Stock Image

Security and Trust Architectures for Protecting Sensitive Data on Commodity Computing Platforms

Marcel Winandy

ISBN 10: 3844013156 / ISBN 13: 9783844013153
Published by Shaker Verlag Sep 2012, 2012
New Condition: Neu
From Agrios-Buch (Bergisch Gladbach, Germany)

AbeBooks Seller Since 11 January 2012

Quantity Available: 2
Buy New
Price: £ 45.85 Convert Currency
Shipping: £ 15.31 From Germany to U.S.A. Destination, Rates & Speeds
Add to basket

About this Item

Neuware - This dissertation investigates how to realize practical security solutions that are able to protect sensitive data on commodity computing platforms. Standard operating systems on commodity platforms are usually insufficient to provide the required protection as they have not been designed with security in mind from the beginning. The main idea of this thesis is to add small trusted components to commodity systems, i.e., a hardware trust anchor and a small trusted software layer. Based on these trusted components, security architectures are built for various application scenarios. Fortunately, the recent incorporation of trusted computing concepts in commodity platforms allows for security functionality embedded directly into the hardware. The Trusted Platform Module (TPM) is one such example. In addition, modern main processors also include support for hardware virtualization. Based on these functionalities as well as recent results in the construction of microkernels, security architectures are designed that end-users can use to protect their systems and their data against a number of threats. The first major contribution of this thesis is the improvement of security architectures that use virtualization. A crucial aspect in this context is the virtualization of hardware security modules like the TPM. The design and implementation of a property-based vTPM is presented, a flexible and privacy-preserving realization of a virtual TPM. It integrates different approaches for measuring the platform's state, which results in enhanced support of both software updates and migration of virtual machines, without losing the required security properties. Another main contribution is the design and implementation of a security architecture against phishing attacks, i.e., attacks that try to steal passwords from users. The key idea is a trusted password wallet (TruWallet) that removes the burden of authentication from users when they login to web sites. TruWallet stores all passwords and automatically performs the login at the server on behalf of the user. In contrast to other approaches against phishing, the combination of the wallet, an underlying security kernel software, and the incorporation of trusted computing functionality provides protection measures against the strongest type of phishing attacks, i.e., phishing malware running on the user's computer. This thesis also presents a security architecture to protect shared information across different computing platforms. This architecture is based on the existing concept of Trusted Virtual Domains (TVDs), which essentially realizes a distributed enforcement of information flow control. This concept is extended beyond its usually proposed usage in data centers to include individual computing platforms of end-users. To address the specific needs of end-users, the thesis presents a design of a transparent cryptographic data protection of mobile storage devices (e.g., USB memory sticks), and a full implementation of the TVD concept on an existing desktop operating system. Finally, the thesis investigates special application scenarios that require a trustworthy platform, but which can be realized without the need for a persistently running trusted software layer. Therefore, the enhanced functionality of modern processors to provide a secure execution environment is leveraged, and the thesis presents the Unidirectional Trusted Path (UTP), i.e., a trusted path from the local user to a remote party. The thesis shows how this can be used as alternative for CAPTCHAs, or to create a secure transaction confirmation for online purchases in e-commerce scenarios. The security architectures presented in this thesis enable the protection of sensitive personal data and the protection of information sharing on commodity computing platforms. The results demonstrate that a secure execution of applications can be practically provided by introducing a small security layer underneath the normal oper. Bookseller Inventory # 9783844013153

Ask Seller a Question

Bibliographic Details

Title: Security and Trust Architectures for ...

Publisher: Shaker Verlag Sep 2012

Publication Date: 2012

Binding: Buch

Book Condition:Neu

Store Description

Visit Seller's Storefront

Terms of Sale:

Allgemeine Geschäftsbedingungen (

der Firma Agrios Buch- und Medienversand UG e.K. ,Geschäftsführer Ludwig Meier, De-Gasperi-Str. 8, 51469 Bergisch Gladbach nachstehend als Verkäufer bezeichnet.

§ 1 Allgemeines, Begriffsbestimmungen

(1) Der Verkäufer bietet unter dem Nutzernamen Agrios Buch unter der Plattform insbesondere Bücher an. Die folgenden Allgemeinen Geschäftsbedingungen (AGB) gelten für die Geschäftsbeziehung zwischen dem Verkäufer und dem Kunden in ihrer zum Ze...

More Information
Shipping Terms:

Der Versand ins Ausland findet IMMER mit DHL statt. Auch nach Österreich verschicken wir nur mit DHL! Daher Standardversand == Luftpost!

Detailed Seller Information

List this Seller's Books

Payment Methods
accepted by seller

Visa Mastercard American Express

Check PayPal Invoice Bank/Wire Transfer