UTCS Colloquia - Bryan Parno/Microsoft Research, "Building Trusted Systems with Protected Modules", ACES 2.402

Contact Name: 
Jenna Whitney
Feb 20, 2012 3:00pm - 4:00pm

There is a sign-up schedule for this event that can be found at


Type o

f Talk: UTCS Colloquia

Speaker/Affiliation: Bryan Parno/Microsoft Rese


Talk Audience: UTCS Faculty, Graduate Students, Undergraduate S

tudents, and Outside Interested Parties

Date/Time: February 20, 2012

, 3:00 p.m.

Location: ACES 2.402

Host: Michael Walfish

Title: Building Trusted Systems with Protected Modules

Talk Abstract:

As businesses and individuals entrust more and more sensitive tasks (e.g

., paying bills, shopping online, or accessing medical
records) to com

puters, it becomes increasingly important to ensure this trust is warrante

d. However, users are understandably reluctant to abandon the low cost,

high performance, and flexibility of today''s general-purpose computers.

In this talk, I will describe Flicker, an architecture for constructing p

rotected modules. Flicker demonstrates that we can satisfy the need for fe

atures and security by constructing an on-demand secure execution environme

nt, using a combination of software techniques and recent commodity CPU en

hancements. This provides a solid foundation for constructing secure syste

ms that must coexist with standard software; the developer of a security-s

ensitive code module need only trust her own code, plus as few as 250 line

s of Flicker code, for the secrecy and integrity of her code''s execution.

However, for many applications, secrecy and integrity are insufficient

; thus, I''ll discuss techniques for providing practical state continuity
for protected modules. To ensure the correctness of our design, we devel

op formal, machine-verified proofs of safety. To demonstrate practicalit

y, we have implemented our architectures on Linux and Windows running on A

MD and Intel. Finally, I''ll discuss some of the higher-level services we
are building out of protected modules.

Speaker Bio:
Bryan Parno is

a researcher in the Security and Privacy Group within Microsoft Research,

Redmond. His interests span a broad range of security topics, including n

etwork and system security, applied cryptography, usable security, and d

ata privacy. Currrently, he is investigating primitives for building secu

re systems, next-generation application models, privacy-preserving online
services, and cryptographic techniques for securely outsourcing computati

on. He completed his PhD at Carnegie Mellon University under the supervisi

on of Adrian Perrig. His dissertation received the 2010 ACM Doctoral Disse

rtation Award, and he recently co-authored the book "Bootstrapping Trust i

n Modern Computers".