发布求助
文献互助 智能选刊 最新文献

Scalable Trusted Computing最新文献

筛选
英文 中文
Hardware intrinsic security from D flip-flops 从D触发器的硬件固有安全性
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867644
Vincent van der Leest, G. Schrijen, H. Handschuh, P. Tuyls
{"title":"Hardware intrinsic security from D flip-flops","authors":"Vincent van der Leest, G. Schrijen, H. Handschuh, P. Tuyls","doi":"10.1145/1867635.1867644","DOIUrl":"https://doi.org/10.1145/1867635.1867644","url":null,"abstract":"In this paper we describe the results of our investigations Supported by EU FP7 project UNIQUE on the randomness and reliability of D flip-flops when used as a Physically Unclonable Function (PUF). These D flip-flops are hardware components which present a random start-up value when powered up. We show that against all odds, enough randomness exists in such elements when implemented on an Application-Specific Integrated Circuit (ASIC) to turn the responses of a number of D flip-flops into a secret random sequence allowing to derive keys for use in conjunction with cryptographic algorithms. In addition to being unpredictable, these flip-flops have the advantage that they can be spread over random locations in an ASIC. This makes them very difficult to reverse-engineer when used to hide a secret key in a design at a relatively small cost in resources.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131138447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 111
Using hypervisors to secure commodity operating systems 使用管理程序来保护商品操作系统
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867639
D. Lie, Lionel Litty
{"title":"Using hypervisors to secure commodity operating systems","authors":"D. Lie, Lionel Litty","doi":"10.1145/1867635.1867639","DOIUrl":"https://doi.org/10.1145/1867635.1867639","url":null,"abstract":"Hypervisors are an excellent tool for increasing the security of commodity software against attack. In this paper, we discuss some of the lessons and insights we gained from designing and implementing four research prototypes that use hypervisors to secure commodity systems. We also compare our findings with other approaches to implementing security in a hypervisor","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133760313","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Scalable integrity monitoring in virtualized environments 虚拟化环境中的可伸缩完整性监控
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867647
Kenneth A. Goldman, R. Sailer, D. Pendarakis, D. Srinivasan
{"title":"Scalable integrity monitoring in virtualized environments","authors":"Kenneth A. Goldman, R. Sailer, D. Pendarakis, D. Srinivasan","doi":"10.1145/1867635.1867647","DOIUrl":"https://doi.org/10.1145/1867635.1867647","url":null,"abstract":"Use of trusted computing to achieve integrity guarantees remains limited due to the complexity of monitoring a large set of systems, the required changes to guest operating systems, and, e.g., relay attacks or time of measurement to time of reporting attacks. Datacenters with virtualization must scale to manage large numbers of virtual machines. We suggest an extension to virtualized trusted platform modules that significantly reduces the complexity of software attestation. It enables efficient event-based monitoring of a large number of virtual machines and eliminates attacks on the currently used attestation protocol. It targets patch and configuration management and audit. The virtual TPM extension requires only 700 lines of additional code. Our experiments confirm that this approach has very low performance overhead and is comparable to other resource monitoring tools.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114398402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
The road to trustworthy systems 通往可信赖系统之路
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867638
G. Heiser, June Andronick, Kevin Elphinstone, G. Klein, I. Kuz, L. Ryzhyk
{"title":"The road to trustworthy systems","authors":"G. Heiser, June Andronick, Kevin Elphinstone, G. Klein, I. Kuz, L. Ryzhyk","doi":"10.1145/1867635.1867638","DOIUrl":"https://doi.org/10.1145/1867635.1867638","url":null,"abstract":"Computer systems are routinely deployed in life- and mission-critical situations, yet their security, safety or dependability can in most cases not be assured to the degree warranted by the application. In other words, trusted computer systems are rarely really trustworthy.\u0000 We believe that this is highly unsatisfactory, and have embarked on a large research program aimed at bringing reality in line with expectations. In this paper we describe NICTA's research agenda for achieving true trustworthiness in systems. We report on what has been achieved to date, and what our plans are for the next 3-5 years.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"580 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115974577","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Separating hypervisor trusted computing base supported by hardware 分离由硬件支持的hypervisor可信计算基础
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867648
C. Gebhardt, Chris I. Dalton, A. Tomlinson
{"title":"Separating hypervisor trusted computing base supported by hardware","authors":"C. Gebhardt, Chris I. Dalton, A. Tomlinson","doi":"10.1145/1867635.1867648","DOIUrl":"https://doi.org/10.1145/1867635.1867648","url":null,"abstract":"In this paper we explore how recent advances in virtualisation support for commodity hardware could be utilised to reduce the Trusted Computing Base (TCB) and improve the code separation of a hypervisor. To achieve this, we reassess on the definition of the TCB and illustrate how segregation of different code blocks could be enforced by hardware protection mechanisms. We argue that many software-based efforts in TCB reduction and separation can benefit from utilising those hardware capabilities.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127185342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Implementing an application-specific credential platform using late-launched mobile trusted module 使用最新推出的移动可信模块实现特定于应用程序的凭据平台
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867641
Sven Bugiel, Jan-Erik Ekberg
{"title":"Implementing an application-specific credential platform using late-launched mobile trusted module","authors":"Sven Bugiel, Jan-Erik Ekberg","doi":"10.1145/1867635.1867641","DOIUrl":"https://doi.org/10.1145/1867635.1867641","url":null,"abstract":"Contemporary trusted execution environments provide a good foundation for implementing secure user credentials, but these are not properly bound to the application instances that implement their use. This paper introduces a framework for application-specific credentials and provides a prototype implementation using TCG MTM and DRTM technologies. Measurements and a security analysis is presented for the realised architecture.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120954196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Small, stupid, and scalable: secure computing with faerieplay 小,笨,可扩展:安全计算与游戏
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867643
A. Iliev, Sean W. Smith
{"title":"Small, stupid, and scalable: secure computing with faerieplay","authors":"A. Iliev, Sean W. Smith","doi":"10.1145/1867635.1867643","DOIUrl":"https://doi.org/10.1145/1867635.1867643","url":null,"abstract":"How can Agnes trust a computation C occurring at Boris's computer? In particular, how can Agnes can trust that C is occurring without Boris even being able to observe its internal state? One way is for Agnes to house C in a strong tamper-protected secure coprocessor at Boris's site. However, this approach is not scalable: neither in terms of computation - once C gets larger than the coprocessor, it becomes vulnerable to Boris again - nor in terms of cost. In this paper, we report on our Faerieplay project: rather than worrying about the limited size of a secure coprocessor, we try to make it as small as possible, with limited RAM and CPU. We start with the Fairplay work of Malkhi et al on implementing Yao's blinded-circuit solution to secure multiparty computation with software - this permits Agnes to trust C, but is too inefficient for all but small C. We then use our own prior work on using trusted third parties for practical Private Information Retrieval to design and prototype tiny trusted third parties (TTTPs) that substantially reduce the overhead involved in blind circuit evaluation.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121195955","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Trusted virtual containers on demand 可信任的虚拟容器
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867645
Katelin Bailey, Sean W. Smith
{"title":"Trusted virtual containers on demand","authors":"Katelin Bailey, Sean W. Smith","doi":"10.1145/1867635.1867645","DOIUrl":"https://doi.org/10.1145/1867635.1867645","url":null,"abstract":"TPM-based trusted computing aspires to use hardware and cryptography to provide a remote relying party with assurances about the trustworthiness of a computing environment. However, standard approaches to trusted computing are hampered in the areas of scalability, expressiveness, and flexibility. This paper reports on our research project to address these limitations by using TPMs inside OpenSolaris: our kernel creates lightweight containers on demand, and uses DTrace and other tools to extend attestation to more nuanced runtime properties. We illustrate this work with prototype application scenarios from cyber infrastructure operating the U.S. power grid.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134235665","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Trusted virtual domains on OpenSolaris: usable secure desktop environments OpenSolaris上的可信虚拟域:可用的安全桌面环境
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867650
Hans Löhr, T. Pöppelmann, Johannes Rave, Martin Steegmanns, M. Winandy
{"title":"Trusted virtual domains on OpenSolaris: usable secure desktop environments","authors":"Hans Löhr, T. Pöppelmann, Johannes Rave, Martin Steegmanns, M. Winandy","doi":"10.1145/1867635.1867650","DOIUrl":"https://doi.org/10.1145/1867635.1867650","url":null,"abstract":"Trusted Virtual Domains (TVDs) are a security concept to create separated domains over virtual and physical platforms. Since most existing TVD implementations focus on servers and data centers, there are only few efforts on secure desktop environments. To fill this gap, we present in this paper an implementation of TVDs based on the OpenSolaris operating system. We leverage several of its existing features (e.g., lightweight virtualization, security labels and a secure graphical user interface) and extend OpenSolaris with components for automated management and policy enforcement to create a usable desktop implementation of TVDs. This includes the transparent encryption of external storage and home directories of users, restriction of copy-and-paste according to the TVD policy, efficient deployment of images for user environments, and a central management interface for the administration. Our system enables organizations to securely separate different work flows with sensitive data from each other and from untrusted environments.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124850131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Towards customizable, application specific mobile trusted modules 面向可定制的、特定于应用程序的移动可信模块
Scalable Trusted Computing Pub Date : 2010-10-04 DOI: 10.1145/1867635.1867642
Kurt Dietrich, Johannes Winter
{"title":"Towards customizable, application specific mobile trusted modules","authors":"Kurt Dietrich, Johannes Winter","doi":"10.1145/1867635.1867642","DOIUrl":"https://doi.org/10.1145/1867635.1867642","url":null,"abstract":"Two different security extensions of mobile platforms for hosting Mobile Trusted Module (MTM) functionality have been introduced in recent years: the ARM TrustZone processor extension and Secure Elements. Both approaches can host MTMs which are typically designed as a static and fixed set of functions. However, with the increasing number of supported functions, the complexity of these MTMs is being raised and with it the resource requirements on the hosting security extension. Disembedding MTM functionality and dynamic loading of TPM commands can be a solution to reduce these requirements. In order to address this problem, we propose and analyze two approaches for providing modular, customizable MTM functionality which are based on currently available cell phones' security extensions. We propose two architectures in order to overcome the resource limitations of existing approaches and show how secure and dynamic command loading architectures can be established with the ARM TrustZone extension and Secure Elements.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121851036","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信