Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Computer architecture: a quantitative approach
Computer architecture: a quantitative approach
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
How to Manage Persistent State in DRM Systems
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Software Tamper Resistance: Obstructing Static Analysis of Programs
Software Tamper Resistance: Obstructing Static Analysis of Programs
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Certifying program execution with secure processors
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Implementing Embedded Security on Dual-Virtual-CPU Systems
IEEE Design & Test
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Enforcing executing-implies-verified with the integrity-aware processor
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
| Hi-index | 0.00 |
This paper presents the design and implementation of the Cell Broadband Engine TM(Cell/B.E.) isolation loader which is a part of the IBM Software Development Kit for Multicore Acceleration [14]. Our isolation loader is a key component in realizing secure application boot and encrypted application execution. During the application load process, the isolation loader fetches, validates, and decrypts a Synergistic Processor Element (SPE) executable, establishing a chain of trust from the hardware to the application. Since not all applications are SPE executables, we also introduce a general solution. This is a verification service framework in which all applications including system functions can be verified by the isolation loader immediately before execution. We have applied several novel implementation techniques to the isolation loader. The countermeasure implemented in our isolation loader against the substituted-ciphertext attack is given and our staging technique to allocate contiguous working areas for applications is also introduced. The load overhead of this loader including application fetch, validation (RSA-2048/SHA-1), and decryption (RSA-2048 and AES) is less than 50 milliseconds on the 2.8 GHz IBM PowerXCell 8i processor. This overhead is reasonable compared with the 500-millisecond 2048-bit RSA signing needed by the Trusted Platform Module chips [3].