Efficient isolation of trusted subsystems in embedded systems

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering

Volumn 50 LNICST, Issue , 2010, Pages 344-361

  Strackx, Raoul ^a   Piessens, Frank ^a   Preneel, Bart ^a  

^a UNIVERSITY OF LEUVEN   (Belgium)

Author keywords

Isolation; Memory protection; Software security

Indexed keywords

CODE SHARING; COMPUTING PLATFORM; CONFIDENTIAL DATA; CRYPTOGRAPHIC KEY; EFFICIENT IMPLEMENTATION; HARDWARE FEATURES; HARDWARE MECHANISM; HARDWARE SUPPORTS; ISOLATION; MEMORY PROTECTION; MEMORY SPACE; PAYMENT TERMINAL; SECURE ELECTRONIC TRANSACTION; SECURITY REQUIREMENTS; SENSITIVE DATAS; SOFTWARE IMPLEMENTATION; SOFTWARE SECURITY; VIRTUAL MACHINE MONITORS; VIRTUAL MEMORY;

CRYPTOGRAPHY; SECURITY OF DATA; TELECOMMUNICATION NETWORKS;

EMBEDDED SYSTEMS;

EID: 84863437524     PISSN: 18678211     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-16161-2_20     Document Type: Conference Paper

References (19)

1. Trusted Computing Group: Tpm main specification, http://www. trustedcomputinggroup.org/
2. Yee, B.: Using secure coprocessors. PhD thesis (1994)
3. Smith, S., Weingart, S.: Building a high-performance, programmable secure coprocessor. Comput. Networks 31(8), 831-860 (1999)
4. Chen, B., Morris, R.: Certifying program execution with secure processors. In: USENIX HotOS Workshop, pp. 133-138 (2003)
5. Singaravelu, L., Pu, C., Härtig, H., Helmuth, C.: Reducing TCB complexity for security-sensitive applications: Three case studies. In: Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006. ACM, New York (2006)
6. Kauer, B.: OSLO: improving the security of trusted computing. In: Proceedings of 16th USENIX Security Symposium, pp. 1-9. USENIX Association (2007)
7. McCune, J., Parno, B., Perrig, A., Reiter, M., Isozaki, H.: Flicker: An execution infrastructure for TCB minimization. In: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008. ACM, New York (2008)
8. McCune, J., Perrig, A., Reiter, M.: Safe passage for passwords and other sensitive data. In: Proceedings of NDSS (2009)
9. Aleph1: Smashing the stack for fun and profit. Phrack 49 (1996)
10. Younan, Y., Joosen, W., Piessens, F.: Code injection in c and c++: A survey of vulnerabilities and countermeasures. Technical report, Departement Computer-wetenschappen, Katholieke Universiteit Leuven (2004)
11. Halderman, J., Schoen, S., Heninger, N., Clarkson, W., Paul, W., Calandrino, J., Feldman, A., Appelbaum, J., Felten, E.: Lest we remember: Cold boot attacks on encryption keys. In: USENIX Security Symposium, pp. 45-60 (2008)
12. Longley, D., Rigby, S.: An automatic search for security flaws in key management schemes. Computers & Security 11(1), 75-89 (1992)
13. Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: EUROSEC 2009: Proceedings of the Second European Workshop on System Security, pp. 1-8. ACM, New York (March 2009)
14. Erlingsson, Ú.: Low-level software security: Attacks and defenses. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2007. LNCS, vol. 4677, pp. 92-134. Springer, Heidelberg (2007)
15. Microsoft Corporation: Changes to functionality in microsoft windows xp service pack 2, http://www.microsoft.com/downloads/details.aspx?FamilyID= 7bd948d7-b791-40b6-8364-685b84158c78
16. The PaX Team: Documentation for the pax project, http://pax.grsecurity. net/docs/pax.txt
17. Shacham, H.: The geometry of innocent flesh on the bone: Return-into-libc without function calls (on the x86). In: Proceedings of the 14th ACM conference on Computer and communications security, p. 561. ACM, New York (2007)
18. Corbato, F., Vyssotsky, V.: Introduction and overview of the Multics system. In: Proceedings of the fall joint computer conference, part I, November 30-December 1, pp. 185-196. ACM, New York (1965)
19. Liedtke, J.: Toward real microkernels. Communications of the ACM 39(9) (1996)