Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SSL and TLS: designing and building secure systems
SSL and TLS: designing and building secure systems
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Unlocking the design secrets of a 2.29 Gb/s Rijndael processor
Proceedings of the 39th annual Design Automation Conference
Silicon physical random functions
Proceedings of the 9th ACM conference on Computer and communications security
ACM Transactions on Internet Technology (TOIT)
How to Manage Persistent State in DRM Systems
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Volunteer computing
Efficient Memory Integrity Verification and Encryption for Secure Processors
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Security as a new dimension in embedded system design
Proceedings of the 41st annual Design Automation Conference
iWatcher: Efficient Architectural Support for Software Debugging
Proceedings of the 31st annual international symposium on Computer architecture
Security in embedded systems: Design challenges
ACM Transactions on Embedded Computing Systems (TECS)
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Proceedings of the 13th International Conference on Parallel Architectures and Compilation Techniques
Attacks and risk analysis for hardware supported software copy protection systems
Proceedings of the 4th ACM workshop on Digital rights management
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring
Proceedings of the conference on Design, Automation and Test in Europe - Volume 1
Hardware Engines for Bus Encryption: A Survey of Existing Techniques
Proceedings of the conference on Design, Automation and Test in Europe - Volume 3
Towards the issues in architectural support for protection of software execution
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Protecting cryptographic keys and computations via virtual secure coprocessing
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Architectural support for protecting user privacy on trusted processors
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Efficient and flexible architectural support for dynamic monitoring
ACM Transactions on Architecture and Code Optimization (TACO)
A combined hardware and software architecture for secure computing
Proceedings of the 2nd conference on Computing frontiers
Architecture for Protecting Critical Secrets in Microprocessors
Proceedings of the 32nd annual international symposium on Computer Architecture
High Efficiency Counter Mode Security Architecture via Prediction and Precomputation
Proceedings of the 32nd annual international symposium on Computer Architecture
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
Proceedings of the 32nd annual international symposium on Computer Architecture
Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance
IEEE Transactions on Dependable and Secure Computing
SECA: security-enhanced communication architecture
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Secure bootstrap is not enough: shoring up the trusted computing base
Proceedings of the 11th workshop on ACM SIGOPS European workshop
A parallelized way to provide data encryption and integrity checking on a processor-memory bus
Proceedings of the 43rd annual Design Automation Conference
A low-cost memory remapping scheme for address bus protection
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
Virtual monotonic counters and count-limited objects using a TPM without a trusted OS
Proceedings of the first ACM workshop on Scalable trusted computing
Minos: Architectural support for protecting control data
ACM Transactions on Architecture and Code Optimization (TACO)
Authentication Control Point and Its Implications For Secure Processor Design
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
On-Chip Communication Architectures: System on Chip Interconnect
On-Chip Communication Architectures: System on Chip Interconnect
M-TREE: a high efficiency security architecture for protecting integrity and privacy of software
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Accelerating memory decryption and authentication with frequent value prediction
Proceedings of the 4th international conference on Computing frontiers
Certifying program execution with secure processors
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Proceedings of the conference on Design, automation and test in Europe
Controlled physical random functions and applications
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 9th workshop on Multimedia & security
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Offline untrusted storage with immediate detection of forking and replay attacks
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Hardware-rooted trust for secure key management and transient trust
Proceedings of the 14th ACM conference on Computer and communications security
Architectural support for run-time validation of program data properties
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Using hypervisor to provide data secrecy for user applications on a per-page basis
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
How low can you go?: recommendations for hardware-supported minimal TCB code execution
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Hardbound: architectural support for spatial safety of the C programming language
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Operating system controlled processor-memory bus encryption
Proceedings of the conference on Design, automation and test in Europe
Encoding-Based Tamper-Resistant Algorithm for Mobile Device Security
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part IV: ICCS 2007
The Trusted Execution Module: Commodity General-Purpose Trusted Computing
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
The Reduced Address Space (RAS) for Application Memory Authentication
ISC '08 Proceedings of the 11th international conference on Information Security
A Framework for Trustworthy Service-Oriented Computing (Short Paper)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Making secure processors OS- and performance-friendly
ACM Transactions on Architecture and Code Optimization (TACO)
A security approach for off-chip memory in embedded microprocessor systems
Microprocessors & Microsystems
Memory-Centric Security Architecture
Transactions on High-Performance Embedded Architectures and Compilers I
Supporting flexible streaming media protection through privacy-aware secure processors
Computers and Electrical Engineering
A compiler-hardware approach to software protection for embedded systems
Computers and Electrical Engineering
Diversification of Processors Based on Redundancy in Instruction Set
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
SHARK: Architectural support for autonomic protection against stealth by rootkit exploits
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines
Transactions on Computational Science IV
Euro-Par 2008 Workshops - Parallel Processing
Relating Boolean gate truth tables to one-way functions
Integrated Computer-Aided Engineering
Hardware-assisted run-time monitoring for secure program execution on embedded processors
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Trusted Computing: Security and Applications
Cryptologia
Secure offline superdistribution for mobile platforms
International Journal of Applied Cryptography
A low-cost memory remapping scheme for address bus protection
Journal of Parallel and Distributed Computing
A multi-core security architecture based on EFI
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Secure cryptographic precomputation with insecure memory
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
SHIELDSTRAP: making secure processors truly secure
ICCD'09 Proceedings of the 2009 IEEE international conference on Computer design
Foundations of security analysis and design IV
Separating hypervisor trusted computing base supported by hardware
Proceedings of the fifth ACM workshop on Scalable trusted computing
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
SecBus: operating system controlled hierarchical page-based memory bus protection
Proceedings of the Conference on Design, Automation and Test in Europe
An analysis of secure processor architectures
Transactions on computational science VII
A framework for testing hardware-software security architectures
Proceedings of the 26th Annual Computer Security Applications Conference
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Transactions on computational science X
SecureME: a hardware-software approach to full system security
Proceedings of the international conference on Supercomputing
CPU support for secure executables
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
DynaPoMP: dynamic policy-driven memory protection for SPM-based embedded systems
WESS '11 Proceedings of the Workshop on Embedded Systems Security
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Efficient scheme of verifying integrity of application binaries in embedded operating systems
The Journal of Supercomputing
A cache design for a security architecture for microprocessors (SAM)
ARCS'06 Proceedings of the 19th international conference on Architecture of Computing Systems
Hybrid authentication and key management scheme for WSANs
ISPA'05 Proceedings of the 2005 international conference on Parallel and Distributed Processing and Applications
Remote software-based attestation for wireless sensors
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Daonity: an experience on enhancing grid security by trusted computing technology
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Memory-centric security architecture
HiPEAC'05 Proceedings of the First international conference on High Performance Embedded Architectures and Compilers
An efficient way to build secure disk
ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience
Architectural support for hypervisor-secure virtualization
ASPLOS XVII Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
Efficient architectural support for secure bus-based shared memory multiprocessor
ACSAC'05 Proceedings of the 10th Asia-Pacific conference on Advances in Computer Systems Architecture
PATMOS'06 Proceedings of the 16th international conference on Integrated Circuit and System Design: power and Timing Modeling, Optimization and Simulation
On design of a trusted software base with support of TPCM
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Scalable integrity-guaranteed AJAX
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment
ACM Transactions on Embedded Computing Systems (TECS)
Improving virtualization security by splitting hypervisor into smaller components
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
A cost-effective tag design for memory data authentication in embedded systems
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
A secure processor architecture for encrypted computation on untrusted programs
Proceedings of the seventh ACM workshop on Scalable trusted computing
Software protection for dynamically-generated code
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
Security Verification of Hardware-enabled Attestation Protocols
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Proceedings of the ACM International Conference on Computing Frontiers
Design space exploration and optimization of path oblivious RAM in secure processors
Proceedings of the 40th Annual International Symposium on Computer Architecture
PHANTOM: practical oblivious computation in a secure processor
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Generalized external interaction with tamper-resistant hardware with bounded information leakage
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Using ARM trustzone to build a trusted language runtime for mobile applications
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Memory encryption: A survey of existing techniques
ACM Computing Surveys (CSUR)
Security-Preserving Live Migration of Virtual Machines in the Cloud
Journal of Network and Systems Management
Counterfeit Integrated Circuits: Detection, Avoidance, and the Challenges Ahead
Journal of Electronic Testing: Theory and Applications
Hi-index | 0.00 |
We describe the architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all components external to the processor, such as memory, are untrusted. We show two different implementations. In the first case, the core functionality of the operating system is trusted and implemented in a security kernel. We also describe a variant implementation assuming an untrusted operating system.aegis provides users with tamper-evident, authenticated environments in which any physical or software tampering by an adversary is guaranteed to be detected, and private and authenticated tamper-resistant environments where additionally the adversary is unable to obtain any information about software or data by tampering with, or otherwise observing, system operation. aegis enables many applications, such as commercial grid computing, secure mobile agents, software licensing, and digital rights management.Preliminary simulation results indicate that the overhead of security mechanisms in aegis is reasonable.