Remote code execution becomes more and more important as can be seen by Grid computing or distributed computing projects like SETI@home. However, executing programs on foreign computers leads to security risks if the program contains sensitive data or algorithms. Current operating systems can protect user programs from other malicious programs running on the same host. But this does not prevent attacks from a system administrator or a malicious operating system. Further, even if the operating system is trusted it is possible to physically intercept communication between main memory and processor to gather information about the executed programs. As a result, these security risks prevent the execution of sensitive algorithms or programs computing on sensitive data on not trustworthy remote systemsIn this paper we present a combined hardware and software architecture to provide a secure and tamper resistant computing environment without relying on trusted system administrators and a fully trusted operating system. Our proposed architecture provides a security enhancement implemented on top of a standard processor. Compared to external co-processor solutions, our architecture does not suffer from memory, functionality and performance limitations. Furthermore, normal and protected programs can be run concurrently in a multitasking environment
[1]
Dan Boneh,et al.
Architectural support for copy and tamper resistant software
,
2000,
SIGP.
[2]
G. Edward Suh,et al.
Caches and hash trees for efficient memory integrity verification
,
2003,
The Ninth International Symposium on High-Performance Computer Architecture, 2003. HPCA-9 2003. Proceedings..
[3]
Ingrid Verbauwhede,et al.
Speed-area trade-off for 10 to 100 Gbits/s throughput AES processor
,
2003,
The Thrity-Seventh Asilomar Conference on Signals, Systems & Computers, 2003.
[4]
G. Edward Suh,et al.
AEGIS: architecture for tamper-evident and tamper-resistant processing
,
2003,
ICS.
[5]
Bennet S. Yee,et al.
Using Secure Coprocessors
,
1994
.
[6]
Corporate.
SPARC architecture manual - version 8
,
1992
.