The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation

Résumé

The dual-execution-environment approach (dual-EE) is a trusted model that was defined to allow mobile smart devices to guarantee tamper-resistant execution for highly sensitive applications. Although various solutions implementing dual-EE have been proposed in the literature, this model has not been formalized yet. In this paper, we revisit the dual-EE approach and propose a theoretical framework to systematize the design of dual-EE solutions regarding well-established primitives defined in the Multiple Independent Levels of Security (MILS) architecture. We provide a general classification of the different dual-EE proposals based on their isolation properties. We introduce a comparative framework allowing dual-EE solutions to be evaluated across a common set of criteria. The relevance of our framework is examined by applying it on three technologies, each one represents one category in our classification. Results are consistent and explain some hidden and unexpected properties of each technology. For instance, we find that bare-metal hypervisors are ill-adapted to provide high assurance security even though they might improve the overall security level of the system.
Fichier principal
Vignette du fichier
ifipsec_2015_the_dual_ee_approach.pdf (224.24 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01246353 , version 1 (21-12-2015)

Identifiants

Citer

Mohamed Sabt, Mohammed Achemlal, Abdelmadjid Bouabdallah. The Dual-Execution-Environment Approach: Analysis and Comparative Evaluation. 30th IFIP International Conference on ICT Systems Security and Privacy Protection, May 2015, Hamburg, Germany. pp.557-570, ⟨10.1007/978-3-319-18467-8_37⟩. ⟨hal-01246353⟩
324 Consultations
505 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More