Mobile Roots of Trust
In this Small Business Innovative Research (SBIR) award funded by the Department of Homeland Security, Galois is investigating methods to provide secure yet practical methods for mobile devices to authenticate to critical systems.
To meet the critical security needs of the Department of Homeland Security and others, we propose two methods for providing a secure root of trust for mobile devices. One method is designed to integrate as easily into existing systems, while the other requires deeper integration but provides correspondingly stronger security. The keys to our work are practicality and integration: practicality to ensure our system applies to current- and near-term mobile devices, and integration to allow for a smooth transition path to mobile device manufacturers. In this project, we are working on not only the technical path to implementation for these two approaches, but also the business, legal, and political steps required to bring root of trust technology to market. Once in place, root of trust technology can be used as a strong basis for implementing other key mobile security solutions, such as secure data at rest, secure data in transit, secure authentication, and mobile device management.