Open Access iconOpen Access

ARTICLE

TrustControl: Trusted Private Data Usage Control Based on Security Enhanced TrustZone

Hong Lei1,2,3, Jun Li1,*, Suozai Li4, Ming Huang4, Jieren Cheng5, Yirui Bai1, Xinman Luo1, Chao Liu6

1 School of Cyberspace Security (School of Cryptology), Hainan University, Haikou, 570228, China
2 SSC Holding Company Ltd., Chengmai, 571924, China
3 Oxford-Hainan Blockchain Research Institute, Chengmai, 571924, China
4 China Electronics Corporation Hainan Joint Innovation Research Institute Co. Ltd, Chengmai, 571924, China
5 School of Computer Science and Technology, Hainan University, Haikou, 570228, China
6 The Blockhouse Technology Limited, Oxford, OX2 6XJ, United Kingdom

* Corresponding Author: Jun Li. Email: email

Computers, Materials & Continua 2022, 73(3), 5687-5702. https://doi.org/10.32604/cmc.2022.030995

Abstract

The past decade has seen the rapid development of data in many areas. Data has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service innovation. However, individuals are becoming increasingly concerned about data misuse and leaks. To address these issues, in this paper, we propose TrustControl, a trusted data usage control system to control, process, and protect data usage without revealing privacy. A trusted execution environment (TEE) is exploited to process confidential user data. First of all, we design a secure and reliable remote attestation mechanism for ARM TrustZone, which can verify the security of the TEE platform and function code, thus guaranteeing data processing security. Secondly, to address the security problem that the raw data may be misused, we design a remote dynamic code injection method to regulate that data can only be processed for the expected purpose. Our solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and leakage. Furthermore, we implement the prototype system of TrustControl on TrustZone-enabled hardware. Real-world experiment results demonstrate that the proposed TrustControl is secure and the performance overhead of introducing our prototype system is very low.

Keywords


Cite This Article

H. Lei, J. Li, S. Li, M. Huang, J. Cheng et al., "Trustcontrol: trusted private data usage control based on security enhanced trustzone," Computers, Materials & Continua, vol. 73, no.3, pp. 5687–5702, 2022.



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1308

    View

  • 459

    Download

  • 0

    Like

Share Link