Understanding Trusted Computing: Will Its Benefits Outweigh Its Drawbacks?
IEEE Security and Privacy
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Open-Source Applications of TCPA Hardware
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Trusted Computing Platforms: TCPA Technology in Context
Trusted Computing Platforms: TCPA Technology in Context
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Improving security decisions with polymorphic and audited dialogs
Proceedings of the 3rd symposium on Usable privacy and security
| Hi-index | 0.00 |
Enterprise firewalls can be easily circumvented, e.g. by attack agents aboard infected mobile computers or telecommuters' computers, or by attackers exploiting rogue access points or modems. Techniques that prevent connection to enterprise networks of nodes whose configuration does not conform to enterprise policies could greatly reduce such vulnerabilities. Network Admission Control (NAC) and Network Access Protection (NAP) are recent industrial initiatives to achieve such policy enforcement. However, as currently specified, NAC and NAP assume that users are not malicious. We propose novel techniques using secure coprocessors to protect access to enterprise networks. Experiments demonstrate that the proposed techniques are effective against malicious users and have acceptable overhead.