|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Building Trusted Systems with Protected Modules
If you have a question about this talk, please contact Wei Ming Khoo.
As businesses and individuals entrust more and more sensitive tasks (e.g., paying bills, shopping online, or accessing medical records) to computers, it becomes increasingly important to ensure this trust is warranted. However, users are understandably reluctant to abandon the low cost, high performance, and flexibility of today’s general-purpose computers. In this talk, I will describe Flicker, an architecture for constructing protected modules. Flicker demonstrates that we can satisfy the need for features and security by constructing an on-demand secure execution environment, using a combination of software techniques and recent commodity CPU enhancements. This provides a solid foundation for constructing secure systems that must coexist with standard software; the developer of a security-sensitive code module need only trust her own code, plus as few as 250 lines of Flicker code, for the secrecy and integrity of her code’s execution. However, for many applications, secrecy and integrity are insufficient; thus, I’ll discuss techniques for providing practical state continuity for protected modules. To ensure the correctness of our design, we develop formal, machine-verified proofs of safety. To demonstrate practicality, we have implemented our architectures on Linux and Windows running on AMD and Intel.
Dr Bryan Parno, Microsoft Research Redmond, received the 2010 Doctoral Dissertation Award from ACM for “resolving the tension between adequate security protections and the features and performance that users expect in a digitized world” and has recently co-authored the book “Bootstrapping Trust in Modern Computers” with Jon McCune and Adrian Perrig.
2010 ACM doctoral dissertation award:
Bootstrapping Trust in Modern Computers:
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsQueens' College Politics Society Set Theory Seminar Immunology in medicine
Other talksIdiot! by Oscar K. & Dorte Karrebæk Global Burden of Disease: from Global to Local Test and item evaluation Genomic technologies (At least) 3 ways to publish a pigeon genome. The Great Fen – out of the past and into the future