Using Component Isolation to Increase Trust in Mobile Devices

Abstract

Mobile phones pervade virtually every realm of societal interactions ranging from the obvious, communications and mobile payments, to the less obvious use of health monitoring. They also vary in complexity and cost with various offerings including smart, feature or basic phones. But these ubiquitous devices come with security and privacy vulnerabilities that may leave users susceptible to data theft. These vulnerabilities include but are not limited to malicious third party applications, design flaws in operating systems, and risks unintentionally incurred by the device owner through ill-advised use. All of these threats put the user’s data at risk of theft. Motivated by the lack of trust in the way data is stored and processed on personal mobile devices and the potential for data to be mishandled by parties with whom they are shared, this dissertation examines • data leakage channels in modern mobile operating systems and the shortcomings in current approaches to address them, and • the sharing of sensitive data via mobile devices and the shortcomings in current approaches to validate parties with whom data is shared. Our work tackles the lack of trust in mobile devices and the systems that use them from two perspectives – (1) modifying phones by separating components to isolate data belonging to different entities and (2) adding new external hardware to separate trust among users. To concretely explore (1), we study mechanisms to establish trust on mobile devices used for both work and personal purposes. The specific problem we consider relates to how proper isolation and security of both profiles on a single device can be achieved. We propose AppFork, an Android-based platform, which isolates and secures partitions belonging to work and personal profiles. We also address data leakage channels that were identified through the analysis of over 14,000 android apps. In exploring (2), we study how to establish trust as a prelude to sharing information with other parties over a phone call. We propose NoSSN, a solution that provides a privacy preserving two-way authentication scheme for parties communicating over the phone. NoSSN is a phone agnostic and portable solution that provides unforgeable user authentication and replay resistance as security features. NoSSN is designed to be an additional piece of hardware – dongle – that can be attached to any mobile device through the audio jack, to provide secure and isolated profiles among users. We contribute two security protocols based on secret key and elliptic curve crypto implementations in addition to designing and implementing an audio modem. We describe the design, implementation and evaluation of both systems along with detailed discussions to highlight the application of this dissertation in practice. Both systems help lay the foundation for the development of functional and marketable solutions to meet the demands of trust in mobile devices and associated systems. We envision these two solutions influencing the design of future mobile operating systems and usable accessory hardware that bolster trust within and external to the mobile device. Moreover, these works jointly contribute to the body of knowledge seeking to elevate the status of the mobile phone into a more trusted computing and communication platform.