Taming “Trusted Platforms” by Operating System Design

  • Ahmad-Reza Sadeghi
  • Christian Stüble
Conference paper

DOI: 10.1007/978-3-540-24591-9_22

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2908)
Cite this paper as:
Sadeghi AR., Stüble C. (2004) Taming “Trusted Platforms” by Operating System Design. In: Chae KJ., Yung M. (eds) Information Security Applications. WISA 2003. Lecture Notes in Computer Science, vol 2908. Springer, Berlin, Heidelberg

Abstract

Experiences of the past have shown that common computing platforms lack security due to architectural problems and complexity. In this context, Microsoft Palladium (Pd) and TCPA are announced to be the next-generation computing platforms, and claimed to improve users’ security. However, people are concerned about those capabilities of TCPA/Pd that may allow content providers to gain too much power and control over the use of digital content and users’ private information.

In this paper, we argue that TCPA/Pd can increase the security of computing platforms by faithfully designing the operating system. Moreover, we discuss how interferences between digital rights management capabilities and end-user security can be prevented. Our results are based on the fact that even with TCPA/Pd platforms the operating system has enough control over the platform to prevent misuse by both content providers and end-users.

We argue that such a trustworthy operating system, that is secure in the sense of multilateral security, can be developed without much effort by efficiently combining the ideas of security kernels and state of the art of operating system technology. We propose a new architecture for a trustworthy security platform that uses TCPA/Pd hardware features in conjunction with an open-source security kernel we have developed. Our security kernel provides backward-compatibility to the Linux operating system. The layered design and its lightweightness allows an easy migration to other hardware platforms like PDAs, mobile phones, and embedded systems.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Ahmad-Reza Sadeghi
    • 1
  • Christian Stüble
    • 2
  1. 1.Institute for Information and Communication SecurityRuhr-University BochumBochumGermany
  2. 2.Security and Cryptography GroupSaarland UniversitySaarbrückenGermany

Personalised recommendations