現今的智慧及 IoT 裝置擁有各式各樣的感測器和硬體周邊,使得它們能夠以非常低廉的成本蒐集和傳輸敏感資料或資訊。然而,基於隱私問題,我們可能希望避免這些數據被蒐集。例如禁止在會議期間進行影像或是語音錄製。因此,在裝置中控制周邊的可取存性在這些情況下就變得非常重要。此外,裝置的使用者是不可信任的。人們可能故意違反規則或法規,未經同意拍攝照片、影像或語音等。為了解決這些問題,我們提出了 SeFence,一種可信任的硬體周邊存取控制。SeFence 能夠根據來自可信任的感測器的輸入自動判定在 REE 中的 Rich OS 是否能夠存取特定的周邊。此外,整個過程受到了 ARM TrustZone 所提供的硬體隔離環境保護。;Smart or IoT devices in modern days carries all kinds of sensors and peripherals which makes them capable of collecting and transmitting sensitive data or information with a very low cost. However, we may want to prevent these data from being collected due to privacy concerns. Like forbidding video or voice recording during a meeting or a conference. And that′s why controlling accessibility of peripherals in a devices could be very useful under such circumstances. Moreover, device users cannot be trusted. People may violate rules or regulations deliberately to take photos, videos or voice footage without consent. To address these concerns, we propose SeFence, a trusted hardware peripheral access control. SeFence is able to determine whether Rich OS in REE has access to specific peripheral automatically based on input from trusted sensors. Furthermore, the whole process is protected by hardware isolation which is guaranteed by ARM TrustZone.
