Skip to main content

Options for Securing PCs Against Phishing and Espionage: A Report from the EU-Project “Open Trusted Computing”

Abstract

Private and business PC users will continue to experience attacks from viruses and Trojan horses. The latter might, e.g., eavesdrop on banking passwords or send confidential business data to a criminal. It is very difficult to provide protection from such attacks on private information within the current operating systems. Novel approaches to securing such data outside the user’s main operating system, using virtualization techniques are presented here. The transparency and trustworthiness of such approaches are, however, by no means guaranteed. In order to protect users, the development of such approaches could be monitored and influenced at the political level, e.g. by governments procuring such systems.

Keywords

  • Trojan Horse
  • Trust Platform Module
  • Malicious Code
  • Trust Computing
  • Virtual Machine Monitor

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

*Contribution based on work at Institute for Technology Assessment and Systems Analysis, KIT.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-94-007-0641-5_9
  • Chapter length: 7 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   149.00
Price excludes VAT (USA)
  • ISBN: 978-94-007-0641-5
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   199.99
Price excludes VAT (USA)
Hardcover Book
USD   279.99
Price excludes VAT (USA)
Fig. 9.1
Fig. 9.2

Notes

  1. 1.

    See: Chris Dalton. “A Hypervisor Against Ferrying Away Data,” Interview by Franco Furger and Arnd Weber. OpenTC Newsletter, April 2009. http://www.opentc.net/publications/OpenTC_Newsletter_07.pdf. MI5: Espionage. http://www.mi5.gov.uk/output/espionage.html.

  2. 2.

    Paul England. “Practical Techniques for Operating System Attestation”. Presentation given at: Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, Trust 2008, Villach, Austria, March 11–12, 2008.

  3. 3.

    See: William Arbaugh, David Farber, and Jonathan Smith. “A Secure and Reliable Bootstrap Architecture,” Proceedings of the 1997 IEEE Symposium on Security and Privacy: 65–71. Birgit Pfitzmann, James Riordan, Chris Stüble, Michael Waidner, and Arnd Weber. The PERSEUS System Architecture. IBM Research Report RZ 3335, IBM Research – Zurich, April 2001. http://www.zurich.ibm.com/security/publications/2001.html.

  4. 4.

    The OpenTC-project was supported by the European Commission (project IST-027635). ITAS was responsible for work on requirements, specifications, and dissemination.

  5. 5.

    Dirk Weber, Arnd Weber, Stéphane Lo Presti. Requirements and Design Guidelines for a Trusted Hypervisor User Interface. Paper presented at: Future of Trust in Computing. Berlin, Germany, 30 June – 2 July, 2008. Proceedings published by Vieweg & Teubner, Wiesbaden 2009

  6. 6.

    For technical details, see the information available at http://www.opentc.net. Use, e.g., the project’s final report or the newsletter as a guidance.

  7. 7.

    David Grawrock. The Intel Safer Computing Initiative. Intel Press, 2006.

References

  • Arbaugh, W., D. Farber, and J. Smith. “A Secure and Reliable Bootstrap Architecture,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, (1997): 65–71.

    Google Scholar 

  • Dalton, C. “A Hypervisor Against Ferrying Away Data,” Interview by Franco Furger and Arnd Weber. OpenTC Newsletter, April 2009. http://www.opentc.net/publications/OpenTC_Newsletter_07.pdf.

  • England, P. Practical Techniques for Operating System Attestation. Presentation given at: Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, Trust 2008, Villach, Austria, March 11–12, 2008.

    Google Scholar 

  • Grawrock, D. The Intel Safer Computing Initiative. Intel Press, Hillsboro, 2006.

    Google Scholar 

  • Kuhlmann, D., and A. Weber. OpenTC Final Report. The Evolution of the OpenTC Architecture Illustrated via its Proof-of-Concept-Prototypes. Bristol, Karlsruhe 2009, http://www.opentc.net/.

  • MI5: Espionage. http://www.mi5.gov.uk/output/espionage.html.

  • OpenTC. Project website. http://www.opentc.net/

  • OpenTC. Project newsletter, available at http://www.opentc.net.

  • Pfitzmann, B., J. Riordan, C. Stüble, M. Waidner, and A. Weber. “The PERSEUS System Architecture.” IBM Research Report RZ 3335, IBM Research – Zurich, April 2001. http://www.zurich.ibm.com/security/publications/2001.html.

  • Weber, D., A. Weber, and S. Lo Presti. “Requirements and Design Guidelines for a Trusted Hypervisor User Interface.” (Paper presented at: Future of Trust in Computing. Berlin, Germany, 30 June – 2 July, 2008). Proceedings published by Vieweg & Teubner, Wiesbaden 2009.

    Google Scholar 

Download references

Acknowledgements

We wish to express our thanks to Dirk Kuhlmann, Armand Puccetti and Matthias Schunter and to all OpenTC-partners: Technikon Forschungs- und Planungsgesellschaft mbH (project coordination, AT); Hewlett-Packard Ltd (technical leader, UK); AMD Saxony LLC & Co. KG (DE); Budapest University of Technology and Economics (HU); Commissariat à l’Energie Atomique – LIST (FR); COMNEON GmbH (DE); Forschungszentrum Karlsruhe GmbH – ITAS (DE); Horst Goertz Institute for IT Security, Ruhr-Universitaet Bochum (DE); IBM Research GmbH (CH); Infineon Technologies AG (DE); INTEK Closed Joint Stock Company (RU); ISECOM (ES); Katholieke Universiteit Leuven (BE); Politecnico di Torino (IT); Portakal Teknoloji (TR); Royal Holloway, University of London (UK); SUSE Linux Products GmbH (DE); Technische Universitaet Dresden (DE); Technische Universitaet Graz (AT); Technische Universitaet Muenchen (DE); Technical University of Sofia (BR); TUBITAK – UEKAE (TR); and University of Cambridge (UK).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Arnd Weber .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2011 Springer Science+Business Media B.V.

About this chapter

Cite this chapter

Weber, A., Weber*, D. (2011). Options for Securing PCs Against Phishing and Espionage: A Report from the EU-Project “Open Trusted Computing”. In: Gutwirth, S., Poullet, Y., De Hert, P., Leenes, R. (eds) Computers, Privacy and Data Protection: an Element of Choice. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-0641-5_9

Download citation