Refine
Document Type
- Conference Proceeding (2)
- Article (reviewed) (1)
- Report (1)
Conference Type
- Konferenzartikel (2)
Has Fulltext
- no (4)
Is part of the Bibliography
- yes (4)
Keywords
Institute
Open Access
- Closed Access (3)
- Open Access (1)
UNIKOPS : Universell konfigurierbare Sicherheitslösung für Cyber-Physikalische heterogene Systeme
(2016)
Ziel von UNIKOPS (Universell konfigurierbare Sicherheitslösung für Cyberphysikalische heterogene Systeme) ist es, hochflexible Software- und teilweise auch Hardwarelösungen mit sehr hohem Sicherheitsniveau zu entwickeln, die in einer Vielzahl von CPS-Anwendungsfeldern, insbesondere mit Sensorknoten, einsetzbar sind.
The authors claim that location information of stationary ICT components can never be unclassified. They describe how swarm-mapping crowd sourcing is used by Apple and Google to worldwide harvest geo-location information on wireless access points and mobile telecommunication systems' base stations to build up gigantic databases with very exclusive access rights. After having highlighted the known technical facts, in the speculative part of this article, the authors argue how this may impact cyber deterrence strategies of states and alliances understanding the cyberspace as another domain of geostrategic relevance. The states and alliances spectrum of activities due to the potential existence of such databases may range from geopolitical negotiations by institutions understanding international affairs as their core business, mitigation approaches at a technical level, over means of cyber deterrence-by-retaliation.
Covert- and side-channels as well as techniques to establish them in cloud computing are in focus of research for quite some time. However, not many concrete mitigation methods have been developed and even less have been adapted and concretely implemented by cloud providers. Thus, we recently conceptually proposed C 3 -Sched a CPU scheduling based approach to mitigate L2 cache covert-channels. Instead of flushing the cache on every context switch, we schedule trusted virtual machines to create noise which prevents potential covert-channels. Additionally, our approach aims on preserving performance by utilizing existing instead of artificial workload while reducing covert-channel related cache flushes to cases where not enough noise has been achieved. In this work we evaluate cache covert-channel mitigation and performance impact of our integration of C 3 -Sched in the XEN credit scheduler. Moreover, we compare it to naive solutions and more competitive approaches.
Remote code attestation protocols are an essential building block to offer a reasonable system security for wireless embedded devices. In the work at hand we investigate in detail the trustability of a purely software-based remote code attestation based inference mechanism over the wireless when e.g. running the prominent protocol derivate SoftWare-based ATTestation for Embedded Devices (SWATT). Besides the disclosure of pitfalls of such a protocol class we also point out good parameter choices which allow at least a meaningful plausibility check with a balanced false positive and false negative ratio.