37,415 research outputs found

    Encryption – use and control in E-commerce

    Get PDF
    The author describes how cryptography can be used to address modern business requirements such as identity protection, secure web access and digital signatures. Article by Robert Bond (Head of Innovation & Technology Group, Hobson Audley and Fellow of SALS). Published in Amicus Curiae - Journal of the Institute of Advanced Legal Studies and its Society for Advanced Legal Studies. The Journal is produced by the Society for Advanced Legal Studies at the Institute of Advanced Legal Studies, University of London

    TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone

    Full text link
    The rapid evolution of Internet-of-Things (IoT) technologies has led to an emerging need to make it smarter. A variety of applications now run simultaneously on an ARM-based processor. For example, devices on the edge of the Internet are provided with higher horsepower to be entrusted with storing, processing and analyzing data collected from IoT devices. This significantly improves efficiency and reduces the amount of data that needs to be transported to the cloud for data processing, analysis and storage. However, commodity OSes are prone to compromise. Once they are exploited, attackers can access the data on these devices. Since the data stored and processed on the devices can be sensitive, left untackled, this is particularly disconcerting. In this paper, we propose a new system, TrustShadow that shields legacy applications from untrusted OSes. TrustShadow takes advantage of ARM TrustZone technology and partitions resources into the secure and normal worlds. In the secure world, TrustShadow constructs a trusted execution environment for security-critical applications. This trusted environment is maintained by a lightweight runtime system that coordinates the communication between applications and the ordinary OS running in the normal world. The runtime system does not provide system services itself. Rather, it forwards requests for system services to the ordinary OS, and verifies the correctness of the responses. To demonstrate the efficiency of this design, we prototyped TrustShadow on a real chip board with ARM TrustZone support, and evaluated its performance using both microbenchmarks and real-world applications. We showed TrustShadow introduces only negligible overhead to real-world applications.Comment: MobiSys 201

    Architecture of a network-in-the-Loop environment for characterizing AC power system behavior

    Get PDF
    This paper describes the method by which a large hardware-in-the-loop environment has been realized for three-phase ac power systems. The environment allows an entire laboratory power-network topology (generators, loads, controls, protection devices, and switches) to be placed in the loop of a large power-network simulation. The system is realized by using a realtime power-network simulator, which interacts with the hardware via the indirect control of a large synchronous generator and by measuring currents flowing from its terminals. These measured currents are injected into the simulation via current sources to close the loop. This paper describes the system architecture and, most importantly, the calibration methodologies which have been developed to overcome measurement and loop latencies. In particular, a new "phase advance" calibration removes the requirement to add unwanted components into the simulated network to compensate for loop delay. The results of early commissioning experiments are demonstrated. The present system performance limits under transient conditions (approximately 0.25 Hz/s and 30 V/s to contain peak phase-and voltage-tracking errors within 5. and 1%) are defined mainly by the controllability of the synchronous generator

    SAFIUS - A secure and accountable filesystem over untrusted storage

    Get PDF
    We describe SAFIUS, a secure accountable file system that resides over an untrusted storage. SAFIUS provides strong security guarantees like confidentiality, integrity, prevention from rollback attacks, and accountability. SAFIUS also enables read/write sharing of data and provides the standard UNIX-like interface for applications. To achieve accountability with good performance, it uses asynchronous signatures; to reduce the space required for storing these signatures, a novel signature pruning mechanism is used. SAFIUS has been implemented on a GNU/Linux based system modifying OpenGFS. Preliminary performance studies show that SAFIUS has a tolerable overhead for providing secure storage: while it has an overhead of about 50% of OpenGFS in data intensive workloads (due to the overhead of performing encryption/decryption in software), it is comparable (or better in some cases) to OpenGFS in metadata intensive workloads.Comment: 11pt, 12 pages, 16 figure

    An overview of the Amoeba distributed operating system

    Get PDF
    As hardware prices continue to drop rapidly, building large computer systems by interconnecting substantial numbers of microcomputers becomes increasingly attractive. Many techniques for interconnecting the hardware, such as Ethernet [Metcalfe and Boggs, 1976], ring nets [Farber and Larson, 1972], packet switching, and shared memory are well understood, but the corresponding software techniques are poorly understood. The design of general purpose distributed operating systems is one of the key research issues for the 1980s
    corecore