This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Where Does Security Stand? New Vulnerabilities vs. Trusted Computing
November/December 2007 (vol. 27 no. 6)
pp. 25-35
Shay Gueron, University of Haifa and Intel Corporation
Jean-Pierre Seifert, University of Innsbruck and Samsung Electronics
Geoffrey Strongin, Advanced Micro Devices
Derek Chiou, University of Texas at Austin
Resit Sendag, University of Rhode Island
Joshua J. Yi, Freescale Semiconductor
How can we ensure that platform hardware, firmware, and software work in concert to withstand rapidly evolving security threats? Architectural innovations bring performance gains but can also create new security vulnerabilities. In this panel discussion, from the 2007 Workshop on Computer Architecture Research Directions, Shay Gueron, Geoffrey Strongin, and Jean-Pierre Seifert assess the current state of security and discuss possible routes toward trusted computing.

1. O. Acıiçmez, C.K. Koç, and J.-P Seifert, "On the Power of Simple Branch Prediction Analysis," Proc. ACM Symp. Information, Computer and Communications Security (ASIACCS 07), ACM Press, 2007, pp. 312-320, (also available in the Cryptology ePrint Archive, Report 2006/351, Oct. 2006; http://eprint.iacr.org/2006351).
2. O. Acıiçmez, S. Gueron, and J.-P Seifert, "New Branch Prediction Vulnerabilities in OpenSSL and Necessary Software Countermeasures to appear in Proc.,"11th IMA Int'l Conf. on Cryptography and Coding, LNCS 4887 Springer, (also available at Cryptology ePrint Archive, Report 2007/039, Feb. 2007; http://eprint.iacr.org/2007039).
3. S. Gueron and J.-P Seifert, "On the Impossibility to Detect Virtualization," unpublished manuscript, Aug. 2007, (available from S. Gueron, shay@math.technion.ac.il; or J.-P. Seifert, seifert@mi.informatik.uni-frankfurt.de).
4. B.W. Lampson, "A Note on the Confinement Problem," Comm. ACM, vol. 16, no. 10, Oct. 1973, pp. 613-615.
5. C. Percival, "Cache Missing for Fun and Profit," 2005, http://www.daemonology.net/papershtt.pdf
6. O. Acıiçmez, J.-P Seifert, and C. Koç, "Micro-Architectural Cryptanalysis," IEEE Trans. Security and Privacy, vol. 5, no. 4, Jul.-Aug. 2007, pp. 62-64.

Index Terms:
security and privacy protection; computer systems organization; microarchitecture implementation considerations; processor architectures; operating systems; software/software engineering; emerging technologies
Citation:
Shay Gueron, Jean-Pierre Seifert, Geoffrey Strongin, Derek Chiou, Resit Sendag, Joshua J. Yi, "Where Does Security Stand? New Vulnerabilities vs. Trusted Computing," IEEE Micro, vol. 27, no. 6, pp. 25-35, Nov.-Dec. 2007, doi:10.1109/MM.2007.112
Usage of this product signifies your acceptance of the Terms of Use.