Security Model Based On Trusted Execution Environment

In the age of information technology,the users frequently send and receive information through mobile devices.However,the side effect is also clear.It is a serious challenge to guarantee the security of data and prevent malicious applications from accessing and destroying private data.This thesis proposes a security model based on Trusted Execution Environment(TEE)to protect users' sensitive data.Firstly,to guarantee the access security and data security in the local end,a data-slice secure access model based on TEE is proposed.This scheme can prevent the malicious users or malicious applications from illegally accessing private files by verifying and authenticating user applications.In our approach,the private file is divided into a large number of pieces and separately encrypts them to avoid the massive leakage of information.Secondly,to mitigate the burden of local storage,private files are usually outsourced to the cloud platform,which leads to the insecurity of the outsourced data.To handle this tension,we propose an access control security model for data sharing in clouds based on Ciphertext-Policy Attribute-Based Encryption(CPABE)algorithm,in which CPABE and TEE are adopted to achieve fine-grained access control and provide a trusted storage and execution environment respectively.We optimize the storage and time overhead of CPABE algorithm by employing the "AND-gate" access control strategy.The experimental result shows that our scheme has a certain degree of safety and efficiency.