Smart and secure: Preserving privacy in untrusted home routers

Seung Seob Lee, Hang Shi, Kun Tan, Yunxin Liu, Su Kyoung Lee, Yong Cui

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.

Original languageEnglish
Title of host publicationProceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016
PublisherAssociation for Computing Machinery, Inc
ISBN (Electronic)9781450342650
DOIs
Publication statusPublished - 2016 Aug 4
Event7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016 - Hong Kong, China
Duration: 2016 Aug 42016 Aug 5

Publication series

NameProceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

Other

Other7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016
CountryChina
CityHong Kong
Period16/8/416/8/5

Fingerprint

Routers
Data privacy
Cryptography
Systems analysis

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture

Cite this

Lee, S. S., Shi, H., Tan, K., Liu, Y., Lee, S. K., & Cui, Y. (2016). Smart and secure: Preserving privacy in untrusted home routers. In Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016 [2967380] (Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016). Association for Computing Machinery, Inc. https://doi.org/10.1145/2967360.2967380
Lee, Seung Seob ; Shi, Hang ; Tan, Kun ; Liu, Yunxin ; Lee, Su Kyoung ; Cui, Yong. / Smart and secure : Preserving privacy in untrusted home routers. Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016. Association for Computing Machinery, Inc, 2016. (Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016).
@inproceedings{35579f89b0a342ff9bbb62ab9343504c,
title = "Smart and secure: Preserving privacy in untrusted home routers",
abstract = "Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.",
author = "Lee, {Seung Seob} and Hang Shi and Kun Tan and Yunxin Liu and Lee, {Su Kyoung} and Yong Cui",
year = "2016",
month = "8",
day = "4",
doi = "10.1145/2967360.2967380",
language = "English",
series = "Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016",
publisher = "Association for Computing Machinery, Inc",
booktitle = "Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016",

}

Lee, SS, Shi, H, Tan, K, Liu, Y, Lee, SK & Cui, Y 2016, Smart and secure: Preserving privacy in untrusted home routers. in Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016., 2967380, Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016, Association for Computing Machinery, Inc, 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016, Hong Kong, China, 16/8/4. https://doi.org/10.1145/2967360.2967380

Smart and secure : Preserving privacy in untrusted home routers. / Lee, Seung Seob; Shi, Hang; Tan, Kun; Liu, Yunxin; Lee, Su Kyoung; Cui, Yong.

Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016. Association for Computing Machinery, Inc, 2016. 2967380 (Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Smart and secure

T2 - Preserving privacy in untrusted home routers

AU - Lee, Seung Seob

AU - Shi, Hang

AU - Tan, Kun

AU - Liu, Yunxin

AU - Lee, Su Kyoung

AU - Cui, Yong

PY - 2016/8/4

Y1 - 2016/8/4

N2 - Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.

AB - Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.

UR - http://www.scopus.com/inward/record.url?scp=84986630285&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84986630285&partnerID=8YFLogxK

U2 - 10.1145/2967360.2967380

DO - 10.1145/2967360.2967380

M3 - Conference contribution

AN - SCOPUS:84986630285

T3 - Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

BT - Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

PB - Association for Computing Machinery, Inc

ER -

Lee SS, Shi H, Tan K, Liu Y, Lee SK, Cui Y. Smart and secure: Preserving privacy in untrusted home routers. In Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016. Association for Computing Machinery, Inc. 2016. 2967380. (Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016). https://doi.org/10.1145/2967360.2967380