Stefan Berger

Learn More
We present the design and implementation of a system that enables trusted computing for an unlimited number of virtual machines on a single hardware platform. To this end, we virtualized the Trusted Platform Module (TPM). As a result, the TPM’s secure storage and cryptographic functions are available to operating systems and applications running in virtual(More)
We present the sHype hypervisor security architecture and examine in detail its mandatory access control facilities. While existing hypervisor security approaches aiming at high assurance have been proven useful for high-security environments that prioritize security over performance and code reuse, our approach aims at commercial security where near-zero(More)
Exopolysaccharide (EPS) synthesis by Erwinia amylovora depends on environmental and genetic predispositions. To measure the amount of the acidic EPS amylovoran synthesized by E. amylovora cell cultures, a turbidity assay using cetylpyridinium salt was developed. The EPS produced by bacteria grown on solid media was additionally characterized by its water(More)
Virtualization technology is becoming increasingly common in datacenters, since it allows for collocation of multiple workloads, consisting of operating systems, middleware and applications, in different virtual machines (VMs) on shared physical hardware platforms. However, when coupled with the ease of VM migration, this trend increases the potential(More)
We consider a wireless ad-hoc network with single antenna nodes under a two-hop traffic pattern. Two system architectures are investigated in this paper: Either linear amplify-and-forward relays (LinRel) or a distributed antenna system with linear processing (LDAS) serve as repeater nodes. The gain factors of the repeaters are assigned such that the mean(More)
We define and demonstrate an approach to securing distributed computation based on a shared reference monitor (Shamon) that enforces mandatory access control (MAC) policies across a distributed set of machines. The Shamon enables local reference monitor guarantees to be attained for a set of reference monitors on these machines. We implement a prototype(More)
infrastructure: Trusted virtual data center implementation S. Berger R. Cáceres K. Goldman D. Pendarakis R. Perez J. R. Rao E. Rom R. Sailer W. Schildhauer D. Srinivasan S. Tal E. Valdez The trusted virtual data center (TVDc) is a technology developed to address the need for strong isolation and integrity guarantees in virtualized environments. In this(More)
Web Services have started to appear on servers as interfaces between business-to-business applications. To date, mobile devices have only consumed Web Services running on stationary servers. We expand this notion so that mobile devices can both offer and consume Web Services. We discuss some interesting classes of applications that can be enabled when(More)
We present a system in which a user leverages a personal mobile device to establish trust on a public computing device, or kiosk, prior to revealing personal information to that kiosk. We have designed and implemented a protocol by which the mobile device determines the identity and integrity of the software running on the kiosk. A similar protocol(More)