E-resources
Peer reviewed
-
Khalid, Fatima; Masood, Ammar
Computers & security, 20/May , Volume: 116Journal Article
TrustZone technology is used to implement Trusted Execution Environment (TEE) in mobile devices. TEE is responsible for isolating and protecting the Trusted Computing Base (TCB) of the device. There are several TrustZone-based TEE solutions utilized in devices, among which Qualcomm Secure Execution Environment (QSEE) is the most well-known TEE utilized in many Android devices. Since the underlying QSEE is entailed to ensure the security of sensitive data on the user device, it is essential to analyze its vulnerability state; however, most of the prior work on QSEE targets older devices or firmware versions. In this work, we carry out a comprehensive review of QSEE vulnerabilities and validate the current security state of the target TEE on a physical device. Our approach has been based on mining of CVEs targeting QSEE or its components spanning about seven years, so as to derive the security trend for QSEE as well as a heat-map to narrow down the more targeted areas of the TEE. As the heat-map indicated a major problem area to be vulnerabilities in Trusted Apps (TAs), we validated the integrity issues of TAs on a physical Android device. Our review highlights that while QSEE has considerably improved its security over the years; yet, still vulnerabilities may arise due to variations in vendor-level configurations on physical devices.
![loading ... loading ...](themes/default/img/ajax-loading.gif)
Shelf entry
Permalink
- URL:
Impact factor
Access to the JCR database is permitted only to users from Slovenia. Your current IP address is not on the list of IP addresses with access permission, and authentication with the relevant AAI accout is required.
Year | Impact factor | Edition | Category | Classification | ||||
---|---|---|---|---|---|---|---|---|
JCR | SNIP | JCR | SNIP | JCR | SNIP | JCR | SNIP |
Select the library membership card:
If the library membership card is not in the list,
add a new one.
DRS, in which the journal is indexed
Database name | Field | Year |
---|
Links to authors' personal bibliographies | Links to information on researchers in the SICRIS system |
---|
Source: Personal bibliographies
and: SICRIS
The material is available in full text. If you wish to order the material anyway, click the Continue button.