Filters








138 Hits in 2.8 sec

The Nizza Secure-System Architecture

H. Hartig, M. Hohmuth, N. Feske, C. Helmuth, A. Lackorzynski, F. Mehnert, M. Peter
2005 International Conference on Collaborative Computing: Networking, Applications and Worksharing  
The trusted computing bases (TCBs) of applications running on today's commodity operating systems have become extremely large.  ...  We discuss the design principles, the architecture and some components, and a number of usage examples.  ...  Acknowledgements Work on Nizza is generously supported by grants from the Deutsche Forschungsgemeinschaft, the Bundesministerium für Wirtschaft und Arbeit, Intel Corporation, and IBM.  ... 
doi:10.1109/colcom.2005.1651218 dblp:conf/colcom/HartigHFHLMP05 fatcat:cttqmrh5xbdv3dferxclrat2lu

Reducing TCB complexity for security-sensitive applications

Lenin Singaravelu, Calton Pu, Hermann Härtig, Christian Helmuth
2006 ACM SIGOPS Operating Systems Review  
The AppCore is executed as a trusted process in the Nizza architecture while the rest of the application executes on a virtualized, untrusted legacy operating system.  ...  At the system software level, we use the Nizza architecture which relies on a kernelized trusted computing base (TCB) and on the reuse of legacy code using trusted wrappers to minimize the size of the  ...  ACKNOWLEDGEMENTS We would like to thank Alexander Warg for his enormous contribution to the Mikro-SINA architecture and implementation.  ... 
doi:10.1145/1218063.1217951 fatcat:tu4tdaa255ghtjwh5fb3xqizsq

Reducing TCB complexity for security-sensitive applications

Lenin Singaravelu, Calton Pu, Hermann Härtig, Christian Helmuth
2006 Proceedings of the 2006 EuroSys conference on - EuroSys '06  
The AppCore is executed as a trusted process in the Nizza architecture while the rest of the application executes on a virtualized, untrusted legacy operating system.  ...  At the system software level, we use the Nizza architecture which relies on a kernelized trusted computing base (TCB) and on the reuse of legacy code using trusted wrappers to minimize the size of the  ...  ACKNOWLEDGEMENTS We would like to thank Alexander Warg for his enormous contribution to the Mikro-SINA architecture and implementation.  ... 
doi:10.1145/1217935.1217951 dblp:conf/eurosys/SingaraveluPHH06 fatcat:x75loqv3e5fbvam6hyyxhxhpyq

Security architectures revisited

Hermann Härtig
2002 Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC - EW10  
The knowledge in technologies needed to build secure platforms, or Security Architectures, has significantly matured over the recent years.  ...  Putting together these ingredients into a small secure platform seems straightforward, yet still remains to be done, and has the potential of making operating systems more dependable.  ...  Acknowledgements The envelope used for designing Nizza laid on a table on Nice's beach surrounded by Birgit Pfitzmann, James Riordan, Michael Waidner, Arnd Müller, and myself.  ... 
doi:10.1145/1133373.1133376 dblp:conf/sigopsE/Hartig02 fatcat:rwp6m2qmmraclcf2nwjdltr2ja

Reducing TCB size by using untrusted components

Michael Hohmuth, Michael Peter, Hermann Härtig, Jonathan S. Shapiro
2004 Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC - EW11  
Secure systems are best built on top of a small trusted operating system: The smaller the operating system, the easier it can be assured or verified for correctness.  ...  We propose extending traditional VMMs with features for secure message passing and memory sharing to enable the use of untrusted components in secure systems.  ...  Related work Terra [4] has been proposed as a virtual-machine-based security architecture for trusted systems.  ... 
doi:10.1145/1133572.1133615 dblp:conf/sigopsE/HohmuthPHS04 fatcat:y5b66gfkkferbjbstpsi6znpru

A layered approach to simplified access control in virtualized systems

Bryan D. Payne, Reiner Sailer, Ramón Cáceres, Ron Perez, Wenke Lee
2007 ACM SIGOPS Operating Systems Review  
This simplifies the policies and their enforcement, while minimizing the overall impact of security on the system.  ...  Achieving strong security guarantees often means restricting usability across the entire system, which is a primary reason why mandatory access controls are rarely deployed.  ...  Singaravelu and colleagues used the Nizza architecture as a TCB, which is based on the L4 microkernel [40] .  ... 
doi:10.1145/1278901.1278905 fatcat:b22feruhenamnajyhyy6z3co7i

Secure VPNs for Trusted Computing Environments [chapter]

Steffen Schulz, Ahmad-Reza Sadeghi
2009 Lecture Notes in Computer Science  
We solve the conflict between security and flexibility by implementing a selfcontained VPN service that resides in an isolated area, outside the operating system environment visible to the user.  ...  We develop a hardened version of the IPsec architecture and protocols by addressing known security issues and reducing the overall complexity of IPsec and IKEv2.  ...  The idea to externalize security subsystems into a hypervisor environment resulted in several new architectures like sHype, Terra, EROS, Nizza and Perseus [7-10, 1, 11] .  ... 
doi:10.1007/978-3-642-00587-9_13 fatcat:3ffsszwreffurnkncqfhpw5tte

Evaluating Collaboration Effectiveness of Patient-to-Doctor Interaction in a Healthcare Territorial Network [chapter]

Dario Antonelli, Dario Bellomo, Giulia Bruno, Agostino Villa
2012 IFIP Advances in Information and Communication Technology  
Therefore, the objective of this paper is to outline a Patient Guidance System (PGS) architecture to allow the patients an ubiquitous and secure management of personal health data and an easy call to the  ...  The PGS architecture will support an effective cooperation between the patient and the doctor in such a way to assure to the patient -either at home, or moving and/or being monitored by wearable devices  ...  the province territory and the hospitals located in the towns of Asti and Nizza Monferrato.  ... 
doi:10.1007/978-3-642-32775-9_13 fatcat:owululwosvgqtdq6pzyk4t7n5y

Fides

Raoul Strackx, Frank Piessens
2012 Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12  
To mitigate this threat, we propose a combined approach of (1) a run-time security architecture that can efficiently protect fine-grained software modules executing on a standard operating system, and  ...  The run-time architecture can be loaded on demand and only incurs performance overhead when it is loaded. Benchmarks show that, once loaded, it incurs a 3.22% system-wide performance cost.  ...  This research was done with the financial support from the Prevention against Crime Programme of the European Union, the IBBT, the IWT, the Research Fund KU Leuven, and the EU-funded FP7 project NESSoS  ... 
doi:10.1145/2382196.2382200 dblp:conf/ccs/StrackxP12 fatcat:ihpk4zaxp5fl7pgaa4zzluus5y

Memoir: Practical State Continuity for Protected Modules

Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens, Jonathan M. McCune
2011 2011 IEEE Symposium on Security and Privacy  
To protect computation, a security architecture must safeguard not only the software that performs it but also the state on which the software operates.  ...  A key contribution of Memoir is a technique to ensure rollback resistance without making the system vulnerable to system crashes.  ...  ACKNOWLEDGEMENTS This paper benefited from discussions with and suggestions from Helen Wang and David Molnar, as well as from the comments of the anonymous reviewers.  ... 
doi:10.1109/sp.2011.38 dblp:conf/sp/ParnoLDMM11 fatcat:segohmobpfaelm5arlzrz5oh5i

"The spoilt children of Europe"

Helen Kelly-Holmes, Veronica O'Regan
2004 Journal of Language and Politics  
Ireland's rejection of the Nice Treaty in a referendum in June 2001 led to intense media discourse about this "no" vote and speculation about the outcome of the second referendum to ratify the Treaty in  ...  The corpus of texts analysed also highlights the construction of a "them and us" divide between a morally superior in-group (the Germans) and a defective out-group (the Irish).  ...  terms of the EU's own system of governance.  ... 
doi:10.1075/jlp.3.1.07kel fatcat:ssqgp5frh5hgdashalcho5ty6q

μRTZVisor: A Secure and Safe Real-Time Hypervisor

José Martins, João Alves, Jorge Cabral, Adriano Tavares, Sandro Pinto
2017 Electronics  
However, on its own, classical virtualization is a poor match for modern endpoint embedded system requirements such as safety, security and real-time, which are our main target.  ...  Virtualization has been deployed as a key enabling technology for coping with the ever growing complexity and heterogeneity of modern computing systems.  ...  The founding sponsors had no role in the design of the study; in the collection, analyses, or interpretation of data; in the writing of the manuscript, and in the decision to publish the results.  ... 
doi:10.3390/electronics6040093 fatcat:6h52bryx35chtdtajminydgoky

Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms [chapter]

Amit Vasudevan, Bryan Parno, Ning Qu, Virgil D. Gligor, Adrian Perrig
2012 Lecture Notes in Computer Science  
Through the design and implementation of the Lockdown architecture, we evaluate whether partitioning, rather than virtualizing, resources and devices can lead to better security or performance for red/  ...  We investigate a new point in the design space of red/green systems [19, 30] , which provide the user with a highly-protected, yet also highly-constrained trusted ("green") environment for performing security-sensitive  ...  , NSF or the U.S.  ... 
doi:10.1007/978-3-642-30921-2_3 fatcat:ir5ku2luunc7zkft3oecx3dvhi

Improving Xen security through disaggregation

Derek Gordon Murray, Grzegorz Milos, Steven Hand
2008 Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments - VEE '08  
Finally, we evaluate our approach in terms of the reduction in TCB size, and by performing a security analysis of the disaggregated system.  ...  We begin by analysing the Xen architecture and explaining why the status quo results in a large TCB.  ...  This work was partially supported by EPSRC Grant reference EP/D020158/1 (XenSE), and the Open Trusted Computing project of the European Commission Sixth Framework Programme.  ... 
doi:10.1145/1346256.1346278 dblp:conf/vee/MurrayMH08 fatcat:sm4whtlkmnb3nlfsbiu32owgoy

Designing Security-Hardened Microkernels For Field Devices [chapter]

Jeffrey Hieb, James Graham
IFIP International Federation for Information Processing  
The approach, which is influenced by the MILS and Nizza architectures, is implemented in a prototype field device.  ...  Distributed control systems (DCSs) play an essential role in the operation of critical infrastructures.  ...  The Nizza architecture is based on the L4 microkernel and protects security critical code. The MILS and Nizza architectures are presented in Figures 1 and 2 , respectively.  ... 
doi:10.1007/978-0-387-88523-0_10 fatcat:y7k6tcevzza6dlv2rtdyjsnrr4
« Previous Showing results 1 — 15 out of 138 results