Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Using the SimOS machine simulator to study complex computer systems
ACM Transactions on Modeling and Computer Simulation (TOMACS)
EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Using a High-Performance, Programmable Secure Coprocessor
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Specifying and Verifying Hardware for Tamper-Resistant Software
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
How to build a trusted database system on untrusted storage
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Attacks and risk analysis for hardware supported software copy protection systems
Proceedings of the 4th ACM workshop on Digital rights management
Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Towards the issues in architectural support for protection of software execution
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Architectural support for protecting user privacy on trusted processors
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
ChipLock: support for secure microarchitectures
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Property-based attestation for computing platforms: caring about properties, not mechanisms
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
High Efficiency Counter Mode Security Architecture via Prediction and Precomputation
Proceedings of the 32nd annual international symposium on Computer Architecture
A high performance Kernel-Less Operating System architecture
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
Nexus: a new operating system for trustworthy computing
Proceedings of the twentieth ACM symposium on Operating systems principles
Speculative virtual verification: policy-constrained speculative execution
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
A protocol for property-based attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Accelerating memory decryption and authentication with frequent value prediction
Proceedings of the 4th international conference on Computing frontiers
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Using hypervisor to provide data secrecy for user applications on a per-page basis
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Reconfigurable hardware for high-security/high-performance embedded systems: the SAFES perspective
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
A security approach for off-chip memory in embedded microprocessor systems
Microprocessors & Microsystems
Memory-Centric Security Architecture
Transactions on High-Performance Embedded Architectures and Compilers I
Bunker: a privacy-oriented platform for network tracing
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Not-a-Bot: improving service availability in the face of botnet attacks
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Hardware-Assisted Application-Level Access Control
ISC '09 Proceedings of the 12th International Conference on Information Security
Transactions on computational science X
SecureME: a hardware-software approach to full system security
Proceedings of the international conference on Supercomputing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Memory-centric security architecture
HiPEAC'05 Proceedings of the First international conference on High Performance Embedded Architectures and Compilers
Look who's talking: authenticating service access points
SPC'05 Proceedings of the Second international conference on Security in Pervasive Computing
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
Software–hardware cooperative power management for main memory
PACS'04 Proceedings of the 4th international conference on Power-Aware Computer Systems
On design of a trusted software base with support of TPCM
INTRUST'09 Proceedings of the First international conference on Trusted Systems
An architecture for provably secure computation
LATIN'06 Proceedings of the 7th Latin American conference on Theoretical Informatics
Improving virtualization security by splitting hypervisor into smaller components
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
A software-hardware architecture for self-protecting data
Proceedings of the 2012 ACM conference on Computer and communications security
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Security challenges in embedded systems
ACM Transactions on Embedded Computing Systems (TECS) - Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems
Configurable memory security in embedded systems
ACM Transactions on Embedded Computing Systems (TECS)
Iago attacks: why the system call API is a bad untrusted RPC interface
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
InkTag: secure applications on an untrusted operating system
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Proceedings of the ACM International Conference on Computing Frontiers
Design space exploration and optimization of path oblivious RAM in secure processors
Proceedings of the 40th Annual International Symposium on Computer Architecture
Generalized external interaction with tamper-resistant hardware with bounded information leakage
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Virtual ghost: protecting applications from hostile operating systems
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Security-Preserving Live Migration of Virtual Machines in the Cloud
Journal of Network and Systems Management
Hi-index | 0.00 |
Recently, there has been considerable interest in providing "trusted computing platforms" using hardware~---~TCPA and Palladium being the most publicly visible examples. In this paper we discuss our experience with building such a platform using a traditional time-sharing operating system executing on XOM~---~a processor architecture that provides copy protection and tamper-resistance functions. In XOM, only the processor is trusted; main memory and the operating system are not trusted.Our operating system (XOMOS) manages hardware resources for applications that don't trust it. This requires a division of responsibilities between the operating system and hardware that is unlike previous systems. We describe techniques for providing traditional operating systems services in this context.Since an implementation of a XOM processor does not exist, we use SimOS to simulate the hardware. We modify IRIX 6.5, a commercially available operating system to create xomos. We are then able to analyze the performance and implementation overheads of running an untrusted operating system on trusted hardware.