167,485 research outputs found
Open-TEE - An Open Virtual Trusted Execution Environment
Hardware-based Trusted Execution Environments (TEEs) are widely deployed in
mobile devices. Yet their use has been limited primarily to applications
developed by the device vendors. Recent standardization of TEE interfaces by
GlobalPlatform (GP) promises to partially address this problem by enabling
GP-compliant trusted applications to run on TEEs from different vendors.
Nevertheless ordinary developers wishing to develop trusted applications face
significant challenges. Access to hardware TEE interfaces are difficult to
obtain without support from vendors. Tools and software needed to develop and
debug trusted applications may be expensive or non-existent.
In this paper, we describe Open-TEE, a virtual, hardware-independent TEE
implemented in software. Open-TEE conforms to GP specifications. It allows
developers to develop and debug trusted applications with the same tools they
use for developing software in general. Once a trusted application is fully
debugged, it can be compiled for any actual hardware TEE. Through performance
measurements and a user study we demonstrate that Open-TEE is efficient and
easy to use. We have made Open- TEE freely available as open source.Comment: Author's version of article to appear in 14th IEEE International
Conference on Trust, Security and Privacy in Computing and Communications,
TrustCom 2015, Helsinki, Finland, August 20-22, 201
Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"
According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient.
The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself.
Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners.
• The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another.
• The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion.
The behaviour of the entities may vary over time.
• The systems operate with incomplete information about the environment.
For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered.
The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems.
This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative.
We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration
Network layer access control for context-aware IPv6 applications
As part of the Lancaster GUIDE II project, we have developed a novel wireless access point protocol designed to support the development of next generation mobile context-aware applications in our local environs. Once deployed, this architecture will allow ordinary citizens secure, accountable and convenient access to a set of tailored applications including location, multimedia and context based services, and the public Internet. Our architecture utilises packet marking and network level packet filtering techniques within a modified Mobile IPv6 protocol stack to perform access control over a range of wireless network technologies. In this paper, we describe the rationale for, and components of, our architecture and contrast our approach with other state-of-the- art systems. The paper also contains details of our current implementation work, including preliminary performance measurements
An Integrated Mobile Application for Enhancing Management of Nutrition Information in Arusha Tanzania
Based on the fact that management of nutrition information is still a problem
in many developing countries including Tanzania and nutrition information is
only verbally provided without emphasis, this study proposes mobile application
for enhancing management of nutrition information. The paper discusses the
implementation of an integrated mobile application for enhancing management of
nutrition information based on literature review and interviews, which were
conducted in Arusha region for the collection of key information and details
required for designing the mobile application. In this application, PHP
technique has been used to build the application logic and MySQL technology for
developing the back-end database. Using XML and Java, we have built an
application interface that provides easy interactive view
A Framework for M-Commerce Implementation in Nigeria
The Internet has brought about the concept of grobalilation, which has
revolutionized the way business is transacted all over the world. The E-comnterce
is of particular interest, though widely used but still has some security challenges
in terms of transparency and confidentiality of transactiorts. This papei focuses
on M-contnrcrce as an extensiott to E-commerce hnplementatiott with the Bankiltg
industry proposed as core implementation consideration in ortler to guarantee
high level security. We have reviewed some cqses of onlilrc frauds and eliscussed
tlte emerging critical issues afficting software development of M-cornmerce
applicatiotts. Afranrcworkfor M-commerce implementationis therefore,proposed
for countries such as Nigeria, Romania and Indonesia where cases of online
scam are alanning
A Contribution to Secure the Routing Protocol "Greedy Perimeter Stateless Routing" Using a Symmetric Signature-Based AES and MD5 Hash
This work presents a contribution to secure the routing protocol GPSR (Greedy
Perimeter Stateless Routing) for vehicular ad hoc networks, we examine the
possible attacks against GPSR and security solutions proposed by different
research teams working on ad hoc network security. Then, we propose a solution
to secure GPSR packet by adding a digital signature based on symmetric
cryptography generated using the AES algorithm and the MD5 hash function more
suited to a mobile environment
- …