Secure Internet programming
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Authenticated Operation of Open Computing Devices
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Supporting E-commerce in Wireless Networks
IMWS '01 Revised Papers from the NSF Workshop on Developing an Infrastructure for Mobile and Wireless Systems
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
WebALPS: a survey of E-commerce privacy and security applications
ACM SIGecom Exchanges
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Root Kits: an operating systems viewpoint
ACM SIGOPS Operating Systems Review
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Secure object identification: or: solving the Chess Grandmaster Problem
Proceedings of the 2003 workshop on New security paradigms
Security in embedded systems: Design challenges
ACM Transactions on Embedded Computing Systems (TECS)
Proceedings of the 13th International Conference on Parallel Architectures and Compilation Techniques
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Data protection and data sharing in telematics
Mobile Networks and Applications
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Towards the issues in architectural support for protection of software execution
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Does Trusted Computing Remedy Computer Security Problems?
IEEE Security and Privacy
Symmetric behavior-based trust: a new paradigm for internet computing
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Architecture for Protecting Critical Secrets in Microprocessors
Proceedings of the 32nd annual international symposium on Computer Architecture
High Efficiency Counter Mode Security Architecture via Prediction and Precomputation
Proceedings of the 32nd annual international symposium on Computer Architecture
DRM, trusted computing and operating system architecture
ACSW Frontiers '05 Proceedings of the 2005 Australasian workshop on Grid computing and e-research - Volume 44
Remote revocation of smart cards in a private DRM system
ACSW Frontiers '05 Proceedings of the 2005 Australasian workshop on Grid computing and e-research - Volume 44
On authenticated computing and RSA-based authentication
Proceedings of the 12th ACM conference on Computer and communications security
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Secure bootstrap is not enough: shoring up the trusted computing base
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Design of a wireless sensor network platform for detecting rare, random, and ephemeral events
IPSN '05 Proceedings of the 4th international symposium on Information processing in sensor networks
Enhancing PC Security with a U-Key
IEEE Security and Privacy
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Securing sensitive content in a view-only file system
Proceedings of the ACM workshop on Digital rights management
CuPIDS: An exploration of highly focused, co-processor-based information system protection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Design and implementation of a secure wide-area object middleware
Computer Networks: The International Journal of Computer and Telecommunications Networking
Flexible OS support and applications for trusted computing
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Secure coprocessor integration with kerberos V5
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Security analysis of the palm operating system and its weaknesses against malicious code threats
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SC-CFS: smartcard secured cryptographic file system
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Establishing the genuinity of remote computer systems
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Smartcard integration with Kerberos V5
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Security analysis of the palm operating system and its weaknesses against malicious code threats
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SC-CFS: smartcard secured cryptographic file system
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Monitoring the monitor: an approach towards trustworthiness in service oriented architecture
2nd international workshop on Service oriented software engineering: in conjunction with the 6th ESEC/FSE joint meeting
IEEE Pervasive Computing
Rapid Trust Establishment for Pervasive Personal Computing
IEEE Pervasive Computing
A cryptographic access control architecture secure against privileged attackers
Proceedings of the 2007 ACM workshop on Computer security architecture
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction
Proceedings of the 14th ACM conference on Computer and communications security
A plan for malware containment in the DETER testbed
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Security analysis of the diebold AccuVote-TS voting machine
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Casting votes in the auditorium
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
On the difficulty of validating voting machine software with software
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Improving Xen security through disaggregation
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
How low can you go?: recommendations for hardware-supported minimal TCB code execution
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
EATIS '07 Proceedings of the 2007 Euro American conference on Telematics and information systems
Turtles all the way down: research challenges in user-based attestation
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
ISP'06 Proceedings of the 5th WSEAS International Conference on Information Security and Privacy
Journal of Computer Security - The Third IEEE International Symposium on Security in Networks and Distributed Systems
Trustworthy and personalized computing on public kiosks
Proceedings of the 6th international conference on Mobile systems, applications, and services
Detecting in-flight page changes with web tripwires
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Trusted Computing Serving an Anonymity Service
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
BootJacker: compromising computers using forced restarts
Proceedings of the 15th ACM conference on Computer and communications security
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Mobile communication solutions for remote data acquisition, supervisory and control systems
AIC'08 Proceedings of the 8th conference on Applied informatics and communications
Memory-Centric Security Architecture
Transactions on High-Performance Embedded Architectures and Compilers I
Lest we remember: cold-boot attacks on encryption keys
Communications of the ACM - Security in the Browser
A compiler-hardware approach to software protection for embedded systems
Computers and Electrical Engineering
Integrity Management Infrastructure for Trusted Computing
IEICE - Transactions on Information and Systems
Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Attacking the BitLocker Boot Process
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Trusted Computing: Security and Applications
Cryptologia
Fine-grained I/O access control of the mobile devices based on the Xen architecture
Proceedings of the 15th annual international conference on Mobile computing and networking
CSNA '07 Proceedings of the IASTED International Conference on Communication Systems, Networks, and Applications
Securing medical records on smart phones
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
TruWallet: trustworthy and migratable wallet-based web authentication
Proceedings of the 2009 ACM workshop on Scalable trusted computing
A practical property-based bootstrap architecture
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Proceedings of the 2009 ACM workshop on Scalable trusted computing
TimeCapsule: secure recording of accesses to a protected datastore
Proceedings of the 1st ACM workshop on Virtual machine security
Research of Trust Chain of Operating System
AICI '09 Proceedings of the International Conference on Artificial Intelligence and Computational Intelligence
ACM Transactions on Information and System Security (TISSEC)
Detecting code alteration by creating a temporary memory bottleneck
IEEE Transactions on Information Forensics and Security - Special issue on electronic voting
Outdoor distributed computing with split smart messages
Proceedings of the 12th Monterey conference on Reliable systems on unreliable networked platforms
A format-independent architecture for run-time integrity checking of executable code
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
"Out-of-the-Box" monitoring of VM-based high-interaction honeypots
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Mitigating the lying-endpoint problem in virtualized network access frameworks
DSOM'07 Proceedings of the Distributed systems: operations and management 18th IFIP/IEEE international conference on Managing virtualization of networks and services
A multi-core security architecture based on EFI
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
BIOS security analysis and a kind of trusted BIOS
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Stabilizing trust and reputation for self-stabilizing efficient hosts in spite of Byzantine guests
SSS'07 Proceedings of the 9h international conference on Stabilization, safety, and security of distributed systems
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
SHIELDSTRAP: making secure processors truly secure
ICCD'09 Proceedings of the 2009 IEEE international conference on Computer design
Component-based access control: secure software composition through static analysis
SC'08 Proceedings of the 7th international conference on Software composition
Access control based on code identity for open distributed systems
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Foundations of security analysis and design IV
Stabilizing trust and reputation for self-stabilizing efficient hosts in spite of byzantine guests
ACM SIGOPS Operating Systems Review
A novel DRM framework for peer-to-peer music content delivery
Journal of Systems and Software
Seeding clouds with trust anchors
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Dynamic enforcement of platform integrity
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
An analysis of secure processor architectures
Transactions on computational science VII
Secure code update for embedded devices via proofs of secure erasure
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Proceedings of the first ACM conference on Data and application security and privacy
Ensuring operating system kernel integrity with OSck
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
What if you could actually trust your kernel?
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
SecureME: a hardware-software approach to full system security
Proceedings of the international conference on Supercomputing
Short paper: lightweight remote attestation using physical functions
Proceedings of the fourth ACM conference on Wireless network security
Practical property-based attestation on mobile devices
TRUST'11 Proceedings of the 4th international conference on Trust and trustworthy computing
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Behavior analysis-based dynamic trust measurement model
ICICS'11 Proceedings of the 13th international conference on Information and communications security
The MP architecture: towards a secure framework for mobile agents
International Journal of Agent-Oriented Software Engineering
Efficient scheme of verifying integrity of application binaries in embedded operating systems
The Journal of Supercomputing
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
A secure and auto-configurable environment for mobile agents in ubiquitous computing scenarios
UIC'06 Proceedings of the Third international conference on Ubiquitous Intelligence and Computing
Securing operating system services based on smart cards
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
A taxonomy of rational attacks
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Encrypted watermarks and linux laptop security
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Towards multilateral-secure DRM platforms
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
acTvSM: a dynamic virtualization platform for enforcement of application integrity
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
A linux kernel cryptographic framework: decoupling cryptographic keys from applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Decentralized governance of distributed systems via interaction control
Logic Programs, Norms and Action
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Security challenges in embedded systems
ACM Transactions on Embedded Computing Systems (TECS) - Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems
Configurable memory security in embedded systems
ACM Transactions on Embedded Computing Systems (TECS)
SmartK: Smart cards in operating systems at kernel level
Information Security Tech. Report
Optimizing Storage Performance for VM-Based Mobile Computing
ACM Transactions on Computer Systems (TOCS)
Design space exploration and optimization of path oblivious RAM in secure processors
Proceedings of the 40th Annual International Symposium on Computer Architecture
Generalized external interaction with tamper-resistant hardware with bounded information leakage
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Beyond full disk encryption: protection on security-enhanced commodity processors
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
SobTrA: a software-based trust anchor for ARM cortex application processors
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
Abstract: In a computer system, the integrity of lower layers is typically treated as axiomatic by higher layers. Under the presumption that the hardware comprising the machine (the lowest layer) is valid, the integrity of a layer can be guaranteed if and only if: (1) the integrity of the lower layers is checked and (2) transitions to higher layers occur only after integrity checks on them are complete. The resulting integrity "chain" inductively guarantees system integrity. When these conditions are not met, as they typically are not in the bootstrapping (initialization) of a computer system, no integrity guarantees can be made, yet these guarantees are increasingly important to diverse applications such as Internet commerce, security systems and "active networks". In this paper, we describe the AEGIS architecture for initializing a computer system. It validates integrity at each layer transition in the bootstrap process. AEGIS also includes a recovery process for integrity check failures, and we show how this results in robust systems.