We present a hardware trusted computing base (TCB) aimed at Direct Recording Voting Machines (T-DRE), with novel design features concerning vote privacy, device verifiability, signed-code execution and device resilience. Our proposal is largely compliant with the VVSG (Voluntary Voting System Guidelines), while also strengthening some of its… (More)
Smartphone manufacturers frequently customize Android distributions so as to create competitive advantages by adding, removing and modifying packages and configurations. In this paper we show that such modifications have deep architectural implications for security. We analysed five different distributions: Google Nexus 4, Google Nexus 5, Sony Z1, Samsung… (More)
The security of computing systems relies heavily on their hardware architecture. Currently, hardware is evaluated using mostly manual processes that are prone to errors, and generate a large, complex workload. In this paper, we are the first to report the use of the Assurance Case methodology to guide a hardware architecture security analysis. We were able… (More)
In this work we propose to enable the security analysis of hardware architecture independently of its physical implementation. This will help to discover vulnerabilities and flaws in a broad range of architectures, and to identify problems before the costly process of design and manufacturing. Our approach employs Assurance Cases, proposed in  as a… (More)
In this work we review the security of the industry standard, software-based, cryptographic services providers Mozilla NSS Softoken and Microsoft CAPI CSPs. We also provide practical measurements of the user experienced security level. We found that this security level is much lower than expected and some service providers should be avoided.
We propose Life Networking Service (LNS), with which users can share information from home appliances and health care devices. In this paper, we describe a design of communication between devices and the cloud computing.
This paper introduces FORTUNA, a probabilistic framework that supports the conception and early design stages of hardware-based secure systems. FORTUNA can point out potential weaknesses of complex systems, involving physical and logical attacks, basic human interaction or even a few classes of unknown threats. FORTUNA consists of two main elements: a) a… (More)