Hardware Protection for Trusted Software

Add to your list(s) Download to your calendar using vCal

• Prof. Ruby Lee, Princeton University
• Friday 15 July 2011, 15:00-16:00
• SS03, Computer Laboratory.

If you have a question about this talk, please contact Prof Simon Moore.

Note unusual time

It is very difficult, if not impossible, to guarantee that large, complex software programs are free of security vulnerabilities that can be exploited by attackers. Even if only a small part of a large application is security-critical, and this part is carefully constructed and statically analyzed to be secure, it still executes at runtime with a sea of untrusted software. In particular, the commodity operating system may be compromised, leaving security monitors in applications and middleware exposed. We discuss the Bastion architecture whose design goal is to enable trusted software modules to execute securely, even when there is malware in the system and the O.S. may be compromised. Bastion has a processor-hypervisor Trusted Computing Base, with hardware trust anchors and mechanisms for protecting the hypervisor, which then protects trusted software modules in the applications or O.S. space. Together with minimal trust chains, Bastion also provides the architectural equivalents of sealed storage and trustworthy attestation without using an external TPM chip. We discuss some of its defenses against both software and hardware threats, and its scalability to multiple trust domains.

Speaker’s Bio: Ruby B. Lee is the Forrest G. Hamrick Professor of Engineering and Professor of Electrical Engineering at Princeton University, with an affiliated appointment in the Computer Science department. She is the director of the Princeton Architecture Laboratory for Multimedia and Security (PALMS). Her current research is in security‐aware computer architecture, secure cloud computing, trustworthy and resilient systems, crypto acceleration, secure mobile computing, secure embedded systems and DDoS mitigation. She is a Fellow of the Association for Computing Machinery (ACM) and a Fellow of the Institute of Electrical and Electronic Engineers (IEEE). She is often asked to help or co‐lead U.S. national efforts to improve cyber security research. She is also Associate Editor‐in‐Chief of IEEE Micro and Advisory Board member of IEEE Spectrum. She is a member of the Phi Beta Kappa and Alpha Lambda Delta honoraries, and various Who’s Who. She has been granted over 120 United States and international patents. Prior to joining the Princeton faculty, Dr. Lee served as chief architect at Hewlett‐Packard, responsible at different times for processor architecture, multimedia architecture and security architecture. She introduced multimedia instructions into microprocessors, was a founding architect of HP’s PA‐RISC architecture and instrumental in the design of several generations of PA‐RISC processors for commercial and technical systems, and also co‐led an Intel‐HP IA‐64 architecture team. Concurrent with full‐time employment at HP, Dr. Lee also served as Consulting Professor of Electrical Engineering at Stanford University. She has a Ph.D. in Electrical Engineering and a M.S. in Computer Science, both from Stanford University, and an A.B. with distinction from Cornell University.

This talk is part of the Computer Laboratory Computer Architecture Group Meeting series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Computer Architecture Group Meeting
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• SS03, Computer Laboratory
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31

Note that ex-directory lists are not shown.