Beyond secure channels

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2007, Pages 30-40

  Gasmi, Yacine ^a   Sadeghi, Ahmad Reza ^a   Stewin, Patrick ^a   Unger, Martin ^a   Asokan, N ^b  

^a RUHR UNIVERSITY BOCHUM   (Germany)

^b NOKIA RESEARCH CENTER   (United States)

Author keywords

Hypervisor; Microkernel; Relay attack; Remote attestation; State changes; TLS; Trusted channel; Trusted computing; Virtualization

Indexed keywords

HYPERVISORS; MICRO KERNEL; RELAY ATTACK; REMOTE ATTESTATION; SECURE CHANNELS; SECURE COMMUNICATION CHANNELS; STATES CHANGE; TRANSPORT LAYER SECURITY; TRUSTED CHANNEL; VIRTUALIZATIONS;

TRUSTED COMPUTING;

EID: 79952612270     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1314354.1314363     Document Type: Conference Paper

References (28)

1. Advanced Micro Devices, Inc. IOMMU Architectural Specification. Advanced Micro Devices, Inc.: http://www.amd.com/us-en/assets/content-type/white-papers- and-tech-docs/34434.pdf, Feb. 2007. PID 34434 Rev 1.20.
2. S. M. Bellovin. Problem Areas for the IP Security Protocols. In Proceedings of the Sixth Usenix UNIX Security Symposium, 1996.
3. D. Chess, J. Dyer, N. Itoi, J. Kravitz, E. Palmer, R. Perez, and S. Smith. Using trusted co-servers to enhance security of web interaction. United States Patent 7,194,759: http://www.freepatentsonline.com/7194759.html, Mar. 2007.
4. T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.1. Internet Engineering Task Force: http://www.ietf.org/rfc/rfc4346. txt, Apr. 2006. Network Working Group RFC 4346.
5. S. B.-W. et al. Transport Layer Security (TLS) Extensions. Internet Engineering Task Force: http://www.ietf.org/rfc/rfc3546.txt, June 2003. Network Working Group RFC 3546.
6. K. Goldman, R. Perez, and R. Sailer. Linking remote attestation to secure tunnel endpoints. In STC '06: Proceedings of the first ACM workshop on Scalable trusted computing, pages 21-24, New York, NY, USA, Nov. 2006. ACM Press. (Pubitemid 47117272)
7. Intel Corporation. Intel Trusted Execution Technology - Preliminary Architecture Specification. Intel.com: http://download.intel.com/technology/ security/downloads/31516803.pdf, Nov. 2006. Preliminary Architecture Specification and Enabling Considerations.
8. S. Jiang, S. Smith, and K. Minami. Securing Web Servers against Insider Attack. In ACSAC '01: Proceedings of the 17th Annual Computer Security Applications Conference, page 265, Washington, DC, USA, 2001. IEEE Computer Society.
9. S. Kent and K. Seo. Security Architecture for the Internet Protocol. Internet Engineering Task Force: http://www.ietf.org/rfc/rfc4301.txt, Dec. 2005. Network Working Group RFC 4346. Obsoletes: RCF2401.
10. J. Marchesini, S. W. Smith, O. Wild, J. Stabiner, and A. Barsamian. Open-Source Applications of TCPA Hardware. In ACSAC '04: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04), pages 294-303, Washington, DC, USA, 2004. IEEE Computer Society. (Pubitemid 40931084)
11. J. M. McCune, B. Parno, A. Perrig, M. K. Reiter, and A. Seshadri. Minimal TCB Code Execution. In SP '07: Proceedings of the 2007 IEEE Symposium on Security and Privacy, pages 267-272, Washington, DC, USA, 2007. IEEE Computer Society. (Pubitemid 47432533)
12. Ned M. Smith. System and method for combining user and platform authentication in negotiated channel security protocols. United States Patent Application 20050216736: http://www.freepatentsonline.com/20050216736.html, Sept. 2005.
13. A.-R. Sadeghi and C. Stüble. Property-based attestation for computing platforms: caring about properties, not mechanisms. In NSPW '04: Proceedings of the 2004 workshop on New security paradigms, pages 67-77, New York, NY, USA, 2004. ACM Press. (Pubitemid 41832903)
14. A.-R. Sadeghi, C. Stüble, and N. Pohlmann. European multilateral secure computing base - open trusted computing for you and me. Datenschutz und Datensicherheit DuD, 28(9):548-554, 2004. Verlag Friedrich Vierweg & Sohn, Wiesbaden.
15. A.-R. Sadeghi, C. Stüble, M. Wolf, N. Asokan, and J.-E. Ekberg. Enabling Fairer Digital Rights Management with Trusted Computing, 2007. To be presented at ISC07, Information Security Conference 2007.
16. R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J. L. Griffin, and S. Berger. sHype: Secure hypervisor approach to trusted virtualized systems. Techn. Rep. RC23511, Feb. 2005. IBM Research Division.
17. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pages 16-16, Berkeley, CA, USA, 2004. USENIX Association.
18. K. Smith. Creating Secure Web Service Sessions. SOA World Magazine: http://webservices.sys-con.com/read/250516-1.htm, Aug. 2006.
19. G. Spafford. Attributed to in Risks Digest 19.37 review of @LARGE, by David H. Freedman and Charles C. Mann, Sept. 1997. http://catless.ncl.ac.uk/ Risks/19.37.html.
20. F. Stumpf, O. Tafreschi, P. Röder, and C. Eckert. A robust Integrity Reporting Protocol for Remote Attestation. In Proceedings of the Second Workshop on Advances in Trusted Computing (WATC '06 Fall), Tokyo, Dec. 2006.
21. TCG Infrastructure Working Group (IWG). TCG Infrastructure Workgroup Subject Key Attestation Evidence Extension. Trusted Computing Group: https://www.trustedcomputinggroup.org/specs/IWG/IWG-SKAE-Extension-1-00.pdf, June 2005. Specification Version 1.0 Revision 7.
22. TCG Infrastructure Working Group (IWG). TCG Infrastructure Working Group Reference Architecture for Interoperability (Part I). Trusted Computing Group: https://www.trustedcomputinggroup.org/specs/IWG/IWG-Architecture-v1-0-r1.pdf, June 2005. Specification Version 1.0 Revision 1.
23. Trusted Computing Group. TCG Specification Architecture Overview. Trusted Computing Group: https://www.trustedcomputinggroup.org/groups/TCG-1-3- Architecture-Overview.pdf, Mar. 2003. Specification Revision 1.3 28th March 2007.
24. Trusted Computing Group. TPM v1.2 Specification Changes. Trusted Computing Group: https://www.trustedcomputinggroup.org/groups/tpm/TPM-1-2- Changes-final.pdf, Oct. 2003.
25. Trusted Computing Group. TCG TPM Main Part 2 TPM Structures. Trusted Computing Group: https://www.trustedcomputinggroup.org/specs/TPM/Main-Part2- Rev94.zip, Mar. 2006. Specification Version 1.2 Level 2 Revision 94.
26. Trusted Computing Group. TCG TPM Main Part 3 Commands. Trusted Computing Group: https://www.trustedcomputinggroup.org/specs/TPM/Main-Part3-Rev94.zip, Mar. 2006. Specification Version 1.2 Level 2 Revision 94.
27. Trusted Network Connect Work Group. TCG Trusted Network Connect TNC Architecture for Interoperability. Trusted Computing Group: https://www. trustedcomputinggroup.org/specs/TNC/TNC-Architecture-v1-2-r4.pdf, May 2007. Specification Version 1.2 Revision 4.
28. D. Wagner and B. Schneier. Analysis of the SSL 3.0 protocol. In 2nd USENIX Workshop on Electronic Commerce, Nov. 1996.