|
|
 |
The 1st Workshop on the Advance in Trusted Computing
第一回 トラステッド・コンピューティング ワークショップ
Toward the Next-Gen Trusted IT Infrastructure: The Advance in TCG and Hypervisor Technologies
次世代の信頼できるITインフラストラクチャに向けて: TCGと仮想化技術最前線
|
■プログラム詳細
| トラステッド・コンピューティング技術および仮想化技術の概要 |
| 講演者/Speaker |
丸山宏 博士, 日本アイ・ビー・エム株式会社 東京基礎研究所 所長
Dr. Hiroshi Maruyama, Director, IBM Tokyo Research Laboratory
Dr. Hiroshi Maruyama is the director of IBM Tokyo Research Laboratory (TRL), leading approximately 180 researchers in the areas of computer science, service science, and certain areas of physical science.
He joined IBM in 1983 at Japan Science Institute (later renamed to Tokyo Research Laboratory). Since then, he worked in various fields such as artificial intelligence, logic programming, natural language processing, machine translation, hand writing recognition, multi media, XML, Web services, and security.
During 1996-1997, he spent one year in Software Group Headquarters in Somers, New York, where he evaluated emerging Internet technologies. XML was one of these technologies, and he started to work no XML technologies after he returned to TRL in 1997. His team developed XML Parser for Java, one of the first fully compliant XML processors at the time, which helped IBM to jumpstart XML enablement of their software products. He co-authored the book "XML and Java: Developing Web Applications" that have been sold more than 60,000 copies worldwide in 6 different languages.
In 1997-2000, he served as an adjunct professor at Computer Science Department of Tokyo Institute of Technology, where he conducted research projects on Internet security. In 2003-2004, he was temporarily transferred to IBM's Business Consulting Services as a part of Research's On Demand Innovation Service (ODIS) program.
Hiroshi received his Ph. D from Kyoto University in 1995. He had several management positions at TRL before becoming the director in Feb. 2006. His research interests includes security & privacy, Web services, natural language processing, and computer science in general. He is an IBM Distinguished Engineer and a member of IBM Academy of Technology.
|
| 概要/Abstract |
トラステッド・コンピューティング技術および仮想化技術の概要 (講演資料はこちら) |
| EMSCB: Multilateral Security on Trustworthy Platforms (*) |
| 講演者/Speaker |
クリスチャン・ステューブル博士、ドイツ ルール大学ボフム校
Dr. Christian Stueble, Ruhr-University Bochum, Germany
Christian Stueble is research assistant at European Centre for IT-Security (eurobits), Ruhr-University Bochum, Germany. He is maintainer of the PERSEUS security architecture and technical leader of the EMSCB project. His main research interests are operating system security, trusted computing, and security engineering.
|
| 概要/Abstract |
ドイツ連邦経済技術省主導で行われている EMSCB (European Multilateral Secure Computing Base) プロジェクトについて、その政治的、経済的、技術的目標、およびオープンソース化されるプロトタイプを含めたプロジェクト計画の全貌について説明します。また、プロパティに基づく完全性証明など、ボフム大学でのTPMを使用した研究プロジェクトについてご紹介します。 (講演資料はこちら)
In the first part of this talk, I will summarize the political, economical, and technical goals of EMSCB - a R&D project based on trusted computing technology - and present the milestones and prototypes that will be published under an open-source license. The EMSCB project is founded by the German Federal Ministry of Economics and Technology.
In the second part, I will present some of our trusted computing-related research topics (e.g., property-based attestation) and summarize our first experiences with developments based on Trusted Platform Modules (TPM's).
|
| OpenTC and Trusted Computing at the IBM Zurich Research Lab (*) |
| 講演者/Speaker |
マティアス・シュンター博士、IBMチューリヒ研究所 Research Staff Member
Dr. Matthias Schunter, Research Staff Member, IBM Research, Zurich Research Laboratory
Dr. Schunter is leading the trusted computing research at the IBM Zurich Research Laboratory. He contributes to IBM’s efforts in the Trusted Computing Group and has lead an IBM Academy study on integrity-based computing.
His research interests include formal modeling in privacy and the design of protocols providing multi-party security. He received a diploma in Computer Science at the University of Hildesheim and holds a PhD (Dr.-Ing.) in Computer Science from Saarbrucken University. Since April 2001, he has been a member of the research group “Network Security and Cryptography” at the IBM Zurich Research Laboratory. This group is a leading contributor to the Privacy Research Institute of IBM.
Between 1994 and 2001, he was researcher in Computer Science at the Universities of Hildesheim, Dortmund, and Saarbrucken. He participated in the projects CAFE on off-line electronic payments and SEMPER aimed at an open integrated solution for global electronic commerce. At Saarbrucken, he was group leader of the MAFTIA project, which combines fault-tolerance and cryptography. All three projects were supported by the European Union. Dr. Schunter is author or co-author of more than thirty technical papers on security and privacy.
|
| 概要/Abstract |
OpenTCプロジェクトは、パーソナルコンピュータ上で、オープンで仮想化された信頼できるプラットフォーを実現することを目標としています。OpenTCは欧州委員会の主導により複数企業が参加するプロジェクトです。本講演ではOpenTCの概要と、IBMチューリヒ研究所における研究成果を発表します。(講演資料はこちら)
The first part of this presentation gives an overview of the
OpenTC research project funded by the European Commission. The overall goal
of OpenTC is to build an open virtualized platform for trusted computing on
personal computers.
The second part surveys selected research activities at the IBM Zurich
Research Laboratory. We designed and demonstrated reliable management of
virtualized machines in an outsourcing environment. The goal of our
prototype was to use trusted computing to verify the integrity of a
management infrastructure that was isolated from the actual customer systems.
|
| Trusted Infrastructure Research at Hewlett-Packard Labs (*) |
| 講演者/Speaker |
クリストファー・ダルトン博士、Principal Research Scientis, HP研究所
Dr. Chris I Dalton, Principal Research Scientist, HP Labs
Chris I Dalton is a Principal Research Scientist at HP Labs. He is responsible for the research agenda of the Trusted Infrastructure group within the Trusted Systems Laboratory, HP Labs. The Trusted Systems Laboratory within HP Labs houses the main trust and security research for Hewlett-Packard. Chris I Dalton has been working in the area of operating system security and secure operating system design for over 10 years. He has a particular interest in strong yet pragmatic and usable security and trust mechanisms. He was the chief architect of the Trusted Linux research project which subsequently became the HP Secure Linux OS. More recently he has been working in the area of machine virtualization technology and its application in combination with Trusted Computing Group technology to secure system design.
|
| 概要/Abstract |
HP研究所のトラステッド・インフラストラクチャグループはTCGの開発と発展に大きく寄与してきました。HP研究所ではトラステッド・コンピューティングの持つ信頼基盤をコンピューティング・インフラストラクチャ全体に拡張するための研究を過去数年に渡って行ってきました。本公演ではHP研究所の研究について、特にTCG技術とネットワーク仮想化技術を組み合わせたインフラストラクチャと、その上でのアプリケーションについての研究成果を発表します。(講演資料はこちら)
The Trusted infrastructure group at HP Labs has played a significant part in the development of the Trusted Computing Group (TCG). One of our group members here in HP Labs is the chairman of the TCG technical committee.
Trusted Computing Group technology provides a firm foundation for trust at the platform level. Over the past few years we have been building on this foundation and exploring ways of extending this trust foundation throughout computing infrastructures.
In this talk I will describe some of our main research results in this area. Specifically I will talk about our work around combining TCG technology with machine and network virtualization technology and the applications of it in both Enterprise and Utility computing environments.
|
| sHype Hypervisor Security Architecture - A Layered Approach Towards Trusted Virtual Domains (*) |
| 講演者/Speaker |
ライナー・セイラー博士、IBM T.J.ワトソン研究所 Research Staff Member
Dr. Reiner Sailer, Research Staff Member, IBM T.J. Watson Research Center
Reiner Sailer is a Research Staff Member at the IBM T. J. Watson Research Center since 1999 where he is working in the Secure Systems Department. He holds a Masters degree in Computer Science from the University of Karlsruhe (Germany 1994) and a Dr.-Ing. degree in Electronic Engineering from the University of Stuttgart, Germany (1999), where he worked on privacy, multi-lateral security, and security and fraud control in telecommunication networks. His major research interests today include secure hardware, access control, network and systems security, trusted computing, and secure virtualization infrastructure.
|
| 概要/Abstract |
sHypeはIBMリサーチにより開発されたハイパーバイザーアーキテクチャであり、オープンソースのXenハイパーバイザの一部として既に公開されています。sHypeはシンプルでシステム非依存な強制アクセス制御ポリシーの運用を可能とします。我々の目標はサーバプラットフォームのための安全な基盤を提供することであり、そのために強力な分離、仮想マシン間での安全なリソースの共有、仮想マシンやハイパーバイザの完全性保証などを提供することにあります。本講演ではsHypeのアクセス制御フレームワークと、そのXenハイパーバイザ上での実装についてご紹介します。(講演資料はこちら)
sHype is a hypervisor security architecture developed by IBM Research for different virtual machine monitors. It is available as an integral part of the Xen open-source hypervisor. Building on emerging and broadly available hardware and software support for virtualization, sHype provides simple system-independent and robust security policies and enforcement guarantees. It controls virtual resources across multiple platforms. Our main objective is to provide a secure foundation for server platforms, providing functions such as strong isolation, mediated sharing between virtual machines, attestation and integrity guarantees for the hypervisor and its virtual machines, resource control, and secure services. In this talk, I will focus on the sHype access control framework and its implementation into the Xen hypervisor: first on the Xen access control policies and second on the layering of operating system security policies on top sHype. This talk concludes with a discussion of sHype layered access control in relation to Virtual Trusted Domains as cooperatively pursued by the IBM research labs in Tokyo, Zuerich, and Hawthorne.
|
(*) 講演は英語で行われます。
|
|
|
