CS 387: Adv. Topics in Information Assurance -- Architectures for Trusted Computing

Papers

• Here is a starting list of papers. I will add to these over the next few weeks -- papers will be added into the appropriate 'category' and papers added after the first week will be indicated in red.

•  Language and Software Issues- Overview:
• Fred B. Schneider, Greg Morrisett, Robert Harper. A language-based approach to security* . Informatics: 10 Years Back, 10 Years Ahead, Lecture Notes in Computer Science, Vol. 2000, Springer-Verlag, Heidelberg, 86-101.
• McGraw, Gary and Greg Morrisett. Attacking Malicious Code*. In IEEE Software, Volume 17(5), September/October 2000.
• Fred B. Schneider. Enforceable Security Policies. ACM Transactions on Information and System Security 3, 1 (Feb. 2000), 30-50.
• Crispin Cowan. Software Security for Open Source Systems. IEEE Security & Privacy Magazine, February 2003, Volume 1, Number 1, pages 35-48.
• George C. Necula. Proof-Carrying Code . POPL97, January 1997.<><>
• Andrei Sabelfeld, Andrew C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communication, special issue on Formal Methods for Security, 21(1), January 2003, pages 5-19
  

• "Secure" Compilers - C and Java
  1. Trevor Jim, Greg Morrisett, Dan Grossman, Mike Hicks, James Cheney and Yanling Wang. Cyclone: A Safe Dialect of C*. Usenix Annual Technical Conference, pages 275-288, Monterey, CA, June 2002.
  2. G.Necula et al. Taming C Pointers.
  3. George C. Necula, Jeremy Condit, Matthew Harren. CCured: Type-Safe Retrofitting of Legacy Software*. ACM Transactions on Programming Languages and Systems (TOPLAS), 2004.
  4. D.Wheeler. Java Security Overview
  5. Sunil Soman, Chandra Krintz, and Giovanni Vigna. Detecting Malicious Java Code Using Virtual Machine Auditing. 12th USENIX Security Symposium, Washington DC, Aug. 4-8, 2003.
  6. Ulfar Erlingsson and Fred B. Schneider. IRM enforcement of Java stack inspection. Proceedings 2000 IEEE Symposium on Security and Privacy (Oakland, California, May 2000), IEEE Computer Society, Los Alamitos,California, 246-255.
  7.   GC Necula, P Lee. The Design and Implementation of a Certifying Compiler PLDI, 1998.
  8.  Greg Morrisett, Karl Crary, Neal Glew, Dan Grossman, Richard Samuels, Frederick Smith, David Walker, Stephanie Weirich, and Steve Zdancewic TALx86: A realistic typed assembly language. In the 1999 ACM SIGPLAN Workshop on Compiler Support for System Software, pages 25-35, Atlanta, GA, USA, May 1999.

• Static and Run-time  Tools

1.   George C. Necula, Peter Lee. Safe Kernel Extensions Without Run-Time Checking. OSDI'96,October 1996
2.   Junfeng Yang, Ted Kremenek, Yichen Xie, and Dawson Engler. MECA: an Extensible, Expressive System and Language for Statically Checking Security Properties. ACM CCS, 2003
3.  Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. 7th USENIX Security Symposium, January 1998, San Antonio, TX.
4. Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole. Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade* . SANS 2000, Orlando FL, March 2000
   
5. Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns* by Jonathan Pincus and Brandon Baker, IEEE Security and Privacy, July/Aug 2004.
   

• DRM - Watermarking and digests, Code Obfuscation.
  

• Mikhail J. Atallah. A Survey of Watermarking Techniques for Non-Media Digital Objects. ACSW Frontiers 2005: 73.

• Hoi Chang, Mikhail J. Atallah. Protecting Software Code by Guards. Digital Rights Management Workshop 2001: 160-175.
• Christian S. Collberg , Clark Thomborson. Software Watermarking: Models and Dynamic Embeddings. ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL99), San Antonio, Texas
• C. Collberg.
  
• B. Horne, L.R. Matheson, C. Sheehan, R.E. Tarjan. Dynamic self-checking techniques for improved tamper resistance. ACM Digital Rights Management Workshop , 2001.
  

•   OS
  
• Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman. Linux Security Module Framework. 2002 Ottawa Linux Symposium, Ottawa, Canada, June 2002.
• Chris Wright, Crispin Cowan, Stephen Smalley, James Morris, and Greg Kroah-Hartman. Linux Security Modules: General Security Support for the Linux Kernel. 11th USENIX Security Symposium, San Francisco, CA, August 2002.
• Kenneth M. Walker, Daniel F. Sterne, M. Lee Badger,Michael J. Petkac, David L. Shermann. Confining Root Programs with Domain and Type Enforcement. Proceedings of the 6th Usenix Security Symposium, San Jose, California, 1996.
• Rob Johnson and David Wagner. Finding User/Kernel Pointer Bugs With Type Inference. (Postscript) USENIX Security Symposium, 2004.
• David Brumley and Dawn Song. Privtrans: Automatic Privilege Separation. USENIX Security Symposium 2004. .
  
  

• Trusted Computing: Overview and position papers
• A Trusted Open Platform by England et al, IEEE Computer, July 2003
•  Cryptography and Competition Policy -- Issues with 'Trusted Computing' by Anderson, ACM PODC 2003
• Improving the TCPA Specification by Arbaugh, IEEE Computer, Aug. 2002
  

• Flexible OS Support and Applications for Trusted Computing by Garfinkel, Rosenblum, and Boneh, 9th Hot Topics in Operating Systems (HOTOS-IX), 2003.
•  Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al, SOSP 2003..
• Certifying Program Execution with Secure Processors by Chen and Morris, 9th Workshop on Hot Topics in Operating Systems (HotOS IX), 2003.
  

• Secure Co-Processor Architectures .
• W. A. Arbaugh, D. J. Farber, and J. M. Smith. A Secure and Reliable Bootstrap Architecture. IEEE Symposium on Security and Privacy , pp. 65-71, May 1997
• S.Smith. Magic Boxes and Boots: Security in Hardware. IEEE Computer. 37 (10): 106--109. October 2004.
• S.W. Smith, D. Safford. Practical Server Privacy Using Secure Coprocessors. IBM Systems Journal 40: 683-695. 2001.
• S.W. Smith. Secure Coprocessing Applications and Research Issues. Los Alamos Unclassified Release LA-UR-96-2805, Los Alamos National Laboratory.
• Building the IBM 4758 Secure Coprocessor* by Dyer et al, IEEE Computer, Oct 2001.
• Secure Coprocessors in Electronic Commerce Applications* by Yee and Tygar, USENIX Electronic Commerce Workshop, 1995.
• Certifying Program Execution with Secure Processors by Chen and Morris, 9th Workshop on Hot Topics in Operating Systems (HotOS IX), 2003.
  

• Hardware Security: Encrypted Execution.
• Architectural Support for Copy and Tamper Resistant Software* by David Lie, Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz, ASPLOS 2000.
• Specifying and Verifying Hardware for Tamper-Resistant Software* by David Lie, John Mitchell, Chandramohan Thekkath and Mark Horowitz, IEEE Symposium on Security and Privacy 2003.

• Enabling Trusted Software Integrity* by Kirovski et al, ASPLOS 2002
•   A Hardware-Software Platform for Intrusion Prevention* by Drinic and Kirovski, MICRO 2004.
• 
  

• Trusted Architectures using Trusted Processor (but other untrusted components).
• Implementing an Untrusted Operating System on Trusted Hardware by David Lie, Chandramohan Thekkath and Mark Horowitz, SOSP 2003.
• AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing by G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas, ICS 2003
  
• Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al, SOSP 2003.
• Flexible OS Support and Applications for Trusted Computing by Garfinkel, Rosenblum, and Boneh, 9th Hot Topics in Operating Systems (HOTOS-IX), 2003
  
• Fast Secure Processor for inhibiting Software Piracy and Tampering. Jun Yang, Y. Zhang, L. Gao. MICRO 2003.
  

• Hardware Based Obfuscation -- Protecting Information and Control Flow
  

• Zhuang, X., Zhang, T. and Pande, S. HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus*. International Conference on Architectural Support for Programming Languages and Operating Systems, Boston, MA., Oct 2004
• Xiaotong Zhuang, Tao Zhang, Hsien-Hsin Lee and Santosh Pande. Hardware Assisted Control Flow Obfuscation for Embedded Processors*. CASES, Washington DC, Sept. 2004
• H.Shacham et al. On the effectiveness of address-space randomization. Proceedings of the 11th ACM conference on Computer and communications security, Washington DC, 2004.

• Crypto in Hardware 

• A 2.3Gb/s Fully Integrated and Synthesizable AES Rijndael Core by Kim, Mudge, and Brown. Proc. IEEE Custom Integrated Circuits Conference (CICC), Sep. 2003
• Architectures and VLSI Implementations of the AES-Proposal Rijndael by Sklavos and Koufopavlou, IEEE Transactions on Computers, December 2002 .
• Architectural Support for Fast Symmetric-Key Cryptography by Jerome Burke, John McDonald, and Todd Austin. ASPLOS 2000
• CryptoManiac: A Fast Flexible Architecture for Secure Communication by Lisa Wu, Chris Weaver, and Todd Austin. ISCA 2001.
  

• Hardware based Control Flow Protection
  
•  DISE: A programmable Macro engine for customizing applications Marc L. Corliss, E Christopher Lewis and Amir Roth. ISCA 2003.
• Using DISE to Protect Return Addresses from Attack*  Marc L. Corliss, E Christopher Lewis and Amir Roth. 2004 Workshop on Architectural Support for Security and Anti-Virus, Oct. 9, 2004
• Secure Embedded Processing through Hardware-assisted Run-time Monitoring. Divya Arora, Srivaths Ravi, A. Raghunathan, Niraj K Jha. Proceedings of the Design, Automation, and Test in Europe,  DATE 2005, IEEE computer society.
• Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow by Tuck, Calder, and Verghese. MICRO 2004.
• SmashGuard: A Hardware Solution to Prevent Attacks on the Function Return Address*, H. Ozdoganoglu, C.E. Brodley, T.N. Vikaykumar, B.A. Kuperman. (CACM 2005).
  
• Hardware Support for Code Integrity in Embedded Processors. M. Milenkovic, A. Milenkovic, E. Jovanov, Proc. of ACM Compilers, Architecture and Synthesis for Embedded Systems, CASES 2005.
• Anamolous Path Detection with Hardware Support. T. Zhang, X. Zhuang, S. Pande, W. Lee, Proc. of ACM Compilers, Architecture and Synthesis for Embedded Systems, CASES 2005.

• Data and Memory Protection
• P.Wilson et al. Dynamic Storage Allocation: A Survey and Critical Review. Int. Workshop on Memory Management, 1995. See also P.Wilson's tutorial: Uniprocessor Garbage Collection Techniques.
  
• Region-based Memory Management in Cyclone by Dan Grossman, Greg Morrisett, Trevor Jim, Michael Hicks, Yanling Wang, and James Cheney. ACM Conference on Programming Language Design and Implementation, pages 282--293, Berlin, Germany, June, 2002. (run-time and compile time)
  
•  Understanding Data Lifetime via Whole System Simulation by Jim Chow, Ben Pfaff, Tal Garfinkel, Kevin Christopher, and Mendel Rosenblum. 2004 Usenix Security Symposium.
• Using Memory Errors to Attack a Virtual Machine by Govindavajhala and Appel, IEEE Symposium on Security and Privacy 2003.
  
• Efficient Memory Integrity Verification and Encryption for Secure Processors by Suh et al, MICRO 2003.
•  Secure Program Execution via Dynamic Information Flow Tracking by Suh, Lee, and Devadas. ASPLOS 2004.
• Mondrian Memory Protection, E. Witchel,  J.Cates, K. Asanovic, ASPLOS 2002.
• Memory predecryption: Hiding the Latency Overhead of Memory Encryption. Brian Rogers, Yan Solihin, Milos Prvulovic. Proc. ACM SIGARCH Computer Architecture News, Vol.33, No.1, March 2005.
  
•  Minos: Control Data Attack Prevention Orthogonal to Memory Model by Crandall and Chong. MICRO 2004.
•  RIFLE: An Architectural Framework for User-Centric Information-Flow Security by Vachharajani et al, MICRO 2004. (run-time system--not just hardware).

• Architectures for Privacy
•  PRIVACY: Architecture for Protecting Critical Secrets in Microprocessors by Ruby Lee et al, Int. Symposium on Computer Architecture (ISCA) 2005.
• Architectural Support for Protecting User Privacy on Trusted  Processors. Y. Zhang, Jun Yang, Y. Lin,  Lan Gao. ACM SIGARCH Computer News, Vol.33, No.1, March 2005.
• RFID Privacy: An Overview of Problems and Proposed Solutions. S. Garfinkel, A. Juels, R. Pappu, IEEE Security and Privacy, March 2005.
• Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest, Daniel Engels.
  

• Chip Security/Scan based attacks
• Secure Scan: A Design for-test Architecture for Crypto Chips.  B. Yang, K. Wu, R. Karri. Proc. ACM IEEE Design Automation Conference, 2005.
• Scan Based Side Channel attacks on Data Encryption Standard,  B. Yang, K. Wu, R. Karri, 2004.
• Scan Based Side Channel attack on Advanced Encryption Standard.  B. Yang, K. Wu, R. Karri, 2005
  
• Side channel Attacks: Ten Years after Publication and the Impacts on Cryptographic Modules Security Testing. YongBin Zhou, DengGuo Feng.
  

• Papers added/suggested by the class: