Projects per year
Abstract
A trusted computing base (TCB) is the minimum set of hardware and software components which are inherently trusted by a platform, and upon which more complex secure services can be built. The TCB is secure by definition, and it is typically implemented through hardened hardware components, which ensure that their secret data cannot be compromised. In this paper, we propose and investigate a two-tier TCB architecture that benefits both from a small hardened `minimal' TCB, but also offers the possibility of integrating complex security services into an `extended' TCB. Our design includes a collection of protocols to ensure (1) secure update of the components, (2) secure boot of the platform, (3) attestation, and (4) detection of powerful attackers that can corrupt memory regions together with a (highly probable) platform recovery mechanism after such an attack. The protocols have been formally modelled, and we provide a collection of security properties that have been verified using the automatic protocol verifier ProVerif.
Original language | English |
---|---|
Title of host publication | Computer Security – ESORICS 2022 |
Subtitle of host publication | 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III |
Editors | Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng |
Place of Publication | Cham |
Publisher | Springer |
Pages | 229–249 |
Number of pages | 21 |
Edition | 1 |
ISBN (Electronic) | 9783031171437 |
ISBN (Print) | 9783031171420 |
DOIs | |
Publication status | Published - 24 Sept 2022 |
Event | 27th European Symposium on Research in Computer Security - Copenhagen, Denmark Duration: 26 Sept 2022 → 30 Sept 2022 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 13556 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 27th European Symposium on Research in Computer Security |
---|---|
Abbreviated title | ESORICS 2022 |
Country/Territory | Denmark |
City | Copenhagen |
Period | 26/09/22 → 30/09/22 |
Keywords
- Trusted computing base
- Secure boot
- Remote attestation
- Formal modelling
Fingerprint
Dive into the research topics of 'Protocols for a two-tiered trusted computing base'. Together they form a unique fingerprint.-
CAP-TEE: Capability Architectures in Trusted Execution
Ryan, M., Thomas, R., Ordean, M., Garcia, F., Oswald, D., Muench, M. & Sinha Roy, S.
Engineering & Physical Science Research Council
12/08/20 → 30/11/24
Project: Research Councils
-
SIPP - Secure IoT Processor Platform with Remote Attestation
Engineering & Physical Science Research Council
1/12/19 → 30/11/23
Project: Research Councils
-
Cyber Security for the Vehicles of Tomorrow
Engineering & Physical Science Research Council
1/06/18 → 30/11/23
Project: Research Councils