发布求助
文献互助 智能选刊 最新文献

Scalable Trusted Computing最新文献

筛选
英文 中文
Trusting the open latent IC backdoors 相信开放的潜在IC后门
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046584
F. Koushanfar
{"title":"Trusting the open latent IC backdoors","authors":"F. Koushanfar","doi":"10.1145/2046582.2046584","DOIUrl":"https://doi.org/10.1145/2046582.2046584","url":null,"abstract":"Since the Integrated Circuits (ICs) form the core computing and communication kernels for the personal computing, industries, governments and defense in the modern era, ensuring IC trust -- in the presence of untrusted third-party foundries and unidentified supply chains -- has become a major challenge. The prohibitive cost of manufacturing state-of-the-art ICs in nano-meter scales has made the use of contract foundries and third party Intellectual Property (IP) the dominant microelectronics business practice. The hidden backdoors into the chips are a double-edge sword. On one hand, the clandestine backdoors embedded by the reliable designers or trusted supply chain providers enable tracking or having post-fabrication control of the ICs on the production line and while in-use. On the other hand, the latent backdoors (a.k.a., Trojans) implanted by the untrusted third-party manufacturer or unknown supply chain entities enable the potential external adversaries to control, monitor, or to spy the chip software/data contents and communications.\u0000 In this talk, we question the contemporary IC backdoor research model directed by interested organizations, primarily defense and government. The talk then suggests better understanding of the hidden backdoor disclosure models to improve the quality and impact of the IC Trust research.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"198 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114749827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Scalable trust establishment with software reputation 可扩展的信任建立与软件声誉
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046587
Sven Bugiel, Lucas Davi, Steffen Schulz
{"title":"Scalable trust establishment with software reputation","authors":"Sven Bugiel, Lucas Davi, Steffen Schulz","doi":"10.1145/2046582.2046587","DOIUrl":"https://doi.org/10.1145/2046582.2046587","url":null,"abstract":"Users and administrators are often faced with the choice between different software solutions, sometimes even have to assess the security of complete software systems. With sufficient time and resources, such decisions can be based on extensive testing and review. However, in practice this is often too expensive and time consuming.\u0000 In this paper, we present a pragmatic, but scalable approach for the trustworthiness assessment of software programs based on their security history. The approach can be used to, e.g. automatically sort programs in an App store by their security record or to assess the trustworthiness of complex software systems in remote attestation schemes. Our prototype implementation for the popular Debian GNU/Linux system achieves good prediction accuracy for individual programs as well as entire systems.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"2005 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128296121","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Achieving attestation with less effort: an indirect and configurable approach to integrity reporting 以更少的努力实现认证:一种间接和可配置的完整性报告方法
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046589
J. Huh, Hyoungshick Kim, J. Lyle, Andrew P. Martin
{"title":"Achieving attestation with less effort: an indirect and configurable approach to integrity reporting","authors":"J. Huh, Hyoungshick Kim, J. Lyle, Andrew P. Martin","doi":"10.1145/2046582.2046589","DOIUrl":"https://doi.org/10.1145/2046582.2046589","url":null,"abstract":"This paper proposes an indirect attestation paradigm for verifying the trustworthiness of end user platforms. This approach overcomes several criticisms of attestation by maintaining the user's freedom to choose their own software configurations and minimising the whitelist management overhead for the relying party. Each user platform defines its own acceptable software combination in terms of reference integrity measurements, and reports the local verification results to the relying party through a late-launched, trusted Platform Trust Service. The relying party simply checks this verification result and a security meta-policy that has been used to ensure the quality of the security checks performed locally. The Platform Trust Service is also responsible for reporting whether this meta-policy is satisfied. By configuring the meta-policy, the relying party selects an indirect attestation paradigm that best meets their high-level security requirements.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130047864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Logically reconfigurable PUFs: memory-based secure key storage 逻辑上可重构的puf:基于内存的安全密钥存储
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046594
Ilze Eichhorn, Patrick Koeberl, Vincent van der Leest
{"title":"Logically reconfigurable PUFs: memory-based secure key storage","authors":"Ilze Eichhorn, Patrick Koeberl, Vincent van der Leest","doi":"10.1145/2046582.2046594","DOIUrl":"https://doi.org/10.1145/2046582.2046594","url":null,"abstract":"The security of hardware is essential to the prevention of cloning, theft of service and tampering, and therefore to revenue preservation. An important component of hardware security is secure key storage. The level of security provided by a key is dependent upon the effort required from an attacker to compromise the key. Since the sophistication of tools used to carry out such attacks has increased significantly, protection of traditional key storage approaches, like storing a key in non-volatile memory (NVM), decreases. To fight these attacks Hardware Intrinsic Security (HIS) can be used. An example of HIS are Physically Unclonable Functions (PUFs). In this paper we introduce a new logically reconfigurable PUF (LR-PUF), based on a memory-based PUF. This LR-PUF uses the physical properties of a PUF combined with state information that is stored in NVM. Even though this implementation requires NVM, we will prove that the LR-PUF provides significantly more security than simply storing a key in NVM. The reason for this is that reading the information in NVM will not allow an attacker to derive any information on the key","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133703282","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 53
Trusted virtual domains on OKL4: secure information sharing on smartphones OKL4可信虚拟域:智能手机安全信息共享
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046592
Lucas Davi, A. Dmitrienko, Christoph Kowalski, M. Winandy
{"title":"Trusted virtual domains on OKL4: secure information sharing on smartphones","authors":"Lucas Davi, A. Dmitrienko, Christoph Kowalski, M. Winandy","doi":"10.1145/2046582.2046592","DOIUrl":"https://doi.org/10.1145/2046582.2046592","url":null,"abstract":"The flexibility and computing power of modern smartphones to install and execute various applications allows for a rich user experience but also imposes several security concerns. Smartphones that are used both for private and corporate purposes do not separate the data and applications of different security domains, and users are usually too unskilled to deploy and configure extra security mechanisms. Hence, data leakage and unwanted information flow may occur.\u0000 In this paper we present the design and implementation of the Trusted Virtual Domain (TVD) security architecture for smartphones. The TVD concept separates data and applications of different security domains and automates the security configuration on devices. In particular, we build our solution on top of the OKL4 microkernel, which provides the basic isolation properties, and extend it with a framework that realizes the TVD policy enforcement for Android operating systems. Our results show that the TVD security architecture can be built and used on modern smartphones, but there are also limitations that current security kernels like OKL4 have to address to improve the user experience.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"182 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124263048","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
On scalability of remote attestation 论远程认证的可扩展性
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046588
Emanuele Cesena, G. Ramunno, Roberto Sassu, Davide Vernizzi, A. Lioy
{"title":"On scalability of remote attestation","authors":"Emanuele Cesena, G. Ramunno, Roberto Sassu, Davide Vernizzi, A. Lioy","doi":"10.1145/2046582.2046588","DOIUrl":"https://doi.org/10.1145/2046582.2046588","url":null,"abstract":"Among the problems of binary remote attestation, scalability has often been mentioned in literature because a verifier must know all possible measurements considered acceptable. In this paper, we show that scalability is a manageable issue when attesting a Linux distribution. The main issues remain identifying, with low time impact, the scripts executed, the configuration of components and other files types.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129170738","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Are hardware performance counters a cost effective way for integrity checking of programs 硬件性能计数器是程序完整性检查的一种经济有效的方法吗
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046596
Corey Malone, M. Zahran, R. Karri
{"title":"Are hardware performance counters a cost effective way for integrity checking of programs","authors":"Corey Malone, M. Zahran, R. Karri","doi":"10.1145/2046582.2046596","DOIUrl":"https://doi.org/10.1145/2046582.2046596","url":null,"abstract":"In this paper, we propose to use hardware performance counters (HPC) to detect malicious program modifications at load time (static) and at runtime (dynamic). HPC have been used for program characterization and testing, system testing and performance evaluation, and as side channels. We propose to use HPCs for static and dynamic integrity checking of programs.. The main advantage of HPC-based integrity checking is that it is almost free in terms of hardware cost; HPCs are built into almost all processors. The runtime performance overhead is minimal because we use the operating system for integrity checking, which is called anyway for process scheduling and other interrupts. Our preliminary results confirm that HPC very efficiently detect program modifications with very low cost.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122669152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 104
RepCloud: achieving fine-grained cloud TCB attestation with reputation systems RepCloud:通过信誉系统实现细粒度的云TCB认证
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046586
Anbang Ruan, Andrew P. Martin
{"title":"RepCloud: achieving fine-grained cloud TCB attestation with reputation systems","authors":"Anbang Ruan, Andrew P. Martin","doi":"10.1145/2046582.2046586","DOIUrl":"https://doi.org/10.1145/2046582.2046586","url":null,"abstract":"Security concerns for emerging cloud computing models have become the focus of much research, but little of this targets the underlying infrastructure. Trusted Cloud proposals generally assert that the Trusted Computing Base (TCB) of the cloud should be clearly defined and attested to. However, specific characteristics of trust in the cloud make such solutions difficult to implement in an effective and practical way. We present RepCloud, a reputation system for managing decentralised attestation metrics in the cloud. We observe that as being deterministic and tamper-proof, trust evidence generated by the TCG framework can be efficiently transmitted within the cloud. In a web of nodes with high connectivity and mutual-attestation frequency, corrupted nodes can be identified effectively. By modelling this web with RepCloud, we achieved a fine-grained cloud TCB attestation scheme with high confidence for trust. Cloud users can determine the security properties of the exact nodes that may affect the genuine functionalities of their applications, without obtaining much internal information of the cloud. Experiments showed that besides achieved fine-grained attestation RepCloud still incurred lower trust management overhead than existing trusted cloud proposals.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122715124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Credential life cycle management in open credential platforms (short paper) 开放凭证平台中的凭证生命周期管理(短文)
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046595
Kari Kostiainen, N. Asokan
{"title":"Credential life cycle management in open credential platforms (short paper)","authors":"Kari Kostiainen, N. Asokan","doi":"10.1145/2046582.2046595","DOIUrl":"https://doi.org/10.1145/2046582.2046595","url":null,"abstract":"Hardware-based trusted execution environments (TEEs) allow remote provisioning of secure credentials. In a closed credential platform installation of credentials to a TEE is controlled by a centralized authority. Due to the central control point credential life cycle management in closed credential platforms is straight-forward to implement, but credential installation is limited to credentials approved by the control point. Open credential platforms allow free credential provisioning by any credential issuer, but subsequent credential life cycle management is more challenging to realize. In this paper we identify requirements for credential life cycle management and outline a model that meets the needs of both credential issuers and end users. We compare credential life cycle management in open and closed platforms, and conclude that contrary to a common perception open provisioning model does not have to imply reduced security or usability in subsequent credential management.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127075817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Identity verification schemes for public transport ticketing with NFC phones 使用NFC电话进行公共交通票务的身份验证方案
Scalable Trusted Computing Pub Date : 2011-10-17 DOI: 10.1145/2046582.2046591
Sandeep Tamrakar, Jan-Erik Ekberg, N. Asokan
{"title":"Identity verification schemes for public transport ticketing with NFC phones","authors":"Sandeep Tamrakar, Jan-Erik Ekberg, N. Asokan","doi":"10.1145/2046582.2046591","DOIUrl":"https://doi.org/10.1145/2046582.2046591","url":null,"abstract":"Public transport ticketing with mobile phones has in recent years become a possible reality as the standards for Near-Field Communications (NFC) are being taken up in mass transport ticketing, and the use of contactless smartcards for small value payments like ticketing is as well being deployed. We examine the feasibility of using mobile phone with a hardware Trusted Execution Environment for identity verification of transport ticketing with a perspective focusing on security and performance. We provide measurements based on an implementation in contemporary mobile phone hardware, and discuss our results by comparing with other proposed identity-verification ticketing solutions in light of the constraints set by usability and practical considerations as indicated by transport authorities.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"476 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126408206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信