CCS

Scalable trusted computing seeks to apply and extend the fundamental technologies of trusted computing to large-scale systems. To provide the functionality demanded by users, bootstrapping a trusted platform is but the first of many steps in a complex, ...

Computer systems are routinely deployed in life- and mission-critical situations, yet their security, safety or dependability can in most cases not be assured to the degree warranted by the application. In other words, trusted computer systems are ...

Hypervisors are an excellent tool for increasing the security of commodity software against attack. In this paper, we discuss some of the lessons and insights we gained from designing and implementing four research prototypes that use hypervisors to ...

Contemporary trusted execution environments provide a good foundation for implementing secure user credentials, but these are not properly bound to the application instances that implement their use. This paper introduces a framework for application-...

Two different security extensions of mobile platforms for hosting Mobile Trusted Module (MTM) functionality have been introduced in recent years: the ARM TrustZone processor extension and Secure Elements. Both approaches can host MTMs which are ...

How can Agnes trust a computation C occurring at Boris's computer? In particular, how can Agnes can trust that C is occurring without Boris even being able to observe its internal state? One way is for Agnes to house C in a strong tamper-protected ...

In this paper we describe the results of our investigations Supported by EU FP7 project UNIQUE on the randomness and reliability of D flip-flops when used as a Physically Unclonable Function (PUF). These D flip-flops are hardware components which ...

TPM-based trusted computing aspires to use hardware and cryptography to provide a remote relying party with assurances about the trustworthiness of a computing environment. However, standard approaches to trusted computing are hampered in the areas of ...

Use of trusted computing to achieve integrity guarantees remains limited due to the complexity of monitoring a large set of systems, the required changes to guest operating systems, and, e.g., relay attacks or time of measurement to time of reporting ...

In this paper we explore how recent advances in virtualisation support for commodity hardware could be utilised to reduce the Trusted Computing Base (TCB) and improve the code separation of a hypervisor. To achieve this, we reassess on the definition of ...

Broad adoption of secure programming primitives such as the TPM can be hurt by programmer confusion regarding the nature and representation of failures when using a primitive. Conversely, a clear understanding of the primitive's failure modes is ...

Trusted Virtual Domains (TVDs) are a security concept to create separated domains over virtual and physical platforms. Since most existing TVD implementations focus on servers and data centers, there are only few efforts on secure desktop environments. ...