• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 26
  • 5
  • 1
  • 1
  • 1
  • Tagged with
  • 47
  • 47
  • 24
  • 22
  • 12
  • 11
  • 10
  • 10
  • 9
  • 8
  • 8
  • 7
  • 7
  • 6
  • 6
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Trusted Computing auf dem Prüfstand des kartellrechtlichen Missbrauchsverbotes /

Blaha, Ralf. January 2006 (has links) (PDF)
Universiẗat, Diss.--Wien, 2006. / Literaturverz. S. 239 - 246.
2

Informationssicherheit in Automobilen

Goss, Stefan January 2008 (has links)
Zugl.: Siegen, Univ., Diss., 2008
3

Towards a Trustworthy Thin Terminal for Securing Enterprise Networks

Frenn, Evan 25 April 2013 (has links)
Organizations have many employees that lack the technical knowledge to securely operate their machines. These users may open malicious email attachments/links or install unverified software such as P2P programs. These actions introduce significant risk to an organization's network since they allow attackers to exploit the trust and access given to a client machine. However, system administrators currently lack the control of client machines needed to prevent these security risks. A possible solution to address this issue lies in attestation. With respect to computer science, attestation is the ability of a machine to prove its current state. This capability can be used by client machines to remotely attest to their state, which can be used by other machines in the network when making trust decisions. Previous research in this area has focused on the use of a static root of trust (RoT), requiring the use of a chain of trust over the entire software stack. We would argue this approach is limited in feasibility, because it requires an understanding and evaluation of the all the previous states of a machine. With the use of late launch, a dynamic root of trust introduced in the Trusted Platform Module (TPM) v1.2 specification, the required chain of trust is drastically shortened, minimizing the previous states of a machine that must be evaluated. This reduced chain of trust may allow a dynamic RoT to address the limitations of a static RoT. We are implementing a client terminal service that utilizes late launch to attest to its execution. Further, the minimal functional requirements of the service facilitate strong software verification. The goal in designing this service is not to increase the security of the network, but rather to push the functionality, and therefore the security risks and responsibilities, of client machines to the network€™s servers. In doing so, we create a platform that can more easily be administered by those individuals best equipped to do so with the expectation that this will lead to better security practices. Through the use of late launch and remote attestation in our terminal service, the system administrators have a strong guarantee the clients connecting to their system are secure and can therefore focus their efforts on securing the server architecture. This effectively addresses our motivating problem as it forces user actions to occur under the control of system administrators.
4

Implementing Direct Anonymous Attestation on TPM 2.0

Luther, Noah Robert 19 June 2017 (has links)
Numerous organizations have pressed in the past several years for improved security and privacy in online interactions. Stakeholders have encouraged the adoption of privacy-enhancing technologies, utilization of microcontrollers and hardware devices for key storage and attestation, and improvements to the methods and policies used for authentication. Cryptographers and security engineers have responded to these calls. There have been numerous papers published in the last decade on topics such as private information retrieval and anonymous authentication and the Trusted Computing Group (TCG) has released a version 2.0 standard for Trusted Platform Modules (TPM). Adoption and implementation of these techniques, however, has been lacking. Although the TPM 2.0 specification was released in 2014 there are no reference implementations of direct anonymous attestation algorithms compatible with the hardware. The purpose of this work is to implement and discuss the implementation of direct anonymous attestation on TPM 2.0 and to consider the scalability and performance of direct anonymous attestation schemes operating on real-world TPM devices. / Master of Science / Numerous organizations have pressed in the past several years for improved security and privacy in online interactions. Stakeholders have encouraged the adoption of new technologies for authentication to reduce the instances of fraud and identity theft. Researchers and engineers have developed standards and devices that aim to simultaneously improve security while maintaining user privacy. In particular, an organization called the Trusted Computing Group has released standards for a device called a Trusted Platform Module. This device is built in to many modern personal computers and is designed to allow users to authenticate without compromising their privacy. Even though the version 2.0 standard was released in 2014, however, there are no reference implementations of standardized privacy-preserving authentication algorithms compatible with the device. The purpose of this work is to implement algorithms for authentication utilizing a Trusted Platform Module and to discuss their performance in the real world.
5

Private environments for programs

Dunn, Alan Mark 25 September 2014 (has links)
Commodity computer systems today do not provide system support for privacy. As a result, given the creation of new leak opportunities by ever-increasing software complexity, leaks of private data are inevitable. This thesis presents Suliban and Lacuna, two systems that allow programs to execute privately on commodity hardware. These systems demonstrate different points in a design space wherein stronger privacy guarantees can be traded for greater system usability. Suliban uses trusted computing technology to run computation-only code privately; we refer to this protection as "cloaking". In particular, Suliban can run malicious computations in a way that is resistant to analysis. Suliban uses the Trusted Platform Module and processor late launch to create an execution environment entirely disjoint from normal system software. Suliban uses a remote attestation protocol to demonstrate to a malware distribution platform that the environment has been correctly created before the environment is allowed to receive a malicious payload. Suliban's execution outside of standard system software allows it to resist attackers with privileged operating system access and those that can perform some forms of physical attack. However, Suliban cannot access system services, and requires extra case-by-case measures to get outside information like the date or host file contents. Nonetheless, we demonstrate that Suliban can run computations that would be useful in real malware. In building Suliban, we uncover which defenses are most effective against it and highlight current problems with the use of the Trusted Platform Module. Lacuna instead aims at achieving forensic deniability, which guarantees that an attacker that gains full control of a system after a computation has finished cannot learn answers to even binary questions (with a few exceptions) about the computation. This relaxation of Suliban's guarantees allows Lacuna to run full-featured programs concurrently with non-private programs on a system. Lacuna's key primitive is the ephemeral channel, which allows programs to use peripherals while maintaining forensic deniability. This thesis extends the original Lacuna work by investigating how Linux kernel statistics leak private session information and how to mitigate these leaks. / text
6

An architectural approach for reasoning about trust properties

Namiluko, Cornelius January 2012 (has links)
The need for trustworthy system operation has been acknowledged in many circles. However, establishing that a system is trustworthy is a significant challenge. While trusted computing proposes technical mechanisms towards this end, less attention is directed towards providing a basis for trusting such systems. Consequently, it is not clear: (i) how such mechanisms influence the overall trust in a system; (ii) the properties and assumptions upon which trust is based; and (iii) the evidence necessary to reason about these properties. This can be attributed to a number of factors including: (i) the complexity of modern systems; (ii) a lack of consensus on a definition of trust; and (iii) a lack of a systematic approach for identifying and using evidence to reason about trust-related properties. This dissertation presents research towards addressing these challenges. We argue that an architectural approach provides effective abstractions for making trust properties and assumptions explicit and reasoning about a system's ability to satisfy these properties. We propose a framework for identifying, categorising and mapping trust-properties to aspects of a system that could be used to reason about these properties. Guided by this framework, we propose and develop models for representing knowledge about a particular aspect and using it to reason about trust-properties. A semantic model, based on the semantics of Z, is developed to characterise building blocks of trustworthy systems and to demonstrate how the system's constituents determine its trustworthiness. An abstraction model based on formal verification is developed to reason about the impact of the system's construction and configuration on its trustworthiness. Finally, two complementary models for capturing the runtime aspects of the system are developed. A trace-based model enables analysis of runtime evidence in the form of event logs and a provenance-based model captures operations on the system as a provenance graph. The models are validated on a trusted grid architecture, a password manager and a trustworthy collaborative system.
7

A Reconfigurable Trusted Platform Module

James, Matthew David 01 March 2017 (has links)
A Trusted Platform Module (TPM) is a security device included in most modern desktop and laptop computers. It helps keep the computing environment secure by isolating cryptographic functions and data from the CPU. A TPM is usually implemented with a small microcontroller which is near the main processor. In addition to a microcontroller, it may employ hardware acceleration to assist in cryptographic computations. When vulnerabilities are found, or new algorithms developed, TPMs become obsolete because the hardware accelerators cannot be upgraded. This thesis presents a proof of concept implementation of a TPM on an FPGA. By using an FPGA, the TPM gains the ability to be upgraded or have new cryptographic modules added. This new design easily fits on the Zynq FPGA used in this work, with room left over for additional functionality. We explore the feasibility of this approach, including the added cost of the FPGA, and the added benefits of reconfigurable hardware.
8

Design and Implementation of the Ephemerizer System

Xu, Shangjin January 2007 (has links)
<p>This thesis describes the system design and implementation of the secure Ephemerizer System that was first introduced by Radia Perlman in 2005. The system is designed to enable users to keep data for a finite period of time before making the data unrecoverable by destroying the keys with which the data was encrypted. The task of the Ephemerizer System service is to create, advertise, and destroy keys required for the Ephemerizer System's functionalities.</p><p>We designed the Ephemerizer System Service's security by placing the sensitive key management modules into a Trusted Computing Base (TCB). Our compartmentalized approach distributes security requirements at different sensitivity levels into different protection domains. In our approach, we implement the trusted protection domain (our TCB) on a tamper-resistant Javacard.</p><p>We placed the key storage database into the partly trusted protection domain to improve scalability and availability of the Ephemerizer System. The partly trusted protection domain requires memory isolation and other security mechanisms provided by the underlying operating system. We implemented several mechanisms on the TCB, such as the signature engine, cryptographic modules, the on-card expiration validator, and on-card time verification. We make the Ephemerizer System available to users as a web service and expose it though a uniform API. This approach enables the seamless integration of the Ephemerizer System into business processes on heterogeneous platforms.</p>
9

TCPA/TCG and NGSCB : Benefits and Risks for Users

Ericson, Peter January 2004 (has links)
<p>Trusted computing has been proposed as a way to enhance computer security and privacy significantly by including them in the design of computing platforms instead of adding them on top of an inherently insecure foundation; however, the project has attracted much criticism. This dissertation looks at trusted computing from the user perspective. Possible beneficial uses of the technology are brought up, and some of the raised criticism is discussed. The criticism is analyzed in an attempt to find out if the criticism is correct on all points, or if some of it is the result of misinformation or misunderstanding. The conclusion is that not all the arguments against trusted computing are correct, and that the possible implications for users are taken into account in the development process. The dissertation ends on a positive note, concluding that trusted computing is possible without the worst fears of the critics coming true.</p>
10

Konzeptioneller Entwurf und prototypische Implementierung einer Sicherheitsarchitektur für die Java-Data-Objects-Spezifikationen

Merz, Matthias January 2007 (has links)
Zugl.: Mannheim, Univ., Diss., 2007

Page generated in 0.0882 seconds