Code White: A Signed Code Protection Mechanism for Smartphones

Author

Joseph M. Hinson IV

Date of Award

9-10-2010

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Electrical and Computer Engineering

First Advisor

Rusty O. Baldwin, PhD

Abstract

This research develops Code White, a hardware-implemented trusted execution mechanism for the Symbian mobile operating system. Code White combines a signed whitelist approach with the execution prevention technology offered by the ARM architecture. Testing shows that it prevents all untrusted user applications from executing while allowing all trusted applications to load and run. Performance testing in contrast with an unmodified Symbian system shows that the difference in load time increases linearly as the application file size increases. The predicted load time for an application with a one megabyte code section remains well below one second, ensuring uninterrupted experience for the user. Smartphones have proven to be invaluable to military, civic, and business users due in a large part to their ability to execute code just like any desktop computer can. While many useful applications have been developed for these users, numerous malicious programs have also surfaced. And while smartphones have desktop-like capabilities to execute software, they do not have the same resources to scan for malware. More efficient means, like Code White, which minimize resource usage are needed to protect the data and capabilities found in smartphones.

AFIT Designator

AFIT-GCO-ENG-10-10

DTIC Accession Number

ADA529448

Recommended Citation

Hinson, Joseph M. IV, "Code White: A Signed Code Protection Mechanism for Smartphones" (2010). Theses and Dissertations. 1987.
https://scholar.afit.edu/etd/1987