Trusted Execution Environments (TEEs) such as ARM's Trustzone or
Intel's Enclave are secure areas inside a main processor. The idea
is that data and applications contained in TEEs is protected with
respect to confidentiality and integrity. Systems execute a trusted
operating system inside the TEE and they may load trusted
applications into the TEE. The goal of this project is investigate
the state of the art in TEEs and their open source software systems
and to prototype novel trusted applications that may help to secure
networked embedded devices.
It started on Thursday (around 8am) when our (meanwhile outsourced)
email service started to refuse to authenticate me with a somewhat
cryptic temporary failure error message during the SMTP authentication
dialogue. I first hoped that this might be indeed a temporary
failure. (Trust me, outsourced services do not work 24/7, at least not
for me.) After roughly 24 hours, I lost patience and I engineered a
different way to submit my emails (via some legacy local SMTP servers
that still exist and were willing to accept my emails). With this
workaround in place, I could work again as usual until around 6pm,
when the SMTP dialogue started to hang. I quickly discovered that all
central services are offline, I fear that the attack we experienced in
September last year repeats - the second wave might have arrived.
Below is a collection of ideas for student projects. Some are
half-backed, some are not even written down. If you are interested in
systems-oriented computer science and computer security, talk to me in
person. In general I expect that students have a solid understanding
of operating systems and computer networks and that they are able to
handle programming tasks well.
Trusted Execution Environments
Trusted Execution Environments (TEEs) such as ARM's Trustzone or
Intel's Enclave are secure areas inside a main processor. The idea
is that data and applications contained in TEEs is protected with
respect to confidentiality and integrity. Systems execute a trusted
operating system inside the TEE and they may load trusted
applications into the TEE. The goal of this project is investigate
the state of the art in TEEs and their open source software systems
and to prototype novel trusted applications that may help to secure
networked embedded devices.
Last Friday, our central IT infrastructure, mostly running on
Microsoft Windows, got infected by ransomware. All central systems
were shutdown and a process started to reset them to the last
(presumably) safe backup. Three days have passed since then and
systems providing mail service (the communication service I rely on)
are still not operational. It is amazing that it takes several days to
restore regular service after such an attack.