Practical Security Properties On Commodity Computing Platforms

Author : Amit Vasudevan
Publisher : Springer Nature
Page : 85 pages
File Size : 44,5 Mb
Release : 2019-09-20
Category : Computers
ISBN : 9783030250492

Get Book

Practical Security Properties on Commodity Computing Platforms by Amit Vasudevan Pdf

This SpringerBrief discusses the uber eXtensible Micro-hypervisor Framework (uberXMHF), a novel micro-hypervisor system security architecture and framework that can isolate security-sensitive applications from other untrustworthy applications on commodity platforms, enabling their safe co-existence. uberXMHF, in addition, facilitates runtime monitoring of the untrustworthy components, which is illustrated in this SpringerBrief. uberXMHF focuses on three goals which are keys to achieving practical security on commodity platforms: (a) commodity compatibility (e.g., runs unmodified Linux and Windows) and unfettered access to platform hardware; (b) low trusted computing base and complexity; and (c) efficient implementation. uberXMHF strives to be a comprehensible, practical and flexible platform for performing micro-hypervisor research and development. uberXMHF encapsulates common hypervisor core functionality in a framework that allows developers and users to build custom micro-hypervisor based (security-sensitive) applications (called "uberapps"). The authors describe several uberapps that employ uberXMHF and showcase the framework efficacy and versatility. These uberapps span a wide spectrum of security applications including application compartmentalization and sandboxing, attestation, approved code execution, key management, tracing, verifiable resource accounting, trusted-path and on-demand I/O isolation. The authors are encouraged by the end result - a clean, barebones, low trusted computing base micro-hypervisor framework for commodity platforms with desirable performance characteristics and an architecture amenable to manual audits and/or formal reasoning. Active, open-source development of uberXMHF continues. The primary audience for this SpringerBrief is system (security) researchers and developers of commodity system software. Practitioners working in system security deployment mechanisms within industry and defense, as well as advanced-level students studying computer science with an interest in security will also want to read this SpringerBrief.

Author : Bryan Jeffrey Parno
Publisher : Morgan & Claypool Publishers
Page : 177 pages
File Size : 52,7 Mb
Release : 2014-06-01
Category : Computers
ISBN : 9781627054799

Get Book

Trust Extension as a Mechanism for Secure Code Execution on Commodity Computers by Bryan Jeffrey Parno Pdf

As society rushes to digitize sensitive information and services, it is imperative to adopt adequate security protections. However, such protections fundamentally conflict with the benefits we expect from commodity computers. In other words, consumers and businesses value commodity computers because they provide good performance and an abundance of features at relatively low costs. Meanwhile, attempts to build secure systems from the ground up typically abandon such goals, and hence are seldom adopted. In this book, I argue that we can resolve the tension between security and features by leveraging the trust a user has in one device to enable her to securely use another commodity device or service, without sacrificing the performance and features expected of commodity systems. At a high level, we support this premise by developing techniques to allow a user to employ a small, trusted, portable device to securely learn what code is executing on her local computer. Rather than entrusting her data to the mountain of buggy code likely running on her computer, we construct an on-demand secure execution environment which can perform security-sensitive tasks and handle private data in complete isolation from all other software (and most hardware) on the system. Meanwhile, non-security-sensitive software retains the same abundance of features and performance it enjoys today. Having established an environment for secure code execution on an individual computer, we then show how to extend trust in this environment to network elements in a secure and efficient manner. This allows us to reexamine the design of network protocols and defenses, since we can now execute code on endhosts and trust the results within the network. Lastly, we extend the user's trust one more step to encompass computations performed on a remote host (e.g., in the cloud). We design, analyze, and prove secure a protocol that allows a user to outsource arbitrary computations to commodity computers run by an untrusted remote party (or parties) who may subject the computers to both software and hardware attacks. Our protocol guarantees that the user can both verify that the results returned are indeed the correct results of the specified computations on the inputs provided, and protect the secrecy of both the inputs and outputs of the computations. These guarantees are provided in a non-interactive, asymptotically optimal (with respect to CPU and bandwidth) manner. Thus, extending a user's trust, via software, hardware, and cryptographic techniques, allows us to provide strong security protections for both local and remote computations on sensitive data, while still preserving the performance and features of commodity computers.

Author : Marcel Winandy
Publisher : Unknown
Page : 268 pages
File Size : 53,5 Mb
Release : 2012
Category : Electronic
ISBN : 3844013156

Get Book

Security and Trust Architectures for Protecting Sensitive Data on Commodity Computing Platforms by Marcel Winandy Pdf

Author : Amit Vasudevan,Jonathan M. McCune,James Newsome
Publisher : Springer Science & Business Media
Page : 89 pages
File Size : 43,8 Mb
Release : 2013-08-13
Category : Computers
ISBN : 9781461481904

Get Book

Trustworthy Execution on Mobile Devices by Amit Vasudevan,Jonathan M. McCune,James Newsome Pdf

This brief considers the various stakeholders in today's mobile device ecosystem, and analyzes why widely-deployed hardware security primitives on mobile device platforms are inaccessible to application developers and end-users. Existing proposals are also evaluated for leveraging such primitives, and proves that they can indeed strengthen the security properties available to applications and users, without reducing the properties currently enjoyed by OEMs and network carriers. Finally, this brief makes recommendations for future research that may yield practical and deployable results.

Author : Liqun Chen,Yi Mu,Willy Susilo
Publisher : Springer
Page : 420 pages
File Size : 44,6 Mb
Release : 2008-03-14
Category : Computers
ISBN : 9783540791041

Get Book

Information Security Practice and Experience by Liqun Chen,Yi Mu,Willy Susilo Pdf

This book constitutes the refereed proceedings of the 4th International Information Security Practice and Experience Conference, ISPEC 2008, held in Sydney, Australia, in May 2008. The papers cover a wide range of topics.

Author : Jin Tian,Jiwu Jing,Mudhakar Srivatsa
Publisher : Springer
Page : 409 pages
File Size : 53,8 Mb
Release : 2015-12-01
Category : Computers
ISBN : 9783319238029

Get Book

International Conference on Security and Privacy in Communication Networks by Jin Tian,Jiwu Jing,Mudhakar Srivatsa Pdf

This 2-volume set constitutes the thoroughly refereed post-conference proceedings of the 10th International Conference on Security and Privacy in Communication Networks, SecureComm 2014, held in Beijing, China, in September 2014. The 27 regular and 17 short papers presented were carefully reviewed. It also presents 22 papers accepted for four workshops (ATCS, SSS, SLSS, DAPRO) in conjunction with the conference, 6 doctoral symposium papers and 8 poster papers. The papers are grouped in the following topics: security and privacy in wired, wireless, mobile, hybrid, sensor, ad hoc networks; network intrusion detection and prevention, firewalls, packet filters; malware, and distributed denial of service; communication privacy and anonymity; network and internet forensics techniques; public key infrastructures, key management, credential management; secure routing, naming/addressing, network management; security and privacy in pervasive and ubiquitous computing; security & privacy for emerging technologies: VoIP, peer-to-peer and overlay network systems; security & isolation in data center networks; security & isolation in software defined networking.

Author : Stefan Katzenbeisser,Edgar Weippl,L. Jean Camp,Melanie Volkamer,Mike Reiter,Xinwen Zhang
Publisher : Springer
Page : 350 pages
File Size : 48,7 Mb
Release : 2012-06-09
Category : Computers
ISBN : 9783642309212

Get Book

Trust and Trustworthy Computing by Stefan Katzenbeisser,Edgar Weippl,L. Jean Camp,Melanie Volkamer,Mike Reiter,Xinwen Zhang Pdf

This book constitutes the refereed proceedings of the 5th International Conference on Trust and Trustworthy Computing, TRUST 2012, held in Vienna, Austria, in June 2012. The 19 revised full papers presented were carefully reviewed and selected from 48 submissions. The papers are organized in two tracks: a technical track with topics ranging from trusted computing and mobile devices to applied cryptography and physically unclonable functions, and a socio-economic track focusing on the emerging field of usable security.

Author : Bryan Parno,Jonathan M. McCune,Adrian Perrig
Publisher : Springer Science & Business Media
Page : 113 pages
File Size : 42,8 Mb
Release : 2011-08-27
Category : Computers
ISBN : 9781461414605

Get Book

Bootstrapping Trust in Modern Computers by Bryan Parno,Jonathan M. McCune,Adrian Perrig Pdf

Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent "Trusted Computing" initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.

Author : Michael Huth,N. Asokan,Srdjan Capkun,Ivan Flechais,Lizzie Coles-Kemp
Publisher : Springer
Page : 290 pages
File Size : 42,7 Mb
Release : 2013-06-12
Category : Computers
ISBN : 9783642389085

Get Book

Trust and Trustworthy Computing by Michael Huth,N. Asokan,Srdjan Capkun,Ivan Flechais,Lizzie Coles-Kemp Pdf

This book constitutes the refereed proceedings of the 6th International Conference on Trust and Trustworthy Computing, TRUST 2013, held in London, UK, in June 2013. There is a technical and a socio-economic track. The full papers presented, 14 and 5 respectively, were carefully reviewed from 39 in the technical track and 14 in the socio-economic track. Also included are 5 abstracts describing ongoing research. On the technical track the papers deal with issues such as key management, hypervisor usage, information flow analysis, trust in network measurement, random number generators, case studies that evaluate trust-based methods in practice, simulation environments for trusted platform modules, trust in applications running on mobile devices, trust across platform. Papers on the socio-economic track investigated, how trust is managed and perceived in online environments, and how the disclosure of personal data is perceived; and some papers probed trust issues across generations of users and for groups with special needs.

Author : Sean W. Smith
Publisher : Springer
Page : 246 pages
File Size : 55,8 Mb
Release : 2013-12-11
Category : Computers
ISBN : 9783662410158

Get Book

Trusted Computing Platforms by Sean W. Smith Pdf

How can one trust computation taking place at a remote site, particularly if a party at that site might have motivation to subvert this trust? In recent years, industrial efforts have advanced the notion of a "trusted computing platform" as a building block. Through a conspiracy of hardware and software magic, these platforms attempt to solve this remote trust problem, to preserve various critical properties against various types of adversaries. However, these current efforts are just points on a larger continuum, which ranges from earlier work on secure coprocessor design and applications, through TCPA/TCG, to recent academic developments. Without wading through stacks of theses and research literature, the general computer science reader cannot see this big picture. Trusted Computing Platforms:Design and Applications fills this gap. Starting with early prototypes and proposed applications, this book surveys the longer history of amplifying small amounts of hardware security into broader system security--and reports real case study experience with security architecture and applications on multiple types of platforms. The author examines the theory, design, implementation of the IBM 4758 secure coprocessor platform and discusses real case study applications that exploit the unique capabilities of this platform. The author discusses how these foundations grow into newer industrial designs, and discusses alternate architectures and case studies of applications that this newer hardware can enable. The author closes with an examination of more recent cutting-edge experimental work in this area. Trusted Computing Platforms:Design and Applications is written for security architects, application designers, and the general computer scientist interested in the evolution and uses of this emerging technology

Author : John R. Vacca
Publisher : CRC Press
Page : 458 pages
File Size : 41,7 Mb
Release : 2016-10-14
Category : Computers
ISBN : 9781315354996

Get Book

Security in the Private Cloud by John R. Vacca Pdf

This comprehensive handbook serves as a professional reference and practitioner’s guide to today’s most complete and concise view of private cloud security. It explores practical solutions to a wide range of private cloud computing security issues. The knowledge imparted will enable readers to determine whether the private cloud security solution is appropriate for their organization from a business and technical perspective, to select the appropriate cloud security model, and to plan and implement a cloud security adoption and migration strategy.

Author : Song Guo,Qihua Zhou
Publisher : CRC Press
Page : 268 pages
File Size : 54,7 Mb
Release : 2022-11-24
Category : Computers
ISBN : 9781000780352

Get Book

Machine Learning on Commodity Tiny Devices by Song Guo,Qihua Zhou Pdf

This book aims at the tiny machine learning (TinyML) software and hardware synergy for edge intelligence applications. It presents on-device learning techniques covering model-level neural network design, algorithm-level training optimization, and hardware-level instruction acceleration. Analyzing the limitations of conventional in-cloud computing would reveal that on-device learning is a promising research direction to meet the requirements of edge intelligence applications. As to the cutting-edge research of TinyML, implementing a high-efficiency learning framework and enabling system-level acceleration is one of the most fundamental issues. This book presents a comprehensive discussion of the latest research progress and provides system-level insights on designing TinyML frameworks, including neural network design, training algorithm optimization and domain-specific hardware acceleration. It identifies the main challenges when deploying TinyML tasks in the real world and guides the researchers to deploy a reliable learning system. This volume will be of interest to students and scholars in the field of edge intelligence, especially to those with sufficient professional Edge AI skills. It will also be an excellent guide for researchers to implement high-performance TinyML systems.

Author : Javier Lopez,Yongdong Wu
Publisher : Springer
Page : 576 pages
File Size : 49,6 Mb
Release : 2015-04-08
Category : Computers
ISBN : 9783319175331

Get Book

Information Security Practice and Experience by Javier Lopez,Yongdong Wu Pdf

This book constitutes the proceedings of the 11th International Conference on Information Security Practice and Experience, ISPEC 2015, held in Beijing China, in May 2015. The 38 papers presented in this volume were carefully reviewed and selected from 117 submissions. The regular papers are organized in topical sections named: system security, stream cipher, analysis, key exchange protocol, elliptic curve cryptography, authentication, attribute-based encryption, mobile security, theory, implementation, privacy and indistinguishability.

Author : Liqun Chen,Moti Yung
Publisher : Springer Science & Business Media
Page : 374 pages
File Size : 53,9 Mb
Release : 2011-11-18
Category : Business & Economics
ISBN : 9783642252822

Get Book

Trusted Systems by Liqun Chen,Moti Yung Pdf

This book constitutes the proceedings of the International Conference on Trusted Systems, held in Beijing, China, in December 2010.The 23 contributed papers presented together with nine invited talks from a workshop, titled "Asian Lounge on Trust, Security and Privacy" were carefully selected from 66 submissions. The papers are organized in seven topical sections on implentation technology, security analysis, cryptographic aspects, mobile trusted systems, hardware security, attestation, and software protection.

Author : Dimitris Gritzalis,Bart Preneel,Marianthi Theoharidou
Publisher : Springer Science & Business Media
Page : 729 pages
File Size : 41,9 Mb
Release : 2010-08-30
Category : Business & Economics
ISBN : 9783642154966

Get Book

Computer Security - ESORICS 2010 by Dimitris Gritzalis,Bart Preneel,Marianthi Theoharidou Pdf

This book constitutes the proceedings of the 15th European Symposium on Computer Security held in Athens, Greece in September 2010. The 42 papers included in the book were carefully reviewed and selected from 201 papers. The articles are organized in topical sections on RFID and Privacy, Software Security, Cryptographic Protocols, Traffic Analysis, End-User Security, Formal Analysis, E-voting and Broadcast, Authentication, Access Control, Authorization and Attestation, Anonymity and Unlinkability, Network Security and Economics, as well as Secure Update, DOS and Intrustion Detection.