Cloud terminal: secure access to sensitive applications from untrusted systems
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Trustworthy execution on mobile devices: what security properties can my mobile platform give me?
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
On the foundations of trust in networks of humans and computers
Proceedings of the 2012 ACM conference on Computer and communications security
Proceedings of the 2012 ACM conference on Computer and communications security
Using trustworthy host-based information in the network
Proceedings of the seventh ACM workshop on Scalable trusted computing
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
DriverGuard: Virtualization-Based Fine-Grained Protection on I/O Flows
ACM Transactions on Information and System Security (TISSEC)
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Sapper: a language for hardware-level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
| Hi-index | 0.00 |
A trusted path is a protected channel that assures the secrecy and authenticity of data transfers between a user's input/output (I/O) device and a program trusted by that user. We argue that, despite its incontestable necessity, current commodity systems do not support trusted path with any significant assurance. This paper presents a hyper visor-based design that enables a trusted path to bypass an untrusted operating-system, applications, and I/O devices, with a minimal Trusted Computing Base (TCB). We also suggest concrete I/O architectural changes that will simplify future trusted-path system design. Our system enables users to verify the states and configurations of one or more trusted-paths using a simple, secret less, hand-held device. We implement a simple user-oriented trusted path as a case study.