Trust and Trustworthy Computing [[electronic resource] ] : 8th International Conference, TRUST 2015, Heraklion, Greece, August 24-26, 2015, Proceedings / / edited by Mauro Conti, Matthias Schunter, Ioannis Askoxylakis
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Titolo: |
Trust and Trustworthy Computing [[electronic resource] ] : 8th International Conference, TRUST 2015, Heraklion, Greece, August 24-26, 2015, Proceedings / / edited by Mauro Conti, Matthias Schunter, Ioannis Askoxylakis
|
| Pubblicazione: | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 |
| Edizione: | 1st ed. 2015. |
| Descrizione fisica: | 1 online resource (XI, 328 p. 79 illus.) |
| Disciplina: | 005.8 |
| Soggetto topico: | Computer security |
| Management information systems | |
| Computer science | |
| Data encryption (Computer science) | |
| Computers and civilization | |
| Computers | |
| Systems and Data Security | |
| Management of Computing and Information Systems | |
| Cryptology | |
| Computers and Society | |
| Information Systems and Communication Service | |
| Persona (resp. second.): | ContiMauro |
| SchunterMatthias | |
| AskoxylakisIoannis | |
| Note generali: | Bibliographic Level Mode of Issuance: Monograph |
| Nota di contenuto: | Intro -- Preface -- Organization -- Contents -- Hardware-Enhanced Trusted Execution -- PUF-Based Software Protection for Low-End Embedded Devices -- 1 Introduction -- 1.1 Contributions -- 1.2 Structure -- 2 Related Work -- 3 PUF-Based Software Protection Solution -- 3.1 Code Integrity Check -- 3.2 Device Authenticity Check -- 3.3 Response Functions -- 3.4 Mutually Checking Code Regions -- 4 Security Evaluation -- 4.1 Static Attacker Model -- 4.2 Dynamic Attacker Model -- 5 Proof of Concept -- 5.1 PUF Characteristics -- 5.2 Implemented Protection Mechanisms -- 5.3 Performance Evaluation -- 6 Conclusion -- References -- Why Attackers Win: On the Learnability of XOR Arbiter PUFs -- 1 Introduction -- 2 Notation and Preliminaries -- 2.1 Arbiter and XOR PUFs -- 2.2 Linear Threshold Functions -- 2.3 Perceptron Algorithm -- 2.4 PAC Model -- 2.5 PAC Learning of LTFs with Perceptron Algorithm -- 3 PAC Learning of XOR PUFs -- 3.1 LTF-Based Representation of XOR PUFs -- 3.2 PAC Learning of XOR PUFs with Perceptron -- 3.3 Validation of the Theoretical Results -- 4 PAC Learning of Noisy XOR PUFs -- 5 Discussion -- 5.1 Theoretical Considerations -- 5.2 Practical Considerations -- 6 Conclusion -- References -- A Unified Security Analysis of Two-Phase Key Exchange Protocols in TPM 2.0 -- 1 Introduction -- 1.1 Weaknesses of AKE Protocols in TPM 2.0 -- 1.2 Motivations and Contributions -- 1.3 Organization -- 2 Preliminaries -- 2.1 Min-entropy -- 2.2 CDH and GDH Assumptions -- 3 The TPM Key Exchange Primitive -- 3.1 Introduction of tpm.KE -- 3.2 Informal Analysis -- 4 A Unified Security Model -- 4.1 Attacker Model -- 5 Formal Description of TPM.KE -- 6 Unforgeability of MQV and SM2 Key Exchange Functionalities -- 7 Security Analysis of tpm.KE -- 8 Discussion and Suggestions -- 8.1 Further Security Properties -- 8.2 Suggestions -- 9 Conclusions and Future Work. |
| References -- On Making Emerging Trusted Execution Environments Accessible to Developers -- 1 Introduction -- 2 Background -- 2.1 TrustLite and TyTAN -- 2.2 Intel SGX -- 2.3 Standardization -- 2.4 Open-TEE -- 3 Mapping GlobalPlatform Interfaces to New TEE Architectures -- 3.1 Realizing GP Interfaces on TrustLite / TyTAN -- 3.2 Realizing GP with SGX Through Open-TEE -- 4 Conclusion -- References -- Trust and Users -- Computing Trust Levels Based on User's Personality and Observed System Trustworthiness -- Abstract -- 1 Introduction -- 2 The Basic Trust Computational Model -- 3 Trustors Segmentation -- 4 Model Parameterization, Based on Segments' Properties -- 4.1 Trust Initialization -- 4.2 Trust Evolution with Observations Following a Machine Learning Approach -- 5 Validation Results -- 5.1 Experiment Setup -- 5.2 Validating Trustors' Segmentation -- 5.3 Validating the Trust Computational Model -- 6 Related Work -- 7 Conclusions and Future Work -- References -- Enhancing the Trustworthiness of Service On-Demand Systems via Smart Vote Filtering -- 1 Introduction -- 2 Related Work -- 3 Prerequisites -- 4 Misra-Gries-Based Query Filtering -- 5 Simulations -- 6 Conclusion -- References -- Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness -- 1 Introduction -- 2 Development Process -- 2.1 Design Decisions -- 2.2 Security Indicator Design -- 2.3 Security Dialogue Design -- 2.4 Dialogue Content -- 2.5 Firefox Add-On -- 3 Field Evaluation -- 3.1 Study Design -- 3.2 Study Prototype -- 3.3 Recruitment, Reimbursement, and Ethics -- 4 Results -- 4.1 Noticeability -- 4.2 Understandability and Succinctness -- 4.3 Acceptability -- 5 Discussion -- 6 Related Work -- 7 Conclusion and Future Work -- References -- Trusted Systems and Services -- Trustworthy Memory Isolation of Linux on Embedded Devices -- 1 Introduction. | |
| 2 Related Work -- 3 The Memory Virtualization API -- 3.1 Memory Management -- 3.2 Enforcing the Page Type Constraints -- 3.3 Hypervisor Guest Page Table Access -- 3.4 Memory Model and Cache Effects -- 4 Verification Approach -- 4.1 TLS Consistency Properties -- 4.2 Refinement -- 4.3 Processor Model -- 5 Formalizing the Proof Goals -- 5.1 TLS Consistency -- 5.2 The Implementation Model -- 5.3 The Refinement -- 6 Linux Support -- 7 Benchmark and Evaluation -- 8 Concluding Remarks -- References -- LookAhead: Augmenting Crowdsourced Website Reputation Systems with Predictive Modeling -- 1 Introduction -- 2 Related Work -- 3 Web Reputation System WOT -- 4 LookAhead: Predicting Safety Ratings -- 4.1 Structural Features of Web Pages -- 4.2 Content Features of Web Pages -- 4.3 Ensemble Classification -- 5 Experimental Settings -- 5.1 Datasets -- 5.2 Baseline Algorithms -- 5.3 Evaluation Metric -- 6 Evaluation -- 7 Discussion -- 7.1 Feature Importance in Reputation Prediction -- 7.2 Tuning of Prediction Performance -- 7.3 Detection Rate -- 7.4 Applications -- 7.5 Performance Considerations -- 7.6 Limitations -- 7.7 Current Work -- References -- Ripple: Overview and Outlook -- 1 Introduction -- 2 The Ripple Protocol -- 2.1 Overview of Ripple -- 2.2 Ripple Transactions -- 2.3 The Consensus Protocol -- 2.4 Ripple Vs. Bitcoin -- 3 Analysis of Forking in Ripple -- 4 Ripple Under the Hood -- 5 Related Work -- 6 Conclusion -- References -- Time to Rethink: Trust Brokerage Using Trusted Execution Environments -- 1 Introduction -- 2 Research Developments and State of the Art -- 2.1 Secure Multi-party Computation -- 2.2 Data De-Identification (DDI) -- 2.3 Advancements in Trusted Execution -- 3 TEE-based Trust Brokerage and Computation -- 4 Research Challenges in TEE-based Trust Brokerage -- 5 Conclusion -- References -- Trust and Privacy. | |
| REWIRE -- Revocation Without Resolution: A Privacy-Friendly Revocation Mechanism for Vehicular Ad-Hoc Networks -- 1 Introduction -- 2 Related Work -- 3 System Model and Scenario -- 3.1 System Operation -- 3.2 Attacker Model -- 4 Requirements -- 5 REWIRE -- Revocation Without Resolution -- 5.1 R-Tokens for Self-identification -- 5.2 Protocols and Message Formats -- 5.3 Trusted Computing Integration -- 5.4 Prevent Blocking of OSR Messages -- 6 Evaluation and Discussion -- 7 Conclusion -- References -- DAA-TZ: An Efficient DAA Scheme for Mobile Devices Using ARM TrustZone -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 ARM TrustZone -- 2.3 Physical Unclonable Functions -- 3 System Model and Assumptions -- 3.1 System Model -- 3.2 Assumptions and Threat Model -- 4 DAA-TZ Scheme for Mobile Device -- 4.1 The Architecture of Trusted Mobile Device -- 4.2 Key Derivation and Sensitive Data Management -- 4.3 The Details of DAA-TZ Scheme -- 4.4 Security Analysis -- 5 Implementation and Evaluation -- 5.1 Implementation -- 5.2 Comparison -- 5.3 Performance Evaluation -- 6 Conclusion -- References -- DAA-A: Direct Anonymous Attestation with Attributes -- 1 Introduction -- 2 Related Work -- 3 Two DAA-A Schemes -- 3.1 A General View of Them -- 3.2 The CL-Based Scheme -- 3.3 The sDH-Based Scheme -- 4 Implementation of DAA-A with TPM 2.0 -- 4.1 TPM 2.0 Hosted Attributes -- 4.2 The TPM 2.0 DAA-A Join Process -- 4.3 The TPM 2.0 DAA-A Sign/Verify Process -- 5 Performance Comparison -- 5.1 Token Size -- 5.2 Computational Cost -- 6 Security Analysis of the DAA-A Schemes -- 6.1 Formal Security Definition of DAA-A -- 6.2 Security Proofs -- References -- Building Blocks for Trust -- Proposed Processor Extensions for Significant Speedup of Hypervisor Memory Introspection -- 1 Introduction -- 1.1 Our Use-Case Scenario -- 2 Memory Introspection on X86 Platforms. | |
| 2.1 Hardware Accelerated X86 Virtualization and Security -- 2.2 Memory Introspection -- 3 Problems and Limitations of Memory Introspection -- 3.1 Software Speedup of Guest-to-Hypervisor Memory Mappings -- 3.2 Overhead of Guest-to-Hypervisor Memory Mappings -- 3.3 Overhead of A/D-Bit Update Induced VM-exits -- 4 Proposed X86 Processor Extensions -- 4.1 New X86 Instructions for Direct Guest Memory Access -- 4.2 Mechanism to Avoid VM-exits on A/D-Bit Updates -- 4.3 About the Feasibility of the Proposed Extensions -- 4.4 Estimated Speed-Up -- 5 Related Work -- 6 Conclusions -- References -- MWA Skew SRAM Based SIMPL Systems for Public-Key Physical Cryptography -- Abstract -- 1 Introduction -- 1.1 SIMPL Systems and Public PUFs -- 1.2 Implementation of SIMPL Systems via Skew SRAMs -- 2 MWA Skew SRAM Based SIMPL Systems -- 3 Design of an MWA Skew SRAM -- 4 Simulation -- 5 Discussion and Conclusion -- 5.1 Security Assessment -- 5.2 Conclusion and Future Scope -- References -- Secure Erasure and Code Update in Legacy Sensors -- 1 Introduction -- 2 Background and Preliminaries -- 2.1 Model -- 2.2 Remote Attestation -- 2.3 Proofs of Secure Erasure (PoSE) -- 2.4 All or Nothing Transforms (AONT) -- 3 Lightweight Proofs of Secure Erasure and Code Update -- 3.1 Lightweight Proofs of Secure Erasure -- 3.2 SUANT: Secure Code Update Based on AONT -- 4 Implementation and Evaluation -- 4.1 Implementation Setup -- 4.2 Evaluation Results -- 5 Related Work -- 6 Conclusion -- References -- Efficient Provisioning of a Trustworthy Environment for Security-Sensitive Applications -- 1 Introduction -- 2 Threat Model and Objectives -- 3 ``Alternative Red-Green VMs'' Protection Method -- 4 Improve the Green VM's Trustworthy Properties -- 5 Reduce the Switching Time to the Green VM -- 6 Implementation Technical Aspects -- 7 Performance Measurements -- 8 Related Work. | |
| 9 Conclusions. | |
| Sommario/riassunto: | This book constitutes the refereed proceedings of the 8th International Conference on Trust and Trustworthy Computing, TRUST 2015, held in Heraklion, Crete, Greece, in August 2015. The 15 full papers and 3 short papers presented in this volume were carefully reviewed and selected from 42 submissions. They were organized in topical sections named: hardware-enhanced trusted execution; trust and users; trusted systems and services; trust and privacy; and building blocks for trust. There are 7 two-page abstracts of poster papers included in the back matter of the volume. |
| Titolo autorizzato: | Trust and Trustworthy Computing |
| ISBN: | 3-319-22846-3 |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 9910484321303321 |
| Lo trovi qui: | Univ. Federico II |
| Opac: | Controlla la disponibilità qui |
Serie:
Security and Cryptology ; ; 9229