T-Proxy -- Confidential Data Protection

T-Proxy: Confidential Data Protection

T-Proxy protects confidential data of apps running in the normal world by storing the plaintext of data in the secure world only. Using reference monitor to check each access to the data to enforce access policies.

Most mobile apps store credentials, like user account and password, on the mobile device to ease the process of login. The passwords stored on the phone can be stolen by an attacker in many ways. For example, an adversary can simply steals passwords from the storage or memory of mobile device with some malicious software. Full-disk encryption does not help since all the passwords still need to be decrypted in memory when being used. Furthermore, a compromised OS will threat all passwords exist in user’s device no matter whether applications encrypt password or force user to input it every time. So, what we need is a method to protect the password from not only the malicious software but also the untrusted operating system. T-proxy comes to the rescue.

Features Of T-Proxy

Confidential Data ONLY in Secure World

T-Proxy ensures that all the plaintext of confidential data exist only in the secure world, even when they are being used. The underlying system tracks the data flow of such data to enforce such restriction. All the accesses to these data are done in the secure world, under the monitoring of the trust kernel. The in and out communications are also ensured to contain zero confidential data.

Transparent to Applications

T-Proxy requires no modification to apps and can support existing apps. Actually, an app will not be aware of the existance of T-Proxy and just runs as normal. The whole data access restriction, network transportation, security monitoring are all done by the system in a totaly transparent way.