Skip to main content

Über dieses Buch

This book constitutes the thoroughly refereed conference proceedings of the 5th International Conference on Trusted Systems, INTRUST 2013, held in Graz, Austria, in December 2013. The revised full papers focus on the theory, technologies and applications of trusted systems. They cover all aspects of trusted computing systems, including trusted modules, platforms, networks, services and applications, from their fundamental features and functionalities to design principles, architecture and implementation technologies.



Session 1: Hardware-Based Security and Applications

Para-Virtualizing the Trusted Platform Module: An Enterprise Framework Based on Version 2.0 Specification

This paper introduces a framework for para-virtualizing the newer Trusted Platform Module (TPM) version 2.0. The framework covers the design of a para-virtualized TPM 2.0 and the considerations when deploying it for use in an Enterprise Information Technology (IT) infrastructure. To develop this framework, a quick study of the TPM 2.0 specification was undertaken and a survey of para-virtualizing TPM techniques was carried out. The study found that TPM 2.0 core functions are suitable for para-virtualization. A set of requirements was then developed to guide the design of this framework. The framework includes components to support the para-virtualized TPM. The framework also covers external components that are essential for the proper functioning of the para-virtualized TPM in an Enterprise IT environment. Research challenges for this framework are then discussed at the end of the paper.
Jiun Yi Yap, Allan Tomlinson

The PACE|CA Protocol for Machine Readable Travel Documents

The International Civil Aviation Organization (ICAO) has adopted the password-based connection establishment protocol (PACE) for securing the contactless communication between the machine-readable travel documents and the readers at border controls. This Diffie-Hellman based protocol achieves impersonation resistance at password strength. To reinforce authentication of the travel documents beyond this lowentropy security, the challenge-response based active authentication protocol could be executed afterwards. However, this optional protocol is often omitted for efficiency reasons. In order to salvage strong security we investigate the possibility to provide active authentication almost “for free” with the PACE|CA protocol, by re-using some of the randomness from the PACE protocol for authentication.
Jens Bender, Marc Fischlin, Dennis Kügler

A Spatial Majority Voting Technique to Reduce Error Rate of Physically Unclonable Functions

The Physically Unclonable Function (PUF) is a promising hardware security primitive with a wide range of applications, such as secure key generation, device authentication, IP protection, and hardware entangled cryptography. Due to their physical construction, PUF responses are inherently noisy. Error correction codes can be used to turn noisy PUF responses into keys or static values for these applications. However, a general construction of error correction is expensive and could introduce high entropy loss for PUFs with high error rates. Some PUF pre-processing techniques have been proposed, such as temporal majority voting and dark bit schemes, applied before error correction. In this paper, we introduce a simple and yet effective method to reduce PUF error rate called Spatial Majority Voting (SMV). The idea is to group PUF bits together to produce a single, more stable bit from the group. Experimental data show that SMV works very well, reducing the mean error rate from 6.5% to 0.3% with a group size of 9 on SRAM PUFs implemented in 65 nm CMOS. We also show that SMV can be combined with the dark bits method to further reduce the error rate to less than 0.01%, thus avoiding the need for expensive error correction schemes.
Patrick Koeberl, Jiangtao Li, Wei Wu

Session 2: Access Control, Integrity and Policy Enforcement

Active File Integrity Monitoring Using Paravirtualized Filesystems

Monitoring file integrity and preventing illegal modifications is a crucial part of improving system security. Unfortunately, current research focusing on isolating monitoring components from supervised systems can often still be thwarted by tampering with the hooks placed inside of Virtual Machines (VMs), thus resulting in critical file operations not being noticed. In this paper, we present an approach of relocating a supervised VM’s entire filesystem into the isolated realm of the host. This way, we can enforce that all file operations originating from a VM (e.g., read and write operations) must necessarily be routed through the hypervisor, and thus can be tracked and even be prevented. Disabling hooks in the VM then becomes pointless as this would render a VM incapable of accessing or manipulating its own filesystem. This guarantees secure and complete active file integrity monitoring of VMs. The experimental results of our prototype implementation show the feasibility of our approach.
Michael Velten, Sascha Wessel, Frederic Stumpf, Claudia Eckert

Remote Policy Enforcement for Trusted Application Execution in Mobile Environments

Both in the cloud and mobile environments, a large number of online services is daily accessed through smartphones and tablets. Since several security, safety and trust concerns may arise when using these services, providers may require a usage policy to be enforced on the devices while accessing these services. This kind of policy enforcements enables service providers to have assurance that remote devices are in an acceptable state when using the provided service, according to their terms and conditions.
In this paper, we propose a framework which allows service providers to have assurance about the enforcement of some functional policies directly on the device. The proposed framework inserts an enforcer into the client’s device, which is responsible for enforcing the provider’s policy to abide by the terms and conditions of the service. To assure the integrity of the enforcer and of the policy, the framework exploits Trusted Computing techniques to remotely attest the enforcer’s measurements. Preliminary experiments and a first prototype implementation for Android-based smartphones suggest that the approach is both viable and effective.
Fabio Martinelli, Ilaria Matteucci, Andrea Saracino, Daniele Sgandurra

Towards Policy Engineering for Attribute-Based Access Control

Attribute-based Access Control (ABAC) was recently proposed as a general model which is able to capture the main existing access control models. This paper discusses the problems of configuring ABAC and engineering access policies. We question how to design attributes, how to assign attributes to subjects, objects, actions, and how to formulate access policies which bind subjects to objects and actions via attributes.
Inspired by the role mining problem in Role-based Access Control, in this paper we propose the first attempt to formalise ABAC in a matrix form and define formally a problem of access policy engineering. Our approach is based on the XACML standard to be more practical.
Leanid Krautsevich, Aliaksandr Lazouski, Fabio Martinelli, Artsiom Yautsiukhin


Weitere Informationen

Premium Partner