中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/95610
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41144879      線上人數 : 438
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/95610


    題名: TrustBUF:實作於TF-M的共享緩衝區溝通方法;TrustBUF: A Secure Shared Buffer Communication Method on TF-M
    作者: 黃浩洋;Huang, Hao-Yang
    貢獻者: 資訊工程學系
    關鍵詞: IoT 安全;可信執行環境;TrustZone -M;Trusted Firmware-M;電腦安全;IoT Security;Trusted Execution Environment;TrustZone-M;Trusted Firmware-M;Computer Security
    日期: 2024-07-26
    上傳時間: 2024-10-09 17:05:57 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著生活、工業環境的需求下,Internet of Things(IoT)設備數量正以飛快的速度成長。但也因為IoT的影響與日俱增,現在許多的IoT設備服務需要處理包含安全性敏感的資訊,吸引了攻擊者針對IoT的安全進行破壞。在近年來,Trusted Execution Environment(TEE)安全概念也應用在IoT設備的系統上,其概念是透過將系統區分成安全與非安全兩個世界並將敏感的資訊儲存在安全世界的服務中如加密服務來防止外界的存取。ARM官方將TEE的概念實作在TrustZone-M(TZ-M)並將該功能置入應用於IoT設備的Armv8-M系列處理器中。基於TZ-M,為了提供一個認證的安全標準給更多的微控制器開發者,Trusted Firmware-M(TF-M)架構被引入作為Armv8-M系列處理器的IoT設備提供一定程度的保護。儘管如此,研究人員發現TF-M中存在由非安全世界中的程式傳遞惡意參數到安全世界的服務而導致的軟體漏洞可能會洩露機密。藉由分析相關的安全議題文獻,我們認為這個問題源自於TEE在將系統分成兩個世界後無法完全掌握來自非安全世界的服務呼叫者的性質。因此我們提出了TrustBUF,一種由安全世界處理的共享緩衝區通訊方法來確保兩個世界之間通訊的安全性,同時解決因TEE分割環境的特性所帶來的安全疑慮。為了展示TrustBUF的實用性,我們將系統的雛型實作在搭配了Arm Cortex-M33的STM32L562E-DK開發板上。;With the growing demand in living and industrial environments, the production of Internet of Things (IoT) devices is rapidly increasing. However, numerous IoT devices are now required to process security-related information, attracting attackers who exploit IoT security vulnerabilities. In recent years, the security concept of Trusted Execution Environment (TEE) has also been applied to IoT devices. TEE prevents external access by dividing the system into the Secure World and Normal World, and storing sensitive security information in the Secure World′s service such as the crypto service. ARM implements the TEE concept on TrustZone-M (TZ-M), integrated into the Armv8-M processors widely adopted in IoT devices. On top of the TZ-M, to provide a certified security standard for border MCU developers, the Trusted Firmware-M (TF-M) architecture is introduced as a certain level of protection for IoT devices in the Armv8-M chips family. Despite this, researchers have found software vulnerabilities in TF-M caused by programs in Normal World passing malicious arguments into Secure World′s service that can result in revealing the secret. By analyzing related security issue literature, we found this result originates from TEE′s inability to fully grasp the nature of the service caller from Normal World after dividing the system into two worlds. Therefore, we propose the TrustBUF, a shared buffer communication method handled by Secure World to ensure secure communication between the two worlds while addressing the security issue caused by the TEE intrinsic of dividing the processing environments. To demonstrate the practicality of TrustBUF, we implement the prototype system on the STM32L562E-DK development board with Arm Cortex-M33.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML17檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明