Mobile devices such as smartphones and tablets have gradually become an integral part of our daily life due to the increase in their capabilities. The appli- cations running on these devices support vast services in different areas such as communication, entertainment and commerce. Mobile users are increasingly re- lying on these applications to store and process sensitive information (private or corporate). However, this rapid growth in smartphone usage and their evolving capabilities raise many security and privacy concerns.
Android is one of the most popular and widespread used open source op- erating systems for mobile devices. Although, Android presents basic security mechanisms such as sandboxing and a permission framework to protect critical resources, the security area is still underdeveloped. In recent years, a number of security mechanisms (software based and hardware based) have been proposed to improve the security of the Android platform. However, the software based mechanisms protect mobile applications assuming that the mobile operating sys- tem (OS) is a trusted computing base (TCB). To secure mobile services despite the mobile OS being compromised, hardware based security solutions such as Mobile Trusted Module (MTM) and ARM TrustZone have been proposed.
This thesis is focused on the development of secure services on Android-based smartphones. The thesis is about developing novel security mechanisms based on ARM TrustZone.
