The emergence of powerful, sensor-rich devices has spawned the development of continuous authentication (CA) schemes on commodity hardware, where user behaviour is compared to past experience to produce an authentication decision, with the aim of addressing challenges with traditional authentication schemes. Current CA proposals, however, have largely neglected adversaries present in real-world deployments, namely the ubiquity of malware and arbitrary software attacks. This has particular importance when a device cannot be trusted by a third-party, e.g. a corporation, that controls access to assets based on CA decisions. A software compromise, either on the platform or scheme implementation, may enable the modification of authentication scores, gain insights into user behavioural patterns, or gain unauthorised access to restricted assets. For the first time, we examine two standardised constructs that offer isolated and trusted execution -- Secure Elements (SEs) and Trusted Execution Environments (TEEs) -- even when an adversary has root-level privileges for protecting CA schemes while retaining deployability. Based on these, we implement the first system for evaluating TEE-based CA on a consumer mobile device using Intel SGX -- providing confidentiality, integrity and trust assurances over untrusted world implementations. We present an evaluation of TEE- and non-TEE performance using methods proposed in related work. The results indicate that trusted CA can be performed in an efficient fashion while removing the main platform from the TCB.
展开▼
