Ramya Jayaram Masti

Learn More
The integration of Trusted Computing technologies into virtualized computing environments enables the hardware-based protection of private information and the detection of malicious software. Their use in virtual platforms, however, requires appropriate virtualization of their main component, the Trusted Platform Module (TPM) by means of virtual TPMs(More)
Side channels remain a challenge to information flow control and security in modern computing platforms. Resource partitioning techniques that minimise the number of shared resources among processes are often used to address this challenge. In this work, we focus on multi-core platforms and we demonstrate that even seemingly strong isolation techniques(More)
The growing complexity and increased networking of security and safety-critical systems expose them to the risk of adversarial compromise through remote attacks. These attacks can result in full system compromise, but often the attacker gains control only over some system components (e.g., a peripheral) and over some applications running on the system. We(More)
The deployment of RFID poses a number of security and privacy threats such as cloning, unauthorized tracking, etc. Although the literature contains many investigations of these issues on the logical level, few works have explored the security implications of the physical communication layer. Recently, related studies have shown the feasibility of(More)
Phishing in mobile applications is a relevant threat with successful attacks reported in the wild. In such attacks, malicious mobile applications masquerade as legitimate ones to steal user credentials. In this paper we categorize application phishing attacks in mobile platforms and possible countermeasures. We show that personalized security indicators can(More)
We propose an architecture that enables the creation and management of multiple, concurrent secure execution environments on multi-core systems. Our architecture is suitable for use in cloud settings where each user may require an independent secure environment within which he can run his sensitive applications. Our solution effectively scales architectures(More)
The Location Service (LCS) proposed by the telecommunication industry is an architecture that allows the location of mobile devices to be accessed in various applications. We explore the use of LCS in location-enhanced server authentication, which traditionally relies on certificates. Given recent incidents involving certificate authorities, various(More)
Mobile application phishing happens when a malicious mobile application masquerades as a legitimate one to steal user credentials. Personalized security indicators may help users to detect phishing attacks, but rely on the user's alertness. Previous studies in the context of website phishing have shown that users tend to ignore personalized security(More)
—Motivated by the security and functional limitations of satellite positioning systems, we explore a design of a Wide-Area Secure Positioning System. The main goals of this system are strong spoofing resilience, location verification, and privacy. We propose a realization of a Wide-Area Secure Positioning System and show that this solution is viable and can(More)
Cloud platforms that use logical partitions to allocate dedicated resources to VMs can benefit from small and therefore secure hypervisors. Many-core platforms, with their abundant resources, are an attractive basis to create and deploy logical partitions on a large scale. However, many-core platforms are designed for efficient cross-core data sharing(More)