Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Protecting Client Privacy with Trusted Computing at the Server
IEEE Security and Privacy
Protecting applications with transient authentication
Proceedings of the 1st international conference on Mobile systems, applications and services
Micro embedded monitoring for security in application specific instruction-set processors
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
IEEE Security and Privacy
Architecture Support for 3D Obfuscation
IEEE Transactions on Computers
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
IMPRES: integrated monitoring for processor reliability and security
Proceedings of the 43rd annual Design Automation Conference
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Orchestrating fair exchanges between mutually distrustful web services
Proceedings of the 3rd ACM workshop on Secure web services
Design and implementation of a secure wide-area object middleware
Computer Networks: The International Journal of Computer and Telecommunications Networking
Establishing the genuinity of remote computer systems
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Ensuring secure program execution in multiprocessor embedded systems: a case study
CODES+ISSS '07 Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Non-volatile memory and disks:: avenues for policy architectures
Proceedings of the 2007 ACM workshop on Computer security architecture
Privacy-preserving indexing of documents on the network
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
How low can you go?: recommendations for hardware-supported minimal TCB code execution
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Turtles all the way down: research challenges in user-based attestation
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
Usage control platformization via trustworthy SELinux
Proceedings of the 2008 ACM symposium on Information, computer and communications security
SHIELD: a software hardware design methodology for security and reliability of MPSoCs
Proceedings of the 45th annual Design Automation Conference
Building Trusted Sub-domain for the Grid with Trusted Computing
Information Security and Cryptology
Proceedings of the 15th ACM conference on Computer and communications security
A Framework for Trustworthy Service-Oriented Computing (Short Paper)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Lest we remember: cold-boot attacks on encryption keys
Communications of the ACM - Security in the Browser
Trust-Based Design and Check of FPGA Circuits Using Two-Level Randomized ECC Structures
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Proceedings of the second ACM conference on Wireless network security
Privacy-preserving indexing of documents on the network
The VLDB Journal — The International Journal on Very Large Data Bases
Serviter: A service-oriented programmable network platform for shared infrastructure
Computer Communications
A practical property-based bootstrap architecture
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Physically restricted authentication with trusted hardware
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Almost optimal private information retrieval
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Secure cryptographic precomputation with insecure memory
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
A session key caching and prefetching scheme for secure communication in cluster systems
Journal of Parallel and Distributed Computing
Kells: a protection framework for portable data
Proceedings of the 26th Annual Computer Security Applications Conference
On device identity establishment and verification
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Small trusted primitives for dependable systems
ACM SIGOPS Operating Systems Review
TrustedDB: a trusted hardware based database with privacy and data confidentiality
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Short paper: lightweight remote attestation using physical functions
Proceedings of the fourth ACM conference on Wireless network security
Secure data preservers forweb services
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Aggregation queries in the database-as-a-service model
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
A topological condition for solving fair exchange in byzantine environments
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Daonity: an experience on enhancing grid security by trusted computing technology
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
A mechanism for secure, fine-grained dynamic provisioning of applications on small devices
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
ICA3PP'10 Proceedings of the 10th international conference on Algorithms and Architectures for Parallel Processing - Volume Part I
Gracefully degrading fair exchange with security modules
EDCC'05 Proceedings of the 5th European conference on Dependable Computing
TrustedPals: secure multiparty computation implemented with smart cards
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Design and implementation of a key-lifecycle management system
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
TIVA: trusted integrity verification architecture
DRMTICS'05 Proceedings of the First international conference on Digital Rights Management: technologies, Issues, Challenges and Systems
Optimal randomized fair exchange with secret shared coins
OPODIS'05 Proceedings of the 9th international conference on Principles of Distributed Systems
acTvSM: a dynamic virtualization platform for enforcement of application integrity
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Scalable integrity-guaranteed AJAX
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment
ACM Transactions on Embedded Computing Systems (TECS)
Design, implementation, and evaluation of a vehicular hardware security module
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Security Verification of Hardware-enabled Attestation Protocols
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
FORTUNA-A framework for the design and development of hardware-based secure systems
Journal of Systems and Software
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
CorrectDB: SQL engine with practical query authentication
Proceedings of the VLDB Endowment
Hi-index | 4.10 |
The authors sought to build a secure coprocessor驴defined as a tamper-responding device derived from the Abyss, Citadel, and 4755 work驴that would provide a single multipurpose platform third parties could use to develop and deploy secure coprocessor applications, with minimal IBM participation. The project had several goals: ensure that the device could be identified externally, design the device and its soft-ware to be securely configurable and updatable in the field, construct the software architecture to accommodate layers of code from different parties, avoid letting the compromise of one device breach any other's security, and validate all these assertions through an external party.Providing an environment in which applications could run securely forced the designers to focus not only on security mechanisms and their implementation and management, but also on the security policies they must support. Clearly, the hardware on which applications run must be secure, as must the operating system and run-time environment in between, while offering a reasonable API for applications developers. To fix problems in the field and enable fast and inexpensive reaction to changing customer needs, the designers implemented part of the code as firmware rather than as read-only memory.The 4758 project achieved most of its design goals. Currently, the authors are exploring other embedded processors, the addition of a network communication channel, and other form factors, including those appropriate for laptops.