Layering negotiations for flexible attestation
Proceedings of the first ACM workshop on Scalable trusted computing
Linking remote attestation to secure tunnel endpoints
Proceedings of the first ACM workshop on Scalable trusted computing
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Uclinux: a linux security module for trusted-computing-based usage controls enforcement
Proceedings of the 2007 ACM workshop on Scalable trusted computing
TVDc: managing security in the trusted virtual datacenter
ACM SIGOPS Operating Systems Review
Using hypervisor to provide data secrecy for user applications on a per-page basis
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Policy enforcement and compliance proofs for Xen virtual machines
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Improving Xen security through disaggregation
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Privilege separation made easy: trusting small libraries not big processes
Proceedings of the 1st European Workshop on System Security
TOCTOU, Traps, and Trusted Computing
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Embedded Trusted Computing with Authenticated Non-volatile Memory
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
A Trusted Group Signature Architecture in Virtual Computing Environment
ATC '08 Proceedings of the 5th international conference on Autonomic and Trusted Computing
Secure Sharing of an ICT Infrastructure through Vinci
AIMS '08 Proceedings of the 2nd international conference on Autonomous Infrastructure, Management and Security: Resilient Networks and Services
Property-Based TPM Virtualization
ISC '08 Proceedings of the 11th international conference on Information Security
Cognitive security for personal devices
Proceedings of the 1st ACM workshop on Workshop on AISec
Improving the scalability of platform attestation
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Flexible and secure enterprise rights management based on trusted virtual domains
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Trusted virtual platforms: a key enabler for converged client devices
ACM SIGOPS Operating Systems Review
Extending virtualization services with trust guarantees via behavioral monitoring
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
Measuring Semantic Integrity for Remote Attestation
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
A PrivacyCA for Anonymity and Trust
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Flexible μTPMs through disembedding
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
An Integrity Assurance Mechanism for Run-Time Programs
Information Security and Cryptology
Analysis of virtual machine system policies
Proceedings of the 14th ACM symposium on Access control models and technologies
Not-a-Bot: improving service availability in the face of botnet attacks
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Trust in a small package: minimized MRTM software implementation for mobile secure environments
Proceedings of the 2009 ACM workshop on Scalable trusted computing
TimeCapsule: secure recording of accesses to a protected datastore
Proceedings of the 1st ACM workshop on Virtual machine security
A secure DVB set-top box via trusting computing technologies
CCNC'09 Proceedings of the 6th IEEE Conference on Consumer Communications and Networking Conference
Constructing trusted virtual execution environment in P2P grids
Future Generation Computer Systems
Using a personal device to strengthen password authentication from an untrusted computer
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Trusted computing: special aspects and challenges
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Security for the cloud infrastructure: trusted virtual data center implementation
IBM Journal of Research and Development
Towards trusted cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Private virtual infrastructure for cloud computing
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
CCCP: secure remote storage for computational RFIDs
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
HyperSentry: enabling stealthy in-context measurement of hypervisor integrity
Proceedings of the 17th ACM conference on Computer and communications security
Scalable integrity monitoring in virtualized environments
Proceedings of the fifth ACM workshop on Scalable trusted computing
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
A generic proxy for secure smart card-enabled web applications
ICWE'10 Proceedings of the 10th international conference on Web engineering
VM-based security overkill: a lament for applied systems security research
Proceedings of the 2010 workshop on New security paradigms
A framework for testing hardware-software security architectures
Proceedings of the 26th Annual Computer Security Applications Conference
Enforcing physically restricted access control for remote data
Proceedings of the first ACM conference on Data and application security and privacy
Small trusted primitives for dependable systems
ACM SIGOPS Operating Systems Review
Semantic attestation of node integrity in overlays
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Attestation of integrity of overlay networks
Journal of Systems Architecture: the EUROMICRO Journal
Transactions on computational science XI
TPM-SIM: a framework for performance evaluation of trusted platform modules
Proceedings of the 48th Design Automation Conference
Towards user-friendly credential transfer on open credential platforms
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
Cloaking malware with the trusted platform module
SEC'11 Proceedings of the 20th USENIX conference on Security
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Credential life cycle management in open credential platforms (short paper)
Proceedings of the sixth ACM workshop on Scalable trusted computing
Digital identity security architecture in Ethos
Proceedings of the 7th ACM workshop on Digital identity management
Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Enabling secure VM-vTPM migration in private clouds
Proceedings of the 27th Annual Computer Security Applications Conference
Trusted deployment of virtual execution environment in grid systems
ASIAN'09 Proceedings of the 13th Asian conference on Advances in Computer Science: information Security and Privacy
CompSC: live migration with pass-through devices
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
CheapBFT: resource-efficient byzantine fault tolerance
Proceedings of the 7th ACM european conference on Computer Systems
Scalable remote attestation with privacy protection
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Trusted virtual domains – design, implementation and lessons learned
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Trusted integrity measurement and reporting for virtualized platforms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Modeling TCG-Based secure systems with colored petri nets
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
acTvSM: a dynamic virtualization platform for enforcement of application integrity
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Credential disabling from trusted execution environments
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Specification and Standardization of a Java Trusted Computing API
Software—Practice & Experience
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Proceedings of the 2012 ACM conference on Computer and communications security
Pasture: secure offline data access using commodity trusted hardware
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
An approach to a trustworthy system architecture using virtualization
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Replication for dependability on virtualized cloud environments
Proceedings of the 10th International Workshop on Middleware for Grids, Clouds and e-Science
Virtualization: Issues, security threats, and solutions
ACM Computing Surveys (CSUR)
Single Attestation Image for a Trusted and Scalable Grid
International Journal of Grid and High Performance Computing
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
POSTER: Event-based isolation of critical data in the cloud
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
An architecture for concurrent execution of secure environments in clouds
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Client-controlled cryptography-as-a-service in the cloud
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Design and implementation of a trusted monitoring framework for cloud platforms
Future Generation Computer Systems
Hi-index | 0.00 |
We present the design and implementation of a system that enables trusted computing for an unlimited number of virtual machines on a single hardware platform. To this end, we virtualized the Trusted Platform Module (TPM). As a result, the TPM's secure storage and cryptographic functions are available to operating systems and applications running in virtual machines. Our new facility supports higher-level services for establishing trust in virtualized environments, for example remote attestation of software integrity. We implemented the full TPM specification in software and added functions to create and destroy virtual TPM instances. We integrated our software TPM into a hypervisor environment to make TPM functions available to virtual machines. Our virtual TPM supports suspend and resume operations, as well as migration of a virtual TPM instance with its respective virtual machine across platforms. We present four designs for certificate chains to link the virtual TPM to a hardware TPM, with security vs. efficiency trade-offs based on threat models. Finally, we demonstrate a working system by layering an existing integrity measurement application on top of our virtual TPM facility.