edge devices are increasingly in charge of storing privacy-sensitive data, in particular implantables, wearables, and nearables can potentially collect and process high-resolution vital signs 24/7. Storing and performing computations over such data in a privacy-preserving fashion is of paramount importance. We present KEVLAR-TZ, an application-level trusted cache designed to leverage ARM TrustZone, a popular trusted execution environment available in consumer-grade devices. To facilitate the integration with existing systems and IoT devices and protocols, KEVLAR-TZ exposes a REST-based interface with connection endpoints inside the TrustZone enclave. Furthermore, it exploits the on-device secure persistent storage to guarantee durability of data across reboots. We fully implemented KEVLAR-TZ on top of the OP-TEE framework, and experimentally evaluated its performance. Our results showcase performance trade-offs, for instance in terms of throughput and latency, for various workloads, and we believe our results can be useful for practitioners and in general developers of systems for TrustZone. KEVLAR-TZ is available as open-source at https://github.com/mqttz/kevlar-tz/.

READ FULL TEXT
research
07/03/2020

MQT-TZ: Secure MQTT Broker for Biomedical Signal Processing on the Edge

Physical health records belong to healthcare providers, but the informat...
research
07/24/2020

MQT-TZ: Hardening IoT Brokers Using ARM TrustZone

The publish-subscribe paradigm is an efficient communication scheme with...
research
02/26/2019

PubSub-SGX: Exploiting Trusted Execution Environments for Privacy-Preserving Publish/Subscribe Systems

This paper presents PUBSUB-SGX, a content-based publish-subscribe system...
research
06/24/2019

On The Performance of ARM TrustZone

The TrustZone technology, available in the vast majority of recent ARM p...
research
04/19/2017

TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone

The rapid evolution of Internet-of-Things (IoT) technologies has led to ...
research
03/29/2021

Twine: An Embedded Trusted Runtime for WebAssembly

WebAssembly is an increasingly popular lightweight binary instruction fo...
research
08/02/2018

StreamBox-TZ: A Secure IoT Analytics Engine at the Edge

We present StreamBox-TZ, a stream analytics engine for an edge platform....

Please sign up or login with your details

Forgot password? Click here to reset