Open Virtualization for Xilinx’s ZC-702

Open Virtualization (OV) is the first open software implementation of a Trusted Security Environment (TEE) for ARM TrustZone hardware security extensions as specified in Global Platform’s TEE Specification.. Sierraware is the company behind it. Since I first knew of OV I have had a great interest in using it for my research, and therefore I have spent some time understanding it and improving it to work with the boards we work with – the Xilinx’s ZC702. This efforts are now materialized in a git repository, under a GNU v2.0 License.

Continue reading

OpenIT: “Building Trust Despite Digital Personal Devices”

The IT University of Copenhagen started in 2013 an initiative called OpenIT. The idea is to share knowledge inside the university by giving TED-like talks on a weekly bases. Here is mine 🙂

Abstract:

Our innate ability to evaluate social norms, contexts, or the trust we put in other individuals, makes us naturally equipped to regulate flows of information in our daily human interactions. However, when dealing with digital interactions, we are not that well equipped. Not being able to control how digital devices handle our sensitive information leads us to distrust both the devices, the services we are using, and the parties that provide them. Usage control models have been defined that could represent complex information flow policies. They have never been implemented so far because they made out-of-touch assumptions about security. Even today, the usage policies embedded in personal devices, defined by manufacturers and service providers, are based on obscurity and are therefore fragile to exposure. They cannot be modified or extended by users. Does it have to be this way? We don’t think so. In this talk, we will present (i) the building blocks to implement a usage control model that can enforce policies coming from both users and service providers; (ii) a framework that can support it; and (iii) our work on trusted storage, data integrity, and storage-based intrusion detection, from which usage policies adapted to today’s technological context start to emerge.\

 

–javier