By Topic

Applying protocol analysis to security device interfaces

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Herzog, J. ; Inst. for Inf. Infrastructure Protection, Mitre, Bedford, MA

Despite best efforts, general-purpose computing platforms and servers continue to be insecure. Due to their complexity, furthermore, it seems unlikely that a completely secure system can be built in the foreseeable future. Fortunately, a promising alternative exists: the use of trusted cryptographic devices and subsystems. Like smart cards, such devices hold and use secret cryptographic keys on behalf of a larger general-purpose system. Because such devices are small, specialized, and have relatively simple functionality, it might be feasible to develop subsystems that are actually secure. If so, these trusted devices could be 'boot-strapped' into acting as trusted monitors or policy enforcers on an enterprise's systems or as a party's universally trusted proxy in a distributed system. In other words, this technology could allow enterprises to leverage trust (in a specific device's interface) into trust (of larger systems and networks). However, trust in the interface must be established via a security analysis of some sort. In this paper, the author suggests adapting protocol analysis techniques to this purpose

Published in:

Security & Privacy, IEEE  (Volume:4 ,  Issue: 4 )