Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Proceedings of the 11th USENIX Security Symposium
WebALPS: a survey of E-commerce privacy and security applications
ACM SIGecom Exchanges
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
An efficient implementation of trusted channels based on openssl
Proceedings of the 3rd ACM workshop on Scalable trusted computing
TruWallet: trustworthy and migratable wallet-based web authentication
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Practical uses of virtual machines for protection of sensitive user data
ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
Engineering attestable services
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Scalable integrity-guaranteed AJAX
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
| Hi-index | 0.00 |
Too often, "security of Web transactions" reduces to"encryption of the channel"-and neglects to address whathappens at the server on the other end. This oversight forcesclients to trust the good intentions and competence of theserver operator-but gives clients no basis for that trust. Inthis paper, we apply secure coprocessing and cryptographyto solve this real problem in Web technology. We present avision: using secure coprocessors to establish trusted co-serversat Web servers and moving sensitive computationsinside these co-servers; we present a prototype implementationof this vision that scales to realistic workloads; andwe validate this approach by building a simple E-voting applicationon top of our prototype.By showing the real potential of COTS secure coprocessingtechnology to establish trusted islands of computation inhostile environments-such as at web servers with risk of insiderattack-this work also helps demonstrate that "securehardware" can be more than synonym for "cryptographicaccelerator."