Khalid et al., 2020 - Google Patents
Hardware-Assisted Isolation Technologies: Security Architecture and Vulnerability AnalysisKhalid et al., 2020
- Document ID
- 7072467904826475746
- Author
- Khalid F
- Masood A
- Publication year
- Publication venue
- 2020 International Conference on Cyber Warfare and Security (ICCWS)
External Links
Snippet
Hardware-assisted isolation technology provide a Trusted Execution Environment (TEE) for the Trusted Computing Base (TCB) of a system. Since there is no standardization for such systems, many technologies using different approaches have been implemented over time …
- 238000002955 isolation 0 title abstract description 39
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Weiser et al. | Sgxio: Generic trusted i/o path for intel sgx | |
| Jauernig et al. | Trusted execution environments: properties, applications, and challenges | |
| Bhat et al. | A survey on various threats and current state of security in android platform | |
| Coppolino et al. | A comprehensive survey of hardware-assisted security: From the edge to the cloud | |
| Li et al. | TEEv: Virtualizing trusted execution environments on mobile platforms | |
| Jin et al. | Architectural support for secure virtualization under a vulnerable hypervisor | |
| US20160350534A1 (en) | System, apparatus and method for controlling multiple trusted execution environments in a system | |
| Ning et al. | Position paper: Challenges towards securing hardware-assisted execution environments | |
| Li et al. | TLB poisoning attacks on AMD secure encrypted virtualization | |
| Wang et al. | SvTPM: SGX-based virtual trusted platform modules for cloud computing | |
| US12254087B2 (en) | Translation lookaside buffer (TLB) poisoning attacks on secure encrypted virtualization | |
| US20150150084A1 (en) | System and methods for remote software authentication of a computing device | |
| Zaidenberg | Hardware rooted security in industry 4.0 systems | |
| Cheng et al. | DriverGuard: Virtualization-based fine-grained protection on i/o flows | |
| Jang et al. | Retrofitting the partially privileged mode for TEE communication channel protection | |
| Zhou et al. | Smile: Secure memory introspection for live enclave | |
| Benadjila et al. | Wookey: Designing a trusted and efficient USB device | |
| US20200067984A1 (en) | Management of a distributed universally secure execution environment | |
| Jang et al. | 3rdpartee: Securing third-party iot services using the trusted execution environment | |
| Kaplan | Hardware VM Isolation in the Cloud: Enabling confidential computing with AMD SEV-SNP technology | |
| Zhao et al. | A Survey of Hardware Improvements to Secure Program Execution | |
| Song et al. | Tz-ima: Supporting integrity measurement for applications with arm trustzone | |
| Khalid et al. | Hardware-Assisted Isolation Technologies: Security Architecture and Vulnerability Analysis | |
| Zhao et al. | Hypnoguard: Protecting secrets across sleep-wake cycles | |
| Yan et al. | SplitDroid: isolated execution of sensitive components for mobile applications |