Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Draft of a Dynamic Malware Detection System on Trustworthy Endpoints Read chapter Read first chapter

2013 | OriginalPaper | Chapter

Protected Software Module Architectures

Authors : Raoul Strackx, Job Noorman, Ingrid Verbauwhede, Bart Preneel, Frank Piessens

Published in: ISSE 2013 Securing Electronic Business Processes

Publisher: Springer Fachmedien Wiesbaden

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

A significant fraction of Internet-connected computing devices is infected with malware. With the increased connectivity and software extensibility of embedded and industrial devices, this threat is now also relevant for our industrial infrastructure and our personal environments. Since many of these devices interact with remote parties for security-critical or privacy sensitive transactions, it is important to develop security architectures that allow a stakeholder to assess the trustworthiness of a computing device, and that allow such stakeholders to securely execute software on that device. Over the past decade, the security research community has proposed and evaluated such architectures. Important and promising examples are protected software module architectures. These architectures support the secure execution of small protected software modules even on devices that are malware infected. They also make it possible for remote parties to collect trust evidence about a device; the remote party can use the security architecture to collect measurements that give assurance that the device is in a trustworthy state.
In this paper we outline the essential ideas behind this promising recent line of security research, and report on our experiences in developing several protected module architectures for different types of devices.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter When does Abuse of Social Media constitute a Crime? – A South African Legal Perspective within a Global Context
next chapter Securing Communication Devices via Physical Unclonable Functions (PUFs)
Literature
[ASJP12]
Pieter Agten, Raoul Strackx, Bart Jacobs, and Frank Piessens: Secure compilation to modern processors, In: IEEE 25th Computer Security Foundations Symposium (CSF 2012), p. 171-185.
[Avon13]
Niels Avonds: Implementation of a State-of-the-Art Security Architecture in the Linux Kernel. Master thesis KU Leuven, 2013.
[EFPT12]
Karim El Defrawy, Aurélien Francillon, Daniele Perito, and Gene Tsudik: SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust. In Proceedings of the Network and Distributed System Security Symposium (NDSS 2012).
[MLQ+10]
Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil D. Gligor, and Adrian Perrig: TrustVisor: Efficient TCB Reduction and Attestation. In: IEEE Symposium on Security and Privacy 2010, p. 143-158.
[MPP+08]
Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki: Flicker: an execution infrastructure for tcb minimization. In: EuroSys 2008, p. 315-328.
[NAD+13]
Job Noorman, Pieter Agten, Wilfried Daniels, Raoul Strackx, Anthony Van Herrewege, Christophe Huygens, Bart Preneel, Ingrid Verbauwhede, and Frank Piessens: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base, In: 22nd USENIX Security symposium, 2013.
[PLD+11]
Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens, and Jonathan M. McCune: Memoir: Practical State Continuity for Protected Modules. In: Proceedings of the 2011 IEEE Symposium on Security and Privacy, p. 379-394.
[StBP10]
Raoul Strackx, Frank Piessens, and Bart Preneel: Efficient isolation of trusted subsystems in embedded systems, In: SecureComm 2010, Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering: Security and Privacy in Communication Networks, volume 50, p. 1-18, 2010.
[StPi12]
Raoul Strackx, Frank Piessens: Fides: Selectively hardening software application components against kernel-level or process-level malware, In: Proceedings of the 19th ACM conference on Computer and Communications Security (CCS 2012), p. 2-13.
[ViTo12]
John Viega, and Hugh Thompson: The state of embedded-device security (spoiler alert: It’s bad). In: IEEE Security & Privacy Magazine, volume 10, issue 5, 2012, p. 68-70.
[YJP12]
Yves Younan, Wouter Joosen, and Frank Piessens: Runtime countermeasures for code injection attacks against C and C++ programs, In: ACM Computing Surveys, volume 44, issue 3, p. 1-28, 2012.
Metadata
Title
Protected Software Module Architectures
Authors
Raoul Strackx
Job Noorman
Ingrid Verbauwhede
Bart Preneel
Frank Piessens
Copyright Year
2013
Publisher
Springer Fachmedien Wiesbaden
Book
ISSE 2013 Securing Electronic Business Processes

Print ISBN: 978-3-658-03370-5

Electronic ISBN: 978-3-658-03371-2

Copyright Year: 2013

DOI
https://doi.org/10.1007/978-3-658-03371-2_21

Premium Partner

    Image Credits