Datenschutz und Datensicherheit - DuD

, Volume 36, Issue 1, pp 43–47 | Cite as

Verifizierte Virtualisierung für mehr Sicherheit und Komfort

  • Arnd Weber
  • Dirk Weber
Forum

Zusammenfassung

Viren und trojanische Pferde werden auch weiterhin private und geschäftliche PCs angreifen. Trojaner können z. B. Homebanking-Passworte ausspähen oder vertrauliche Geschäftsdaten an einen Betrüger schicken. Existierende Betriebssysteme bieten keinen ausreichenden Schutz gegen solche Angriffe. Die Autoren schlagen vor, solche Daten durch den Einsatz von Virtualisierungstechniken außerhalb des hauptsächlichen Betriebssystems des Nutzers zu schützen.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literatur

  1. [1]
    Arbaugh, W., Farber, D. und Smith, J. A Secure and Reliable Bootstrap Architecture. Proceedings of the 1997 IEEE Symposium on Security and Privacy: 65–71.Google Scholar
  2. [2]
    Catuogno, L., Löhr, H., Manulis, M., Sadeghi, A.-R., Stüble, C. und Winandy, M. Trusted Virtual Domains: Color Your Network. Datenschutz und Datensicherheit: 5/2010. 289–294. http://www.springerlink.com/content/r8g9u60847w5g72r/fulltext.pdf.CrossRefGoogle Scholar
  3. [3]
    CNET news November 17, 2010: Symantec to Congress: Stuxnet is ‘wakeup call’. http://news.cnet.com/8301-27080_3-20023124-245.html.
  4. [4]
    Dalton, C. A Hypervisor Against Ferrying Away Data. Interview von Furger, F. und Weber, A. OpenTC Newsletter, April 2009. http://www.opentc.net/publications/OpenTC_Newsletter_07.pdf. http://www.itas.fzk.de/deu/lit/2009/webe09b.htm.
  5. [5]
    Dalton, C., Plaquin, D., Weidner, W., Kuhlmann, D., Balacheff, B. und Brown, R.: Trusted Virtual Platforms: A Key Enabler for Converged Client Devices. In: Newsletter ACM SIGOPS Operating Systems Review Volume 43 Issue 1, January 2009, 36–43.CrossRefGoogle Scholar
  6. [6]
    England, P. Practical Techniques for Operating System Attestation. Vortrag auf: Trusted Computing — Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, Trust 2008, Villach, Austria, March 11–12, 2008.Google Scholar
  7. [7]
    GENERAL DYNAMICS. TVE for Desktops and Laptops. 2011. http://www.gdc4s.com/content/detail.cfm?item=35a995b0-b3b7-4097-9324-2c50008b3a75.
  8. [8]
  9. [9]
    Grawrock, D. The Intel Safer Computing Initiative. Intel Press, 2006.Google Scholar
  10. [10]
    GREEN HILLS. Integrity Real-time Operating System. 2011. http://www.ghs.com/products/rtos/integrity.html.
  11. [11]
    Heiser, G., Andronick, J., Elphinstone, K., Klein, G., Kuz, I. und Leonid, R. The Road to Trustworthy Systems. Communications of the ACM, 53(6), 107–115, June, 2010.CrossRefGoogle Scholar
  12. [12]
    Kuhlmann, D., Weber, A. The Evolution of the OpenTC Architecture Illustrated via its Proof-of-Concept-Prototypes. OpenTC Final Report. Bristol, Karlsruhe 2009, http://www.opentc.net/.
  13. [13]
  14. [14]
    Nader, R. Unsafe at Any Speed. Grossman Publishers, New York 1965.Google Scholar
  15. [15]
    OPENTC. Projekt Website. http://www.opentc.net/.
  16. [16]
    OPENTC. Projekt Newsletter, verfügbar auf www.opentc.net.
  17. [17]
    Pfitzmann, B., James, R., Stüble, C., Waidner, M. und Weber, A. The PERSEUS System Architecture. IBM Research Report RZ 3335, IBM Research — Zurich, April 2001. http://www.zurich.ibm.com/security/publications/2001.html.
  18. [18]
    Ristenpart, T., Tromer, E., Shacham, H. und Savage, S. Hey, You, Get off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds. Proc. ACM Conference on Computer and Communications Security 2009, 199–212, ACM, 2009. http://people.csail.mit.edu/tromer/Ristenpart_cloudsec.pdf.
  19. [19]
    SECORVO: Security News, Juni 2010. http://www.secorvo.de/securitynews/secorvo-ssn1006.pdf.
  20. [20]
    Seifert, J. P. Keynote Presentation auf: Computers, Privacy and Data Protection, Brussels 2010.Google Scholar
  21. [21]
    Serdar, C., Dalton, C., Eriksson, K., Kuhlmann, D., Ramasamy, H., Ramunno, G., Sadeghi, A.-R., Schunter, M. und Stüble, C. Towards Automated Security Policy Enforcement in Multi-Tenant Virtual Data Centers. Journal of Computer Security, IOS Press, Vol. 18, Number 1, pp. 89–121, 2010.CrossRefGoogle Scholar
  22. [22]
    Weber, A., Weber, D.: Options for securing PCs against phishing and espionage. A report from the EU-project “Open Trusted Computing”. In: Gutwirth, Serge et al. (Hrsg.): Proceedings of CPDP 2010, Brussels. Springer, 2011. 201–207. http://www.springerlink.com/content/t067038412352321/.CrossRefGoogle Scholar
  23. [23]
    Weber, A., Weber, D. und Lo Presti, S. Requirements and Design Guidelines for a Trusted Hypervisor User Interface. Vortrag auf: Future of Trust in Computing. Berlin, Germany, 30 June–2 July, 2008. Proceedings veröffentlicht von Vieweg & Teubner, Wiesbaden 2009.Google Scholar

Copyright information

© Springer Fachmedien Wiesbaden 2012

Authors and Affiliations

  • Arnd Weber
  • Dirk Weber

There are no affiliations available

Personalised recommendations