RV-TEE: secure cryptographic protocol execution based on runtime verification-Reference-Cited by-同舟云学术

RV-TEE: secure cryptographic protocol execution based on runtime verification

Published:2021-07-05 Issue:3 Volume:17 Page:229-248
ISSN:2263-8733
Container-title:Journal of Computer Virology and Hacking Techniques
language:en
Short-container-title:J Comput Virol Hack Tech

Author:

Vella Mark^ORCID,Colombo Christian^ORCID,Abela Robert^ORCID,Špaček Peter^ORCID

Abstract

AbstractAnalytical security of cryptographic protocols does not immediately translate to operational security due to incorrect implementation and attacks targeting the execution environment. Code verification and hardware-based trusted execution solutions exist, however these leave it up to the implementer to assemble the complete solution, imposing a complete re-think of the hardware platforms and software development process. We rather aim for a comprehensive solution for secure cryptographic protocol execution, which takes the form of a trusted execution environment based on runtime verification and stock hardware security modules. RV-TEE can be deployed on existing platforms and protocol implementations. Runtime verification lends itself well at several conceptual levels of the execution environment, ranging from high level protocol properties, to lower level checks such as taint inference. The proposed architectural setup involving two runtime verification modules is instantiated through a case study using a popular web browser. We successfully monitor high and low level properties with promising results with respect to practicality.

Funder

North Atlantic Treaty Organization

Publisher

Springer Science and Business Media LLC

Subject

Computational Theory and Mathematics,Hardware and Architecture,Software,Computer Science (miscellaneous)

Link

https://link.springer.com/content/pdf/10.1007/s11416-021-00391-1.pdf

Reference81 articles.

1. Abrams, L.: New chrome password stealer sends stolen data to a mongodb database. https://www.bleepingcomputer.com/news/security/new-chrome-password-stealer-sends-stolen-data-to-a-mongodb-database. (2019). Accessed 10 Aug 2020

2. Aman, M.N., Basheer, M.H., Dash, S., Wong, J.W., Xu, J., Lim, H.W., Sikdar, B.: Hatt: hybrid remote attestation for the internet of things with high availability. IEEE Internet Things J. 7(8), 7220–7233 (2020)

3. Barany, G., Signoles, J.: Hybrid information flow analysis for real-world C code. In: Tests and Proofs—11th International Conference, TAP 2017, Held as Part of STAF 2017, Marburg, Germany, July 19–20, 2017, Proceedings, pp. 23–40 (2017)

4. Bauer, A., Jürjens, J.: Runtime verification of cryptographic protocols. Comput. Secur. 29(3), 315–330 (2010)

5. Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with haven. ACM Trans. Comput. Syst. 33(3), 1–26 (2015)

Cited by 5 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. RVsec: Towards a Comprehensive Technology Stack for Secure Deployment of Software Monitors;Proceedings of the 7th ACM International Workshop on Verification and Monitoring at Runtime Execution;2024-09-13

2. Runtime Verification for Trustworthy Computing;Electronic Proceedings in Theoretical Computer Science;2023-09-30

3. A modular pipeline for enforcement of security properties at runtime;Annals of Telecommunications;2023-04-17

4. RV-TEE-Based Trustworthy Secure Shell Deployment: An Empirical Evaluation.;The Journal of Object Technology;2022

5. Secure Implementation of a Quantum-Future GAKE Protocol;Security and Trust Management;2021