DOCSLIB.ORG

Trust Framework for the Cloud Using a Model of Trust, Data Movement Policies, and Decentralization Using Blockchain Technology

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Trust Framework for the Cloud Using a Model of Trust, Data Movement Policies, and Decentralization Using Blockchain Technology TRUST FRAMEWORK FOR THE CLOUD USING A MODEL OF TRUST, DATA MOVEMENT POLICIES, AND DECENTRALIZATION USING BLOCKCHAIN TECHNOLOGY By STEPHEN SEAN˜ KIRKMAN A DISSERTATION PRESENTED TO THE GRADUATE SCHOOL OF THE UNIVERSITY OF FLORIDA IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY UNIVERSITY OF FLORIDA 2019 ⃝c 2019 Stephen Se˜an Kirkman To my mom, Norma, who passed in early 2013 before I started my PhD, but knew I was going for it. ACKNOWLEDGMENTS I first and foremost thank my wife and son, Eva and William, for their patience and support during this awesome opportunity. The path to computer science began with my papa, Robin, who passed in 2010 and who was the first computer programmer in the Kirkman family; he worked with punch cards and COBOL. I remember looking at his greenbar printouts he brought home to debug when I was a boy. I thank my chair and advisor, Dr. Richard Newman for his patience and friendship. I wish to thank Dr. Manuel Bermudez (who is also on my committee) for his friendship, stories on his travels, and thoughts about a career in academia. I thank my PhD Committee members Dr. Daniela Oliveira, and Dr. Swarup Bhunia for their advice and support. I would like to thank a close family friend, Dr. Sandy Miarecki, who has guided and mentored me for the last 20 years. Sandy was one of my wife’s bridesmaids and close military friend. Since I have known her, she has provided an invaluable resource in life and pursuing higher education as I decided to get my PhD. I would like to thank Dr. Sumi Helal for encouraging me to apply to the University of Florida. From the University of Illinois at Springfield, I would like to thank Dr Kamyar Dezhgosha for supporting me to publish my first paper and the Department Chair Ted Mimms for his support. I would lastly like to thank the following individuals at the University of Florida for their assistance in conducting my survey: Florida Institute for Cyber Security (FICS) Research Coor- dinator Lesly Galiana for forwarding my survey to both faculty and students, Dr Curtis Taylor from the UF College of Engineering for including my survey in the bi-monthly newsletter to the UF College of Engineering Undergraduates, and finally Mr. Brian Roberts who coordinated to send my survey to the Warrington College of Business. 4 TABLE OF CONTENTS page ACKNOWLEDGMENTS ................................... 4 LIST OF TABLES ...................................... 11 LIST OF FIGURES ..................................... 13 ABSTRACT ......................................... 16 CHAPTER 1 INTRODUCTION ................................... 17 1.1 Efforts to Improve Trust ............................. 18 1.2 Dissertation Statement ............................. 19 1.3 Organization ................................... 20 2 LITERATURE REVIEW - ACHIEVING TRUST IN TECHNOLOGY ......... 21 2.1 Trusted Hardware ................................ 21 2.1.1 Trusted Platform Module and vTPM (2009) .............. 22 2.1.2 Intel Software Guard Extensions (2015) ................. 23 2.1.3 Trusted System on Chip Research (2017) ................ 25 2.2 Social Networks and Trusted Third Parties ................... 25 2.2.1 Social Networks to Improve Trust .................... 25 2.2.2 Cloud Security Alliance - STAR Registry ................. 26 2.2.3 Trusted Computing Group ........................ 26 2.3 Data Focused - Data Provenance and Trust ................... 26 2.4 Encryption .................................... 27 2.4.1 Homomorphic Encryption ........................ 27 2.4.2 Blockchains to Enhance Trust ...................... 28 2.5 Summary ..................................... 28 3 BLOCKCHAINS .................................... 30 3.1 Distributed Consensus .............................. 30 3.1.1 Byzantine Agreement Problem ...................... 31 3.1.2 FLP Impossibility Result ......................... 32 3.2 Blockchains - Bitcoin .............................. 33 3.2.1 Blockchain Fundamentals ........................ 33 3.2.2 Proof of Work - Mining ......................... 35 3.2.3 Storage - Merkle Trees .......................... 36 3.2.4 Forks ................................... 38 3.2.5 51% Attack ................................ 38 3.3 Ethereum Blockchain .............................. 39 3.3.1 Smart Contracts ............................. 40 5 3.3.2 Paying for Space and Computation ................... 40 3.3.2.1 Example 1 ........................... 42 3.3.2.2 Example 2 ........................... 43 3.3.3 Transactions ............................... 43 3.3.4 Data on the Ethereum Blockchain .................... 44 3.3.5 Proof of Stake .............................. 45 3.4 Multichain .................................... 46 3.5 Systems Based on Blockchains ......................... 47 3.5.1 Storj, 2014 ................................ 47 3.5.2 MedRec, 2016 .............................. 48 3.5.3 Blockstack, 2017 ............................. 50 3.5.4 Systems Summary ............................ 52 3.6 Chapter Summary ................................ 52 4 SYSTEMS REVIEW .................................. 54 4.1 Trust Systems .................................. 54 4.1.1 Excalibur: Policy Sealed Data, 2012 ................... 54 4.1.2 CloudMonatt, 2015 ............................ 56 4.1.3 Verifiable Confidential Cloud Computing, 2015 ............. 58 4.1.4 Trustworthy Multi-Cloud Services Communities, 2015 .......... 59 4.1.5 Cloud Trust Protocol, 2015 ....................... 62 4.1.6 Cloud Armor, 2016 ............................ 62 4.1.7 Tenant Attested Trusted Cloud, 2016 .................. 64 4.1.8 Trust Systems Summary ......................... 66 4.2 Data Movement Systems ............................ 68 4.2.1 CloudFence, 2013 ............................ 68 4.2.2 S2 Logger, 2013 ............................. 70 4.2.3 Data Location Control Model, 2014 ................... 73 4.2.4 Stratus Project, 2015 ........................... 75 4.2.5 VeriMetrix Framework, 2015 ....................... 76 4.2.6 Data Movement Systems Summary ................... 77 4.3 Chapter Summary ................................ 78 5 GOAL 1 - CLOUD TRUST MODEL AND VALIDATION ............... 80 5.1 Quantitative Trust Models ............................ 80 5.2 Probabilistic Models ............................... 83 5.3 A Trust Model for the Cloud ........................... 85 5.3.1 Five Degrees of Recommendation .................... 86 5.3.2 Cloud Spiral of Trust ........................... 88 5.4 Trust Model Effectiveness and Validation .................... 90 5.4.1 Industry Surveys and Academic Survey Research ............ 90 5.4.2 Power Analysis for Surveys ........................ 92 5.4.2.1 Effect size ........................... 93 5.4.2.2 Test that a proportion is .50 effect index g .......... 94 6 5.4.2.3 Difference between proportion effect index h ......... 94 5.4.2.4 Our statistical power ...................... 95 5.5 Survey Mechanics and Distribution ....................... 95 5.5.1 UF Institutional Review Board and Distribution Information ...... 96 5.5.2 Survey Respondents and Demographics ................. 97 5.5.3 Selected Result Charts .......................... 98 5.5.4 Survey Summary ............................. 101 5.6 Hypotheses for Cloud Trust Model ....................... 102 5.6.1 Hypothesis Test Plan ........................... 102 5.6.2 Hypothesis 1 ............................... 104 5.6.3 Hypothesis 2 ............................... 105 5.6.4 Hypothesis 3 ............................... 106 5.6.5 Hypothesis 4 ............................... 107 5.7 Summary ..................................... 109 6 GOAL 2 - ORCON CONSUMER POLICY MODEL FOR DATA MOVEMENT .... 110 6.1 ORCON Policy Model Overview ......................... 110 6.2 Model ...................................... 111 6.2.1 Elements of State: Clouds, Consumers, Datasets, Policies, and Tags .. 111 6.2.2 Functions ................................. 112 6.2.2.1 Tag function of a dataset ................... 112 6.2.2.2 Location function of a dataset ................. 112 6.2.2.3 Owner function of a dataset .................. 113 6.2.2.4 Mapping of consumer to metadata .............. 113 6.2.2.5 Mapping of consumer i to policy i .............. 113 6.2.2.6 Policy Function ........................ 113 6.2.3 State ................................... 113 6.2.4 Actions .................................. 114 6.2.4.1 Add cloud C .......................... 114 6.2.4.2 Add consumer E ........................ 114 6.2.4.3 Consumer Ei add data set D with tag TAG at cloud C ... 114 ′ 6.2.4.4 Consumer Ei modify metadata from µ to µ ......... 115 6.2.4.5 Consumer E modify policy to σ′ ............... 115 ′ 6.2.4.6 Move dataset Dij from C to C ................ 115 6.2.5 Valid State ................................ 116 6.2.6 Model Summary ............................. 116 6.3 Specific Policies ................................. 116 6.4 Authorizations, Attestations, and Audit ..................... 117 6.5 Summary ..................................... 118 7 GOAL 3 - CYCLOPS DECENTRALIZED APPLICATION WITH WHITELIST, DATA TRACKING, AND ATTESTATION .......................... 119 7.1 Overview - How Does the System Work? .................... 120 7.2 Pilot Decentralized Application ......................... 122 7 7.2.1 Decentralized Application GUI Design .................. 123 7.2.2 Smart Contract Design .......................... 123 7.2.2.1 Clouds and consumers ..................... 124 7.2.2.2 Policies ............................. 124 7.2.2.3 Consumer
Load more

Recommended publications
  • Trusted Platform Module (TPM) Quick Reference Guide
    Trusted Platform Module (TPM) Quick Reference Guide System builders/integrators should give this Guide to the system owners to assist them in enabling and activating the Trusted Platform Module. Warning of Potential Data Loss ..........................3 Trusted Platform Module (TPM) .........................5 System Requirements ........................................5 Security Precautions ..........................................5 Password Procedures ............................................. 6 Emergency Recovery File Back Up Procedures ........... 7 Hard Drive Image Backup Procedures....................... 7 Clear Text Backup (Optional) .................................. 7 Trusted Platform Module Ownership ..................8 Trusted Platform Module Software Installation..8 Enabling the Trusted Platform Module ...............8 Assuming Trusted Platform Module Ownership..9 Recovery Procedures ........................................10 How to Recover from a Hard Drive Failure ............... 10 How to Recover from a Desktop Board, coin battery or TPM Failure........................................... 10 Clearing Trusted Platform Module Ownership ...11 Support Links ....................................................12 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER,
    [Show full text]
  • Trusted Platform Module (TPM) TCG 1.2 / 2.0
    Trusted Platform Module (TPM) TCG 1.2 / 2.0 USER GUIDE Revision 1.20 The information in this user's guide has been carefully reviewed and is believed to be accurate. The vendor assumes no responsibility for any inaccuracies that may be contained in this document, and makes no commitment to update or to keep current the information in this manual, or to notify any person or organization of the updates. Please Note: For the most up-to-date version of this manual, please see our website at www.supermicro.com. Super Micro Computer, Inc. ("Supermicro") reserves the right to make changes to the product described in this manual at any time and without notice. This product, including software and documentation, is the property of Supermicro and/ or its licensors, and is supplied only under a license. Any use or reproduction of this product is not allowed, except as expressly permitted by the terms of said license. IN NO EVENT WILL SUPER MICRO COMPUTER, INC. BE LIABLE FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, SPECULATIVE OR CONSEQUENTIAL DAMAGES ARISING FROM THE USE OR INABILITY TO USE THIS PRODUCT OR DOCUMENTATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN PARTICULAR, SUPER MICRO COMPUTER, INC. SHALL NOT HAVE LIABILITY FOR ANY HARDWARE, SOFTWARE, OR DATA STORED OR USED WITH THE PRODUCT, INCLUDING THE COSTS OF REPAIRING, REPLACING, INTEGRATING, INSTALLING OR RECOVERING SUCH HARDWARE, SOFTWARE, OR DATA. Any disputes arising between manufacturer and customer shall be governed by the laws of Santa Clara County in the State of California, USA. The State of California, County of Santa Clara shall be the exclusive venue for the resolution of any such disputes.
    [Show full text]
  • Implementation of Smart Contracts for Blockchain Based Iot Applications
    Implementation of smart contracts for blockchain based IoT applications Georgios Papadodimas, Georgios Palaiokrasas, Antoniοs Litke, Theodora Varvarigou Electrical and Computer Engineering Department National Technical University of Athens Athens, Greece [email protected], [email protected], [email protected], [email protected] Abstract—An increasing number of people, organizations [11], funding mechanisms [12] and many more. A milestone and corporations are expressing their interest in the for the course of blockchain technology was the development decentralization technology of the blockchain. The creation of of Ethereum project, offering new solutions by enabling smart the blockchain marks the time when we start building contracts’ implementation and execution. The Ethereum distributed peer-to-peer networks consisting of non-trusting blockchain is a Turing complete platform for executing smart members that interact with each other without a trusted contracts [13], [14], and not just a ledger serving financial intermediary but in a verifiable manner. In this paper, we transactions. It is a suite of tools and protocols for the creation propose a decentralized application (DApp) based on and operation of Decentralized Applications (DApps), blockchain technology for sharing Internet of Things (IoT) “applications that run exactly as programmed without any sensors’ data, and demonstrate various challenges addressed possibility of downtime, censorship, fraud or third-party during the development process. This application combines blockchain technology with IoT and operates through smart interference”. It also supports a contract-oriented, high-level, contracts that are executed on the Ethereum blockchain. More Turing-complete programming language [15], allowing specifically the application is a platform for sharing (buying and anyone to write smart contracts and create DApps.
    [Show full text]
  • Versus Decentralized Prediction Markets for Financial Assets
    Wolfgang Pacher Centralized- versus Decentralized Prediction Markets for Financial Assets Are blockchain-based prediction market applications simply the better solution to forecasting financial assets? MASTER THESIS submitted in fulfilment of the requirements for the degree of Master of Science Programme: Master's programme Applied Business Administration Branch of study: General Management Alpen-Adria-Universität Klagenfurt Evaluator Assoc.Prof.Mag.Dr. Alexander Brauneis Alpen-Adria-Universität Klagenfurt Institut für Finanzmanagement Klagenfurt, May 2019 Affidavit I hereby declare in lieu of an oath that - the submitted academic paper is entirely my own work and that no auxiliary materials have been used other than those indicated, - I have fully disclosed all assistance received from third parties during the process of writing the thesis, including any significant advice from supervisors, - any contents taken from the works of third parties or my own works that have been included either literally or in spirit have been appropriately marked and the respective source of the information has been clearly identified with precise bibliographical references (e.g. in footnotes), - to date, I have not submitted this paper to an examining authority either in Austria or abroad and that - when passing on copies of the academic thesis (e.g. in bound, printed or digital form), I will ensure that each copy is fully consistent with the submitted digital version. I understand that the digital version of the academic thesis submitted will be used for the purpose of conducting a plagiarism assessment. I am aware that a declaration contrary to the facts will have legal consequences. Wolfgang Pacher m.p.
    [Show full text]
  • Metamask Pre-Assignment
    MMS 562F: Tech Driven Transformation MetaMask Pre-Assignment Campbell R. Harvey Duke University and NBER February 2021 Setup • Metamask is a cryptocurrency wallet that is used to interface with the Ethereum-based Apps • We will be setting up this Wallet on your mobile device (iOS or Android only) – If you are unable to use a mobile device, the end of this deck has a web browser tutorial (Page 19) – If you already have MetaMask on your browser, the end of this deck has a tutorial to link your Web Account to the Mobile App (Page 25) Campbell R. Harvey 2021 2 Setup • Download the Metamask app from the App Store or Google Play Store • Click Get Started • Click Create a new wallet • Create a new account by typing in a password of your choosing and pressing “Create” • Go through the prompts to secure your wallet • Store Secret Backup Phrase in a secure location, ideally paper or a password manager – not on your phone or computer. • Type in secret backup phrase Campbell R. Harvey 2021 3 1 Using MetaMask 1. Network • This determines which Ethereum Network you are using. Click on this to see all network options in a 2 dropdown. For this class we will only discuss or use the Main Ethereum Network and the Ropsten Test Network. 3 Campbell R. Harvey 2021 4 1 Using MetaMask 1. Network • The Ethereum Mainnet is where live ether (ETH) with real value exists and is 2 used for payment and applications. I will refer to this as the “main network” or the “mainnet” 3 Campbell R.
    [Show full text]
  • Pitx-APL V2.0
    USER GUIDE pITX-APL V2.0 Doc. Rev. 1.4 Doc-ID: 1065-6365 pITX-APL V2.0 – Rev. 1.4 This page has been intentionally left blank pITX-APL V2.0 – Rev. 1.4 PITX-APL V2.0 – USER GUIDE Disclaimer Kontron would like to point out that the information contained in this manual may be subject to alteration, particularly as a result of the constant upgrading of Kontron products. This document does not entail any guarantee on the part of Kontron with respect to technical processes described in the manual or any product characteristics set out in the manual. Kontron assumes no responsibility or liability for the use of the described product(s), conveys no license or title under any patent, copyright or mask work rights to these products and makes no representations or warranties that these products are free from patent, copyright or mask work right infringement unless otherwise specified. Applications that are described in this manual are for illustration purposes only. Kontron makes no representation or warranty that such application will be suitable for the specified use without further testing or modification. Kontron expressly informs the user that this manual only contains a general description of processes and instructions which may not be applicable in every individual case. In cases of doubt, please contact Kontron. This manual is protected by copyright. All rights are reserved by Kontron. No part of this document may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), without the express written permission of Kontron.
    [Show full text]
  • Decentralized Reputation Model and Trust Framework Blockchain and Smart Contracts
    IT 18 062 Examensarbete 30 hp December 2018 Decentralized Reputation Model and Trust Framework Blockchain and Smart contracts Sujata Tamang Institutionen för informationsteknologi Department of Information Technology Abstract Decentralized Reputation Model and Trust Framework: Blockchain and Smart contracts Sujata Tamang Teknisk- naturvetenskaplig fakultet UTH-enheten Blockchain technology is being researched in diverse domains for its ability to provide distributed, decentralized and time-stamped Besöksadress: transactions. It is attributed to by its fault-tolerant and zero- Ångströmlaboratoriet Lägerhyddsvägen 1 downtime characteristics with methods to ensure records of immutable Hus 4, Plan 0 data such that its modification is computationally infeasible. Trust frameworks and reputation models of an online interaction system are Postadress: responsible for providing enough information (e.g., in the form of Box 536 751 21 Uppsala trust score) to infer the trustworthiness of interacting entities. The risk of failure or probability of success when interacting with an Telefon: entity relies on the information provided by the reputation system. 018 – 471 30 03 Thus, it is crucial to have an accurate, reliable and immutable trust Telefax: score assigned by the reputation system. The centralized nature of 018 – 471 30 00 current trust systems, however, leaves the valuable information as such prone to both external and internal attacks. This master's thesis Hemsida: project, therefore, studies the use of blockchain technology as an http://www.teknat.uu.se/student infrastructure for an online interaction system that can guarantee a reliable and immutable trust score. It proposes a system of smart contracts that specify the logic for interactions and models trust among pseudonymous identities of the system.
    [Show full text]
  • Makoto Yano Chris Dai Kenichi Masuda Yoshio Kishimoto Editors
    Economics, Law, and Institutions in Asia Pacific Makoto Yano Chris Dai Kenichi Masuda Yoshio Kishimoto Editors Blockchain and Crypto Currency Building a High Quality Marketplace for Crypto Data Economics, Law, and Institutions in Asia Pacific Series Editor Makoto Yano, Research Institute of Economy, Trade and Industry (RIETI), Tokyo, Japan The Asia Pacific region is expected to steadily enhance its economic and political presence in the world during the twenty-first century. At the same time, many serious economic and political issues remain unresolved in the region. To further academic enquiry and enhance readers’ understanding about this vibrant region, the present series, Economics, Law, and Institutions in Asia Pacific, aims to present cutting-edge research on the Asia Pacific region and its relationship with the rest of the world. For countries in this region to achieve robust economic growth, it is of foremost importance that they improve the quality of their markets, as history shows that healthy economic growth cannot be achieved without high-quality markets. High-quality markets can be established and maintained only under a well-designed set of rules and laws, without which competition will not flourish. Based on these principles, this series places a special focus on economic, business, legal, and institutional issues geared towards the healthy development of Asia Pacific markets. The series considers book proposals for scientific research, either theoretical or empirical, that is related to the theme of improving market quality and has policy implications for the Asia Pacific region. The types of books that will be considered for publication include research monographs as well as relevant proceedings.
    [Show full text]
  • Intel® Select Solutions for Microsoft SQL Server* on Windows Server
    SOLUTION BRIEF Intel® Select Solutions Enterprise Data Center Infrastructure April 2019 Intel® Select Solutions for Microsoft SQL Server* Business Operations Flexible, easy-to-deploy, scalable solutions optimized for performance enable organizations to achieve their needed results. The quantity, size, and complexity of data center workloads increases almost every day. It’s crucial that those workloads run on compute, network, and storage infrastructure that is ideally tuned—and tested—to deliver optimized performance. Intel® Select Solutions for Microsoft SQL Server* Business Operations are optimized for online transaction processing (OLTP) to provide that assurance. Intel Select Solutions are hardware and software stacks optimized for specific workloads. Intel and data center solution providers tune the configurations using Intel® Xeon® Scalable processors and Intel® technologies to help ensure enterprises receive their needed performance. Intel Select Solutions for SQL Server Business Operations SQL Server is one of the world’s most popular relational database management systems (RDBMSs). Intel Select Solutions for SQL Server Business Operations can help minimize the time, cost, and complexity required for an enterprise to evaluate hardware and software integrations. Intel Select Solutions are tested to deliver optimum performance, improved security, reliability, and agility. Intel Select Solutions for SQL Server Business Operations are not only optimized to meet current performance needs, they also include technologies ready to help reduce the complexity of meeting evolving data center needs. What Are Intel® Select Solutions? Intel Select Solutions are verified hardware and software stacks that are optimized for specific software workloads across compute, storage, and network. The solutions are developed from deep Intel experience with industry solution providers, in addition to extensive collaboration with the world’s leading data center and service providers.
    [Show full text]
  • Using Remote Attestation of Trust for Computer Forensics
    Using Remote Attestation of Trust for Computer Forensics Gabriela Claret Limonta Marquez School of Electrical Engineering Thesis submitted for examination for the degree of Master of Science in Technology. Espoo 20.11.2018 Supervisor Prof. Raimo Kantola Advisor Dr. Ian Oliver Copyright ⃝c 2018 Gabriela Claret Limonta Marquez Aalto University, P.O. BOX 11000, 00076 AALTO www.aalto.fi Abstract of the master’s thesis Author Gabriela Claret Limonta Marquez Title Using Remote Attestation of Trust for Computer Forensics Degree programme Computer, Communication and Information Sciences Major Communications Engineering Code of major ELEC3029 Supervisor Prof. Raimo Kantola Advisor Dr. Ian Oliver Date 20.11.2018 Number of pages 94+34 Language English Abstract Telecommunications systems are critical systems with high quality of service con- straints. In Network Function Virtualization (NFV), commonly known as the Telco Cloud, network functions are distributed as virtual machines that run on generic servers in a datacenter. These network functions control critical elements; therefore, they should be run on trusted hardware. Trusted computing concepts can be used to guarantee the trustworthiness of the underlying hardware platform running critical workload. These concepts include the Trusted Platform Module and Remote Attestation. This work identifies limitations in existing solutions and uses those as motivation for designing and implementing a finer-grained definition of trust. This thesis designs and develops a remote attestation solution, which includes a policy and rule based mechanism for determining platform trust in a trusted cloud. Additionally, it develops a fine-grained concept of trust in a cloud environment based on NFV. Finally, this thesis utilizes the remote attestation solution to develop a forensics system based on root cause analysis, which allows the investigation of attestation failures and their mitigation.
    [Show full text]
  • Arxiv:1905.08164V1 [Cs.CR] 20 May 2019
    simTPM: User-centric TPM for Mobile Devices (Technical Report) Dhiman Chakraborty Lucjan Hanzlik Sven Bugiel CISPA Helmholtz Center CISPA Helmholtz Center CISPA Helmholtz Center for Information Security, for Information Security, for Information Security Saarland University Stanford University Abstract as preventing software version rollback, protecting RSA keys, or attesting protected keys. Trusted Platform Modules are valuable building blocks for TPM is also of interest for the different stakeholders on security solutions and have also been recognized as benefi- mobile devices. However, the particular benefits that the cial for security on mobile platforms, like smartphones and TPM offers have historically hung on the TPM’s implemen- tablets. However, strict space, cost, and power constraints of tation as a dedicated security chip that can act as a ”local mobile devices prohibit an implementation as dedicated on- trusted third party” on devices. Mobile devices are, however, board chip and the incumbent implementations are software constrained in space, cost, and power consumption, which TPMs protected by Trusted Execution Environments. prohibits a classical deployment of TPM. To address the par- In this paper, we present simTPM, an alternative imple- ticular problems of the mobile domain, the Trusted Com- mentation of a mobile TPM based on the SIM card avail- puting Group (TCG) introduced the Mobile Trusted Mod- able in mobile platforms. We solve the technical challenge ule (MTM) specifications [64]. Although the MTM concept of implementing a TPM2.0 in the resource-constrained SIM has never left the prototype status, its ideas influenced the card environment and integrate our simTPM into the secure latest TPM2.0 specification [67].
    [Show full text]
  • $5.75 $727,91Mm $664,28Mm $7.50 +31.16% +
    ETC INSIGHTS JULY 2020 07 MARKET JULY 01 JULY 31 $5.75 $7.50 +31.16% PRICE PRICE $727,91MM $876,75MM +148,835MM VOLUME (1D) VOLUME (1D) $664,28MM $857,30MM +193,020MM MARKET CAP MARKET CAP TECHNOLOGY UPDATES Core Geth seeing more adoption Core-geth is seeing the largest growing node adoption. Ethereum Classic no longer has LTS support for OpenEthereum or Multi-geth. Therefore, Ethereum Classic nodes must transition to Core-geth or Besu. 2nd most popular client, likely to reach most popular as Ethereum Classic no longer has LTS support for OpenEth & Multi-geth DEVELOPMENT Signatory and affiliated tools are nearing more maturity Growing collaboration with MetaMask regarding OpenRPC SigTools nearly Alpha Learn More ROADMAP CHANGES Tooling team is gathering requirements for a wallet project which may impact roadmap NEW TOOLS & FEATURES Signatory Core Learn More COMMUNITY ACCELERATOR NEWS & COHORT MEMBER UPDATES ETC Labs Announces Cohort III, Blockchain for Impact Startups Learn More EVENTS Blockchain course Angel Investing Learn More Learn More Ask Me Anything (AMA) Learn More SFBW’s Unitize 2020 Virtual Conference Watch the Presentation MOIP Episode feat. ETC Labs CEO Terry Culver Watch the Episode UNIVERSITIES INTEGRATIONS PARTNERSHIPS NEWS & EXISTING PARTNER UPDATES SWARM Alpha Event Learn More Launch Connect with Bloq, a developer suite platform for ETC and multi-chain support Learn More ETC Labs partners with World Wildlife Foundation Learn More WORKS IN PROGRESS ETC to build a stablecoin with top stablecoin project Diversifying support with more decentralized storage projects Leading AML project to support Accelerator startups and ETC SPOTLIGHT COHORT III Png.me Prescypto Open Relay Learn More Learn More Learn More IN THE NEWS RECENT MEDIA COVERAGE Ethereum Classic Labs Presents its Third Cohort and its Startups Learn More ETC Labs Launches Cohort III To Support Blockchain-Powered Impact Startups Learn More Ethereum Classic (ETC) Going Hot about How to Run a Swarm Node Learn More MoIP Interview with Terry Culver CEO ETC Labs Learn More ETC INSIGHTS JULY 2020.
    [Show full text]