As society rushes to digitize sensitive information and services,
it is imperative to adopt adequate security protections. However,
such protections fundamentally conflict with the benefits we expect
from commodity computers. In other words, consumers and businesses
value commodity computers because they provide good performance and
an abundance of features at relatively low costs. Meanwhile,
attempts to build secure systems from the ground up typically
abandon such goals, and hence are seldomadopted. In this book, I
argue that we can resolve the tension between security and features
by leveraging the trust a user has in one device to enable her to
securely use another commodity device or service, without
sacrificing the performance and features expected of commodity
systems. At a high level, we support this premise by developing
techniques to allow a user to employ a small, trusted, portable
device to securely learn what code is executing on her local
computer. Rather than entrusting her data to the mountain of buggy
code likely running on her computer, we construct an on-demand
secure execution environment which can perform security-sensitive
tasks and handle private data in complete isolation from all other
software (and most hardware) on the system. Meanwhile,
non-security-sensitive software retains the same abundance of
features and performance it enjoys today. Having established an
environment for secure code execution on an individual computer, we
then show how to extend trust in this environment to network
elements in a secure and efficient manner. This allows us to
reexamine the design of network protocols and defenses, since we
can now execute code on endhosts and trust the results within the
network. Lastly, we extend the user's trust one more step to
encompass computations performed on a remote host (e.g., in the
cloud). We design, analyze, and prove secure a protocol that allows
a user to outsource arbitrary computations to commodity computers
run by an untrusted remote party (or parties) who may subject the
computers to both software and hardware attacks. Our protocol
guarantees that the user can both verify that the results returned
are indeed the correct results of the specified computations on the
inputs provided, and protect the secrecy of both the inputs and
outputs of the computations. These guarantees are provided in a
non-interactive, asymptotically optimal (with respect to CPU and
bandwidth) manner. Thus, extending a user's trust, via software,
hardware, and cryptographic techniques, allows us to provide strong
security protections for both local and remote computations on
sensitive data, while still preserving the performance and features
of commodity computers.
General
Is the information for this product incomplete, wrong or inappropriate?
Let us know about it.
Does this product have an incorrect or missing image?
Send us a new image.
Is this product missing categories?
Add more categories.
Review This Product
No reviews yet - be the first to create one!
Welcome to Loot.co.za!
Sign in / Register |Wishlists & Gift Vouchers |Help | Advanced search
