Towards A Trusted Mobile Desktop

Today's mobile phone platforms are powerful enough to be used as personal assistants that render and edit even complex document formats However, short development cycles in combination with high complexity and extendability make these devices not secure enough for security-critical tasks Therefore, end-users either have to use another secure device, or to accept the risk of losing sensitive information in the case of a loss of the device or a successful attack against itWe propose a security architecture to operate on security-critical documents using a commercial off-the-shelf (COTS) mobile phone hardware platform offering two working environments The first one is under full control of the user while the second is isolated and restricted by additional security and mobile trusted computing servicesThe realizability of such an architecture has been proven based on a 'TrustedSMS' prototype developed on top of an OMAP-35xx development, board, a hardware plat form similar to many actual mobile phone platforms The prototype includes nearly all components required to securely isolate the two compartments and implements use cases such as SMS writing, signing, receiving; verification, and key management