TrustControl:Trusted Private Data Usage Control Based on Security Enhanced TrustZone

作     者：Hong Lei Jun Li Suozai Li Ming Huang Jieren Cheng Yirui Bai Xinman Luo Chao Liu 

作者机构：School of Cyberspace Security(School of Cryptology)Hainan UniversityHaikou570228China SSC Holding Company Ltd.Chengmai571924China Oxford-Hainan Blockchain Research InstituteChengmai571924China China Electronics Corporation Hainan Joint Innovation Research Institute Co.LtdChengmai571924China School of Computer Science and TechnologyHainan UniversityHaikou570228China The Blockhouse Technology LimitedOxfordOX26XJUnited Kingdom 

出 版 物：《Computers, Materials & Continua》 (计算机、材料和连续体（英文）)

年 卷 期：2022年第73卷第12期

页      面：5687-5702页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：This work was supported by the National Key R&D Program of China(No.2021YFB2700601) Research Project of Hainan University(No.HD-KYH-2021240) Finance Science and Technology Project of Hainan Province(No.ZDKJ2020009 and ZDKJ2020012) National Natural Science Foundation of China(No.62163011,62162022 and 62162024) Key Projects in Hainan Province(No.ZDYF2021GXJS003 and ZDYF2020040) 

主　　题：TrustZone data usage control privacy security 

摘      要：The past decade has seen the rapid development of data in many *** has enormous commercial potential as a new strategic resource that may efficiently boost technical growth and service ***,individuals are becoming increasingly concerned about data misuse and *** address these issues,in this paper,we propose TrustControl,a trusted data usage control system to control,process,and protect data usage without revealing privacy.A trusted execution environment(TEE)is exploited to process confidential user *** of all,we design a secure and reliable remote attestation mechanism for ARM TrustZone,which can verify the security of the TEE platform and function code,thus guaranteeing data processing ***,to address the security problem that the raw data may be misused,we design a remote dynamic code injection method to regulate that data can only be processed for the expected *** solution focuses on protecting the sensitive data of the data owner and the function code of the data user to prevent data misuse and ***,we implement the prototype system of TrustControl on TrustZone-enabled ***-world experiment results demonstrate that the proposed Trust-Control is secure and the performance overhead of introducing our prototype system is very low.