Trusted Operations On Mobile Phones

The widespread use of mobile devices has allowed the development of participatory sensing systems that capture various types of data using the existing sensors on mobile devices in order to upload the data to cloud based services for later use. Gathering data from such sources requires a mechanism to establish trust on the sensor data. For example an application may require a proof of authenticity of sensor readings originating from anonymous sources. Establishment of trust on the sensor data has been addressed in the literature. However, in many cases this sensor data needs to be preprocessed on the device itself before being uploaded to the target server. This processing could include resizing of images, hiding identifiable faces and sensitive data in images, anonymization of GPS data etc. while ensuring the chain of trust from data capture to the delivery of data to the consumer. There is a need for a framework that provides a means to implement arbitrary operations to be performed on trusted sensor data while guaranteeing the authenticity of the data. This paper presents the design and implementation of a framework that allows the capture of trusted sensor data, the development of trusted operations on sensor data, and provides a mechanism for performing predefined trusted operations on the sensor data such that the chain of trust is maintained. Evaluation shows that the performance of the proposed system is reasonable and that the trust guarantees are strong.