-
Security and Communication Networks. 01/2011; 4:633-650.
-
IEEE Security & Privacy. 01/2011; 9:40-48.
-
IEEE Security & Privacy. 01/2010; 8:77-80.
-
Proceedings of the Global Communications Conference, 2010. GLOBECOM 2010, 6-10 December 2010, Miami, Florida, USA; 01/2010
-
SACMAT 2010, 15th ACM Symposium on Access Control Models and Technologies, Pittsburgh, Pennsylvania, USA, June 9-11, 2010, Proceedings; 01/2010
-
Proceedings of the 2nd ACM Cloud Computing Security Workshop, CCSW 2010, Chicago, IL, USA, October 8, 2010; 01/2010
-
[show abstract]
[hide abstract]
ABSTRACT: Secure boot mechanisms aim to provide guarantees of in-tegrity of a system as it loads. It ensures that if a system is running, all of its process will satisfy integrity verifica-tion requirements. While secure boot has been available for a long time, it is not available in commodity systems due to the high cost of secure hardware. In this paper, we describe Firma, an architecture that provides secure boot functionality based on a storage root of trust. Unlike pre-vious secure boot mechanisms, use of the disk can protect data secrecy by only releasing data to systems trusted not to leak data, while also providing data integrity through release to high integrity systems. We implement a proto-type of Firma and show how it may be used to provide a trusted virtual machine monitor (TVMM) capable of sup-porting strong security guarantees for running VMs. Only minimal administration is required, and we detail the tasks necessary to support the architecture, showing new sys-tems can be configured with a small number of automated steps. Our evaluation shows that Firma requires additional overhead of just over 1 second for the boot process.
05/2009;
-
Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009, Honolulu, Hawaii, 7-11 December 2009; 01/2009
-
Twenty-Fifth Annual Computer Security Applications Conference, ACSAC 2009, Honolulu, Hawaii, 7-11 December 2009; 01/2009
-
SACMAT 2008, 13th ACM Symposium on Access Control Models and Technologies, Estes Park, CO, USA, June 11-13, 2008, Proceedings; 01/2008
-
Proceedings of the 2007 ACM workshop on Computer Security Architecture, CSAW 2007, Fairfax, VA, USA, November 2, 2007; 01/2007
