Smart and secure: Preserving privacy in untrusted home routers

Seung Seob Lee; Hang Shi; Kun Tan; Yunxin Liu; Su Kyoung Lee; Yong Cui

doi:10.1145/2967360.2967380

Smart and secure: Preserving privacy in untrusted home routers

Seung Seob Lee, Hang Shi, Kun Tan, Yunxin Liu, Su Kyoung Lee, Yong Cui

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

1 Citation (Scopus)

Abstract

Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.

Original language	English
Title of host publication	Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016
Publisher	Association for Computing Machinery, Inc
ISBN (Electronic)	9781450342650
DOIs	https://doi.org/10.1145/2967360.2967380
Publication status	Published - 2016 Aug 4
Event	7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016 - Hong Kong, China Duration: 2016 Aug 4 → 2016 Aug 5

Publication series

Name	Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

Other

Other	7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016
Country	China
City	Hong Kong
Period	16/8/4 → 16/8/5

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Hardware and Architecture

Access to Document

10.1145/2967360.2967380

Fingerprint Dive into the research topics of 'Smart and secure: Preserving privacy in untrusted home routers'. Together they form a unique fingerprint.

Cite this

Lee, S. S., Shi, H., Tan, K., Liu, Y., Lee, S. K., & Cui, Y. (2016). Smart and secure: Preserving privacy in untrusted home routers. In Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016 [2967380] (Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016). Association for Computing Machinery, Inc. https://doi.org/10.1145/2967360.2967380

@inproceedings{35579f89b0a342ff9bbb62ab9343504c,

title = "Smart and secure: Preserving privacy in untrusted home routers",

abstract = "Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.",

author = "Lee, {Seung Seob} and Hang Shi and Kun Tan and Yunxin Liu and Lee, {Su Kyoung} and Yong Cui",

year = "2016",

month = aug,

day = "4",

doi = "10.1145/2967360.2967380",

language = "English",

series = "Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016",

publisher = "Association for Computing Machinery, Inc",

booktitle = "Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016",

note = "7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016 ; Conference date: 04-08-2016 Through 05-08-2016",

}

Lee, SS, Shi, H, Tan, K, Liu, Y, Lee, SK & Cui, Y 2016, Smart and secure: Preserving privacy in untrusted home routers. in Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016., 2967380, Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016, Association for Computing Machinery, Inc, 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016, Hong Kong, China, 16/8/4. https://doi.org/10.1145/2967360.2967380

Smart and secure : Preserving privacy in untrusted home routers. / Lee, Seung Seob; Shi, Hang; Tan, Kun; Liu, Yunxin; Lee, Su Kyoung; Cui, Yong.

Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016. Association for Computing Machinery, Inc, 2016. 2967380 (Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Smart and secure

T2 - 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

AU - Lee, Seung Seob

AU - Shi, Hang

AU - Tan, Kun

AU - Liu, Yunxin

AU - Lee, Su Kyoung

AU - Cui, Yong

PY - 2016/8/4

Y1 - 2016/8/4

N2 - Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.

AB - Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.

UR - http://www.scopus.com/inward/record.url?scp=84986630285&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84986630285&partnerID=8YFLogxK

U2 - 10.1145/2967360.2967380

DO - 10.1145/2967360.2967380

M3 - Conference contribution

AN - SCOPUS:84986630285

T3 - Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

BT - Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016

PB - Association for Computing Machinery, Inc

Y2 - 4 August 2016 through 5 August 2016

ER -