Research on Linux Trusted Boot Method Based on Reverse Integrity Verification

Trusted computing aims to build a trusted computing environment for information systems with the help of secure hardware TPM, which has been proved to be an effective way against network security threats. However, the TPM chips are not yet widely deployed in most computing devices so far, thus limiting the applied scope of trusted computing technology. To solve the problem of lacking trusted hardware in existing computing platform, an alternative security hardware USBKey is introduced in this paper to simulate the basic functions of TPM and a new reverse USBKey-based integrity verification model is proposed to implement the reverse integrity verification of the operating system boot process, which can achieve the effect of trusted boot of the operating system in end systems without TPMs. A Linux operating system booting method based on reverse integrity verification is designed and implemented in this paper, with which the integrity of data and executable files in the operating system are verified and protected during the trusted boot process phase by phase. It implements the trusted boot of operation system without TPM and supports remote attestation of the platform. Enhanced by our method, the flexibility of the trusted computing technology is greatly improved and it is possible for trusted computing to be applied in large-scale computing environment.

Download Full-text

A Trustworthy Usage Control Enforcement Framework

International Journal of Mobile Computing and Multimedia Communications ◽

10.4018/jmcmc.2013070103 ◽

2013 ◽

Vol 5 (3) ◽

pp. 34-49 ◽

Cited By ~ 6

Author(s):

Ricardo Neisse ◽

Alexander Pretschner ◽

Valentina Di Giacomo

Keyword(s):

Operating System ◽

Trusted Computing ◽

Enterprise Service Bus ◽

Computing Technology ◽

Levels Of Abstraction ◽

Usage Control ◽

Design And Implementation ◽

Separation Of Duty ◽

Enforcement Mechanisms ◽

Different Levels

Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.

Download Full-text

Executing large-scale processes in a blockchain

Journal of Capital Markets Studies ◽

10.1108/jcms-05-2018-0020 ◽

2018 ◽

Vol 2 (2) ◽

pp. 106-120 ◽

Cited By ~ 2

Author(s):

Mahalingam Ramkumar

Keyword(s):

Real World ◽

Design Methodology ◽

Large Scale ◽

Trusted Computing ◽

Digital Signatures ◽

Cryptographic Protocols ◽

Content Type ◽

Computing Platform ◽

Trusted Computing Platform ◽

Real World Applications

Purpose The purpose of this paper is to examine the blockchain as a trusted computing platform. Understanding the strengths and limitations of this platform is essential to execute large-scale real-world applications in blockchains. Design/methodology/approach This paper proposes several modiﬁcations to conventional blockchain networks to improve the scale and scope of applications. Findings Simple modifications to cryptographic protocols for constructing blockchain ledgers, and digital signatures for authentication of transactions, are sufficient to realize a scalable blockchain platform. Originality/value The original contributions of this paper are concrete steps to overcome limitations of current blockchain networks.

Download Full-text

The Study of Network Information System Security Strategy Based on Trusted Cloud Computing

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.571-572.400 ◽

2014 ◽

Vol 571-572 ◽

pp. 400-403

Author(s):

Yan Fei Cao ◽

Jun Ming Pan

Keyword(s):

Cloud Computing ◽

Information System ◽

Trusted Computing ◽

Computing System ◽

Computing Technology ◽

Security Strategy ◽

Network Information ◽

Computing Platform ◽

Trusted Computing Platform ◽

Cloud Computing System

This paper analyzed functions of the network information system based on trusted computing and trusted computing platform based on cloud computing. Raised the propose to expand the application of trusted computing technology to network information system, to meet the needs of cloud computing of trusted computing, trusted cloud computing, implement the trusted cloud computing. In our design, will take the Trusted Computing Platform (TCP) as the basis of cloud computing system, provide some important security functions to ensure the communication and data security.Finally put forward the implement methods.

Download Full-text

Research of Secure Sharing of Electronic Medical Records in Internet

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.170-173.3390 ◽

2012 ◽

Vol 170-173 ◽

pp. 3390-3397

Author(s):

Zhi Gang Si ◽

Ying Wan ◽

Yun Shuai Shi ◽

Ping Li

Keyword(s):

Electronic Medical Records ◽

Medical Records ◽

Trusted Computing ◽

Computing Technology ◽

Usb Interface ◽

Computing Platform ◽

Sharing Scheme ◽

Trusted Computing Platform

Regional sharing in electronic medical records (EMR) system are the main problems that the system must face in the development. This paper comprehensive analyzes the existing secure sharing program of EMR, and based on it this paper proposes the program that uses the Trusted Computing technology to ensure the secure sharing of EMR. For ordinary computer can not build trusted computing platform, the embedded trusted system based on the USB interface is used to build trusted computing platform, and based on it this paper proposes the EMR secure sharing scheme based on the embedded trusted system.

Download Full-text

Preface to Special Issue on Large-scale Numerical Computing Technology for Electromagnetic Field Analysis

IEEJ Transactions on Power and Energy ◽

10.1541/ieejpes.139.636 ◽

2019 ◽

Vol 139 (11) ◽

pp. 636-636

Author(s):

Fumiaki Ikeda ◽

Daigo Yonetsu ◽

Takeshi Mifune ◽

Kengo Sugahara

Keyword(s):

Electromagnetic Field ◽

Large Scale ◽

Field Analysis ◽

Special Issue ◽

Computing Technology ◽

Numerical Computing

Download Full-text

Security Analysis on Trust Chain of Trusted Computing Platform

Chinese Journal of Computers ◽

10.3724/sp.j.1016.2010.01165 ◽

2010 ◽

Vol 33 (7) ◽

pp. 1165-1176 ◽

Cited By ~ 2

Author(s):

Ming-Di XU ◽

Huan-Guo ZHANG ◽

Heng ZHAO ◽

Jun-Lin LI ◽

Fei YAN

Keyword(s):

Trusted Computing ◽

Security Analysis ◽

Computing Platform ◽

Trusted Computing Platform ◽

Trust Chain

Download Full-text

Research on cryptology mechanism of trusted computing platform module

Journal of Computer Applications ◽

10.3724/sp.j.1087.2008.01907 ◽

2008 ◽

Vol 28 (8) ◽

pp. 1907-1911

Author(s):

Jie LUO

Keyword(s):

Trusted Computing ◽

Computing Platform ◽

Trusted Computing Platform

Download Full-text

Predicting Node Failures in an Ultra-Large-Scale Cloud Computing Platform

ACM Transactions on Software Engineering and Methodology ◽

10.1145/3385187 ◽

2020 ◽

Vol 29 (2) ◽

pp. 1-24

Author(s):

Yangguang Li ◽

Zhen Ming (Jack) Jiang ◽

Heng Li ◽

Ahmed E. Hassan ◽

Cheng He ◽

...

Keyword(s):

Cloud Computing ◽

Large Scale ◽

Computing Platform ◽

Cloud Computing Platform ◽

Node Failures

Download Full-text

Construction of embedded secure terminal and multimedia database based on trusted computing technology and wireless network

Alexandria Engineering Journal ◽

10.1016/j.aej.2021.02.020 ◽

2021 ◽

Vol 60 (5) ◽

pp. 4223-4230

Author(s):

Kun Xiao

Keyword(s):

Wireless Network ◽

Trusted Computing ◽

Multimedia Database ◽

Computing Technology

Download Full-text

Security Vulnerabilities of SGX and Countermeasures

ACM Computing Surveys ◽

10.1145/3456631 ◽

2021 ◽

Vol 54 (6) ◽

pp. 1-36

Author(s):

Shufan Fei ◽

Zheng Yan ◽

Wenxiu Ding ◽

Haomeng Xie

Keyword(s):

Operating System ◽

Security Risks ◽

Security Vulnerabilities ◽

Future Directions ◽

High Security ◽

Secure Hardware ◽

Run Time ◽

Shed Light

Trusted Execution Environments (TEEs) have been widely used in many security-critical applications. The popularity of TEEs derives from its high security and trustworthiness supported by secure hardware. Intel Software Guard Extensions (SGX) is one of the most representative TEEs that creates an isolated environment on an untrusted operating system, thus providing run-time protection for the execution of security-critical code and data. However, Intel SGX is far from the acme of perfection. It has become a target of various attacks due to its security vulnerabilities. Researchers and practitioners have paid attention to the security vulnerabilities of SGX and investigated optimization solutions in real applications. Unfortunately, existing literature lacks a thorough review of security vulnerabilities of SGX and their countermeasures. In this article, we fill this gap. Specifically, we propose two sets of criteria for estimating security risks of existing attacks and evaluating defense effects brought by attack countermeasures. Furthermore, we propose a taxonomy of SGX security vulnerabilities and shed light on corresponding attack vectors. After that, we review published attacks and existing countermeasures, as well as evaluate them by employing our proposed criteria. At last, on the strength of our survey, we propose some open challenges and future directions in the research of SGX security.

Download Full-text