Abstract
Trusted path is one of the crucial features that operating systems must provide for fundamental security support. In order to explore the possibility of implementing a trusted path mechanism with the support of trusted platform module (TPM) technologies, and to support TPM capabilities in operating systems, the paper extended the scope of the conventional trusted path to cover the situation in which a user communicates with software residing on a remote host. The paper combined the concept of operating system support for trusted path with that for TPM platforms, and proposed the architecture of an extended trusted path mechanism in operating system with considerations on TPM-capable platforms support. As part of the author's research in secure operating systems, the work of the paper was carried out with Linux as an experimental prototype system. The research result shows that TPM capabilities can strengthen extended trusted path mechanisms of operating systems.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Trusted Computing Group. Trusted Platform Modules Strengthen User and Platform Authenticity [DB/OL]. [2006-01-30]https://www.trustedcomputinggroup.org/specs/TPM/Whitepaper_TPMs_Strengthen_User_and_Platform_Authenticity_Final_1_0.pdf.
Rau S. The Trusted Computing Platform Emerges as Industry's First Comprehensive Approach to IT Security [DB/OL]. [2006-02-01].https://www.trustedcomputinggroup.org/news/Industry_Data/IDC_448_Web.pdf.
Trusted Computing Group. TPM Main Part 1 Design Principles Specification Version 1. 2 [DB/OL]. [2006-03-29].https://www.trustedcomputinggroup.org/specs/TPM/Main_Part1_Rev94.zip.
Loscocco P A, Smalley S D, Muckelbauer P A,et al. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments [C]//Proceedings of the 21st National Information Systems Security Conference. Crystal city, Virginia, 1998:303–314.
Kay R L. How to Implement Trusted Computing: A Guide to Tighter Enterprise Security [DB/OL]. [2006-02-01].https://www.trustedcomputinggroup.org/news/Industry_Data/Implementing_Trusted_Computing_ RK.pdf.
Trusted Computing Group. TCG Software Stack (TSS) Specification Version 1. 2 Level 1 Part1: Commands and Structures [DB/OL]. [2006-01-06].https://www.trusted computinggroup.org/specs/TSS/TSS_Version_1.2_Level_1_FINAL.pdf.
Department of Defense. DoD5200. 28-STD Trusted Computer System Evaluation Criteria [S]. New York: Department of Defense, 1985.
IOS. ISO/IEC15408-2: 1999 (E) Evaluation Criteria for IT Security Part 2: Security Functional Requirements [S]. New York: ISO, 1999.
Liu Kelong, Feng Dengguo, Shi Wenchang.Secure Operating Systems: Principles and Technologies [M]. Beijing: Science Press, 2004 (Ch).
National Computer Security Center.Final Evaluation Report TIS Trusted XENIX version 4. 0 [R]. Maryland: National Computer Security Center, 1994.
Trusted Computing Group. Trusted Network Connect: Open Standards for Integrity-Based Access Control [DB/OL]. [2006-02-01].https://www.trustedcomputinggroup.org/groups/network/Open_Standards_for_IntegrityBased_AccessControl.pdf.
Garfinkel T, Rosenblum M, Boneh D. Flexible OS Support and Applications for Trusted Computing [C]//Proceedings of the 9th Workshop on Hot Topics in Operating Systems. Hawaii: USENIX, 2003.
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the National Natural Science Foundation of China (60373054)
Biography: SHI Wenchang (1964-), male. Professor, Ph. D., research direction: information security and system software.
Rights and permissions
About this article
Cite this article
Wenchang, S. Implementing operating system support for extended trusted path in TPM-capable environments. Wuhan Univ. J. Nat. Sci. 11, 1493–1497 (2006). https://doi.org/10.1007/BF02831805
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02831805