The JavaTM Virtual Machine is viewed by many as inherently insecure despite all the efforts to improve its security. In this paper we take a different approach to Java security and describe the design and implementation of a system that provides operating system style protection for Java code. We use hardware protection domains to separate Java classes, provide access control on cross domain me...

In the paper we present an overview of Saga Security System, a security architecture in open distributed systems. An agent in Saga Security System is called a Saga Agent. The authorization model in Saga Security System (Saga authorization model) supports the novel concept of a service path and provides uniform and flexible protection appropriate for advanced computational models such as objecto...

In this article we describe a system based on a 32-bit processor, Leon, complete with security features offered by a specific cryptographic AES IP. Hardening is done not only on the principal hardware components but on the operating system as well, with attention for possible interaction between the different levels. The cryptographic IP is protected too to offer good resistance against, for ex...

Hardware side channel vulnerabilities have been studied for many years in embedded silicon-security arena including SmartCards, SetTop-boxes, etc. However, because various recent security activities have goals of improving the software isolation properties of PC platforms, software side channels have become a subject of interest. Recent publications discussed cache-based software side channel v...

Chile revolutionized pension systems in 1981 by transforming its defined-benefit pay-asyou-go contributive system into a defined contribution privately managed fully-funded scheme. After 27 years, the fragmentation, low coverage and high costs of administering the private system led to a comprehensive reform to address these problems in 2008. The latter reform was a step forward in several ways...

Todays in-vehicle IT architectures are dominated by a large network of interactive, software driven digital microprocessors called electronic control units (ECU). However, ECUs relying on information received from open communication channels created by other ECUs or even other vehicles that are not under its control leaves the doors wide open for manipulations or misuse. Thus, especially safety...

This paper describes the development of a virtualmachine monitor (VMM) security kernel for the VAX architecture. The paper particularly focuses on how the system’s hardware, microcode, and software are aimed at meeting Al-level security requirements while maintaining the standard interfaces and applications of the VMS and ULTRIX-32 operating systems. The VAX Security Kernel supports multiple co...

Using mobile phones to access healthcare data is an upcoming application scenario of increasing importance in the near future. However, important aspects to consider in this context are the high security and privacy requirements for sensitive medical data. Current mobile phones using standard operating systems and software cannot offer appropriate protection for sensitive data, although the har...

More and more mobile device manufacturers are recognizing the importance of security for their devices in order to protect valuable information of their customers. However, the security of many mobile devices currently does not suffice to protect against modern sophisticated attackers. This paper will go into detail on how these devices can be secured at the hardware level, to ensure that the d...

As the commercial use of the Internet becomes common and the demand for mobile computing through the Internet is emerging, it is necessary to construct a secure mobile environment. This paper presents an implementation example of such a system which employs a secure mobile IP protocol on stationary security gateways and mobile hosts. The IETF standard Mobile IP protocol is modified with I P sec...