![[Search]](/static/images/search.gif){kind=small}
![[A-Z Index]](/static/images/az.gif){kind=small}
![[Contact]](/static/images/contact.gif){kind=small}
![[University of Cambridge]](/static/images/identifier2.gif){kind=small}
![[Talks.cam]](/static/images/talkslogosmall.gif)
Dr. Andrew 'bunnie' Huang, Independent Researcher
Tuesday 21 April 2020, 14:00-15:00
Trustable Hardware as a TOCTOU Problem: Overview and Potential Remedies
- đ¤ Speaker: Dr. Andrew 'bunnie' Huang, Independent Researcher
- đ Date & Time: Tuesday 21 April 2020, 14:00 - 15:00
- đ Venue: Webinar
Abstract
In this talk, we frame Trustable Hardware as a “Time of Check/Time of Use” (TOCTOU) problem. The basic problem with receiving a package containing “trusted hardware” is that the place of verification for hardware is physically distant and administratively distinct from the place of use. This is similar in nature to confirming the integrity of a web object by checking its hash on the server, then downloading it and running it.
The talk starts by exploring some of the potential attack vectors in the supply chain, thus motivating the need for point-of-use verification. We then use these constraints to formulate a system architecture that tries to simplify the user verification problem, thus providing a method for evidence-based trust in a given hardware artifact, as opposed to blind faith in the supply chain.
Series This talk is part of the Computer Laboratory Security Seminar series.
Included in Lists
- All Talks (aka the CURE list)
- bld31
- Cambridge talks
- Computer Laboratory Security Seminar
- Department of Computer Science and Technology talks and seminars
- Interested Talks
- School of Technology
- Security-related talks
- Trust & Technology Initiative - interesting events
- Webinar
- yk449
Note: Ex-directory lists are not shown.