Cumulative attestation kernels for embedded systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Formal security analysis of PKCS#11 and proprietary extensions
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
An introduction to security API analysis
Foundations of security analysis and design VI
| Hi-index | 0.00 |
Despite best efforts, general-purpose computing platforms and servers continue to be insecure. Due totheir complexity, furthermore, it seems unlikely that a completely secure system can be built in the foreseeable future. Fortunately, a promising alternative exists: the use of trusted cryptographic devicesand subsystems. Like smart cards, such devices hold and use secret cryptographic keys on behalf of a largergeneral-purpose system. Yet these devices are more than simply cryptographic coprocessors--they areresponsible for the secrecy of their keys and will withhold them from even the system itself. If the deviceis also tamper-resistant (which is common), its keys will (hopefully) be used only in ways the device permits.