(A Secure Data Management Framework based on ARM TrustZone for Cloud Storage Services)

Today, anyone can have multiple mobile devices like smart phones and tablet PCs, and also can handle variety of user data at any time, in any place. For efficiently sharing or synchronizing the user data across multiple devices, many people are using cloud storage services. Although cloud storages provide flexibility and scalability in storing data, security issues should be handled especially when mobile devices try to access data stored in cloud storage. Currently, typical cloud storage services offer data encryption for security purpose but we think such method is not secure enough. Because we recognized that managing encryption keys by software and identifying users by simple ID and password are main defectives of current cloud storage services. In this paper, we propose a secure data access method to cloud storage in mobile environment. Our framework supports hardware-based key management, attestation on the client software integrity, and secure key sharing across the multiple devices. To achieve these features, we implemented our prototype based on ARM TrustZone technology[10] and TPM emulator[1, 2] which is running on secure world of the TrustZone environment.