Most of our Nation's systems have as components operating systems that are replete with vulnerabilities despite the best efforts of the designers to discover and fix the vulnerabilities. Building on the accomplishments of the research community, industry is attempting to create new hardware structures that can help improve security. Particularly noteworthy of these is the Trusted Platform Module (TPM) chip developed by the Trusted Computing Group (TCG), a large industry consortium that involves over 100 members. Now, many delivered processors contain TPM chips, with the goal being to provide a place to store keys, protect storage, provide code isolation attestation about the code running on a system -- all functions that can improve security.

Although the hardware provides extremely useful and powerful security properties, researchers have been slow at adopting these techniques towards the design of secure systems. One reason is that users are not familiar with this new technology.

To remedy this situation, the PI is running annual workshops in which the developers of the TPM technology and users who have made effective use of it provided tutorial material and hands-on experiences for the workshop?s participants which included students, faculty, and potential industry users.

The ultimate goal of the workshops is to define a research program for the next decade focused around hardware support for security. This is the second workshop in the series.

The funds requested would be used to reimburse the expenses of graduate and undergraduate students participating in the workshop, which will take place June 7-11, 2009 in Pittsburgh.

Project Report

(TIW) 2010 brought togetherleading researchers from academia, industry and government to sharetheir knowledge, experience and ongoing inquiries in the areas ofsecurity and trusted computing technologies for the second consecutiveyear. TIW 2009 was the first US academic event of its kind; and building onits success, TIW 2010 served to deepen and expand the evolving body ofknowledge on the challenges and opportunities of trustworthycomputing, and foster the growth of the community of researchersfocused on this vital area of research. For fifty plus hours, over four and a half days, over 100 TIWparticipants were immersed in an ambitious agenda, including bothresearch workshops, ranging from "Trusted Infrastructure Problem Spaceand Challenges" (led by HP Labs' Boris Balacheff) to "Chains of Trustand Dynamic Measurements" (led by CyLab's Adrian Perrig) and practicalhands-on laboratory sessions, ranging from "TPM" (led by IBM's KenGoldman) to "Dynamic Roots of Trust" (led by CyLab's Jonathan McCune). TIW 2010 also featured presentations by experts from government,industry and academia (e.g., Microsoft's Paul England on "TPM.Next",HP's Mauricio Sanchez on "Trusted Networking for Next Generation DataCenter", and Wave's Robert Thibadeau on "Storage Security") as well asseveral "Trustworthy Computing 101" sessions, (e.g., CyLab's BryanParno on "Bootstrapping Trust 101"). TIW 2010, like TIW 2009, constituted a significant contribution to theresearch and knowledge of participants, and to the advancement of thisvital area of research. Carnegie Mellon University CyLab provided theworkshop facilities. CyLab's experienced staff ensured impeccableworkshop logistics. The presenter slides are available at this URL:www.cylab.cmu.edu/tiw/2010/index.html

Project Start
Project End
Budget Start
2010-06-01
Budget End
2011-05-31
Support Year
Fiscal Year
2010
Total Cost
$40,000
Indirect Cost
Name
Carnegie-Mellon University
Department
Type
DUNS #
City
Pittsburgh
State
PA
Country
United States
Zip Code
15213