Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

A secure architecture for operating system-level virtualization on mobile devices

 
: Huber, M.; Horsch, J.; Velten, M.; Weiss, M.; Wessel, S.

:

Lin, D.:
Information security and cryptology. 11th international conference, Inscrypt 2015 : Beijing, China, November 1-3, 2015; Revised selected papers
Cham: Springer International Publishing, 2016 (Lecture Notes in Computer Science 9589)
ISBN: 978-3-319-38897-7 (Print)
ISBN: 978-3-319-38898-4 (Online)
S.430-450
International Conference on Information Security and Cryptology (Inscrypt) <11, 2015, Beijing>
Englisch
Konferenzbeitrag
Fraunhofer AISEC ()

Abstract
In this paper, we present a novel secure architecture for OS-level virtualization on mobile devices. OS-level virtualization allows to simultaneously operate multiple userland OS instances on one physical device. Compared to previous approaches, our main objective is the confidentiality of sensitive user data stored on the device. We isolate the OS instances by restricting them to a set of minimal, controlled functionality and allow communication between components exclusively through well-defined channels. With our secure architecture, we therefore go beyond the common deployment of Linux kernel mechanisms, such as namespaces or cgroups. We develop a specially tailored, stacked LSM concept using SELinux and a custom LSM, leverage Linux capabilities and the cgroups devices subsystem. Based on the architecture, we present secure device virtualization concepts allowing to dynamically assign device functionalities to different OS instances. Furthermore, we develop a mechanism for secure switching between the instances. We realize the architecture with a fully functional and performant implementation on the Samsung Galaxy S4 and Nexus 5 mobile devices, running Android 4.4.4 and 5.1.1, respectively. With a systematic security evaluation, we demonstrate that the secure isolation of OS instances provides confidentiality even when large parts of the system are compromised.

: http://publica.fraunhofer.de/dokumente/N-422614.html