一个硬件辅助的概念验证，用于不受信任的操作系统上的安全VoIP客户端

2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14) Pub Date : 2014-12-01 DOI:10.1109/ReConFig.2014.7032489

Maik Ender, Gerd Duppmann, A. Wild, T. Pöppelmann, T. Güneysu

{"title":"一个硬件辅助的概念验证，用于不受信任的操作系统上的安全VoIP客户端","authors":"Maik Ender, Gerd Duppmann, A. Wild, T. Pöppelmann, T. Güneysu","doi":"10.1109/ReConFig.2014.7032489","DOIUrl":null,"url":null,"abstract":"In this work we propose a secure architecture for Voice-over-IP (VoIP) that encapsulates all security and privacy critical components and I/O functions into secure hardware and thus drastically reduces the underlying trusted computing base. Our proof-of-concept implementation shows that high security and reliance on established standards and software (e.g., device drivers, transmission control, and protocols) to keep development costs down are no contradiction. Security is ensured as all security and privacy critical operations of the VoIP system are performed in protected hardware and as a consequence a successful attack on any software component (e.g., buffer overflow) does not lead to a violation of security. All I/O devices like microphones, speakers, displays, and dial buttons are directly connected to the secure hardware and cannot be controlled by an adversary even if the software part has been compromised.","PeriodicalId":137331,"journal":{"name":"2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14)","volume":"04 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A hardware-assisted proof-of-concept for secure VoIP clients on untrusted operating systems\",\"authors\":\"Maik Ender, Gerd Duppmann, A. Wild, T. Pöppelmann, T. Güneysu\",\"doi\":\"10.1109/ReConFig.2014.7032489\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this work we propose a secure architecture for Voice-over-IP (VoIP) that encapsulates all security and privacy critical components and I/O functions into secure hardware and thus drastically reduces the underlying trusted computing base. Our proof-of-concept implementation shows that high security and reliance on established standards and software (e.g., device drivers, transmission control, and protocols) to keep development costs down are no contradiction. Security is ensured as all security and privacy critical operations of the VoIP system are performed in protected hardware and as a consequence a successful attack on any software component (e.g., buffer overflow) does not lead to a violation of security. All I/O devices like microphones, speakers, displays, and dial buttons are directly connected to the secure hardware and cannot be controlled by an adversary even if the software part has been compromised.\",\"PeriodicalId\":137331,\"journal\":{\"name\":\"2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14)\",\"volume\":\"04 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ReConFig.2014.7032489\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ReConFig.2014.7032489","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

在这项工作中，我们提出了一种用于ip语音(VoIP)的安全架构，该架构将所有安全和隐私关键组件和I/O功能封装到安全硬件中，从而大大减少了底层可信计算基础。我们的概念验证实现表明，高安全性和依赖于已建立的标准和软件(例如，设备驱动程序，传输控制和协议)来降低开发成本并不矛盾。由于VoIP系统的所有安全和隐私关键操作都是在受保护的硬件中执行的，因此对任何软件组件(例如缓冲区溢出)的成功攻击不会导致违反安全性，因此确保了安全性。所有I/O设备(如麦克风、扬声器、显示器和拨号按钮)都直接连接到安全硬件，即使软件部分已被攻破，攻击者也无法控制这些设备。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A hardware-assisted proof-of-concept for secure VoIP clients on untrusted operating systems

In this work we propose a secure architecture for Voice-over-IP (VoIP) that encapsulates all security and privacy critical components and I/O functions into secure hardware and thus drastically reduces the underlying trusted computing base. Our proof-of-concept implementation shows that high security and reliance on established standards and software (e.g., device drivers, transmission control, and protocols) to keep development costs down are no contradiction. Security is ensured as all security and privacy critical operations of the VoIP system are performed in protected hardware and as a consequence a successful attack on any software component (e.g., buffer overflow) does not lead to a violation of security. All I/O devices like microphones, speakers, displays, and dial buttons are directly connected to the secure hardware and cannot be controlled by an adversary even if the software part has been compromised.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14)

自引率

0.00%

发文量