Skip to Main content Skip to Navigation
Conference papers

The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation

Abstract : The dual-execution-environment approach (dual-EE) is a trusted model that was defined to allow mobile smart devices to guarantee tamper-resistant execution for highly sensitive applications. Although various solutions implementing dual-EE have been proposed in the literature, this model has not been formalized yet. In this paper, we revisit the dual-EE approach and propose a theoretical framework to systematize the design of dual-EE solutions regarding well-established primitives defined in the Multiple Independent Levels of Security (MILS) architecture. We provide a general classification of the different dual-EE proposals based on their isolation properties. We introduce a comparative framework allowing dual-EE solutions to be evaluated across a common set of criteria. The relevance of our framework is examined by applying it on three technologies, each one represents one category in our classification. Results are consistent and explain some hidden and unexpected properties of each technology. For instance, we find that bare-metal hypervisors are ill-adapted to provide high assurance security even though they might improve the overall security level of the system.
Document type :
Conference papers
Complete list of metadata

Cited literature [24 references]  Display  Hide  Download
Contributor : Mohamed Sabt Connect in order to contact the contributor
Submitted on : Monday, December 21, 2015 - 11:34:01 AM
Last modification on : Tuesday, October 19, 2021 - 11:34:57 PM
Long-term archiving on: : Tuesday, March 22, 2016 - 10:20:39 AM


Files produced by the author(s)




Mohamed Sabt, Mohammed Achemlal, Abdelmadjid Bouabdallah. The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation. 30th IFIP International Conference on ICT Systems Security and Privacy Protection, May 2015, Hamburg, Germany. pp.557-570, ⟨10.1007/978-3-319-18467-8_37⟩. ⟨hal-01246353⟩



Record views


Files downloads