Το έργο με τίτλο Andromeda: enabling secure enclaves for the Android ecosystem από τον/τους δημιουργό/ούς Deyannis Dimitris, Karnikis Dimitris, Vasiliadis Giorgos, Ioannidis Sotirios διατίθεται με την άδεια Creative Commons Αναφορά Δημιουργού 4.0 Διεθνές
Βιβλιογραφική Αναφορά
D. Deyannis, D. Karnikis, G. Vasiliadis and S. Ioannidis, “Andromeda: enabling secure enclaves for the Android ecosystem,” in Information Security, Lecture Notes in Computer Science, J.K. Liu, S. Katsikas, W. Meng, W. Susilo, R. Intan, Eds., Cham, Switzerland: Springer Nature, 2021, pp. 195–217, doi: 10.1007/978-3-030-91356-4_11.
https://doi.org/10.1007/978-3-030-91356-4_11
The Android OS is currently used in a plethora of devices that play a core part of our everyday life, such as mobile phones, tablets, smart home appliances, entertainment systems and embedded devices. The majority of these devices typically process and store a vast amount of security-critical and privacy-sensitive data, including personal contacts, financial accounts and high-profile enterprise assets. The importance of these data makes these devices valuable attack targets.In this paper we propose Andromeda, a framework that provides secure enclaves for Android OS to mitigate attacks that target sensitive or critical code, data and communication channels. Andromeda offers the first SGX interface for Android OS (to the best of our knowledge), as well as services that enhance its security and offer protection schemes for several applications that deal with sensitive or secret data. Andromeda is also able to securely execute SGX-enabled code on behalf of external devices that are not equipped with SGX-capable CPUs. Moreover, Andromeda protects cryptographic keys from memory dump attacks with less than 16% overhead on the corresponding cryptographic operations and provides secure, end-to-end encrypted, communication and computation channels for external devices paired with the Android device.