Litteratur
The course literature consists of the lecture slides and following reading material.
Trusted computing:
Mandatory reading
- Mobile Trusted Computing, Ansokan et all
- SGX: Innovative Instructions and Software Model for Isolated Execution
The below article will be part of material of the last area quiz
- Secure VM lauch: Trusted Launch of Virtual Machine Instances in Public IaaS Environments, Gehrmann, et all
Background reading
- TCG specification on TPM (note there are specs for TPM versions 1.2 and 2.0)
- Guidelines on Hardware-Rooted Security for Mobile devices, NIST draft
- Security Analysis of Dockers: http://arxiv.org/pdf/1501.02967.pdf
- HSM, An Overview of Hardware Security Modules, brief description
- TPM software: TPM Software to test: http://ibmswtpm.sourceforge.net/
- SGX: Intel Tutorial on SGX, 2015
- SGX: Video Standford by Frank McKeen
- TrustZone: Samsung Knox
- TrustZone: Reflections, from Blackhat conference
-
Mifare (Little Security, Despite Obscurity), Karsten Nohl, Henryk Plötz
- RFID Handbook: Fundamentals and Applications in Contactless Smart Cards, Radio Frequency Identification and Near-Field Communication, 3rd Edition
Klaus Finkenzeller, Dorte Muller (Translated by) Wiley, June 2010 - New Algorithms about learning in the presence of errors, Sanjeev Arora
Rong Ge, Princeton
Trusted Computing applied:
- ICT Infrastructure
- Trusted computing in infrastructure: Trusted Infrastructure
- Cloud:
- OpenStack Trustpools:
DDOS lab:
Mandatory reading
- DNSSEC and Its Potential for DDoS Attacks, R v Rijswijk-Deij, A Sperotto, A, Pras, IMC’14, November 5–7, 2014, Vancouver, BC, Canada.
Background reading
- DDOS-basics, http://www.team-cymru.org
- Defeating DDOS attacks, CISCO white paper, updated Jan 2014 http://www.cisco.com/c/en/us/products/collateral/security/traffic-anomaly-detector-xt-5600a/prod_white_paper0900aecd8011e927.html
Secure networking:
Mandatory reading
- Comparison between RADIUS and Diameter, A Hosi, HUT, Finland, 2003.
- Cryptography in an all encrypted world , C. Jost, et al, Ericsson Review, Dec 2015.
Background reading
-
ETSI workshop on PQC http://www.etsi.org/images/files/Events/2014/201410_Crypto/e-proceedings-QSC-14.pdf
LTE Security:
Mandatory reading
•Security in the Evolved Packet System, R. Blom, et al. Ericsson Review, Oct 2010.
Background Reading
- 3GPP spec: 3GPP System Architecture Evolution (SAE); Security architecture
-
•LTE Security, D. Forsberg, et al, Wiley, 2010. Very good but only if you are really interested.
Crypto:
Mandatory reading
- Cryptography in an all encrypted world , Ericsson Review, Dec 2015
Reference reading (a bit dated in some parts but still very usefull)
Forensics:
Mandatory reading
- Forensics of mobile phone internal memory: by Svein Y. Willassen. Norwegian University of Science and Technology
- Altheide Video The death of computer forensics
Background reading
- Video on steganography using images: construction and detection. Thanks Johan!
- Forensics of data in Flash memory
- (not compulsary reading) Digital Evidence and Computer Crime, 2nd edition, Eoghan Casey, 2004, Academic Press
- Lest We Remember: Cold Boot Attacks on Encryption Keys:
- Bender et all, Techniques for data hiding
Homomorphic Encryption
SW security: