Tools

LEADER 04187nam 22005177i 4500

001 ssj0001399394;

003 WaSeSS;

005 20240712080447.0;

006 m d ;

007 cr n ;

008 160408s2014 cau sb 000 0 eng d;

010 a| 2016304730;

020 a| 9781627054775 (print);

020 a| 1627054774 (print);

020 z| 9781627054782 (ebook);

020 z| 9781627054799 (ePub);

035 a| (WaSeSS)ssj0001399394;

042 a| lccopycat;

049 a| EREEa| NEHH;

050 00 a| QA76.9.A25b| P382 2014;

082 04 a| 005.82| 23;

100 1 a| Parno, Bryan.?| UNAUTHORIZED;

245 10 a| Trust extension as a mechanism for secure code execution on commodity computersh| [electronic resource] /c| Bryan Jeffrey Parno, Microsoft Research.;

250 a| First edition.;

260 a| [San Rafael, California] :b| Morgan & Claypool Publishers,c| [2014];

300 a| xvii, 188 pages :b| illustrations (some color) ;c| 24 cm;

490 1 a| ACM Books series ;v| #2;

504 a| Includes bibliographical references (pages 173-188).;

506 a| Available only to authorized users.;

520 a| "As society rushes to digitize sensitive information and services, it is imperative to adopt adequate security protections. However, such protections fundamentally conflict with the benefits we expect from commodity computers. In other words, consumers and businesses value commodity computers because they provide good performance and an abundance of features at relatively low costs. Meanwhile, attempts to build secure systems from the ground up typically abandon such goals, and hence are seldom adopted. I argue that we can resolve the tension between security and features by leveraging the trust a user has in one device to enable her to securely use another commodity device or service, without sacrificing the performance and features expected of commodity systems. At a high level, we support this premise by developing techniques to allow a user to employ a small, trusted, portable device to securely learn what code is executing on her local computer. Rather than entrusting her data to the mountain of buggy code likely running on her computer, we construct an on-demand secure execution environment which can perform security-sensitive tasks and handle private data in complete isolation from all other software (and most hardware) on the system. Meanwhile, non- security-sensitive software retains the same abundance of features and performance it enjoys today. Having established an environment for secure code execution on an individual computer, we then show how to extend trust in this environment to network elements in a secure and efficient manner. This allows us to reexamine the design of network protocols and defenses, since we can now execute code on end hosts and trust the results within the network. Lastly, we extend the user's trust one more step to encompass computations performed on a remote host (e.g., in the cloud). We design, analyze, and prove secure a protocol that allows a user to outsource arbitrary computations to commodity."--c| Publisher's description.;

538 a| Mode of access: World Wide Web;

650 0 a| Computer security.=| ^A257308;

650 7 a| Computer security.2| fast0| (OCoLC)fst00872484;

655 0 a| Electronic books.=| ^A491897;

830 0 a| ACM booksv| #2.=| ^A1287316;

856 40 z| Full text available from Ebook Central - Academic Completeu| https://ebookcentral.proquest.com/lib/eastcarolina/detail.action?docID=1766764;

947 a| (OCoLC)ocn880565116;

949 a| CLICK ON WEB ADDRESSw| ASISh| JOYNER188;

949 a| CLICK ON WEB ADDRESSw| ASISh| HSL77;

949 a| CLICK ON WEB ADDRESSw| ASISh| JMUSIC60;

596 a| 1 3 4;

998 a| 6461713;

999 a| CLICK ON WEB ADDRESSw| ASISc| 1i| 6461713-1001l| JNETm| JOYNERr| Ys| Yt| JNESSBKu| 7/21/2024x| EBOOKz| JERESOURCE;

999 a| CLICK ON WEB ADDRESSw| ASISc| 1i| 6461713-2001l| HSLELECm| HSLr| Ys| Yt| HEBKu| 7/21/2024x| EBOOKz| HERESOURCE;

999 a| CLICK ON WEB ADDRESSw| ASISc| 1i| 6461713-3001l| MNETm| JMUSICr| Ys| Yt| MNESSBKu| 7/21/2024x| EBOOKz| JERESOURCE;

Trust extension as a mechanism for secure code execution on commodity computers / Bryan Jeffrey Parno, Microsoft Research.

Author/creator	Parno, Bryan
Format	Electronic
Edition	First edition.
Publication Info	[San Rafael, California] : Morgan & Claypool Publishers, [2014]
Description	xvii, 188 pages : illustrations (some color) ; 24 cm
Supplemental Content	Full text available from Ebook Central - Academic Complete
Subjects	Computer security.

Series	ACM Books series ; #2 ACM books #2. ^A1287316
Abstract	"As society rushes to digitize sensitive information and services, it is imperative to adopt adequate security protections. However, such protections fundamentally conflict with the benefits we expect from commodity computers. In other words, consumers and businesses value commodity computers because they provide good performance and an abundance of features at relatively low costs. Meanwhile, attempts to build secure systems from the ground up typically abandon such goals, and hence are seldom adopted. I argue that we can resolve the tension between security and features by leveraging the trust a user has in one device to enable her to securely use another commodity device or service, without sacrificing the performance and features expected of commodity systems. At a high level, we support this premise by developing techniques to allow a user to employ a small, trusted, portable device to securely learn what code is executing on her local computer. Rather than entrusting her data to the mountain of buggy code likely running on her computer, we construct an on-demand secure execution environment which can perform security-sensitive tasks and handle private data in complete isolation from all other software (and most hardware) on the system. Meanwhile, non- security-sensitive software retains the same abundance of features and performance it enjoys today. Having established an environment for secure code execution on an individual computer, we then show how to extend trust in this environment to network elements in a secure and efficient manner. This allows us to reexamine the design of network protocols and defenses, since we can now execute code on end hosts and trust the results within the network. Lastly, we extend the user's trust one more step to encompass computations performed on a remote host (e.g., in the cloud). We design, analyze, and prove secure a protocol that allows a user to outsource arbitrary computations to commodity."-- Publisher's description.
Bibliography note	Includes bibliographical references (pages 173-188).
Access restriction	Available only to authorized users.
Technical details	Mode of access: World Wide Web
Genre/form	Electronic books.
LCCN	2016304730
ISBN	9781627054775 (print)
ISBN	1627054774 (print)

Availability

Library	Location	Call Number	Status	Item Actions
	Electronic Resources	Access Content Online	✔ Available

Trust extension as a mechanism for secure code execution on commodity computers / Bryan Jeffrey Parno, Microsoft Research.

Click here for more information about this title

Availability