Blind processing: Securing data against system administrators

2010 IEEE/IFIP Network Operations and Management Symposium Workshops, NOMS 2010

Volumn , Issue , 2010, Pages 304-311

  Guneş, Mehmet Hadi ^a   Evrenosoǧlu, Cansin Y ^a  

^a Reno   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

DEMAND SIDE MANAGEMENTS; DISTRIBUTION SYSTEMS; GAINING ACCESS; HARDWARE AND SOFTWARE; INFORMATION EXCHANGES; INFORMATION SHARING; POWER GRIDS; PROTECTION MECHANISMS; SECURE COMMUNICATIONS; SECURITY MECHANISM; SECURITY TECHNOLOGY; SENSITIVE DATAS; SYSTEM ADMINISTRATORS; SYSTEM COMPONENTS; TRUSTED COMPUTING; WHOLE SYSTEMS;

NETWORK SECURITY; POWER GENERATION; TECHNICAL PRESENTATIONS;

DATA PROCESSING;

EID: 77957888726     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/NOMSW.2010.5486559     Document Type: Conference Paper

References (78)

1. IBM cryptographic coprocessors. http://www-03.ibm.com/security/ cryptocards/.
2. Trusted computing group. http://www.trustedcomputinggroup.org.
3. Trusted execution technology architectural overview. http://www.intel. com/technology/security.
4. R. Agrawal and R. Srikant. Privacy-preserving data mining. pages 439-450. ACM Press, 2000.
5. M. Alam, X. Zhang, M. Nauman, T. Ali, and J.-P. Seifert. Model-based behavioral attestation. In SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologies, pages 175-184, New York, NY, USA, 2008. ACM.
6. M. Amin. Security challenges for the electricity infrastructure (supplement to computer magazine). Computer, 35(4):8-10, 2002.
7. R. Anderson, M. Bond, J. Clulow, and S. Skorobogatov. Cryptographic processors - A survey. Proceedings of the IEEE, 94(2):357-369, Feb. 2006.
8. W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In IEEE Symposium on Security and Privacy, page 65. IEEE Computer Society, 1997.
9. B. Balacheff, L. Chen, D. Plaquin, and G. Proudler. A trusted process to digitally sign a document. In 2001 Workshop on New Security Paradigms, pages 79-86, New York, NY, 2001. ACM.
10. R. Baldick, B. H. Kim, C. Chase, and Y. Luo. A fast distributed implementation of optimal power flow. IEEE Trans. On Power Sys., 14(3):858, August 1999.
11. S. Balfe, A. D. Lakhani, and K. G. Paterson. Trusted computing: Providing security for peer-to-peer networks. In Fifth IEEE International Conference on Peer-to-Peer Computing, pages 117-124. IEEE Computer Society, 2005.
12. S. Balfe and K. G. Paterson. e-EMV: emulating EMV for Internet payments with trusted computing technologies. In 3rd ACM workshop on Scalable trusted computing, pages 81-92. ACM, 2008.
13. S. Berger, R. Cceres, K. A. Goldman, R. Perez, R. Sailer, and L. Doorn. vTPM virtualizing the trusted platform module. In 15th Usenix Security Symposium, pages 305-320, 2006.
14. K. J. Biba. Integrity considerations for secure computer systems. Technical report, MITRE Corp., 04 1977.
15. P. N. Biskas and A. G. Bakirtzis. Decentralised security constrained dc-opf of interconnected power systems. IEE Proc. Gener. Transm. Distrib., 151(6):747, November 2004.
16. R. Bobba, H. Khurana, M. AlTurki, and F. Ashraf. Pbes: a policy based encryption system with application to data sharing in the power grid. In ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pages 262-275, New York, NY, USA, 2009. ACM.
17. S. A. Boyer. SCADA: Supervisory Control and Data Acquisition. ISA, June 2004.
18. F. Capitanescu, M. Glavic, D. Ernst, and L. Wehenkel. Contingency filtering techniques for preventive security-constrained optimal power flow. IEEE Trans. On Power Sys., 22(4):1690, November 2007.
19. E. Cesena, G. Ramunno, and D. Vernizzi. Secure storage using a sealing proxy. In Proceedings of the 1st European Workshop on System Security, pages 27-34, New York, NY, USA, 2008. ACM.
20. D. Chaum. Blind signatures for untraceable payments. Advances in Cryptology, pages 199-203, 1983.
21. L. Chen, S. Pearson, and A. Vamvakas. On enhancing biometric authentication with data protection. volume 1, pages 249-252, 2000.
22. D. D. Clark and D. R. Wilson. A Comparison of Commercial and Military Computer Security Policies. In IEEE Symposium on Security and Privacy, pages 184-194. IEEE Computer Society Press, 1987.
23. N. A. E. R. Council. Technical analysis of the august 14, 2003, blackout: what happened, why and what did we learn? Technical report, NERC, Princeton, NJ, July 2004.
24. P. Derrin, K. Elphinstone, G. Klein, D. Cock, and M. M. T. Chakravarty. Running the manual: an approach to high-assurance microkernel development. In Haskell '06: Proceedings of the 2006 ACM SIGPLAN workshop on Haskell, pages 60-71, New York, NY, USA, 2006. ACM.
25. J. G. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S. W. Smith, and S. Weingart. Building the IBM 4758 secure coprocessor. Computer, 34(10):57-66, October 2001.
26. N. Ferguson. AES-CBC + elephant diffuser: A disk encryption algorithm for windows vista. Technical report, Microsoft, Aug 2006.
27. T. Fraser. Lomac: Low water-mark integrity protection for cots environments. In IEEE Symposium on Security and Privacy, pages 230-245. IEEE Computer Society, 2000.
28. E. Gallery and C. J. Mitchell. Trusted computing: Security and applications. Cryptologia. (to appear).
29. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In 19th Symposium on Operating System Principles, pages 193-206. ACM Press, 2003.
30. S. Garriss, R. Cáceres, S. Berger, R. Sailer, L. van Doorn, and X. Zhang. Towards trustworthy kiosk computing. In Eighth IEEE Workshop on Mobile Computing Systems and Applications, pages 41-45. IEEE Computer Society, 2007.
31. X. Guan, S. Guo, and Q. Zhai. The conditions for obtaining feasible solutions to security-constrained unit commitment problems. IEEE Trans. On Power Sys., 20(4):1746, November 2005.
32. G. Heiser, K. Elphinstone, I. Kuz, G. Klein, and S. M. Petters. Towards trustworthy computing systems: taking microkernels to the next level. SIGOPS Oper. Syst. Rev., 41(4):3-11, 2007.
33. H. Hrtig, M. Hohmuth, N. Feske, C. Helmuth, A. Lackorzynski, F. Mehnert, and M. Peter. The nizza secure-system architecture. In In IEEE CollaborateCom 2005, 2005.
34. S. Hurd, R. Smith, and G. Leischner. Tutorial: Security in electric utility control systems. In Protective Relay Engineers, 2008 61st Annual Conference for, pages 304-309, April 2008.
35. T. Jaeger, P. Mcdaniel, and L. S. Clair. Shame on trust in distributed systems. In 1st Workshop on Hot Topics in Security, 2006.
36. C. Kaufman, R. Perlman, and M. Speciner. Network Security: Private Communication in a Public World. Prentice Hall, 2nd edition, May 2002.
37. R. H. Kerr, J. L. Scheidt, A. J. Fontanna, and J. K. Wiley. Unit commitment. IEEE Trans. On Power Apparatus and Systems, PAS-85(5):417, May 1966.
38. M. Kinateder and S. Pearson. A privacy-enhanced peer-to-peer reputation system. In E-Commerce and Web Technologies, pages 206-215. Springer-Verlag, 2003.
39. D. Kirovski, M. Drinić, and M. Potkonjak. Enabling trusted software integrity. In ASPLOS-X: Proceedings of the 10th international conference on Architectural support for programming languages and operating systems, pages 108-120, New York, NY, USA, 2002. ACM.
40. D. Kuhlmann, R. Landfermanny, H. V. Ramasamyz, M. Schunterz, G. Ramunno, and D. Vernizzi. An open trusted computing architecture secure virtual machines enabling user-defined policy enforcement, June 2006.
41. U. Kühn, M. Selhorst, and C. Stüble. Realizing property-based attestation and sealing with commonly available hard- and software. In Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 50-57, New York, NY, USA, 2007. ACM.
42. U. Kühn and C. Stüble. User-friendly and secure tpm-based hard disk key management. In Proceedings of First International Conference Future of Trust in Computing, pages 171-177, Berlin, Germany, 2009. Vieweg+Teubner.
43. N. Kuntze and A. U. Schmidt. Trusted ticket systems and applications. In New Approaches for Security, Privacy and Trust in Complex Systems, volume 232, pages 49-60, 2007.
44. I. Kuz, Y. Liu, I. Gorton, and G. Heiser. Camkes: A component model for secure microkernel-based embedded systems. J. Syst. Softw., 80(5):687-699, 2007.
45. B. A. Lamacchia. Key challenges in DRM: An industry perspective. In ACM Workshop on Digital Rights Management, 2002.
46. R. E. Larson, W. F. Tinney, L. P. Hajdu, and D. S. Piercy. State estimation in power systems part 2: implementation and applications. IEEE Trans. On Power Appratus and Systems, page 353, 1970.
47. R. B. Lee, P. C. S. Kwan, J. P. Mcgregor, J. Dwoskin, and Z. Wang. Architecture for protecting critical secrets in microprocessors. In 32nd International Symposium on Computer Architecture, pages 2-13, 2005.
48. H. Lhr, H. V. Ramasamy, A. reza Sadeghi, S. Schulz, M. Schunter, and C. Stble. Enhancing grid security using trusted virtualization. In 2nd Workshop on Advances in Trusted Computing, pages 372-384. Springer-Verlag, Berlin-Heidelberg, 2006.
49. D. Lie, C. Thekkath, P. Lincoln, M. Mitchell, D. Boneh, J. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. In Architectural Support for Programming Languages and Operating Systems, Cambridge, MA, November 2000.
50. W. Mao, F. Yan, and C. Chen. Daonity: grid security with behaviour conformity from trusted computing. In 1st ACM workshop on Scalable trusted computing, pages 43-46. ACM, 2006. (Pubitemid 47117275)
51. A. Martin and P.-W. Yau. Grid security: Next steps. Information Security Technical Report, 12(3):113-122, 2007.
52. J. M. Mccune, A. Perrig, and M. K. Reiter. Seeing-is-believing: Using camera phones for human-verifiable authentication. In IEEE Symposium on Security and Privacy, pages 110-124, 2005.
53. J. M. McCune, A. Perrig, A. Seshadri, and L. van Doorn. Turtles all the way down: research challenges in user-based attestation. In HOTSEC'07: Proceedings of the 2nd USENIX workshop on Hot topics in security, pages 1-5, Berkeley, CA, USA, 2007. USENIX Association.
54. M. C. Mont, S. Pearson, and P. Bramhall. Towards accountable management of identity and privacy: Sticky policies and enforceable tracing services. In 14th International Workshop on Database and Expert Systems Applications, page 377. IEEE Computer Society, 2003.
55. New York Independent System Operator. Blackout august 14,2003 final report. NYISO, February 2005.
56. A. Pashalidis and C. J. Mitchell. Single sign-on using trusted platforms. In 6th International Conference on Information Security, pages 54-68. Springer-Verlag, 2003.
57. S. Pearson. Trusted Computing Platforms: TCPA Technology in Context. Prentice Hall PTR, Aug 2002.
58. S. Pearson. How trusted computers can enhance for privacy preserving mobile applications. In IEEE WoWMoM Workshop on Trust, Security and Privacy for Ubiquitous Computing, pages 609-613, 2005.
59. M. Peinado, Y. Chen, P. Engl, and J. Manferdelli. NGSCB: A trusted open system. In 9th Australasian Conference on Information Security and Privacy, pages 86-97. Springer, 2004.
60. B. Pfitzmann, J. Riordan, C. Stble, M. Waidner, and A. Weber. The PERSEUS system architecture. Technical report, IBM Research Division, 2001. http://www.perseus-os.org/.
61. R. S. Pressman. Software Engineering: A Practitioner's Approach. McGraw Hill, 7th edition, 20010.
62. A. Pridgen, A. Pridgen, C. Julien, and C. Julien. A secure modular mobile agent system. In International Workshop on Software, pages 67-74. ACM Press, 2006.
63. R. Sailer, T. Jaeger, X. Zhang, and L. V. Doorn. Attestation-based policy enforcement for remote access. In 11th ACM conference on Computer and Communications Security, pages 308-317. ACM Press, 2004.
64. F. C. Schweppe and J. Wildes. Power system static-state estimation. IEEE Trans. On Power Appratus and Systems, pages 120-125, January 1970.
65. A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla. Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms. In ACM Symposium on Operating Systems Principles, pages 1-15, Oct. 2005.
66. U. Shankar, T. Jaeger, T. Jaeger, R. Sailer, and R. Sailer. Prima: policy-reduced integrity measurement architecture. In 11th Symposium on Access Control Models and Technologies. ACM Press, 2006.
67. E. Shi and A. Perrig. Bind: A fine-grained attestation service for secure distributed systems. In IEEE Symposium on Security and Privacy, pages 154-168, 2005.
68. S. W. Smith. Outbound authentication for programmable secure coprocessors. International Journal of Information Security, 3(1):28-41, October 2004.
69. B. Smyth and L. Chen. Direct anonymous attestation (DAA): ensuring privacy with corrupt administrators. In 4th European Workshop on Security and Privacy in Ad hoc and Sensor Networks, pages 218-231. Springer-Verlag, 2007.
70. I. Sommerville. Software Engineering. Addison-Wesley, 8th edition, 2007.
71. A. Spalka, A. B. Cremers, and H. Langweg. Protecting the creation of digital signatures with trusted computing platform technology against attacks by trojan horse programs. In IFIP SEC, pages 403-420. Kluwer Academic, 2001.
72. F. Stumpf, A. Fuchs, S. Katzenbeisser, and C. Eckert. Improving the scalability of platform attestation. In STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computing, pages 1-10, New York, NY, USA, 2008. ACM.
73. G. E. Suh, C. W. O'Donnell, and S. Devadas. Aegis: A single-chip secure processor. IEEE Design & Test, 24(6):570-580, 2007.
74. L. Sweeney. k-anonymity: a model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(5):557-570, 2002.
75. P. P. Tsang and V. K. Wei. Short linkable ring signatures for e-voting, e-cash and attestation. In Information Security Practice and Experience, pages 48-60. Springer, 2005.
76. M. van Dijk, J. Rhodes, L. F. G. Sarmenta, and S. Devadas. Offline untrusted storage with immediate detection of forking and replay attacks. In ACM workshop on Scalable trusted computing, pages 41-48. ACM, 2007.
77. S. H. Weingart. Physical security devices for computer subsystems: A survey of attacks and defences. In CHES '00: Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems, pages 302-317, London, UK, 2000. Springer-Verlag.
78. J. Zhang, N. Borisov, and W. Yurcik. Outsourcing security analysis with anonymized logs. In Securecomm and Workshops, 2006, pages 1-9, September 2006.