Bognar et al., 2022 - Google Patents
Mind the gap: Studying the insecurity of provably secure embedded trusted execution architecturesBognar et al., 2022
View PDF- Document ID
- 18322778001597365410
- Author
- Bognar M
- Van Bulck J
- Piessens F
- Publication year
- Publication venue
- 2022 IEEE Symposium on Security and Privacy (SP)
External Links
Snippet
The security claims of a system can be supported or refuted by different kinds of evidence. On the one hand, attack research uses empirical, experimental, inductive methods to refute security claims. If motivated and competent attackers do not succeed in breaking a specific …
- 238000011160 research 0 abstract description 29
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Dessouky et al. | {HardFails}: insights into {software-exploitable} hardware bugs | |
| Bognar et al. | Mind the gap: Studying the insecurity of provably secure embedded trusted execution architectures | |
| Nunes et al. | {APEX}: A verified architecture for proofs of execution on remote devices under full software compromise | |
| Sinha et al. | Moat: Verifying confidentiality of enclave programs | |
| Davi et al. | Dynamic integrity measurement and attestation: towards defense against return-oriented programming attacks | |
| Datta et al. | A logic of secure systems and its application to trusted computing | |
| Wan et al. | RusTEE: developing memory-safe ARM TrustZone applications | |
| US8701187B2 (en) | Runtime integrity chain verification | |
| Potlapally | Hardware security in practice: Challenges and opportunities | |
| Prakash et al. | Enforcing system-wide control flow integrity for exploit detection and diagnosis | |
| Guo et al. | Eliminating the hardware-software boundary: A proof-carrying approach for trust evaluation on computer systems | |
| Müller et al. | A formal approach to confidentiality verification in SoCs at the register transfer level | |
| Liu et al. | KUBO: Precise and Scalable Detection of User-triggerable Undefined Behavior Bugs in OS Kernel. | |
| Bognar et al. | Microprofiler: Principled side-channel mitigation through microarchitectural profiling | |
| Duan et al. | TEEFuzzer: A fuzzing framework for trusted execution environments with heuristic seed mutation | |
| Tan et al. | Where's the" up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems | |
| Chen et al. | Trusting the trust anchor: towards detecting cross-layer vulnerabilities with hardware fuzzing | |
| Kwon et al. | Proving flow security of sequential logic via automatically-synthesized relational invariants | |
| Tan et al. | {SoK}:{Where’s} the {“up”?}! A Comprehensive (bottom-up) Study on the Security of Arm {Cortex-M} Systems | |
| Chen et al. | IP-Tag: Tag-Based Runtime 3PIP Hardware Trojan Detection in SoC Platforms | |
| Jakkamsetti | Root-of-trust architectures for low-end embedded systems | |
| Dessouky et al. | When a patch is not enough-hardfails: Software-exploitable hardware bugs | |
| Böhme | Guarantees in Software Security | |
| Geden et al. | RegGuard: Leveraging CPU registers for mitigation of control-and data-oriented attacks | |
| Bavendiek | Attack surface analysis of the Linux kernel based on complexity metric |