A workshop held in conjunction with the 19th ACM Conference on Computer and Communications Security (ACM CCS 2012).
Built on the continuous success of ACM STC 2006-2011, this workshop focuses on fundamental technologies of trusted and high assurance computing and its applications in large-scale systems with varying degrees of trust. The workshop is intended to serve as a forum for researchers as well as practitioners to disseminate and discuss recent advances and emerging issues.
- Submission due: July 20, 2012 23:59 EDT (extended)
- Notification: Aug. 13, 2012
- Final version: Aug. 24, 2012 8:00am EDT
- Workshop date: Oct. 15, 2011 (MONDAY)
TU Darmstadt, Germany
Keynote title: The Rise, Fall and Reincarnation of Trusted Computing
The increasing global connectivity and distributed applications for business and personal use, particularly through the fast growth of mobile device and App markets as well as cloud computing, demand for IT systems that are capable of handling sophisticated security and privacy requirements. This development has dramatically changed the IT ecosystem and the way we store and process information or access services.
Although academic and industrial research provide a variety of useful methods, mechanisms and tools to face the growing security and privacy threats and challenges, they are only partially eﬀective in practice as long as the common computing platforms suﬀer from various (conceptual) security problems in software (particularly commodity operating systems) and hardware. To reach the short and long term security and privacy goals we need a cost-eﬀective, safe and careful transition from the today’s IT system into a new generation of computing platforms that embed and protect security features by design based on reasonable trust assumptions.
The recent advancements in virtualization technologies and secure operating system design as well as the new processor generation and the introduction of Trusted Computing (TC) technology seemed to be a promising approach towards this goal. In this context the Trusted Computing Group (TCG) is the most known initiative of large IT enterprises for instantiating the TC concept in practice.
The TCG has published a large number of speciﬁcations of supplemental hardware and software extending conventional computer architectures by new security related and cryptographic mechanisms. The core and most known specification of the TCG is the Trusted Platform Module (TPM) aimed to act as the trust anchor in computing platforms. The current TPM instantiation is a security chip which provides a number of cryptographic and security features based on which high-level security functionalities can be realized. The majority of PC vendors ship their platforms equipped with TPMs.
Despite some initial public debates the TC concept appeared to be emerging at ﬁrst glance. However, although many research results based on the TCG proposal, its improvement or extensions have been generated so far, we still observe no widespread deployment, or ”killer application” of this technology even after more than a decade.
In this talk we give an overview of the TC background and point out various shortcomings of TCG proposals and their implementation, as considered in the literature so far. We then brieﬂy present the state-of-the-art of TC related technologies up to date, discuss a number of open practical and research challenges remained to be tackled as well as the valid question on whether the Trusted Computing technology as we know it today has completely failed to achieve even its most basic goals, or we are going to witness a reincarnation of TC in currently hot research areas such as cloud and mobile computing.
Prof. Dr.-Ing. Ahmad-Reza Sadeghi is the head of the System Security Lab at the Center for Advance Security Research Darmstadt (CASED), Technische Universitat Darmastadt and the Scientiﬁc Director of Fraunhofer Institute for Secure Information Systems (SIT), Darmstadt, Germany. Since January 2012 he is also the Director of Intel Collaborative Research Institute for for Secure Computing at TU Darmstadt.
He received his PhD in Computer Science with the focus on privacy protecting cryptographic protocols and systems from the University of Saarland in Saarbrucken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericson Telecommunications. He has been leading in a variety of national and international research and development projects on design and implementation of Trustworthy Computing Platforms and Trusted Computing, Security Hardware, Physically Unclonable Functions (PUF), Cryptographic Privacy-Protecting Systems, and Cryptographic Compilers (in particular for secure computation). He continuously contributes to the IT security research community and serves as general or program chair as well as program committee member of many conferences and workshops in information security and privacy. He is on Editorial Board of the ACM Transactions on Information and System Security.
Prof. Sadeghi has been awarded with the renowned German prize Karl Heinz Beckurts for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice. The award honors excellent scientiﬁc achievements with high impact on industrial innovations in Germany. Further, his group received the second prize of German IT Security Competition Award 2010.
University of Birmingham, United Kingdom
Keynote title: Automatic analysis of security properties of the TPM
The TPM is a hardware chip that aims to enable a level of platform security greater than that which can be achieved in software alone. It is specified in a document of over 700 pages which detail about 120 commands. This talk describes efforts at modelling and verifying the security protocols that outline those commands. The platform configuration registers (PCRs) that enable the TPM to "measure" and attest the software running on the platform represent a particular challenge to verification efforts. We present StatVerif, an extension of the ProVerif tool and technique, which has been designed specifically with TPM PCRs in mind. We also describe verification of some case studies, such as the case studies of the Flicker method which exploits trusted execution technology as well as the TPM. This talk is based on joint work with several people, including Myrto Arapinis, Ian Batten, Steve Kremer, Eike Ritter, Graham Steel, and Shiwei Xu.
Mark was an undergraduate at Cambridge University and did his PhD at Imperial College London. Now he is professor of computer security at University of Birmingham, and also EPSRC Leadership Fellow. (EPSRC is the national science funding agency.) He founded in 2006 and now leads the security group, which consists of 5 academics and 20 postdocs and PhD students. Mark has recently worked in protocol analysis, electronic voting, access control, cloud computing security, TPM analysis, privacy, and process calculus. In 2008 Mark spent seven months at Hewlett Packard, on a secondment from the University funded by the Royal Academy of Engineering. This experience changed his life.
STC 2011 STC 2010 STC 2009 STC 2008 STC 2007 STC 2006