One Secure Access Scheme Based on Trusted Execution Environment

摘要

The wide adoption of mobile devices poses an imminent threat to preserving privacy. In order to prevent the leakage of sensitive information (such as the contact list, or private pictures) raised by inappropriate access, we propose a secure access scheme based on Trusted Execution Environment (TEE) specifically designed for mobile devices. The proposed scheme has two purposes: secure access and minimizing losses. For secure access, we use TEE to run access authorization and verification; for minimizing losses, we use the strategy of file slice to divide the sensitive file into multiple parts and then encrypt the file parts respectively in case of large-scale leakage. Practically, our scheme's "minimizing losses" can be easily expanded to cloud computing by mapping one file part in our scheme to a whole file in cloud computing scenario. The theoretical analysis and experimental evaluation indicate that our scheme meets the requirement in respects of efficiency and security.