{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,2]],"date-time":"2025-10-02T20:10:32Z","timestamp":1759435832294,"version":"build-2065373602"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62202465"],"award-info":[{"award-number":["62202465"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,23]]},"DOI":"10.1145\/3711875.3729143","type":"proceedings-article","created":{"date-parts":[[2025,10,2]],"date-time":"2025-10-02T19:30:22Z","timestamp":1759433422000},"page":"487-499","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Chameleon: Towards Building Least-privileged TEE via Functionality-based Resource Re-grouping"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-2547-3667","authenticated-orcid":false,"given":"Nan","family":"Jiang","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"},{"name":"School of Cyber Security, University of Chinese Academy of Sciences, beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8565-1923","authenticated-orcid":false,"given":"Qihang","family":"Zhou","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-0581-2903","authenticated-orcid":false,"given":"Feifan","family":"Qian","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"},{"name":"School of Cyber Security, University of Chinese Academy of Sciences, beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9965-0876","authenticated-orcid":false,"given":"Jiayun","family":"Chen","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"},{"name":"School of Cyber Security, University of Chinese Academy of Sciences, beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-7493-6462","authenticated-orcid":false,"given":"Heqing","family":"Huang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8376-3235","authenticated-orcid":false,"given":"Xiaoqi","family":"Jia","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"},{"name":"School of Cyber Security, University of Chinese Academy of Sciences, beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2783-3232","authenticated-orcid":false,"given":"Haichao","family":"Du","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences, beijing, China"}]}],"member":"320","published-online":{"date-parts":[[2025,9,25]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2024. CodeQL. https:\/\/codeql.github.com\/."},{"key":"e_1_3_2_1_2_1","unstructured":"2024. Hafnium. https:\/\/www.trustedfirmware.org\/projects\/hafnium\/."},{"key":"e_1_3_2_1_3_1","unstructured":"A.Danial. 2024. CLOC. https:\/\/github.com\/AlDanial\/cloc."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3081333.3081346"},{"key":"e_1_3_2_1_5_1","unstructured":"ARM. 2024. TrustZone for Cortex-A. https:\/\/developer.arm.com\/Processors\/TrustZone%20for%20Cortex-A#Technical-Specifications."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"Ahmed M Azab Peng Ning Jitesh Shah Quan Chen Rohan Bhutkar Guruprasad Ganesh Jia Ma and Wenbo Shen. 2014. Hypervision across worlds: Real-time kernel protection from the arm trustzone secure world. In CCS.","DOI":"10.1145\/2660267.2660350"},{"key":"e_1_3_2_1_7_1","first-page":"21","article-title":"SKEE: A lightweight Secure Kernel-level Execution Environment for ARM","volume":"16","author":"Azab Ahmed M","year":"2016","unstructured":"Ahmed M Azab and Kirk Swidowski. 2016. SKEE: A lightweight Secure Kernel-level Execution Environment for ARM.. In NDSS, Vol. 16. 21\u201324.","journal-title":"NDSS"},{"key":"e_1_3_2_1_8_1","volume-title":"SANCTUARY: ARMing TrustZone with User-space Enclaves.. In NDSS.","author":"Brasser Ferdinand","year":"2019","unstructured":"Ferdinand Brasser, David Gens, Patrick Jauernig, Ahmad-Reza Sadeghi, and Emmanuel Stapf. 2019. SANCTUARY: ARMing TrustZone with User-space Enclaves.. In NDSS."},{"key":"e_1_3_2_1_9_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Cerdeira David","year":"2022","unstructured":"David Cerdeira, Jos\u00e9 Martins, Nuno Santos, and Sandro Pinto. 2022. {ReZone}: Disarming {TrustZone} with {TEE} Privilege Reduction. In 31st USENIX Security Symposium (USENIX Security 22). 2261\u20132279."},{"key":"e_1_3_2_1_10_1","volume-title":"Sok: Understanding the prevailing security vulnerabilities in trustzone-assisted tee systems. In S&P.","author":"Cerdeira David","year":"2020","unstructured":"David Cerdeira, Nuno Santos, Pedro Fonseca, and Sandro Pinto. 2020. Sok: Understanding the prevailing security vulnerabilities in trustzone-assisted tee systems. In S&P."},{"key":"e_1_3_2_1_11_1","unstructured":"Yeongpil Cho Donghyun Kwon Hayoon Yi and Yunheung Paek. 2017. Dynamic Virtual Address Range Adjustment for Intra-Level Privilege Separation on ARM.. In NDSS."},{"key":"e_1_3_2_1_12_1","volume-title":"2016 USENIX Annual Technical Conference (USENIX ATC 16)","author":"Cho Yeongpil","year":"2016","unstructured":"Yeongpil Cho, Junbum Shin, Donghyun Kwon, MyungJoo Ham, Yuna Kim, and Yunheung Paek. 2016. {Hardware-Assisted}{On-Demand} Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices. In 2016 USENIX Annual Technical Conference (USENIX ATC 16). 565\u2013578."},{"key":"e_1_3_2_1_13_1","unstructured":"cve. 2024. Common Vulnerabilities and Exposures. https:\/\/nvd.nist.gov\/vuln\/search."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"crossref","unstructured":"Nathan Dautenhahn Theodoros Kasampalis Will Dietz John Criswell and Vikram Adve. 2015. Nested kernel: An operating system architecture for intrakernel privilege separation. In ASPLOS.","DOI":"10.1145\/2694344.2694386"},{"key":"e_1_3_2_1_15_1","unstructured":"Eric Evenchick. 2018. RustZone: Writing Trusted Applications in Rust. https:\/\/github.com\/ericevenchick\/rustzone."},{"key":"e_1_3_2_1_16_1","unstructured":"GlobalPlatform. 2024. TEE Management Framework including ASN.1 Profile v1.1.2. https:\/\/globalplatform.org\/specs-library\/tee-management-framework-including-asn1-profile-1-1-2\/."},{"key":"e_1_3_2_1_17_1","volume-title":"12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)","author":"Gu Ronghui","year":"2016","unstructured":"Ronghui Gu, Zhong Shao, Hao Chen, Xiongnan Newman Wu, Jieung Kim, Vilhelm Sj\u00f6berg, and David Costanzo. 2016. {CertiKOS}: An extensible architecture for building certified concurrent {OS} kernels. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). 653\u2013669."},{"key":"e_1_3_2_1_18_1","unstructured":"CJoffrey Guilbon. 2018. Attacking the ARM's TrustZone. https:\/\/blog.quarkslab.com\/attacking-the-arms-trustzone.html."},{"key":"e_1_3_2_1_19_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Hua Zhichao","year":"2017","unstructured":"Zhichao Hua, Jinyu Gu, Yubin Xia, Haibo Chen, Binyu Zang, and Haibing Guan. 2017. {vTZ}: Virtualizing {ARM} {TrustZone}. In 26th USENIX Security Symposium (USENIX Security 17). 541\u2013556."},{"key":"e_1_3_2_1_20_1","unstructured":"jvenn. 2024. jvenn. https:\/\/jvenn.toulouse.inrae.fr\/app\/example.html."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCAD.2015.7372637"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2019.2910861"},{"key":"e_1_3_2_1_23_1","unstructured":"laginimaineb. 2016. Extracting Qualcomm's KeyMaster Keys. https:\/\/bits-please.blogspot.com\/2016\/06\/extracting-qualcomms-keymaster-keys.html."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2742647.2742676"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313808.3313810"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2024.24073"},{"key":"e_1_3_2_1_27_1","unstructured":"Linaro. 2024. Arm Solutions at Lightspeed. Web Page. https:\/\/www.linaro.org\/"},{"key":"e_1_3_2_1_28_1","unstructured":"Linaro. 2024. OP-TEE. https:\/\/github.com\/OP-TEE."},{"key":"e_1_3_2_1_29_1","unstructured":"Linaro. 2024. OP-TEE Xtest Framework. https:\/\/github.com\/OP-TEE\/optee_test."},{"key":"e_1_3_2_1_30_1","unstructured":"linaro mmwg. 2024. OP-TEE DRM media. https:\/\/github.com\/linaro-mmwg\/optee-clearkey-cdmi."},{"key":"e_1_3_2_1_31_1","unstructured":"linaro swg. 2024. OP-TEE acipher. https:\/\/github.com\/linaro-swg\/optee_examples\/tree\/master\/acipher."},{"key":"e_1_3_2_1_32_1","unstructured":"linaro swg. 2024. OP-TEE hotp. https:\/\/github.com\/linaro-swg\/optee_examples\/tree\/master\/hotp."},{"key":"e_1_3_2_1_33_1","unstructured":"linaro swg. 2024. OP-TEE secure_storage. https:\/\/github.com\/linaro-swg\/optee_examples\/tree\/master\/secure_storage."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423360"},{"key":"e_1_3_2_1_35_1","unstructured":"Miraje. 2024. TrustZone-backed-Bitcoin-Wallet. https:\/\/github.com\/Miraje\/TrustZone-backed-Bitcoin-Wallet."},{"key":"e_1_3_2_1_36_1","unstructured":"riscure. 2024. Breaking TEE Security Part 3: Escalating Privileges. https:\/\/www.riscure.com\/blog\/tee-security-samsung-teegris-part-3\/."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_3_2_1_38_1","unstructured":"Di Shen. 2015. Attacking Your Trusted Core. https:\/\/www.blackhat.com\/docs\/us-15\/materials\/us-15-Shen-Attacking-Your-Trusted-Core-Exploiting-Trustzone-On-Android.pdf."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945466"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2006.156"},{"key":"e_1_3_2_1_41_1","unstructured":"Trustonic. 2024. Cybersecurity Standards & Certifications. https:\/\/www.trustonic.com\/certifications\/."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3427228.3427262"},{"key":"e_1_3_2_1_43_1","unstructured":"Huaiyu Yan Zhen Ling Haobo Li Lan Luo Xinhui Shao Kai Dong Ping Jiang Ming Yang Junzhou Luo and Xinwen Fu. [n. d.]. LDR: Secure and Efficient Linux Driver Runtime for Embedded TEE Systems. ([n. d.])."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3210240.3210338"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"crossref","unstructured":"Qihang Zhou Xiaoqi Jia Shengzhi Zhang Nan Jiang Jiayun Chen and Weijuan Zhang. 2022. SecFortress: Securing Hypervisor using Cross-layer Isolation. In IPDPS.","DOI":"10.1109\/IPDPS53621.2022.00029"}],"event":{"name":"MobiSys '25: 23rd Annual International Conference on Mobile Systems, Applications and Services","location":"Hilton Anaheim Anaheim CA USA","acronym":"MobiSys '25","sponsor":["SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing","SIGOPS ACM Special Interest Group on Operating Systems"]},"container-title":["Proceedings of the 23rd Annual International Conference on Mobile Systems, Applications and Services"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3711875.3729143","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,2]],"date-time":"2025-10-02T19:32:28Z","timestamp":1759433548000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3711875.3729143"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,23]]},"references-count":45,"alternative-id":["10.1145\/3711875.3729143","10.1145\/3711875"],"URL":"https:\/\/doi.org\/10.1145\/3711875.3729143","relation":{},"subject":[],"published":{"date-parts":[[2025,6,23]]},"assertion":[{"value":"2025-09-25","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}