Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Implementing Android Tamper-Resistant Secure Storage in Virtualization

Linux Foundation via YouTube

Overview

Learn how to implement Android tamper-resistant secure storage and secure it in virtualization environments. Explore the full software stack of storage services based on RPMB in eMMC flash devices, including key generation, hardware root binding, and factory key provisioning. Discover secure storage virtualization architecture in ACRN hypervisor, focusing on creating root sub-keys for guest data encryption, building a "one-vm, two-world" TEE protection system, and isolating memory between guest TEE worlds and the hypervisor. Gain insights into authenticated write access, VT-TEE/Trusty in Android, and various secure storage types. Delve into ACRN hypervisor architecture, confidentiality measures, and SEED/SSEK derivation techniques for enhanced security in virtualized environments.

Syllabus

Intro
Agenda Problem Statement
Technical Details / Characteristics
How it works (Example: authenticated write access)
VT-TEE/Trusty in Android (Two-VM)
Android Secure Storage (SS)
SS/TP : Tamper-Proof Secure storage
SS/TD: Tamper-Detection Secure storage
ACR Hypervisor Architecture
Secure Storage Virtualization - Confidentiality
ACRN Hypervisor SEED/SSEK Derivation
Conclusion
Future Considerations

Taught by

Linux Foundation

Reviews

Start your review of Implementing Android Tamper-Resistant Secure Storage in Virtualization

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.