Remote code execution becomes more and more important as can be seen by Grid computing or distributed computing projects like SETI@home. However, executing programs on foreign computers leads to security risks if the program contains sensitive data or algorithms. Current operating systems can protect user programs from other malicious programs running on the same host. But this does not prevent attacks from a system administrator or a malicious operating system. Further, even if the operating system is trusted it is possible to physically intercept communication between main memory and processor to gather information about the executed programs. As a result, these security risks prevent the execution of sensitive algorithms or programs computing on sensitive data on not trustworthy remote systemsIn this paper we present a combined hardware and software architecture to provide a secure and tamper resistant computing environment without relying on trusted system administrators and a fully trusted operating system. Our proposed architecture provides a security enhancement implemented on top of a standard processor. Compared to external co-processor solutions, our architecture does not suffer from memory, functionality and performance limitations. Furthermore, normal and protected programs can be run concurrently in a multitasking environment

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	B. Cohen. AES-hash. http://csrc.nist.gov/CryptoToolkit/modes/proposed-modes/aes-hash/aeshash.pdf, May 2001.
	2	I. Cryptographic Products. IBM PCI Cryptographic Coprocessor: General Information Manual, May 2002.
	3	J. Gaisler. LEON2 Processor User's Manual - XST Edition (Version 1.0.24). Gaisler Research, http://www.gaisler.com/doc/leon2-1.0.24-xst.pdf, 2003.
	4	Blaise Gassend , G. Edward Suh , Dwaine Clarke , Marten van Dijk , Srinivas Devadas, Caches and Hash Trees for Efficient Memory Integrity Verification, Proceedings of the 9th International Symposium on High-Performance Computer Architecture, p.295, February 08-12, 2003
	5	A. Hodjat and I. Verbauwhede. Speed-area trade-off for 10 to 100 Gbits/s throughput AES processor. In 2003 IEEE Asilomar Conference on Signals, Systems, and Computers, November 2003.
	6	D. Lie, C. A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. C. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software, 2000.
	7	S. Microsystems. Java card security white paper. http://java.sun.com/products/java-card/Java-CardSecurityWhitePaper.pdf, October 2001.
	8	NIST. Specification for the Advanced Encryption Standard (AES) - Federal Information Processing Standards Publication 197. National Institute of Standards and Technology, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, 2001.
	9	Richard P. Paul, SPARC architecture, assembly language programming, and C, Prentice-Hall, Inc., Upper Saddle River, NJ, 1994
	10	R. Rivest. RFC 1321: The MD5 message-digest algorithm, Apr. 1992. Status: INFORMATIONAL.
	11	G. Edward Suh , Dwaine Clarke , Blaise Gassend , Marten van Dijk , Srinivas Devadas, AEGIS: architecture for tamper-evident and tamper-resistant processing, Proceedings of the 17th annual international conference on Supercomputing, June 23-26, 2003, San Francisco, CA, USA  [doi>10.1145/782814.782838]
	12	SUN. The SPARC Architecture Manual, version 8. SUN Microsystems, http://www.sparc.com, 1992.
	13	TCG. Trusted computing group. http://www.trustedcomputing.org.
	14	B. Yee. Using secure coprocessors. PhD thesis, Carnegie Mellon University, May 1994.