SGXIO: Generic Trusted I/O Path for Intel SGX

Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel introduced SGX, which allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.Comment: To appear in CODASPY'1

A gentle transition from Java programming to Web Services using XML-RPC

Exposing students to leading edge vocational areas of relevance such as Web Services can be difficult. We show a lightweight approach by embedding a key component of Web Services within a Level 3 BSc module in Distributed Computing. We present a ready to use collection of lecture slides and student activities based on XML-RPC. In addition we show that this material addresses the central topics in the context of web services as identified by Draganova (2003)

Впровадження дисциплін циклу «Вбудовані системи» в підготовку студентів-інформатиків

This article describes an approach to teaching of embedded systems (ES) disciplines for non-engineering students using original technique to study embedded systems design, realization and testing. The approach to be effective for implementation in a classical university and include all modern ES technologies. To create the teaching technique most of existing technologies were analysed, compared and adapted to be convenient for training. Teaching technique for the cycle of "Embedded Systems" disciplines includes traditional, virtual and remote design technologies. The example of completed student project described where “smart home” prototype was made.У статті описується підхід до викладання вбудованих систем шляхом розробки методики вивчення технологій створення і тестування вбудованих систем управління від першого до останнього етапу. Методика повинна бути ефективною при реалізації в класичному університеті і охоплювати усі сучасні технології. Для створення навчальної методики вивчено та адаптовано більшість існуючих технології, проведено порівняльний аналіз і представлення їх у зручному для навчання вигляді. У рамках дисциплін циклу «Вбудовані системи» вивчались як традиційні, так і віртуальні та дистанційні технології проектування

A survey on online monitoring approaches of computer-based systems

This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use