TrustControl: Trusted Private Data Usage Control Based on Security Enhanced TrustZone

The past decade has seen the rapid development of data in many areas. Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation. However, individuals are becoming increasingly concerned about data misuse and leaks. To address these issues, in this paper, we propose TrustControl, a trusted data usage control system to control, process, and protect data usage without revealing privacy. A trusted execution environment (TEE) is exploited to process confidential user data. First of all, we design a secure and reliable remote attestation mechanism for ARM TrustZone, which can verify the security of the TEE platform and function code, thus guaranteeing data processing security. Secondly, to address the security problem that the raw data may be misused, we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose. Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage. Furthermore, we implement the prototype system of TrustControl on TrustZone-enabled hardware. Real-world experiment results demonstrate that the proposed TrustControl is secure and the performance overhead of introducing our prototype system is very low.