TY - JOUR TI - Regulating smart devices in restricted spaces DO - https://doi.org/doi:10.7282/t3-c6kf-j713 PY - 2019 AB - Smart devices have spread everywhere in our daily lives, and the capabilities of smart devices equipped with a variety of sensors and peripherals are increasing. However, these devices can possibly be misused in various environments. For instance, sensitive data in enterprises and federal offices can be leaked by the use of cameras and microphones on smart devices. In classrooms, students can obtain unauthorized information during exams. Moreover, smart devices can be used to take pictures or record videos without permissions in less stringent environments such as gym locker rooms and movie theaters. Therefore, we need methods to prevent these situations instead of ad hoc methods in such restricted spaces. In this dissertation, we focus on how to regulate smart devices in restricted spaces. We propose ARM TrustZone-based solutions to enforce policies on smart devices. In particular, the dissertation makes the following two contributions. First, we present a systematic approach for restricted space hosts to analyze and regulate guest devices using remote memory operations in the restricted space. In our approach, hosts’ policies are enforced by a small trusted computing base that executes on the guest devices. We also show that our approach provides strong security guarantees by leveraging the ARM TrustZone. Second, we propose ForceDroid, a policy enforcement system that provides a higher-level abstraction in the restricted spaces. We leverage Security-Enhanced Linux in Android (SEAndroid) to support fine-grained access control, and use Near field communication (NFC) to securely communicate between guests and hosts. In ForceDroid, predefined policies on guest devices are enforced by hosts’ requests. KW - Computer Science KW - Smartphones KW - Security systems LA - eng ER -