Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Authenticated Operation of Open Computing Devices
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
ACM SIGOPS Operating Systems Review
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Computer Security in the Real World
Computer
Architectural support for protecting user privacy on trusted processors
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Does Trusted Computing Remedy Computer Security Problems?
IEEE Security and Privacy
The entropia virtual machine for desktop grids
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Intel Virtualization Technology
Computer
On authenticated computing and RSA-based authentication
Proceedings of the 12th ACM conference on Computer and communications security
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Secure bootstrap is not enough: shoring up the trusted computing base
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Credentials and Beliefs in Remote Trusted Platforms Attestation
WOWMOM '06 Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks
Proceedings of the 43rd annual Design Automation Conference
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Virtual machines for enterprise desktop security
Information Security Tech. Report
Improving authentication of remote card transactions with mobile personal trusted devices
Computer Communications
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Facilitating focused internet measurements
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
On the power of simple branch prediction analysis
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Authorizing applications in singularity
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
Proceedings of the 9th workshop on Multimedia & security
Splitting interfaces: making trust between applications and operating systems configurable
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Alpaca: extensible authorization for distributed services
Proceedings of the 14th ACM conference on Computer and communications security
On the difficulty of validating voting machine software with software
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Remote Attestation on Legacy Operating Systems With Trusted Platform Modules
Electronic Notes in Theoretical Computer Science (ENTCS)
A methodology for trust control mode prediction
ISP'06 Proceedings of the 5th WSEAS International Conference on Information Security and Privacy
Processor virtualization for secure mobile terminals
ACM Transactions on Design Automation of Electronic Systems (TODAES)
A hypervisor-based system for protecting software runtime memory and persistent storage
Proceedings of the 2008 Spring simulation multiconference
Practical Techniques for Operating System Attestation
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Host-Based Security Challenges and Controls: A Survey of Contemporary Research
Information Security Journal: A Global Perspective
Remote attestation on legacy operating systems with trusted platform modules
Science of Computer Programming
Towards application security on untrusted operating systems
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Supporting flexible streaming media protection through privacy-aware secure processors
Computers and Electrical Engineering
Effective and efficient compromise recovery for weakly consistent replication
Proceedings of the 4th ACM European conference on Computer systems
Trusted Computing: Security and Applications
Cryptologia
On the difficulty of software-based attestation of embedded devices
Proceedings of the 16th ACM conference on Computer and communications security
Detecting code alteration by creating a temporary memory bottleneck
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Foundations of security analysis and design IV
Secure code update for embedded devices via proofs of secure erasure
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Extending IPsec for efficient remote attestation
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
NetQuery: a knowledge plane for reasoning about network properties
Proceedings of the ACM CoNEXT Student Workshop
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
Enhancing trust in mobile enterprise networking
ACOS'06 Proceedings of the 5th WSEAS international conference on Applied computer science
NetQuery: a knowledge plane for reasoning about network properties
Proceedings of the ACM SIGCOMM 2011 conference
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Autonomic trust management in a component based software system
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Secure data management in trusted computing
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Predicting secret keys via branch prediction
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
On design of a trusted software base with support of TPCM
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Trusted integrity measurement and reporting for virtualized platforms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
An abstract model of a trusted platform
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
acTvSM: a dynamic virtualization platform for enforcement of application integrity
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Proceedings of the 2012 ACM conference on Computer and communications security
Hi-index | 4.10 |
Although administrators can configure a system to restrict access to resources, in a mass-market setting they cannot be sure of the kernel's integrity. The commercial need for an open software and hardware architecture leads to huge and complex operating systems. A single programming error or intentional back door in this code base can open the way for an attack that renders the access-control system ineffective.The authors describe Microsoft's next-generation secure computing base, a system that offers robust access control through mechanisms for code authentication.