WashU Bear Shell Daily

Introduction The number of information technologies, such as IoT devices and mobile Internet, are rising and therefore also the need for trustworthy computing environments. The digital community is seeing more and more threats to their secret information, threats such as computer viruses and malware. Any company or individual with sensitive information will want to be able to keep it in a secure environment that preserves the integrity, authenticity, confidentiality and reliability of the data. Not only does the information need to be secure in an individual server but will need to travel through trusted channels. While firewalls and virus defense mostly protect the server side of a computing platform, the client side is vulnerable, which is where trusted computing comes in.  There are many organizations that have attempted to establish a standard definition for trusted computing, but there are many different ways of understanding a trustworthy environment. The Trusted Computing

R untime isolation and sandboxed environments are central to modern application security, but the most commonly used ones may not be as secure as we hope. Overview The general idea of isolated or sandboxed environments is to give a program a limited scope in which to operate. Instead of allowing a given program to use any of a machine’s resources, physical or virtual, you restrict its environment such that it can only access aspects of the system that the sandbox designer has decided are available for use by the program. This is not unlike putting your child in a literal sandbox with high walls – they are free to do whatever they want with all the sand, toys, and tools inside, but cannot interact with the environment outside. Isolation principles are in play at pretty much every aspect of modern computing. For example, last week a classmate wrote a blog on WannaCry, an exploit in Windows SMB older and unpatched versions of Windows. Without going into the detail