Show simple item record

dc.contributor.advisorGanapathy, Vinod
dc.contributor.authorAgarwal, Rounak
dc.date.accessioned2021-10-20T06:01:45Z
dc.date.available2021-10-20T06:01:45Z
dc.date.submitted2021
dc.identifier.urihttps://etd.iisc.ac.in/handle/2005/5439
dc.description.abstractDigital payments using personal electronic devices have been steadily gaining in popularity for the last few years. While digital payments using smartphones are very convenient, they are also more susceptible to security vulnerabilities. Unlike devices dedicated to the purpose of payments (e.g. POS terminals), modern smartphones provide a large attack surface due to the presence of so many apps for various use cases and a complex feature-rich smartphone OS. Because it is the most popular smartphone OS by a huge margin, Android is the primary target of attackers. Although the security guarantees provided by the Android platform have improved significantly with each new release, we still see new vulnerabilities being reported every month. Vulnerabilities in the underlying Linux kernel are particularly dangerous because of their severe impact on app security. To protect against a compromised kernel, some critical functions of the Android platform such as cryptography and local user authentication have been moved to a Trusted Execution Environment (TEE) in the last few releases. But the Android platform does not yet provide a way to protect a user’s confidential input meant for a remote server, or, the server’s confidential output meant for the user, from a compromised kernel. Our work aims to address this gap in Android’s use of TEEs for app security. We have proposed an API that a Trusted App running in a TEE can provide to the untrusted apps running in the REE (Rich Execution Environment).This API will allow app developers to leverage the TEE’s protection for fetching confidential input from and showing confidential output to the user. We have described how this API can be used to implement a secure payment system that can prevent fraudulent transactions even in the presence of a compromised kernel. We have implemented the proposed API on a device with a TEE built on ARM’s TrustZone technology.en_US
dc.language.isoen_USen_US
dc.rightsI grant Indian Institute of Science the right to archive and to make available my thesis or dissertation in whole or in part in all forms of media, now hereafter known. I retain all proprietary rights, such as patent rights. I also retain the right to use in future works (such as articles or books) all or part of this thesis or dissertationen_US
dc.subjectTrusted Hardwareen_US
dc.subjectSecure Paymentsen_US
dc.subjectTEEsen_US
dc.subjectDigital paymentsen_US
dc.subjectcryptographyen_US
dc.subjectTrusted Execution Environmenten_US
dc.subject.classificationResearch Subject Categories::TECHNOLOGYen_US
dc.titleA Trusted-Hardware Backed Secure Payments Platform for Androiden_US
dc.typeThesisen_US
dc.degree.nameMTech (Res)en_US
dc.degree.levelMastersen_US
dc.degree.grantorIndian Institute of Scienceen_US
dc.degree.disciplineEngineeringen_US


Files in this item

This item appears in the following Collection(s)

Show simple item record