Header

  1. View current page

    selnip님의 노트

Springnote Home
Profile_img_60x60_01
2

All Pages

Updates

Add to Watch List

Trusted Computing Outline

Edit

 

Trusted Computing and System-level approach for security

  1. Trusted computing Trusted_Computing.pdf, How_Trustworthy_Is_Trusted_Computing_.pdf
  2. 신뢰성 컴퓨팅의 필요성

  3. Root of Trust

    1. System 전체의 신뢰성을 위한 근원적인 무언가가 필요하다.

  4. Trusted Platform Module Improving_the_TCPA_Specification.pdf The_Role_of_TPM_in_Enterprise_Security.pdf Trusted_Platform_Module_White_Paper.pdf

    1. Architecture
    2. PCR - Extend
    3. Public key Infrastructure
    4. Encryption

  5. Static root of trust

    1. Trust Chain
    2. Loading Time에 integrity 보장
    3. Example : IMA Design_and_Implementation_of_a_TCG-based_Integrity_Measurement_Architecture(1).pdf

    4. Static root of trust의 단점

      1. Buffer overflow 등의 공격

  6. Dynamic root of trust Dynamic_Root_of_Trust_in_Trusted_Computing.pdf _An_Execution_Infrastructure_for_TCB_Minimization.pdf Intel_Trusted_Execution_Technology.pdf _Improving_the_security_of_Trusted_Computing.pdf

    1. Late launch 기법
    2. Intel TXT and AMD SVM
    3. Example : Fliker, TrustVisor

    4. Dynamic root of trust의 단점

      1. 병렬성을 지원하지 못한다.

  7. Control Flow Integrity Control-Flow_Integrity.pdf Control-Flow_Integrity_Principles,_Implementations,_and_Applications.pdf

    1. Control Flow Integrity?

      1. Buffer overflow
    2. Code and Data pointer encoding
    3. Example : 힙공격으로부터 방버를 위한 데이터 포인터 인코딩 Securing_heap_memory_by_data_pointer_encoding.pdf 스택_공격_탐지와_방어를_위한_반환_주소_이중_인코딩.pdf 안드로이드_플랫폼의_코드_포인터_취약성.pdf 힙_공격으로부터_방어를_위한_데이터_포인터_인코딩.pdf


  1. System-level Approach for security

    1. TC Project 소개
    2. Single physical System -> Cloud System Security 보장하는 Trusted Computing Platform

    3. Other Software Approach

      1. 가상화를 이용한 OS를 보호 : SecVisor _A_Tiny_Hypervisor_to_Provide_Lifetime_Kernel_Code_Integrity_for_Commodity_OSes.pdf
      2. 가상화를 이용한 Application 보호 : Overshadow, Proxos _A_Virtualization-Based_Approach_to_Retrofitting_Protection_in_Commodity_Operating_Systems.pdf _Making_Trust_Between_Applications_and_Operating_Systems_Configurable.pdf
      3. 가상화를 이용한 맬웨어 탐지 : VMWatcher Stealthy_Malware_Detection_Through_VMM-Based_“Out-of-the-Box”_Semantic_View_Reconstruction.pdf
      4. 하이퍼바이저 보호 및 Integrity 확인 : HIMA, HyperSafe, HyperSentry _A_Hypervisor-Based_Integrity_Measurement_Agent.pdf _A_Lightweight_Approach_to_Provide_Lifetime_Hypervisor_Control-Flow_Integrity.pdf _Enabling_Stealthy_In-context_Measurement_of_Hypervisor_Integrity.pdf

    4. Other Hardware Approach

      1. Physical Attack을 고려한 어플리케이션의 데이터와 코드 보호 : AEGIS, XOM _Architecture_for_Tamper-Evident_and_Tamper-Resistant_Processing.pdf Architectural_Support_for_Copy_and_Tamper_Resistant_Software.pdf
      2. Trustzone Building_a_Secure_System_using_TrustZone_Technology.pdf _Integrated_Hardware_and_Software_Security.pdf Trusted_Computing_Building_Blocks_for_Embedded_Linux-based_ARM_TrustZone_Platforms.pdf
      3. 하이퍼바이저로부터 가상 머신 보호 : H-SVM (Secure MMU) Architectural_Support_for_Secure_Virtualization_under_a_Vulnerable_Hypervisor.pdf

History

Last edited on 12/23/2011 17:42 by selnip

Comments (0)

You must log in to leave a comment. Please sign in.