Security Engineering Research Group

BA4WS Paper Available Online

Behavioral Attestation for Web Services (BA4WS) presented in Secure Web Services (SWS’08) at the Conference on Computers and Communications Security (CCS’08) is available online. See details here: http://doi.acm.org/10.1145/1456492.1456496.

On Android and Java

Looking at different discussions regarding about Android, Dalvik, Java, Google and Sun, I came across this excellent article. It discusses the moves by Sun and Google on the Java and Android platforms. Also, take a look at Harmony by Apache. It’s a fork of the Java libraries and as such, should be very useful when you need “Java without Java”.

Project Orientation Scheduled - DBAMP

Project orientation for “Dynamic Behavioral Attestation for Mobile Platforms (DBAMP)” by SERG has been scheduled for October 25, 2008 at 11:00 AM (PST). All students/participants are invited to attend the orientation. Agenda for the orientation is:

1. Introduction to SERG’s activities
2. Actors in the Project Scenario
3. Project objectives
4. Current status of the project
5. Project TODO
6. Participation of members — areas and interests

Please be there on time. We’re still trying to work out the location. In the meantime, come over to SERG lab at the specified time and we’ll take it from there.

[Please communicate this notice to anyone you know who took the interview and keep visiting this site for further notices.]

Call for Walk-in Interviews

We are pleased to announce that the research and development project titled “Dynamic Behavioral Attestation for Mobile Platforms” by Security Engineering Research Group (SERG) at IMSciences, in collaboration with Dr. Xinwen Zhang at the Samsung Information Systems America (SISA) has been formally initiated. The duration of the project is 24 months starting from the last quarter of 2008. Research objectives of the project are:
“To develop a dynamic remote attestation technique [hardware-based security mechanism] for diverse computing environments enabled by mobile platforms and to implement remote attestation on mobile platforms”.

The funding agency, National ICT R&D Fund, Pakistan is a prestigious organization which funds highly significant and state-of-the-art research and development projects in Pakistan related to information and communication technology. Benefits of participation include working in a competitive environment on bleeding edge research and development in collaboration with industry leaders in security and mobile devices, research credentials in the form of experience and research publications, an environment for learning about research activities and a handsome package.

The Project Director requires TWO experienced and skilled programmers for the full-time post of “R&D Scholar”.  Interested candidates should arrive at SERG Lab in IMSciences on Saturday October 18, 2008 at 9:00 AM along with relevant documents and skill exhibiting artifacts for a walk-in interview at the address given below:

SERG Lab, IMSciences
1-A, Sector E-5
Phase VII, Hayatabad
Peshawar, Pakistan
http://serg.imsciences.edu.pk

Dynamic Behavioral Attestation for Mobile Platforms

A new research and development project by SERG has just been approved by the National ICT R&D Fund. Details about the project can be seen on the project page at http://serg.imsciences.edu.pk/projects/dbamp

If you are in any way interested in participating in this project, do let us know. You can leave a comment here or contact one of the members of SERG through email.

Getting Java on Openmoko

This post is an experience report on porting java on openmoko. This includes many pastes from other locations, so, this might be ugly to look at. First, I describe how we tried building Kaffe for openmoko. The openmoko devel environment includes kaffe-1.1.5, so make build-package-kaffe-gtk got it started. Some problems were faced which were addressed by looking at these two patches. (Bold text marks changes). I’ve lost the links to the posts but you can find them easily by searching for titles (or author names).

Patch 1 applied:
-----------------------------------------------
[kaffe] [PATCH] JIT on arm
Sascha Hauer s.hauer at pengutronix.de
Wed Oct 4 01:23:18 PDT 2006
Previous message: [kaffe] Kaffe porting on MIPS
Next message: [kaffe] Swing not supporting with kaffe+Nano-X
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi all,
There is a comment in config/arm/linux/md.c which claims that Kernel 2.6
needs a VM_EXEC flag. Fact is that 2.6 never needed this flag, but since
2.6.9 it no longer ignores it.
I have two patches attached, the first one is the change in between 2.6.8
and 2.6.9 and the second one puts the arm jit back into business for kernels
>2.6.9
Have fun,
Sascha
diff -purN linux-2.6.8/arch/arm/kernel/traps.c linux-2.6.9/arch/arm/kernel/traps.c
— linux-2.6.8/arch/arm/kernel/traps.c 2004-08-14 07:36:56.000000000 +0200
+++ linux-2.6.9/arch/arm/kernel/traps.c 2004-10-18 23:53:51.000000000 +0200
@@ -381,7 +381,7 @@ do_cache_op(unsigned long start, unsigne
{
struct vm_area_struct *vma;
- if (end < start)
+ if (end < start || flags)
return;
vma = find_vma(current->active_mm, start);
Index: kaffe-1.1.7/config/arm/linux/md.c
===================================================================
— kaffe-1.1.7.orig/config/arm/linux/md.c
+++ kaffe-1.1.7/config/arm/linux/md.c
@@ -35,7 +35,7 @@ init_md(void)
void flush_dcache(void *start, void *end) {
__asm __volatile (”mov r0, %0\n”
“mov r1, %1\n”
- “mov r2, #4\n” /* this is VM_EXEC from linux/mm.h, needed for Kernel 2.6 */
+ “mov r2, #0\n”
“swi ” __sys1(__ARM_NR_cacheflush) “\n”
: /* no return value */
: “r” ((long)start), “r” ((long)end)
——————————–
patch 2 appliedd
—————————————–
[kaffe] CVS kaffe (robilad): build fix for arm linux interpreter
Kaffe CVS cvs-commits at kaffe.org
Sat Jan 26 17:52:02 PST 2008
Previous message: [kaffe] OpenSuse 10.3 - Kaffe compile make/ls/grep error
Next message: [kaffe] CVS kaffe (robilad): removed no longer needed cvsignore file
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
PatchSet 7720
Date: 2008/01/27 01:50:20
Author: robilad
Branch: HEAD
Tag: (none)
Log:
build fix for arm linux interpreter
Members:
ChangeLog:1.5221->1.5222
config/arm/linux/md.c:1.8->1.9
Index: kaffe/ChangeLog
diff -u kaffe/ChangeLog:1.5221 kaffe/ChangeLog:1.5222
— kaffe/ChangeLog:1.5221 Tue Jan 22 23:21:21 2008
+++ kaffe/ChangeLog Sun Jan 27 01:50:20 2008
@@ -1,3 +1,8 @@
+2008-01-25  Dalibor Topic  
+
+ * config/arm/linux/md.c (flush_dcache): Only
+ declare for JIT engine.
+
2008-01-22  Dalibor Topic  
* kaffe/kaffeh/Makefile.am (kaffeh_LDADD, AM_CPPFLAGS):
Index: kaffe/config/arm/linux/md.c
diff -u kaffe/config/arm/linux/md.c:1.8 kaffe/config/arm/linux/md.c:1.9
— kaffe/config/arm/linux/md.c:1.8 Sun Apr 22 23:39:20 2007
+++ kaffe/config/arm/linux/md.c Sun Jan 27 01:50:22 2008
@@ -26,6 +26,7 @@
#endif
}
+#ifdef TRANSLATOR
/**
* Shamelessly stolen from parrot… ([perl]/parrot/jit/arm/jit_emit.h arm_sync_d_i_cache)
*
@@ -41,3 +42,4 @@
: “r” ((long)start), “r” ((long)end)
: “r0″,”r1″,”r2″);
}
+#endif
—————————————–

A Standardized .bib File

After struggling with many .bib files for different papers and authors in SERG, I’ve decided to fix a .bib file for trusted computing and UCON. The file can be found at the link below. Please report any changes you make/require to recluze. I’ll be updating this file for all the changes I make. Please report the changes to me and always download the latest version of the file from the blog before starting a new paper.

Download tc-ucon-bib.

Trust2009 Call for Papers

                          Trust 2009
       2nd International Conference on Trusted Computing
                       Technical Strand

                   http://www.trust2009.org

                     6th - 8th April 2009
         St. Hugh's College, University of Oxford, UK

Building on the success of Trust 2008 (held in Villach,
Austria, in March 2008), this conference focuses on trusted and
trustworthy computing, both from the technical and social
perspectives. The conference itself will have two main strands,
one devoted to technical aspects and one devoted to the
socio-economic aspects of trusted computing. This call for
papers is for contributions to the technical strand - a
separate call will be issued for contributions to the other
strand of the conference.

The conference solicits original papers on any aspect of the
design and application of trusted computing. Topics of interest
include, but are not limited to:

    * architecture and implementation technologies for trusted
    platforms
    * limitations of trusted computing
    * mobile trusted computing
    * implementations of trusted computing (covering both
    hardware and software)
    * applications of trusted computing
    * attestation and possible variants (e.g. property-based
    attestation)
    * cryptographic aspects of trusted computing
    * intrusion resilience in trusted computing
    * virtualisation for trusted computing
    * security policy and management of trusted computing
    * access control for trusted platforms
    * privacy aspects of trusted computing
    * verification of trusted computing architectures

The proceedings of Trust 2008 are to be published in the
Springer Lecture Notes in Computer Science series. It is hoped
that the proceedings of Trust 2009 will also be published in
this series (negotiations are ongoing), and will be available
at the conference.

Authors are requested to submit papers in anonymised form, of
length at most 12 pages (excluding references and appendices),
using at least a 10pt font, and in pdf format.

General Chair:
    Andrew Martin	  	University of Oxford, UK

Programme Co-chairs (technical strand):
    Liqun Chen	    Hewlett-Packard Laboratories, Bristol, UK
    Chris Mitchell  Royal Holloway, University of London, UK

Program Committee:
    Endre Bangerter, Bern University of Applied Sciences,
        Switzerland
    David Challener, Lenovo, USA
    James Davenport, University of Bath, UK
    Robert Deng, Singapore Management University, Singapore
    Lo�c Duflot, SGDN/DCSSI, France
    Paul England, Microsoft, USA
    Sigrid Guergens, Fraunhofer, Germany
    Dirk Kuhlmann, HP Laboratories, UK
    Peter Lipp, IAIK, TU Graz, Austria
    Javier Lopez, University of Malaga, Spain
    Andrew Martin, University of Oxford, UK
    Yi Mu, University of Wollongong, Australia
    David Naccache, ENS, France
    Heike Neumann, NXP Semiconductors, Germany
    Elisabeth Oswald, University of Bristol, UK
    Kenny Paterson, RHUL, UK
    Raphael Phan, University of Loughborough, UK
    Bart Preneel, KU Leuven, Belgium
    Graeme Proudler, HP Laboratories, UK
    Sihan Qing, Chinese Academy of Sciences, China
    Carsten Rudolph, Fraunhofer, Germany
    Mark Ryan, University of Birmingham, UK
    Ahmad-Reza Sadeghi, University of Bochum, Germany
    Jean-Pierre Seifert, Samsung Research, USA
    Ari Singer, NTRU, USA
    Sean W Smith, Dartmouth College, USA
    Christian St�ble, Sirrix, Germany
    Leendert van Doorn, AMD, USA
    Vijay Varadharajan, Macquarie University, Australia

Important Dates:
    Submission due:     2 November 2008
    Notification:       19 December 2008
    Camera ready:       16 January 2009
    Conference:         6-8 April 2009

Paper Submission:
    https://www.isg.rhul.ac.uk/iChair/Trust2009/index.php

ASIACCS Call for Papers

ASIACCS Call for Papers online now.

ACM Symposium on Information, Computer and Communications Security (ASIACCS 2009)

ASIACCS 2009 Home > Call for Papers

Papers representing original research in both the theory and practice concerning information, computer and communications security are solicited.

1. Submission Deadline: 14 September 2008
2. Author Notification: 15 November 2008
3. Camera-Ready Deadline: 6 December 2008

‘Model-based Behavioral Attestation’ is Online

SACMAT’08 Proceedings have been posted online at ACM. Visit here to see our “Model-based Behavioral Attestation Framework”.