{"title":"公共平台私有计算的加密密钥保护","authors":"Thomas H. Morris, S. Nair","doi":"10.1109/PERCOM.2009.4912897","DOIUrl":null,"url":null,"abstract":"Private Computing on Public Platforms (PCPP) is a new technology designed to enable secure and private execution of applications on remote, potentially hostile, public platforms. PCPP must secure its encryption keys to ensure that application isolation is robust and reliable. To this end we offer a protection scheme for PCPP encryption keys. In this paper we first discuss a commonly used key storage mechanism, the Linux Key Retention Service (LKRS) and show a method for defeating this protection allowing one user to read the LKRS stored keys from another user's processes. We then describe our PCPP key protection methodology and how it interacts with the other PCPP building blocks to isolate encryption keys even from privileged users.","PeriodicalId":322416,"journal":{"name":"2009 IEEE International Conference on Pervasive Computing and Communications","volume":"226 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-03-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Encryption Key protection for Private Computing on Public Platforms\",\"authors\":\"Thomas H. Morris, S. Nair\",\"doi\":\"10.1109/PERCOM.2009.4912897\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Private Computing on Public Platforms (PCPP) is a new technology designed to enable secure and private execution of applications on remote, potentially hostile, public platforms. PCPP must secure its encryption keys to ensure that application isolation is robust and reliable. To this end we offer a protection scheme for PCPP encryption keys. In this paper we first discuss a commonly used key storage mechanism, the Linux Key Retention Service (LKRS) and show a method for defeating this protection allowing one user to read the LKRS stored keys from another user's processes. We then describe our PCPP key protection methodology and how it interacts with the other PCPP building blocks to isolate encryption keys even from privileged users.\",\"PeriodicalId\":322416,\"journal\":{\"name\":\"2009 IEEE International Conference on Pervasive Computing and Communications\",\"volume\":\"226 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-03-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 IEEE International Conference on Pervasive Computing and Communications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PERCOM.2009.4912897\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 IEEE International Conference on Pervasive Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PERCOM.2009.4912897","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Encryption Key protection for Private Computing on Public Platforms
Private Computing on Public Platforms (PCPP) is a new technology designed to enable secure and private execution of applications on remote, potentially hostile, public platforms. PCPP must secure its encryption keys to ensure that application isolation is robust and reliable. To this end we offer a protection scheme for PCPP encryption keys. In this paper we first discuss a commonly used key storage mechanism, the Linux Key Retention Service (LKRS) and show a method for defeating this protection allowing one user to read the LKRS stored keys from another user's processes. We then describe our PCPP key protection methodology and how it interacts with the other PCPP building blocks to isolate encryption keys even from privileged users.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
