Skip to main content
SpringerLink
Log in

Options for Securing PCs Against Phishing and Espionage: A Report from the EU-Project “Open Trusted Computing”

  • Chapter
  • First Online:
Computers, Privacy and Data Protection: an Element of Choice

Abstract

Private and business PC users will continue to experience attacks from viruses and Trojan horses. The latter might, e.g., eavesdrop on banking passwords or send confidential business data to a criminal. It is very difficult to provide protection from such attacks on private information within the current operating systems. Novel approaches to securing such data outside the user’s main operating system, using virtualization techniques are presented here. The transparency and trustworthiness of such approaches are, however, by no means guaranteed. In order to protect users, the development of such approaches could be monitored and influenced at the political level, e.g. by governments procuring such systems.

*Contribution based on work at Institute for Technology Assessment and Systems Analysis, KIT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See: Chris Dalton. “A Hypervisor Against Ferrying Away Data,” Interview by Franco Furger and Arnd Weber. OpenTC Newsletter, April 2009. http://www.opentc.net/publications/OpenTC_Newsletter_07.pdf. MI5: Espionage. http://www.mi5.gov.uk/output/espionage.html.

  2. 2.

    Paul England. “Practical Techniques for Operating System Attestation”. Presentation given at: Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, Trust 2008, Villach, Austria, March 11–12, 2008.

  3. 3.

    See: William Arbaugh, David Farber, and Jonathan Smith. “A Secure and Reliable Bootstrap Architecture,” Proceedings of the 1997 IEEE Symposium on Security and Privacy: 65–71. Birgit Pfitzmann, James Riordan, Chris Stüble, Michael Waidner, and Arnd Weber. The PERSEUS System Architecture. IBM Research Report RZ 3335, IBM Research – Zurich, April 2001. http://www.zurich.ibm.com/security/publications/2001.html.

  4. 4.

    The OpenTC-project was supported by the European Commission (project IST-027635). ITAS was responsible for work on requirements, specifications, and dissemination.

  5. 5.

    Dirk Weber, Arnd Weber, Stéphane Lo Presti. Requirements and Design Guidelines for a Trusted Hypervisor User Interface. Paper presented at: Future of Trust in Computing. Berlin, Germany, 30 June – 2 July, 2008. Proceedings published by Vieweg & Teubner, Wiesbaden 2009

  6. 6.

    For technical details, see the information available at http://www.opentc.net. Use, e.g., the project’s final report or the newsletter as a guidance.

  7. 7.

    David Grawrock. The Intel Safer Computing Initiative. Intel Press, 2006.

References

  • Arbaugh, W., D. Farber, and J. Smith. “A Secure and Reliable Bootstrap Architecture,” Proceedings of the 1997 IEEE Symposium on Security and Privacy, (1997): 65–71.

    Google Scholar 

  • Dalton, C. “A Hypervisor Against Ferrying Away Data,” Interview by Franco Furger and Arnd Weber. OpenTC Newsletter, April 2009. http://www.opentc.net/publications/OpenTC_Newsletter_07.pdf.

  • England, P. Practical Techniques for Operating System Attestation. Presentation given at: Trusted Computing - Challenges and Applications, First International Conference on Trusted Computing and Trust in Information Technologies, Trust 2008, Villach, Austria, March 11–12, 2008.

    Google Scholar 

  • Grawrock, D. The Intel Safer Computing Initiative. Intel Press, Hillsboro, 2006.

    Google Scholar 

  • Kuhlmann, D., and A. Weber. OpenTC Final Report. The Evolution of the OpenTC Architecture Illustrated via its Proof-of-Concept-Prototypes. Bristol, Karlsruhe 2009, http://www.opentc.net/.

  • MI5: Espionage. http://www.mi5.gov.uk/output/espionage.html.

  • OpenTC. Project website. http://www.opentc.net/

  • OpenTC. Project newsletter, available at http://www.opentc.net.

  • Pfitzmann, B., J. Riordan, C. Stüble, M. Waidner, and A. Weber. “The PERSEUS System Architecture.” IBM Research Report RZ 3335, IBM Research – Zurich, April 2001. http://www.zurich.ibm.com/security/publications/2001.html.

  • Weber, D., A. Weber, and S. Lo Presti. “Requirements and Design Guidelines for a Trusted Hypervisor User Interface.” (Paper presented at: Future of Trust in Computing. Berlin, Germany, 30 June – 2 July, 2008). Proceedings published by Vieweg & Teubner, Wiesbaden 2009.

    Google Scholar 

Download references

Acknowledgements

We wish to express our thanks to Dirk Kuhlmann, Armand Puccetti and Matthias Schunter and to all OpenTC-partners: Technikon Forschungs- und Planungsgesellschaft mbH (project coordination, AT); Hewlett-Packard Ltd (technical leader, UK); AMD Saxony LLC & Co. KG (DE); Budapest University of Technology and Economics (HU); Commissariat à l’Energie Atomique – LIST (FR); COMNEON GmbH (DE); Forschungszentrum Karlsruhe GmbH – ITAS (DE); Horst Goertz Institute for IT Security, Ruhr-Universitaet Bochum (DE); IBM Research GmbH (CH); Infineon Technologies AG (DE); INTEK Closed Joint Stock Company (RU); ISECOM (ES); Katholieke Universiteit Leuven (BE); Politecnico di Torino (IT); Portakal Teknoloji (TR); Royal Holloway, University of London (UK); SUSE Linux Products GmbH (DE); Technische Universitaet Dresden (DE); Technische Universitaet Graz (AT); Technische Universitaet Muenchen (DE); Technical University of Sofia (BR); TUBITAK – UEKAE (TR); and University of Cambridge (UK).

Author information

Authors and Affiliations

  1. Institute for Technology Assessment and Systems Analysis, Karlsruhe Institute of Technology, Hermann-von-Helmholtz-Platz 1, D-76344, Eggenstein-Leopoldshafen, Germany

    Arnd Weber & Dirk Weber*

Authors
  1. Arnd Weber
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dirk Weber*
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Arnd Weber .

Editor information

Editors and Affiliations

  1. Law, Science, Technology & Society, (LSTS), Vrije Universiteit Brussels, Pleinlaan 2, Bruxelles, 1050, Belgium

    Serge Gutwirth

  2. Research Centre for Information, Technology & Law, University of Namur, Rempart de la Vierge 5, Namur, 5000, Belgium

    Yves Poullet

  3. Center for Law, Science, Technology, and Society Studies (LSTS), Vrije Universiteit Brussel, Pleinlaan 2, Brussels, 1050, Belgium

    Paul De Hert

  4. , TILT, Tilburg University, Warandelaan 2, Tilburg, 5037 AB, Netherlands

    Ronald Leenes

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media B.V.

About this chapter

Cite this chapter

Weber, A., Weber*, D. (2011). Options for Securing PCs Against Phishing and Espionage: A Report from the EU-Project “Open Trusted Computing”. In: Gutwirth, S., Poullet, Y., De Hert, P., Leenes, R. (eds) Computers, Privacy and Data Protection: an Element of Choice. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-0641-5_9

Download citation

Publish with us

Policies and ethics

Search

Navigation