Secure computing platform advances cybersecurity 'Holy Grail'

June 21, 2021 // By Rich Pell
Secure computing platform advances toward cybersecurity 'Holy Grail'
Researchers at the Carnegie Mellon University CyLab Security and Privacy Institute say they have developed a new provably secure computing environment that protects users' communication with their devices.

The computing environment protects users’ communication with devices such as keyboards, mice, or displays, from all other compromised operating system and application software and other devices. As a result, even if malicious hackers compromise operating systems and other applications, the secure environment is protected, making it impossible for hackers to eavesdrop on users' keystrokes, capture confidential screen output, or steal or modify data stored on user-pluggable devices.

Their platform, say the researchers, represents a big step toward the holy grail of cybersecurity - a user-friendly computing environment where the guarantee of security is as strong as a mathematical proof.

"In contrast to our platform, most existing endpoint-security tools such as antivirus or firewalls offer only limited protection against powerful cyberattacks," says CyLab's Virgil Gligor, a professor of Electrical and Computer Engineering (ECE) and a co-author of a paper on the research. "None of them achieve the high assurance of our platform. Protection like this has not been possible to date."

In their work, the researchers presented an I/O separation model, which defines precisely what it means to protect the communications of isolated applications running on frequently compromised operating systems such as Windows, Linux, or MacOS. The I/O model, say the researchers, is the first mathematically proven model that achieves communication separation for all types of I/O hardware and I/O kernels - the programs that facilitate interactions between software and hardware components.

As an example of how this works, if a user needs to transfer some money online and needs to guarantee that the transactions will remain private even if their computer has unknowingly been compromised with malware, performing those transactions in this environment would be provably secure. Even a completely compromised operating system cannot steal or modify the private data the user inputs using a keyboard or mouse and display on their screen.

This type of secure environment, say the researchers, is even more important with the rise of remote


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.