Learn More
Commodity operating systems entrusted with securing sensitive data are remarkably large and complex, and consequently, frequently prone to compromise. To address this limitation, we introduce a virtual-machine-based system called Overshadow that protects the privacy and integrity of application data, even in the event of a total OScompromise. Overshadow(More)
We propose "secret-protected (SP)" architecture to enable secure and convenient protection of critical secrets for a given user in an on-line environment. Keys are examples of critical secrets, and key protection and management is a fundamental problem ¿ often assumed but not solved ¿ underlying the use of cryptographic protection of sensitive files,(More)
We propose minimalist new hardware additions to a microprocessor chip that protect cryptographic keys in portable computing devices which are used in the field but owned by a central authority. Our <i>authority-mode architecture</i> has trust rooted in two critical secrets: a Device Root Key and a Storage Root Hash, initialized in the device by the trusted(More)
It is widely believed that although being more complex, a probabilistic key predistribution scheme is much more resilient against node capture than a deterministic one in lightweight wireless ad hoc networks. Backed up by the surprisingly large successful attack probabilities computed in this paper, we show that the probabilistic approaches have only(More)
—In lightweight mobile ad hoc networks, both prob-abilistic and deterministic key management schemes are fragile to node fabrication attacks. Our simulation results show that the Successful Attack Probability (SAP) can be as high as 42.6% with the fabrication of only 6 copies from captured nodes comprising only 3% of all nodes. In this paper, we propose two(More)
Grid computing allows flexible resource sharing among geographically distributed computing resources in multiple administrative domains. Virtualization of resources allows jobs to be run on remote resources participating in a Grid. While this computing paradigm has been used primarily for batch jobs, we study interactive Grid applications rich in graphics(More)
During many crises, access to sensitive emergency-support information is required to save lives and property. For example, for effective evacuations first responders need the names and addresses of non-ambulatory residents. Yet, currently, access to such information may not be possible because government policy makers and third-party data providers lack(More)
New security architectures are difficult to prototype and test at the design stage. Fine-grained monitoring of the interactions between hardware, the operating system and applications is required. We have designed and prototyped a testing framework, using virtualization, that can emulate the behavior of new hardware mechanisms in the virtual CPU and can(More)
Protein misfolding and concomitant aggregation towards amyloid formation is the underlying biochemical commonality among a wide range of human pathologies. Amyloid formation involves the conversion of proteins from their native monomeric states (intrinsically disordered or globular) to well-organized, fibrillar aggregates in a nucleation-dependent manner.(More)