TGC 2013: Trustworthy Global Computing pp 45-63 | Cite as
Dynamic Measurement and Protected Execution: Model and Analysis
Abstract
Useful security properties arise from sealing data to specific units of code. Modern processors featuring Intel’s TXT and AMD’s SVM achieve this by a process of measured and protected execution. Only code which has the correct measurement can access the data, and this code runs in an environment protected from observation and interference. We present a modelling language with primitives for protected execution, along with its semantics. We characterise an attacker who has access to all the capabilities of the hardware. In order to achieve automatic analysis of systems using protected execution without attempting to search an infinite state space, we define transformations that reduce the number of times the attacker needs to use protected execution to a pre-determined bound. Given reasonable assumptions we prove the soundness of the transformation: no secrecy attacks are lost by applying it. We then describe using the StatVerif extensions to ProVerif to model the bounded invocations of protected execution. We show the analysis of realistic systems, for which we provide case studies.
Keywords
Dynamic Measurement Security Property Horn Clause Trust Platform Module Attack StrategyReferences
- 1.Advanced Micro Devices: Secure Virtual Machine Architecture Reference Manual. Advanced Micro Devices (2005)Google Scholar
- 2.Arapinis, M., Ritter, E., Ryan, M.D.: Statverif: verification of stateful processes. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, pp. 33–47. IEEE Computer Society Press (2011)Google Scholar
- 3.Coker, G., Guttman, J., Loscocco, P., Herzog, A., Millen, J., O’Hanlon, B., Ramsdell, J., Segall, A., Sheehy, J., Sniffen, B.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011)CrossRefGoogle Scholar
- 4.Datta, A., Franklin, J., Garg, D., Kaynar, D.: A logic of secure systems and its application to trusted computing. In: Proceedings of the 30th IEEE Symposium on Security and Privacy, pp. 221–236. IEEE Computer Society Press (2009)Google Scholar
- 5.Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A formal analysis of authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111–125. Springer, Heidelberg (2011)Google Scholar
- 6.Delaune, S., Kremer, S., Ryan, M., Steel, G.: Formal analysis of protocols based on TPM state registers. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium. IEEE Computer Society Press (2011)Google Scholar
- 7.Fournet, C., Planul, J.: Compiling information-flow security to minimal trusted computing bases. In: Barthe, G. (ed.) ESOP 2011. LNCS, vol. 6602, pp. 216–235. Springer, Heidelberg (2011)Google Scholar
- 8.Grawrock, D.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press, Hillsboro (2009)Google Scholar
- 9.Gürgens, S., Rudolph, C., Scheuermann, D., Atts, M., Plaga, R.: Security evaluation of scenarios based on the TCG’s TPM specification. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 438–453. Springer, Heidelberg (2007)CrossRefGoogle Scholar
- 10.Lin, A.: Automated analysis of security APIs. Ph.D. thesis, MIT (2005)Google Scholar
- 11.McCune, J., Parno, B., Perrig, A., Reiter, M., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. ACM SIGOPS Operating Syst. Rev. 42(4), 315–328 (2008)CrossRefGoogle Scholar
- 12.Millen, J., Guttman, J., Ramsdell, J., Sheehy, J., Sniffen, B.: Analysis of a measured launch. http://www.mitre.org/work/tech_papers/tech_papers_07/07_0843/07_0843.pdf (2007). Accessed 7 Dec 2011