A. SecoreCore Integration:
- Timothy Levin, Jeffrey S. Dwoskin, Ganesha Bhaskara, Thuy Nguyen, Paul Clark, Ruby B. Lee, Cynthia Irvine, Terry Benzel. "Securing the Dissemination of Emergency Response Data with an Integrated Hardware-Software Architecture," 2nd International Conference on Trusted Computing (TRUST 2009), Oxford, U.K., April 2009.
[PDF]
- Jeffrey Dwoskin, Ganesha Bhaskara, Thuy D. Nguyen, Ruby Lee, "SecureCore Prototype/Demo Manual," Version 1.0. Princeton University Department of Electrical Engineering Technical Report CE-L2008-009, August 2008. (Updated 8/25/2009)
[PDF]
B. SecureCore Processor
Architecture:
Secret Protection (SP)
Architecture
- Jeffrey S. Dwoskin and Ruby B. Lee, "Hardware-rooted Trust for Secure Key Management and Transient Trust," Proc. of the 14th ACM Conference on Computer and Communications Security (CCS 2007), pp. 389-400, October 2007.
[PDF]
- Jeffrey Dwoskin, Dahai Xu, Jianwei Huang, Mung Chiang, and Ruby B. Lee, "Secure Key Management Architecture Against Sensor-node Fabrication Attacks." IEEE GlobeCom 2007, Washington, DC, November 2007
[PDF]
- Jeffrey Dwoskin, Ruby B. Lee, "SP Processor Architecture Reference Manual," Princeton University Department of Electrical Engineering Technical Report CE-L2008-008, 8/11/2008. (Previous version: CE-L2007-009. Version 0.7, 11/21/2007)
[PDF]
- Jeffrey Dwoskin, Mahadevan Gomathisankaran, David Champagne, Ruby B. Lee, "SP Reference Manual Addendum – Secure Stacks for TSMs and Emulation of SP Interrupt Protection," Princeton University Department of Electrical Engineering Technical Report CE-L2009-006. August, 2009.
[PDF]
- Ruby B. Lee, Peter C. S. Kwan,
John Patrick McGregor, Jeffrey Dwoskin, and Zhenghong Wang, Architecture for
Protecting Critical Secrets in Microprocessors, Proceedings of the 32nd
International Symposium on Computer Architecture (ISCA 2005), pp. 2-13,
June 2005. [PDF]
- Jeffrey Dwoskin and Ruby B. Lee, "Processor Architecture
for Remote, Transient, Policy-controlled Secrets," Princeton University
Department of Electrical Engineering Technical Report CE-L2006-007,
November 2006.
- Jeffrey Dwoskin and Ruby Lee, "Enabling Transient Access
to Protected Information for Crisis Response", Princeton University
Department of Electrical Engineering Technical Report CE-L2006-001, May
2006.
- Ganesha Bhaskara, Timothy E. Levin, Thuy D. Nguyen, Cynthia E. Irvine, Terry V. Benzel, Jeffrey Dwoskin, Ruby B. Lee, "Virtualization of Secure Processor Key Management within a Separation Kernel Architecture," Princeton University Department of Electrical Engineering Technical Report CE-L2006-006, November 2006.
[PDF]
- Ganesha Bhaskara, Timothy E. Levin, Thuy
D. Nguyen, Cynthia E. Irvine, Terry V. Benzel, Jeffrey Dwoskin, Ruby Lee, Virtualization
and Integration of SP Services in SecureCore, University of California, Information Sciences Institute Technical Report ISI-TR-623, September 2006
- Ruby B. Lee, Jeffrey Dwoskin, and David Champagne,
"Fundamental Architectural Features in SP processors for Protecting
Sensitive Information," submitted to IEEE Micro, December 2006.
- Peter Kwan and Ruby B. Lee, "Minimalist Security
Architecture in SP-processors", Book Chapter, Hardware-Based Security
Anthology, publisher review, 2006.
Processor Covert Channels and
Cache Side Channels:
- Zhenghong Wang and Ruby B. Lee, "New Cache Designs for
Thwarting Software Cache-based Side Channel Attacks", International
Symposium on Computer Architecture, ISCA'07, June 2007.
- Zhenghong Wang, Jing Deng, and Ruby B. Lee, "Mutual
Anonymous Communications: A New Covert Channel Based on Splitting Tree
MAC", 26th Annual IEEE Conference on Computer Communications (Infocom
'07), Minisymposium, May 2007.
- Zhenghong Wang and Ruby B. Lee, "Covert and Side Channels
due to Processor Architecture", Proceedings of the 22nd Annual Computer
Security Applications Conference (ACSAC'06), pp.473-482, December 2006.
- Michael Neve, Jean-Pierre Seifert, and Zhenghong Wang, "A
refined look at Bernstein's AES side-channel analysis", Fast abstract in
the Proceedings of the 2006 ACM Symposium on Information, Computer and
Communications Security, pp. 369, March 2006.
- Zhenghong Wang and Ruby Lee, "Cache-based side channel
attacks: analysis and countermeasures," Princeton University Department of
Electrical Engineering Technical Report, May 2006.
Memory Integrity:
- Reouven Elbaz, David Champagne, Ruby B. Lee, Lionel Torres, Gilles
Sassatelli and Pierre Guillemin, "TEC-Tree: A Low Cost, Parallelizable Tree
for Efficient Defense against Memory Replay Attacks", to appear in Proc.
Workshop on Cryptographic Hardware and Embedded Systems (CHES 2007),
September 2007.
- Reouven Elbaz, David Champagne and Ruby B. Lee, "TEC-Tree:
A Low Cost and Parallelizable Tree for Efficient Defense against Memory
Replay Attacks", Technical Report CE-L2007-002, Department of Electrical
Engineering, Princeton University, March 12th 2007.
- David Champagne and Ruby B. Lee, "Memory Integrity for
Secure Computing Platforms", Draft Technical Report, Department of
Electrical Engineering, Princeton University, June 2006 (under revision).
Availability:
- David Champagne and Ruby B. Lee, "Scope of DDoS
Countermeasures: Taxonomy of Proposed Solutions and Design Goals for
Real-World Deployment", 8th International Symposium on Systems and
Information Security, November 2006.
- David Champagne and Ruby B. Lee, "Remote Takeovers:
Software Vulnerabilities and Architectural Countermeasures", Book Chapter,
Hardware-Based Security Anthology, publisher review, 2006.
Testing Framework:
- Yu-Yuan Chen, Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Ruby B. Lee. "Making Security Validation as Easy as Performance Evaluation", Princeton University Department of Electrical Engineering Technical Report CE-L2009-005, November, 2009. (To be submitted)
- Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Ruby B. Lee. "A Framework for Testing Hardware-Software Security Architectures", Princeton University Department of Electrical Engineering Technical Report CE-L2009-001, Feb 04, 2009. (Updated June 2009)
[PDF]
- Jeffrey S. Dwoskin, Mahadevan Gomathisankaran, Ruby B. Lee. "Framework for Design Validation of Security Architectures," Princeton University Department of Electrical Engineering Technical Report CE-L2008-013, November 2008.
[PDF]
C. SecureCore OS (Separation
Kernel) Architecture
- Timothy E. Levin, Ganesha Bhaskara, Thuy D. Nguyen, Paul C. Clark, Terry V. Benzel, Cynthia E. Irvine. SecureCore Security Architecture: Authority Mode and Emergency Management, University of California, Information Sciences Institute Technical Report ISI-TR-647, November 2007. [PDF]
- Ganesha Bhaskara, Timothy E. Levin, Paul C. Clark, Thuy D. Nguyen, Cynthia E. Irvine, Terry V. Benzel.
Integration of Authority Mode hardware extensions with SecureCore software architecture to enable transient trust, University of California, Information Sciences Institute Technical Report ISI-TR-635, March 2007. [PDF]
- Ganesha Bhaskara, Timothy E. Levin, Thuy
D. Nguyen, Cynthia E. Irvine, Terry V. Benzel, Jeffrey Dwoskin, Ruby Lee, Virtualization
and Integration of SP Services in SecureCore, University of California, Information Sciences Institute Technical Report ISI-TR-623, September 2006[PDF]
-
Timothy E. Levin, Cynthia E. Irvine, Thuy D. Nguyen, Terry V. Benzel, Ganesha Bhaskara, Initial SecureCore Security Architecture , Naval Postgraduate School Technical ReportNPS-CS-07-003 and University of California,
Information Sciences Institute Technical Report ISI-TR-622, September 2006[PDF]
- Thuy D. Nguyen, Timothy E. Levin, Cynthia
E. Irvine,Terry V. Benzel, and Ganesha Bhaskara, Preliminary Security
Requirements for SecureCore Hardware, Naval Postgraduate School Technical Report NPS-CS-06-014, and University of California,
Information Sciences Institute Technical Report ISI-TR-621, September 2006[PDF]
- Timothy E. Levin, Cynthia E. Irvine and
Thuy D. Nguyen, "Least Privilege in Separation Kernels," Proceedings
International Conference on Security and Cryptography, Setubal, Portugal, August 2006, pp. 355-362
- Timothy E. Levin, Cynthia Irvine and Thuy
Nguyen, An Analysis of Three Kernel-based Multilevel Security
Architectures, Naval Postgraduate School
Technical Report NPS-CS-06-001, August 2006 [PDF]
- Ganesha Bhaskara, Timothy E. Levin, Thuy D. Nguyen, Terry
V. Benzel, Cynthia E. Irvine, Paul C. Clark, Integration of User Specific
Hardware for SecureCore Cryptographic Services, Naval Postgraduate School Technical Report NPS-CS-06-012, July 2006
[PDF]
- Thuy D. Nguyen, Timothy
E. Levin, Cynthia E. Irvine, "High Robustness Requirements in
a Common Criteria Protection Profile," Proceedings of the 4th IEEE
International Information Assurance Workshop, Royal Holloway, UK, April
2006, pp. 66-75
- Timothy E. Levin, Cynthia E. Irvine and
Evdoxia Spyropoulou, "Quality of Security Service: Adaptive
Security," Handbook of Information Security, Vol.3, pp 1016-1025, ed.
H. Bidgoli, John Wiley and Sons, 2006
D. SecureCore Ad-hoc Networking
Architecture
-
Dahai Xu, Jianwei Huang, Jeffrey Dwoskin, Mung Chiang, and Ruby Lee, "Re-examining Probabilistic Versus Deterministic Key Management," Proceedings of the 2007 IEEE International Symposium on Information Theory(ISIT), pp. 2586-2590, Jun. 2007.
[PDF]
- Jeffrey Dwoskin, Dahai Xu, Jianwei Huang, Mung Chiang, and Ruby B. Lee, "Secure Key Management Architecture Against Sensor-node Fabrication Attacks." IEEE GlobeCom 2007, Washington, DC, November 2007
[PDF]
- J. W. Lee, A. Tang, J. Huang, M. Chiang, and A. R. Calderbank, "Reverse-Engineering MAC: A Non-Cooperative Game Model", IEEE Journal of Selected Areas in Communications, August 2007, Page(s):1135-1147.
- D. Xu, Y. Li, M. Chiang, and A. R. Calderbank, "Optimal provisioning of elastic service availability", Proc. IEEE INFOCOM, May 2007,
- M. Chiang, S. H. Low, A. R. Calderbank, and J. C. Doyle, "Layering as optimization decomposition: A mathematical theory of network architectures", Proceedings of the IEEE, Jan. 2007, Page(s) 255-312.