Download Bootstrapping Trust in Modern Computers by Bryan Parno PDF

By Bryan Parno

Trusting a working laptop or computer for a security-sensitive activity (such as checking e mail or banking on-line) calls for the person to grasp anything concerning the computer's nation. We research study on securely taking pictures a computer's country, and look at the application of this knowledge either for bettering safeguard at the neighborhood desktop (e.g., to persuade the consumer that her machine isn't really contaminated with malware) and for speaking a distant computer's kingdom (e.g., to let the consumer to examine that an internet server will properly defend her data). even though the new "Trusted Computing" initiative has drawn either confident and unfavorable cognizance to this sector, we think about the older and broader subject of bootstrapping belief in a working laptop or computer. We disguise matters starting from the huge number of safe which can function a origin for belief, to the usability matters that come up while attempting to exhibit laptop nation details to people. This strategy unifies disparate study efforts and highlights possibilities for added paintings that may consultant real-world advancements in machine security.

Show description

Read Online or Download Bootstrapping Trust in Modern Computers PDF

Similar storage & retrieval books

Knowledge Representation and the Semantics of Natural Language

The e-book offers an interdisciplinary method of wisdom illustration and the therapy of semantic phenomena of common language, that is situated among synthetic intelligence, computational linguistics, and cognitive psychology. The proposed strategy is predicated on Multilayered prolonged Semantic Networks (MultiNets), which might be used for theoretical investigations into the semantics of usual language, for cognitive modeling, for describing lexical entries in a computational lexicon, and for average language processing (NLP).

Web data mining: Exploring hyperlinks, contents, and usage data

Net mining goals to find worthwhile info and information from net links, web page contents, and utilization information. even if net mining makes use of many traditional facts mining suggestions, it's not simply an software of conventional information mining as a result semi-structured and unstructured nature of the internet info.

Semantic Models for Multimedia Database Searching and Browsing

Semantic types for Multimedia Database looking out and skimming starts off with the advent of multimedia details functions, the necessity for the advance of the multimedia database administration structures (MDBMSs), and the $64000 matters and demanding situations of multimedia platforms. The temporal kin, the spatial family, the spatio-temporal family members, and several other semantic versions for multimedia info platforms also are brought.

Enterprise Content Management in Information Systems Research: Foundations, Methods and Cases

This publication collects ECM learn from the educational self-discipline of data platforms and comparable fields to aid lecturers and practitioners who're drawn to knowing the layout, use and influence of ECM structures. It additionally presents a worthy source for college students and teachers within the box. “Enterprise content material administration in info structures learn – Foundations, tools and situations” consolidates our present wisdom on how today’s companies can deal with their electronic info resources.

Extra resources for Bootstrapping Trust in Modern Computers

Example text

Privilege Layering via Virtualization The model of attesting first to a more-privileged and presumably trustworthy core, and then to only a portion of the environment running thereupon, has been explored in great detail in the context of virtualization. One of the early designs in this space was Microsoft’s Next-Generation Secure Computing Base (NGSCB) [42, 55]. With NGSCB, security-sensitive operations are confined to one virtual machine (VM), while another VM can be used for generalpurpose computing.

A hardware ratcheting lock prevents a lowerprivilege layer from accessing the state of a higher-privilege layer. Thus, once an application loads at layer 2 or 3, the secrets of layer 1 are unavailable. Extensions to the OS in layer 1 could permit arbitrarily sophisticated protected storage properties; for example, an extension could provide a sealed storage facility (similar to the TPM functionality discussed below) for binding secrets to a particular software configuration. The BBRAM is also ideal for storing secure counters, greatly simplifying defense against state replay attacks.

This model is a relative strength of general-purpose cryptographic coprocessors. TPM-based attestations (discussed in the next section) are based on hash chains accumulated for no longer than the most recent boot cycle. The history of software that has handled a given piece of sensitive data is not automatically maintained. Smith examines in detail the design space for attestation, some of which is specific to the IBM 4758, but much of which is more generally applicable [182]. A noteworthy contribution not discussed here is a logic-based analysis of attestation.

Download PDF sample

Rated 4.50 of 5 – based on 28 votes