CLASS AGENDA. 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m.
|
|
- Josephine Small
- 5 years ago
- Views:
Transcription
1
2 CLASS AGENDA INTEL SGX OVERVIEW... DEVELOPER TOOLKIT... DEVELOPING FOR INTEL SGX... BREAK FOR LUNCH... PROVISIONING SECRETS... DATA SEALING :00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m.
3 CLASS LOGISTICS [To be filled out on a site-by-site basis.]
4 INTEL SGX OVERVIEW Introduction Developer Toolkit Developing for SGX Provisioning Secrets Data Sealing
5 WHY USE INTEL SGX? Protect secrets running in your applications Examples of secrets include: Healthcare records Personally identifiable information (PII) Biometric factors and templates Passwords Encryption keys Intellectual property (IP)
6 INTEL SGX ENCLAVES Enclaves are the non-addressable system-memory spaces that Intel SGX creates in order to protect secrets. Only secrets belong in enclaves.
7 INTEL TRUSTED EXECUTION ENVIRONMENT Intel SGX is a per-process application trusted execution environment (TEE) for user-mode code. Isolates memory regions of code and data Reserves part of physical memory (RAM) for enclaves Encrypts the reserved part of main memory (RAM)
8 HARDWARE REQUIREMENTS Processor must support Intel SGX: Supported by 6th generation Intel processors and later BIOS must support Intel SGX memory reservation Three states of Intel SGX in the BIOS: Enabled Software Enabled Disabled Intel SGX does have simulation mode for writing code on systems that do not support Intel SGX.
9 LOCATIONS OF INTEREST Intel SGX landing zone: software.intel.com/en-us/sgx Intel SGX forum: software.intel.com/en-us/forums/ intel-software-guard-extensions-intel-sgx Request a production license: software.intel.com/ en-us/sgx/commercial-use-license-request Request access to the Intel SGX remote-attestation service:
10 INTEL SGX DEVELOPER TOOLKIT Introduction Developer Toolkit Developing for SGX Provisioning Secrets Data Sealing Developer Toolkit
11 EVALUATION VERSUS PRODUCTION TOOLS Evaluation software development kit (SDK) Dev tool kit and platform software (PSW) are always evaluation. This SDK version is for development. Debug enclaves can be inspected. To build release enclaves, developers need to get a production license from Intel. Production SDK This SDK version contains a legally binding commercial license from Intel. This license supersedes all other licenses. A production key is added to the Intel SGX whitelist. Permission from Intel to ship the PSW with ISV applications comes with this SDK version.
12 INTEL SGX PLATFORM SOFTWARE OVERVIEW PSW extends the Intel SGX hardware and installs the architectural enclaves. Different from developer-created enclaves Platform Services Enclave (PSE) Launch Enclave (LE) Provisioning Certificate Enclave (PCE) Quoting Enclave (QE) PSW loads architectural enclaves to the Enclave Page Cache (EPC). Intel SGX loader is different and separate from the Windows loader. PSW includes drivers to map to memory. PSW loads the Architectural Enclave Service Manager (AESM) service on boot. AESM must be running to launch enclaves. AESM maintains the whitelist of production keys. Intel SGX memory-access restrictions only come with production keys. PSW is not downloadable from Intel by the end user. Packaged with application installers Required for enclaves to run (no exceptions) Enclaves cannot launch without the architectural enclaves Specifically, LE is needed Trusted computing base (TCB) consists of: PSW CPU
13 HANDS-ON LAB 1
14 DEMONSTRATION: DETECTING INTEL SGX SUPPORT 1. Copy folder to your personal computer. 2. The folder contains three binaries: 1. Application with proper Intel SGX detection 2. Application with improper Intel SGX detection 3. Application with no Intel SGX detection 3. Execute the binaries on your personal computers and see the results of each.
15 DEVELOPING FOR INTEL SGX Introduction Developer Toolkit Developing for SGX Provisioning Secrets Data Sealing
16 PARTITIONING YOUR CODE Identify your secrets Identify providers and consumers of the secrets Identify the enclave boundary Tailor the modules for the enclave DEMO
17 HANDS-ON LAB 2
18 EXERCISE: INSERT ECALL CODE INTO SAMPLE APP
19 ADVANCED ENCLAVE INTERFACES Callbacks How to make an OCALL Advanced enclave-definition language (EDL) One example: user_check Default ECALL and OCALL behavior is to pass a copy of the buffer to which a pointer points user_check overrides this and directly passes the pointer through
20 EXERCISE: INSERT OCALL CODE WITH USER_CHECK
21 DEBUGGING INTEL SGX APPLICATIONS A local Windows debugger will not see breakpoints in an enclave. The Intel SGX debugger is a plug-in for Microsoft Visual Studio 2013 (update as support for 2015 is released). Must be the Professional Edition of Visual Studio Debugging plugins are not enabled in the Community Edition. Need to change Working Directory to Solution Directory in Visual Studio.
22 DEMONSTRATION: DEBUGGING THE SAMPLE APP 1. Cannot step into enclave from untrusted code 2. Break point must be in enclave code 3. Can inspect the enclave memory just like any other memory page
23 PROVISIONING SECRETS INTO ENCLAVES Introduction Developer Toolkit Developing for SGX Provisioning Secrets Data Sealing
24 HOW DO SECRETS GET INTO YOUR ENCLAVES Enclaves are simply shared libraries. Dynamic-link libraries Shared objects Open to inspection Do not build secrets (DLLs) in Windows in Linux into the enclave
25 HOW DO SECRETS GET INTO YOUR ENCLAVES (Continued) Secret origination from least to most secure: 1 Keyboard or clipboard Intel SGX can limit, but not eliminate, the attack surface. 3 Data generated by an algorithm within the enclave 2 Provisioning from a trusted service on the system Monotonic counter or trusted time (a clock users cannot manipulate) 4 Data imported from sealed data and local attestation Still better than other encrypted files because the secret is secured by a key that is unique to that system 5 Remote attestation Attested by remote service Session key derived from an enclave
26 HANDS-ON LAB 3
27 LOCAL ATTESTATION Two enclaves on a single system Why use? More efficiently use limited EPC resources Be a better citizen in using shared resources Reduce attack surface Use cases: Two enclaves, one application, and one signer (for example: sample encryption app) Two enclaves, two applications, and one signer (for example: stand-alone password manager and interacting with a browser)
28 EXERCISE: INSERT LOCAL- ATTESTATION CODE
29 REMOTE ATTESTATION Quote Quote Enclave ISV Server Quote Intel
30 DEMONSTRATION: REMOTE ATTESTATION
31 SEALING DATA WITH INTEL SGX Introduction Developer Toolkit Developing for SGX Provisioning Secrets Data Sealing
32 DATA PERSISTENCE FOR ENCLAVES Small piece of protected data saved to memory or disk Reasons for sealing data Primary: Power events Secondary: Enclave needs info from session to session
33 HANDS-ON LAB 4
34 EXERCISE: INSERT OCALLS TO HANDLE DATA SEALING AND UNSEALING
35 COURSE TAKEAWAYS Intel SGX enclaves provide a trusted execution environment. Tools in the Intel SGX SDK do much of the heavy lifting for developers. Developing applications for Intel SGX can require a shift of paradigm. Provisioning secrets securely in Intel SGX is a primary concern. Sealing data in Intel SGX is essential, particularly for power events.
Intel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationThe Security Challenges & Issues From SGX Practice
The Security Challenges & Issues From SGX Practice Xiaoning Li Chief Security Architect Alibaba Cloud 为了无法计算的价值 Agenda Secure Computing Introduction Intel SGX Applications and Challenges Secure Computing
More informationSealing and Attestation in Intel Software Guard Extensions (SGX)
Sealing and Attestation in Intel Software Guard Extensions (SGX) Rebekah Leslie-Hurd Intel Corporation January 8 th, 2016 2016 Intel Corporation. All rights reserved. A Typical Computing Platform Application
More informationIntel Security Dev API 1.0 Production Release
1.0 Production Release Release Notes 24 August 2017 Version History/Revision History Date Revision Description August 2017 1.0 Limited Production Release March 2017 0.61 Limited External Distribution Intended
More informationIntel Software Guard Extensions (Intel SGX) Developer Guide
Intel Software Guard Extensions (Intel SGX) Developer Guide Legal Information No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document.
More informationLeveraging Intel SGX to Create a Nondisclosure Cryptographic library
CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More informationIntroduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017
Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationIntel Software Guard Extensions SDK for Linux* OS. Installation Guide
Intel Software Guard Extensions SDK for Linux* OS Installation Guide Legal Information No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document.
More informationIntel Software Guard Extensions Platform Software for Windows* OS Release Notes
Intel Software Guard Extensions Platform Software for Windows* OS Release Notes Installation Guide and Release Notes November 3, 2016 Revision: 1.7 Gold Contents: Introduction What's New System Requirements
More informationROTE: Rollback Protection for Trusted Execution
ROTE: Rollback Protection for Trusted Execution Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, Srdjan Capkun Siniša Matetić ETH Zurich Institute of
More informationIsolating Operating System Components with Intel SGX
SysTEX 16 Trento, Italy Isolating Operating System Components with Intel SGX Lars Richter, Johannes Götzfried, Tilo Müller Department of Computer Science FAU Erlangen-Nuremberg, Germany December 12, 2016
More informationBinding keys to programs using Intel SGX remote attestation
Binding keys to programs using Intel SGX remote attestation Mark D. Ryan London Crypto Day 22 September 2017 1 Intel SGX Intel SGX is a set of processor instructions which allow one: To set up an enclave
More informationRecommendations for TEEP Support of Intel SGX Technology
Recommendations for TEEP Support of Intel SGX Technology Overview of SGX & Selected TEEP Topics David M. Wheeler david.m.wheeler@intel.com 1 Apologies If you are really interested in the details of SGX
More informationTRUSTED COMPUTING TECHNOLOGIES
TRUSTED COMPUTING TECHNOLOGIES TEE = Trusted Execution Environment Mandatory reading Innovative Instructions and Software Model for Isolated Execution, Frank McKeen, Ilya Alexandrovich, Alex Berenzon,
More informationNGSCB The Next-Generation Secure Computing Base. Ellen Cram Lead Program Manager Windows Security Microsoft Corporation
NGSCB The Next-Generation Secure Computing Base Ellen Cram Lead Program Manager Windows Security Microsoft Corporation ellencr@microsoft.com Agenda NGSCB Features Writing NGSCB Agents NGSCB development
More informationIntel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE ) Side Channel Exploits.
Intel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE-2017-5753) Side Channel Exploits White Paper Revision 1.0 February 2018 Intel technologies features
More informationFlicker: An Execution Infrastructure for TCB Minimization
Flicker: An Execution Infrastructure for TCB Minimization Jonathan McCune, Bryan Parno, Adrian Perrig, Michael Reiter, and Hiroshi Isozaki (EuroSys 08) Presented by: Tianyuan Liu Oct 31, 2017 Outline Motivation
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationArcGIS Enterprise Security: Advanced. Gregory Ponto & Jeff Smith
Enterprise Security: Advanced Gregory Ponto & Jeff Smith Agenda Focus: Security best practices for Enterprise Server Portal for 10.5.x Features Strongly Recommend: Knowledge of Server and Portal for Security
More informationBUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX FLORIAN KERSCHBAUM, UNIVERSITY OF WATERLOO JOINT WORK WITH BENNY FUHRY (SAP), ANDREAS FISCHER (SAP) AND MANY OTHERS DO YOU TRUST YOUR CLOUD SERVICE
More informationHow to secure your mobile application with RASP
How to secure your mobile application with RASP Webinar - 13 December 2016 Agenda 1. Mobile Application Security Risk categories Protection layers including RASP Dirk Denayer Enterprise & Application Security
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationIntel SGX Virtualization
Sean Christopherson Intel Intel SGX Virtualization KVM Forum 2018 Traditional VM Landscape App s secrets accessible by any privileged entity, e.g. VMM and OS App App App or a malicious app that has exploited
More informationAbout the XenClient Enterprise Solution
About the XenClient Enterprise Solution About the XenClient Enterprise Solution About the XenClient Enterprise Solution XenClient Enterprise is a distributed desktop virtualization solution that makes
More informationDepartment of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD
Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD THIS LECTURE... Today: Technology Lecture discusses basics in context of TPMs
More informationBoot Sequence OBJECTIVES RESOURCES DISCUSSION PROCEDURE LAB PROCEDURE 2
LAB PROCEDURE 2 Boot Sequence OBJECTIVES 1. Show the boot sequence of Marcraft 8000 Trainer. 2. See the extended memory count. 3. Change settings in CMOS. 4. See the LED sequence. 5. Detect hard disk drives.
More informationGraphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij
Graphene-SGX A Practical Library OS for Unmodified Applications on SGX Chia-Che Tsai Donald E. Porter Mona Vij Intel SGX: Trusted Execution on Untrusted Hosts Processing Sensitive Data (Ex: Medical Records)
More informationTrusted Mobile Keyboard Controller Architecture
Trusted Mobile Keyboard Controller Architecture Sundeep Bajikar Security Architect Mobile Platforms Group Intel Corporation September 17, 2003 1 Safer Computing Track Fall IDF Tuesday Wednesday Thursday
More informationSanctum: Minimal HW Extensions for Strong SW Isolation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &
More informationDistributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing
Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing 02/06/14 Goals Understand principles of: Authenticated booting, diference to (closed) secure
More informationPro Tools LE 7.1.2r2 on Mac for Pro Tools LE Systems on Mac OS X 10.4 ( Tiger ) Only
Read Me Pro Tools LE 7.1.2r2 on Mac for Pro Tools LE Systems on Mac OS X 10.4 ( Tiger ) Only Introduction This Read Me documents compatibility details, known issues, error codes, and corrections to the
More informationCHAPTER 2 BASIC OPERATING SYSTEM CONCEPT MANAGEMENT
CHAPTER 2 BASIC OPERATING SYSTEM CONCEPT MANAGEMENT Types of User Interface USER INTERFACE Command Interface Menu Interface Graphical User Interface Voice actuated Interface Web- form Interface User interface
More informationOperating system hardening
Operating system Comp Sci 3600 Security Outline 1 2 3 4 5 6 What is OS? Hardening process that includes planning, ation, uration, update, and maintenance of the operating system and the key applications
More informationIntel Software Guard Extensions (Intel SGX) SGX2
Intel Software Guard Extensions (Intel SGX) SGX2 Frank McKeen, Ilya Alexandrovich, Ittai Anati, Dror Caspi, Simon Johnson, Rebekah Leslie- Hurd, Carlos Rozas, Mark Shanahan, Bin (Cedric) Xing June 18,
More informationInfluential OS Research Security. Michael Raitza
Influential OS Research Security Michael Raitza raitza@os.inf.tu-dresden.de 1 Security recap Various layers of security Application System Communication Aspects of security Access control / authorization
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationImplementing Desktop Application Environments
Implementing Desktop Application Environments Course # Exam: Prerequisites Technology: Delivery Method: Length: 20416 70-416 20415 Windows Server Instructor-led (classroom) 5 Days Overview About this Course
More informationGetting Started with ESX Server 3i Installable Update 2 and later for ESX Server 3i version 3.5 Installable and VirtualCenter 2.5
Getting Started with ESX Server 3i Installable Update 2 and later for ESX Server 3i version 3.5 Installable and VirtualCenter 2.5 Getting Started with ESX Server 3i Installable Revision: 20090313 Item:
More informationSGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 3b SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees Slide deck extracted from Kamran s tutorial on SGX and Chenglu s security analysis
More informationIntroduction to Intel Boot Loader Development Kit (Intel BLDK) Intel SSG/SSD/UEFI
Introduction to Intel Boot Loader Development Kit (Intel BLDK) Intel SSG/SSD/UEFI Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED,
More informationAdvanced Security Measures for Clients and Servers
Advanced Security Measures for Clients and Servers Wayne Harris MCSE Senior Consultant Certified Security Solutions Importance of Active Directory Security Active Directory creates a more secure network
More informationIT Essentials v6.0 Windows 10 Software Labs
IT Essentials v6.0 Windows 10 Software Labs 5.2.1.7 Install Windows 10... 1 5.2.1.10 Check for Updates in Windows 10... 10 5.2.4.7 Create a Partition in Windows 10... 16 6.1.1.5 Task Manager in Windows
More informationCPS 510 final exam, 4/27/2015
CPS 510 final exam, 4/27/2015 Your name please: This exam has 25 questions worth 12 points each. For each question, please give the best answer you can in a few sentences or bullets using the lingo of
More informationWindows Download & Installation
BrokerMetrics / AgentMetrics Instructions for a New Installation Windows Download & Installation... 1 Macintosh Download & Installation... 6 Troubleshooting... 10 How to verify your installation... 11
More informationLecture 3 MOBILE PLATFORM SECURITY
Lecture 3 MOBILE PLATFORM SECURITY You will be learning: What techniques are used in mobile software platform security? What techniques are used in mobile hardware platform security? Is there a common
More informationEclipse-Based CodeWarrior Debugger
July 14-16, 2009 Eclipse-Based CodeWarrior Debugger QorIQ Multicore Linux Kernel Debug Bogdan Irimia CodeWarrior Software Engineer Tool used to develop software running on Freescale Power Architecture
More informationLab Install Windows 8
Introduction In this lab, you will install Windows 8.1 and 8.0. Recommended Equipment A computer with a blank hard disk drive Windows 8.1 and 8.0 installation DVD or USB flash drive Step 1: Starting the
More informationLecture Secure, Trusted and Trustworthy Computing Introduction to SGX
Lecture Secure, and Trustworthy Computing Introduction to Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Intel Software Guard Extensions
More informationAttestation Service for Intel Software Guard Extensions (Intel SGX): API Documentation. Revision: 3.0
Attestation Service for Intel Software Guard Extensions (Intel SGX): API Documentation Revision: 3.0 1 1 Abbreviations... 4 2 Attestation Service for Intel SGX... 5 Supported environments... 5 Authentication...
More informationDistributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing
Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing 30/05/11 Goals Understand principles of: Authenticated booting The difference to (closed) secure
More informationManufacturing Tools in the UEFI Secure Boot Environment
Manufacturing Tools in the UEFI Secure Boot Environment Presented by Stefano Righi presented by UEFI Plugfest May 2014 Agenda Introduction Transition of Manufacturing Tools to UEFI Manufacturing Tools
More informationInstalling and configuring an Android device emulator. EntwicklerCamp 2012
Installing and configuring an Android device emulator EntwicklerCamp 2012 Page 1 of 29 Table of Contents Lab objectives...3 Time estimate...3 Prerequisites...3 Getting started...3 Setting up the device
More information50331 Windows Client, Enterprise Desktop Support Technician
Course This course provides students with the knowledge and skills needed to isolate, document and resolve problems on Windows Desktops in a corporate domain. The material is geared towards corporate IT
More informationDeliver Strong Mobile App Security and the Ultimate User Experience
Deliver Strong Mobile App Security and the Ultimate User Experience The Presenters Will LaSala, Director of Services @ VASCO Will has been with VASCO since 2001 and over the years has been involved in
More informationCisco Unified Serviceability
Cisco Unified Serviceability Introduction, page 1 Installation, page 5 Introduction This document uses the following abbreviations to identify administration differences for these Cisco products: Unified
More informationProtecting your system from the scum of the universe
Protecting your system from the scum of the universe Gilad Ben-Yossef gilad@benyossef.com Twitter: @giladby About me My name is Gilad Ben-Yossef. I work on applied cryptography and security of the upstream
More informationMobile Platform Security Architectures A perspective on their evolution
Mobile Platform Security Architectures A perspective on their evolution N. Asokan CARDIS 2012 Graz, Austria November 29, 2012 1 NA, KKo, JEE, Nokia Resarch Center 2011-2012 Introduction Recent interest
More informationDepartment of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD
Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD THIS LECTURE... Today: Technology Lecture discusses basics in context of TPMs
More informationDeveloping Rich Internet Applications Using Microsoft Silverlight 4
Developing Rich Internet Applications Using Microsoft Silverlight 4 Course No. 10554 5 Days Instructor-led, Hands-on Introduction This course covers intermediate and advanced topics required to develop
More informationHands-On Lab. Launching Contextual Conversations from the Lync Controls. Lab version: 1.0 Last updated: 12/17/2010
Hands-On Lab Launching Contextual Conversations from the Lync Controls Lab version: 1.0 Last updated: 12/17/2010 CONTENTS OVERVIEW... 3 System Requirements 3 EXERCISE 1: INTEGRATE LAUNCH LINK AND DATA
More informationSCCM Plug-in User Guide. Version 3.0
SCCM Plug-in User Guide Version 3.0 JAMF Software, LLC 2012 JAMF Software, LLC. All rights reserved. JAMF Software has made all efforts to ensure that this guide is accurate. JAMF Software 301 4th Ave
More informationTown Crier. Authenticated Data Feeds For Smart Contracts. CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016
Town Crier Authenticated Data Feeds For Smart Contracts CS5437 Lecture by Kyle Croman and Fan Zhang Mar 18, 2016 Smart Contract Decentralized App: Programs are executed by all miners who reach consensus
More informationWindows 7, Enterprise Desktop Support Technician
Windows 7, Enterprise Desktop Support Technician Course 50331D; 5 days, Instructor-led Course Description This five-day instructor-led course provides students with the knowledge and skills needed to isolate,
More informationCOS 318: Operating Systems
COS 318: Operating Systems Overview Kai Li Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Important Times Lectures 9/20 Lecture is here Other lectures in
More informationTrusted Computing and O/S Security
Computer Security Spring 2008 Trusted Computing and O/S Security Aggelos Kiayias University of Connecticut O/S Security Fundamental concept for O/S Security: separation. hardware kernel system user Each
More information#RSAC #RSAC Thing Thing Thing Thing Thing Thing Edge Edge Gateway Gateway Cut costs Create value Find information in data then act Maintain Things Enrol Authorized Users & Things Authentication
More informationOld, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures
Old, New, Borrowed, Blue: A Perspective on the Evolution of Mobile Platform Security Architectures N. Asokan ACM CODASPY 11 Joint work with Kari Kostiainen, Elena Reshetova, Jan-Erik Ekberg Feb 22, 2011
More information3 INSTALLING WINDOWS XP PROFESSIONAL
INSTALLING WINDOWS XP PROFESSIONAL.1 Preparing for installation Objectives.1.1 Windows XP Professional Hardware Requirements.1.2 Hardware Compatibility List (HCL) check.1. Hard Disk Partition.1.4 Required
More informationNEW CEIBO DEBUGGER. Menus and Commands
NEW CEIBO DEBUGGER Menus and Commands Ceibo Debugger Menus and Commands D.1. Introduction CEIBO DEBUGGER is the latest software available from Ceibo and can be used with most of Ceibo emulators. You will
More informationSGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut
SGX Security Background Masab Ahmad masab.ahmad@uconn.edu Department of Electrical and Computer Engineering University of Connecticut 1 Security Background Outline Cryptographic Primitives Cryptographic
More informationControlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. Yuanzhong Xu, Weidong Cui, Marcus Peinado
: Deterministic Side Channels for Untrusted Operating Systems Yuanzhong Xu, Weidong Cui, Marcus Peinado 2 Goal Protect the data of applications running on remote hardware 3 New tech Trusted Platform Modules
More informationOverview. Audience Profile. At Course Completion. Module Title : 10982B: Supporting and Troubleshooting Windows 10. Course Outline :: 10982B::
Module Title : 10982B: Supporting and Troubleshooting Windows 10 Duration : 5 days Overview This course is designed to provide students with the knowledge and skills required to support and troubleshoot
More information1. Download the PTS Connect ProLink desktop hub installer from the PTS Connect ProLink web platform and run the installer. The following screen will
PS-005508 EN Rev. 0 01/18 User Guide 1 Requirements The minimum requirements for using the PTS Connect ProLink desktop platform are as follows: PC: Operating System: Microsoft Windows 10 (64 bits) Specifications:
More informationLab Android Development Environment
Lab Android Development Environment Setting up the ADT, Creating, Running and Debugging Your First Application Objectives: Familiarize yourself with the Android Development Environment Important Note:
More informationSupporting and Troubleshooting Windows 10
Supporting and Troubleshooting Windows 10 OD10982B; On-Demand, Video-based Course Description This course is designed to provide students with the knowledge and skills required to support and troubleshoot
More informationIntel Unite Solution Intel Unite Plugin for WebEx*
Intel Unite Solution Intel Unite Plugin for WebEx* Version 1.0 Legal Notices and Disclaimers All information provided here is subject to change without notice. Contact your Intel representative to obtain
More information1. Restarting a computer which is already running is referred to as
Computer Knowledge 1. Restarting a computer which is already running is referred to as (1) booting (2) starting (3) rebooting (4) second-starting 2. If you open a menu and then decide you don t want to
More informationCrypto Background & Concepts SGX Software Attestation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 4b Slide deck extracted from Kamran s tutorial on SGX, presented during ECE 6095 Spring 2017 on Secure Computation and Storage, a precursor to this course
More informationDepartment of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD
Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD THIS LECTURE... Today: Technology Lecture discusses basics in context of TPMs
More informationDawn Song
1 Virtual Machines & Security Dawn Song dawnsong@cs.berkeley.edu Virtual Machines VM: Execution environment that gives the illusion of a real machine VMM/Hypervisor: host software which provides this capability
More informationWindows 2000 System Administration Handbook, 1/e
Windows 2000 System Administration Handbook, 1/e Will Willis, Lewisville, Texas David Watts, Sugarland, Texas Tillman Strahan, Lewisville, Texas Copyright 2000, 721 pp. Paper format ISBN 0-13-027010-5
More informationCompTIA A+ Certification ( ) Study Guide Table of Contents
CompTIA A+ Certification (220-902) Study Guide Table of Contents Course Introduction About This Course About CompTIA Certifications Module 1 / Supporting Windows 1 Module 1 / Unit 1 Windows Operating System
More informationDeveloping Web Applications Using Microsoft Visual Studio 2008 SP1
Developing Web s Using Microsoft Visual Studio 2008 SP1 Introduction This five day instructor led course provides knowledge and skills on developing Web applications by using Microsoft Visual Studio 2008
More informationEmbedded System Security Mobile Hardware Platform Security
1 Embedded System Security Mobile Hardware Platform Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Summer Term 2017 Acknowledgement This slide set
More informationArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT
ArcGIS Enterprise Security: An Introduction Randall Williams Esri PSIRT Agenda ArcGIS Enterprise Security for *BEGINNING to INTERMIDIATE* users ArcGIS Enterprise Security Model Portal for ArcGIS Authentication
More informationA Developer's Guide to Security on Cortex-M based MCUs
A Developer's Guide to Security on Cortex-M based MCUs 2018 Arm Limited Nazir S Arm Tech Symposia India Agenda Why do we need security? Types of attacks and security assessments Introduction to TrustZone
More informationWLM1200-RMTS User s Guide
WLM1200-RMTS User s Guide Copyright 2011, Juniper Networks, Inc. 1 WLM1200-RMTS User Guide Contents WLM1200-RMTS Publication Suite........................................ 2 WLM1200-RMTS Hardware Description....................................
More informationWindows Client, Enterprise Desktop Support Technician
Course 50331D: Windows Client, Enterprise Desktop Support Technician Page 1 of 11 Windows Client, Enterprise Desktop Support Technician Course 50331D: 3 days; Instructor-Led Introduction (Updated for Windows
More informationSurviving in the wilderness integrity protection and system update. Patrick Ohly, Intel Open Source Technology Center Preliminary version
Surviving in the wilderness integrity protection and system update Patrick Ohly, Intel Open Source Technology Center Preliminary version Motivation for the talk Why bother? Why yet another talk? What s
More informationEmbedded System Security Mobile Hardware Platform Security
1 Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Summer Term 2016 Acknowledgement This slide set is based on slides provided by
More informationImportant DevOps Technologies (3+2+3days) for Deployment
Important DevOps Technologies (3+2+3days) for Deployment DevOps is the blending of tasks performed by a company's application development and systems operations teams. The term DevOps is being used in
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationClient-side Debugging. Gary Bettencourt
Client-side Debugging Gary Bettencourt Overview What is client-side debugging Tool overview Simple & Advanced techniques Debugging on Mobile devices Overview Client debugging involves more then just debugging
More informationIdentity-based Access Control
Identity-based Access Control The kind of access control familiar from operating systems like Unix or Windows based on user identities This model originated in closed organisations ( enterprises ) like
More informationSentinel Hardware Keys SDK Version for Windows Release Notes
Sentinel Hardware Keys SDK Version 1.2.0 for Windows Release Notes Product Overview This document contains an overview of the product, new features, and installation of the Sentinel TM Keys SDK release
More informationSupporting and Troubleshooting Windows 10
Course 10982B: Supporting and Troubleshooting Windows 10 Page 1 of 7 Supporting and Troubleshooting Windows 10 Course 10982B: 4 days; Instructor-Led Introduction This course is designed to provide students
More informationComputer Visions Course Outline
www.compvisions.com 16 Corporate Woods Blvd. Albany, NY 12211 Computer Visions Course Outline Get What You Want We offer highly customizable group training courses: desktop applications, web development,
More information