- Conference and Journals
- Project Archive
The Secret-Protection (SP) architecture provides applications with direct hardware protection of a trusted software module (TSM), which does not depend on whether the underlying Operating System has been compromised by attackers or not. This enables arbitrary security policies to be implemented by software in a TSM at the application level, and protected by SP hardware features in the microprocessor. SP provides a minimal set of hardware trust anchors and security mechanisms to provide a secure execution encironment and secure storage for a security-critical task implemented as a TSM. SP has been found useful in different scenarios including a user storing his sensitive information in the Cloud , an authority trusting its SP-enabled devices in the field , implementing arbitrary information sharing policies at the application level , for devices such as non-copyable disks , for improving key establishment in mobile ad-hoc networks , and for improving accountability in hosted virtual networks . We are also scaling the SP architecture to support mutiple simultaneously trusted software modules from mutually-distrustful security domains (see Bastion architecture below).