The Experts below are selected from a list of 16806 Experts worldwide ranked by ideXlab platform
Niki A. Rahimi - One of the best experts on this subject based on the ideXlab platform.
-
USENIX Annual Technical Conference, FREENIX Track - Trusted path execution for the linux 2.6 kernel as a linux Security Module
2004Co-Authors: Niki A. RahimiAbstract:The prevention of damage caused to a system via malicious executables is a significant issue in the current state of Security on Linux operating systems. Several approaches are available to solve such a problem at the application level of a system but very few are actually implemented into the kernel. The Linux Security Module project was aimed at applying Security to the Linux kernel without imposing on the system. It performs this task by creating Modules that could be loaded and unloaded onto the system on the fly and according to how the administrator would like to lock down their system. The Trusted Path Execution (TPE) project was ported to the Linux kernel as a Linux Security Module (LSM) to create a barrier against such Security issues from occurring. This paper will attempt to explain how Trusted Path Execution is implemented in the Linux kernel as an LSM. It will also describe how TPE can prevent the running of malicious code on a Linux system via a strategically placed hook in the kernel. The usage of a pseudo-filesystem approach to creating an access control list for users on the system will also be discussed. The paper will further explain how TPE is designed and implemented in the kernel. This paper will show how the access control list is utilized by the Module to place checks on the execution of code on the system along with a check of the path the code is being run in. Further, the origins of the "Trusted Path" concept and its origination in the OpenBSD operating system will be discussed along with how TPE was introduced to the Linux Security community. The paper will conclude with a synopsis of the contents and future paths and goals of the project.
-
trusted path execution for the linux 2 6 kernel as a linux Security Module
USENIX Annual Technical Conference, 2004Co-Authors: Niki A. RahimiAbstract:The prevention of damage caused to a system via malicious executables is a significant issue in the current state of Security on Linux operating systems. Several approaches are available to solve such a problem at the application level of a system but very few are actually implemented into the kernel. The Linux Security Module project was aimed at applying Security to the Linux kernel without imposing on the system. It performs this task by creating Modules that could be loaded and unloaded onto the system on the fly and according to how the administrator would like to lock down their system. The Trusted Path Execution (TPE) project was ported to the Linux kernel as a Linux Security Module (LSM) to create a barrier against such Security issues from occurring. This paper will attempt to explain how Trusted Path Execution is implemented in the Linux kernel as an LSM. It will also describe how TPE can prevent the running of malicious code on a Linux system via a strategically placed hook in the kernel. The usage of a pseudo-filesystem approach to creating an access control list for users on the system will also be discussed. The paper will further explain how TPE is designed and implemented in the kernel. This paper will show how the access control list is utilized by the Module to place checks on the execution of code on the system along with a check of the path the code is being run in. Further, the origins of the "Trusted Path" concept and its origination in the OpenBSD operating system will be discussed along with how TPE was introduced to the Linux Security community. The paper will conclude with a synopsis of the contents and future paths and goals of the project.
Dogan Kesdogan - One of the best experts on this subject based on the ideXlab platform.
-
ESORICS - TrustedPals: secure multiparty computation implemented with smart cards
Computer Security – ESORICS 2006, 2006Co-Authors: Milan Fort, Felix C. Freiling, Lucia Draque Penso, Zinaida Benenson, Dogan KesdoganAbstract:We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof Security Module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security Modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own Security Module as well as drop any message sent by or to its Security Module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of Security Modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches.
-
TrustedPals: Secure Multiparty Computation Implemented with Smart Cards
Lecture Notes in Computer Science, 2006Co-Authors: Milan Fort, Felix C. Freiling, Lucia Draque Penso, Zinaida Benenson, Dogan KesdoganAbstract:We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof Security Module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security Modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own Security Module as well as drop any message sent by or to its Security Module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of Security Modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches.
-
Sicherheit - Secure Multi-Party Computation with Security Modules
2005Co-Authors: Zinaida Benenson, Felix C. Gärtner, Dogan KesdoganAbstract:We consider the problem of secure multi-party computation (SMC) in a new model where individual processes contain a tamper-proof Security Module. Security Modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, i.e., a corrupted party can stop the computation of its own Security Module as well as drop any message sent by or to its Security Module. In this model we show that SMC is solvable if and only if a majority of processes is correct. We prove this by relating SMC to the problem of Uniform Interactive Consistency among Security Modules (a variant of the Byzantine Generals Problem from the area of fault-tolerance). The obtained solutions to SMC for the first time allow to compute any function securely with a complexity which is polynomial only in the number of processes (i.e., the complexity does not depend on the function which is computed). We conclude that adding secure hardware does not improve the resilience of SMC but can effectively improve the efficiency.
Ingo Stierand - One of the best experts on this subject based on the ideXlab platform.
-
Evaluating the Impact of Integrating a Security Module on the Real-Time Properties of a System
2013Co-Authors: Sunil Malipatlolla, Ingo StierandAbstract:With a rise in the deployment of electronics in today’s systems especially in automobiles, the task of securing them against various attacks has become a major challenge. In particular, the most vulnerable points are: (i) communication paths between the Electronic Control Units (ECUs) and between sensors & actuators and the ECU, (ii) remote software updates from the manufacturer and the in-field system. However, when including additional mechanisms to secure such systems, especially real-time systems, there will be a major impact on the real-time properties and on the overall performance of the system. Therefore, the goal of this work is to deploy a minimal Security Module in a target real-time system and to analyze its impact on the aforementioned properties of the system, while achieving the goals of secure communication and authentic system update. From this analysis, it has been observed that, with the integration of such a Security Module into the ECU, the response time of the system is strictly dependent on the utilized communication interface between the ECU processor and the Security Module. The analysis is performed utilizing the Security Module operating at different frequencies and communicating over two different interfaces i.e., Low-Pin-Count (LPC) bus and Memory-Mapped I/O (MMIO) method.
-
IESS - Evaluating the Impact of Integrating a Security Module on the Real-Time Properties of a System
IFIP Advances in Information and Communication Technology, 2013Co-Authors: Sunil Malipatlolla, Ingo StierandAbstract:With a rise in the deployment of electronics in today’s systems especially in automobiles, the task of securing them against various attacks has become a major challenge. In particular, the most vulnerable points are: (i) communication paths between the Electronic Control Units (ECUs) and between sensors & actuators and the ECU, (ii) remote software updates from the manufacturer and the in-field system. However, when including additional mechanisms to secure such systems, especially real-time systems, there will be a major impact on the real-time properties and on the overall performance of the system. Therefore, the goal of this work is to deploy a minimal Security Module in a target real-time system and to analyze its impact on the aforementioned properties of the system, while achieving the goals of secure communication and authentic system update. From this analysis, it has been observed that, with the integration of such a Security Module into the ECU, the response time of the system is strictly dependent on the utilized communication interface between the ECU processor and the Security Module. The analysis is performed utilizing the Security Module operating at different frequencies and communicating over two different interfaces i.e., Low-Pin-Count (LPC) bus and Memory-Mapped I/O (MMIO) method.
Ulrich Kühn - One of the best experts on this subject based on the ideXlab platform.
-
Breaking the Shin--Shin--Rhee remotely keyed encryption schemes
Information Processing Letters, 2008Co-Authors: Ulrich KühnAbstract:Remotely keyed encryption (RKE) schemes provide fast symmetric encryption and decryption using a small-bandwidth Security Module and a powerful host. Such schemes keep the key inside the Security Module to prevent key compromise. Shin, Shin, and Rhee proposed a length-preserving as well as a length-increasing RKE scheme that both use only a single round of interaction between host and Security Module. With the length-preserving scheme they claim to answer an open problem of Blaze, Feigenbaum, and Naor. However, in the present paper we show that both their schemes are completely insecure. Further, we present heuristic arguments on why a one-round length-preserving RKE scheme might be impossible.
Milan Fort - One of the best experts on this subject based on the ideXlab platform.
-
ESORICS - TrustedPals: secure multiparty computation implemented with smart cards
Computer Security – ESORICS 2006, 2006Co-Authors: Milan Fort, Felix C. Freiling, Lucia Draque Penso, Zinaida Benenson, Dogan KesdoganAbstract:We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof Security Module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security Modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own Security Module as well as drop any message sent by or to its Security Module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of Security Modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches.
-
TrustedPals: Secure Multiparty Computation Implemented with Smart Cards
Lecture Notes in Computer Science, 2006Co-Authors: Milan Fort, Felix C. Freiling, Lucia Draque Penso, Zinaida Benenson, Dogan KesdoganAbstract:We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof Security Module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security Modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own Security Module as well as drop any message sent by or to its Security Module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of Security Modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches.
