Andreas Poller scite author profile

We discuss attack scenarios against the TPM-based boot process of BitLocker. BitLocker is a disk volume encryption feature included in some recent versions of Microsoft Windows. BitLocker is capable of using the TPM to manage all or a portion of its secret encryption keys. Specifically it uses the sealing feature to ensure keys are released only if the platform is in a predefined, trusted state. We present six ways in which an attacker may gain access to secret key material by manipulating the boot process in ways not prevented by the trusted computing technology. We also discuss their causes and contributing factors.

show abstract

Can Security Become a Routine?

Poller

Kocksch

Türpe

et al. 2017

View full text Add to dashboard Cite

Emission statt Transaktion

Türpe

Geuter²,

Poller

2017

View full text Add to dashboard Cite

Caring for IT Security

Kocksch

Korn

Poller

et al. 2018

Proc. ACM Hum.-Comput. Interact.

View full text Add to dashboard Cite

Despite being considered a fundamental issue in the design, use, and appropriation of digital technologies, IT security has found but little attention in CSCW so far. Approaches in Human-Computer Interaction and Software Engineering do not account appropriately for the weave of dispersed practices that it takes to 'do' IT security---practices that involve a heterogeneous set of actors and unfold at diverse sites and across organizational, legal, and professional boundaries. In this paper we propose to conceive of IT security through the lens of care, a notion that we draw from Science and Technology Studies. Caring for IT security requires continuous, often invisible work that relies upon tinkering and experimentation and addresses perennial oscillations between in-/securities. Caring for IT security, then, engages with established accountabilities and cultivates a moral stance that refrains from blaming insecurities upon single actors. We conclude with outlining a caring approach to IT security for CSCW.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Andreas Poller

Electronic Identity Cards for User Authentication—Promise and Practice

Attacking the BitLocker Boot Process

Can Security Become a Routine?

Emission statt Transaktion

Caring for IT Security

Contact Info

Product

Resources

About