• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 2
  • Tagged with
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Design and Implementation of the Ephemerizer System

Xu, Shangjin January 2007 (has links)
<p>This thesis describes the system design and implementation of the secure Ephemerizer System that was first introduced by Radia Perlman in 2005. The system is designed to enable users to keep data for a finite period of time before making the data unrecoverable by destroying the keys with which the data was encrypted. The task of the Ephemerizer System service is to create, advertise, and destroy keys required for the Ephemerizer System's functionalities.</p><p>We designed the Ephemerizer System Service's security by placing the sensitive key management modules into a Trusted Computing Base (TCB). Our compartmentalized approach distributes security requirements at different sensitivity levels into different protection domains. In our approach, we implement the trusted protection domain (our TCB) on a tamper-resistant Javacard.</p><p>We placed the key storage database into the partly trusted protection domain to improve scalability and availability of the Ephemerizer System. The partly trusted protection domain requires memory isolation and other security mechanisms provided by the underlying operating system. We implemented several mechanisms on the TCB, such as the signature engine, cryptographic modules, the on-card expiration validator, and on-card time verification. We make the Ephemerizer System available to users as a web service and expose it though a uniform API. This approach enables the seamless integration of the Ephemerizer System into business processes on heterogeneous platforms.</p>
2

Design and Implementation of the Ephemerizer System

Xu, Shangjin January 2007 (has links)
This thesis describes the system design and implementation of the secure Ephemerizer System that was first introduced by Radia Perlman in 2005. The system is designed to enable users to keep data for a finite period of time before making the data unrecoverable by destroying the keys with which the data was encrypted. The task of the Ephemerizer System service is to create, advertise, and destroy keys required for the Ephemerizer System's functionalities. We designed the Ephemerizer System Service's security by placing the sensitive key management modules into a Trusted Computing Base (TCB). Our compartmentalized approach distributes security requirements at different sensitivity levels into different protection domains. In our approach, we implement the trusted protection domain (our TCB) on a tamper-resistant Javacard. We placed the key storage database into the partly trusted protection domain to improve scalability and availability of the Ephemerizer System. The partly trusted protection domain requires memory isolation and other security mechanisms provided by the underlying operating system. We implemented several mechanisms on the TCB, such as the signature engine, cryptographic modules, the on-card expiration validator, and on-card time verification. We make the Ephemerizer System available to users as a web service and expose it though a uniform API. This approach enables the seamless integration of the Ephemerizer System into business processes on heterogeneous platforms.

Page generated in 0.0359 seconds