Recently, wireless home routers increasingly become smart. While these smart routers provide rich functionalities to users, they also raise security concerns. Since a smart home router may process and store personal data for users, once compromised, these sensitive information will be exposed. Unfortunately, current operating systems on home routers are far from secure. As a consequence, users are facing a difficult tradeoff between functionality and privacy risks. This paper attacks this dilemma with a novel SEAL architecture for home routers. SEAL leverages the ARM TrustZone technology to divide a conventional router OS (i.e., Linux) in a non-secure/normal world. All sensitive user data are shielded from the normal world using encryption. Modules (called applets) that process the sensitive data are located in a secure world and confined in secure sandboxes provided by a tiny secure OS. We report the system design of SEAL and our preliminary implementation and evaluation results.
|Title of host publication||Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016|
|Publisher||Association for Computing Machinery, Inc|
|Publication status||Published - 2016 Aug 4|
|Event||7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016 - Hong Kong, China|
Duration: 2016 Aug 4 → 2016 Aug 5
|Name||Proceedings of the 7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016|
|Other||7th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2016|
|Period||16/8/4 → 16/8/5|
Bibliographical notePublisher Copyright:
© 2016 ACM.
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications
- Hardware and Architecture