Most of our Nation's systems have as components operating systems that are replete with vulnerabilities despite the best efforts of the designers to discover and fix the vulnerabilities. Building on the accomplishments of the research community, industry is attempting to create new hardware structures that can help improve security. Particularly noteworthy of these is the Trusted Platform Module (TPM) chip developed by the Trusted Computing Group (TCG), a large industry consortium that involves over 100 members. Now, many delivered processors contain TPM chips, with the goal being to provide a place to store keys, protect storage, provide code isolation attestation about the code running on a system -- all functions that can improve security.
Although the hardware provides extremely useful and powerful security properties, researchers have been slow at adopting these techniques towards the design of secure systems. One reason is that users are not familiar with this new technology.
To remedy this situation, the PI is running annual workshops in which the developers of the TPM technology and users who have made effective use of it provided tutorial material and hands-on experiences for the workshop's participants which included students, faculty, and potential industry users.
The ultimate goal of the workshops is to define a research program for the next decade focused around hardware support for security. This is the second workshop in the series.
These funds are used to reimburse the expenses of graduate and undergraduate students participating in the workshop, which will take place in June, 2011 in Pittsburgh.
(TIW) 2011 once again brought together leading researchers from academia, industry and government to share their knowledge, experience and ongoing inquiries in the areas of security and trusted computing technologies for the second consecutive year. Building on the success of TIW 2009 (the first US academic event of its kind) and its follow-up, TIW 2011 further deepened and expanded the evolving body of knowledge on the challenges and opportunities of trustworthy computing, and foster the growth of the community of researchers focused on this vital area of research. For fifty plus hours, over four and a half days, TIW participants were immersed in an ambitious agenda, including both lectures and workshops, ranging from Roots of Trust in Client Devices (David Grawrock, Intel) and Mobile OS Security (Kari Kostiainen, Nokia) to Masterclass: Security Management and Compliance Challenges in Large Systems (Michael Donovan) and Research in Attestation (Adrian Perrig, CMU, Boris Balacheff, HP, Arial Segall, MITRE, Kari Kostiainen, Nokia). Taken as a whole, TIW 2011, TIW 2010 and TIW 2009 constituted a significant contribution to the research and knowledge of participants, and to the advancement of this vital area of research. Carnegie Mellon University CyLab provided the workshop facilities. CyLab's experienced staff ensured impeccable workshop logistics. CyLab developed, launched, hosted and maintains an external workshop web site that include agenda overview, session abstracts, registration information, directions, sponsorship information, participant white papers, etc. In addition, CyLab hosts and maintains an internal web site for planning purposes. As with the two previous conferences, TIW 2011 furthered the process of weaving a strong community out of numerous diverse threads in trustworthy computing research. This work's potential long-term benefit to the security of cyberspace could be significant, the technologies developed by those attending will, we hope, provide a much stronger level of security when combined with current systems. And as with the previous conferences, TIW 2011 was another step forward in establishing an infrastructure for further collaborative research between academia, industry, and government technologists, linking industry's experience in the development of Trusted Computing technology and academia's IT security skills with the government's desire to enhance the security of national information infrastructure. Throughout this project, it has been a guiding principle that research should be focused on the need for secure next-generation IT systems. We must do more work to bring together research stakeholders to discuss the state-of-the-art and future research challenges in the area of trusted infrastructures to outline a research program for the next decade. Ranging from Trusted Computing, to machine virtualization, new hardware architectures, and new network security architectures, trusted infrastructure technologies attempt to put security into the very design of commercial off-the shelf technologies. While individual technologies provide enhanced security capabilities already, the greatest challenges still lie ahead in combining them in ways that will enable secure, robust, and manageable trusted infrastructures to become the norm for next generation IT-systems. Research in trusted infrastructure is key to addressing those challenges, and we have witnessed the incipient emergence of research activities in this area develop worldwide and across industry, government and academia alike. But one challenge that remains lies in the interdisciplinary nature of the research involved to truly advance our ability to build secure, manageable and assured IT infrastructures: from distributed systems to software engineering and software assurance, from hardware architectures to operating systems design, from information management to network design, from user studies to man machine interface design, the field of trusted infrastructure research requires expertise from across the traditional computing community.
