Trusted Computing

  • Antonio Lioy
  • Gianluca Ramunno

Abstract

Trusted computing (TC) is a set of design techniques and operation principles to create a computing environment that the user can trust to behave as expected. This is important in general and vital for security applications. Among the various proposals to create a TC environment, the Trusted Computing Group (TCG) architecture is of specific interest nowadays because its hardware foundation – the trusted platformmodule (TPM)– is readily available in commodity computers and it provides several interesting features: attestation, sealing, and trusted signature. Attestation refers to integrity measures computed at boot time that can later be used to prove system integrity to a third party across a network. Sealing protects some data (typically application level cryptographic keys or configurations) in hardware so that it can be accessed only when the system is in a specific state (i.e., a specific set of software modules is running, from drivers up to applications). Trusted signature is performed directly by the hardware and is permitted only when the system is in a specific state. TC does not provide perfect protection for all possible attacks: it has been designed to counter software attacks and some hardware ones. Nonetheless it is an interesting tool to build secure systems, with special emphasis on the integrity of the operations.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 32.1.
    U.S. Department of Defense: Trusted Computer Systems Evaluation Criteria (Orange Book) (National Computer Security Center, Fort Meade 1985)Google Scholar
  2. 32.2.
    F.B. Schneider (Ed.): Trust in Cyberspace (National Academy Press, Washington 1998)Google Scholar
  3. 32.3.
    R. Shirey: RFC 4949 – Internet Security Glossary, Version 2 (IETF, 2007)Google Scholar
  4. 32.4.
    R. Anderson: Security Engineering: a Guide to Building Dependable Distributed Systems (John Wiley and Sons, Indianapolis 2008)Google Scholar
  5. 32.5.
    P.G. Neumann: Architectures and formal representations for secure systems, SRI Project 6401, Deliverable A002 (Computer Science Laboratory, SRI International, 1995)Google Scholar
  6. 32.6.
    U.S. Department of Defense: Glossary of Computer Security Terms (Aqua Book) (National Computer Security Center, Fort Meade 1990)Google Scholar
  7. 32.7.
    Trusted Computing Group: TCG glossary, available at https://www.trustedcomputinggroup.org/developers/glossary/
  8. 32.8.
    C.J. Mitchell: Trusted Computing (Institution of Engineering and Technology, 2005)Google Scholar
  9. 32.9.
    T. Jaeger, R. Sailer, X. Zhang: Analyzing integrity protection in the SELinux example policy, Proc. 12th USENIX Security Symposium, Washington (2003) pp. 59–74Google Scholar
  10. 32.10.
    P. Kuliniewicz: SENG: an enhanced policy language for SELinux, Proc. SELinux Symposium and Developer Summit, Baltimore (2006)Google Scholar
  11. 32.11.
    KernelTrap: SELinux vs. OpenBSD’s default security, available at http://kerneltrap.org/OpenBSD/SELinux_vs_OpenBSDs_Default_Security (2007)
  12. 32.12.
    J. Loftus: With RHEL 5, Red Hat goes to bat for SELinux, available at http://searchenterpriselinux.techtarget.com/news/article/0,289142,sid39 _gci1259697,00.html (2007)
  13. 32.13.
    P.G. Neumann: Achieving principled assuredly trustworthy composable systems and networks, Proc. DISCEX, Washington (2003) pp. 182–187Google Scholar
  14. 32.14.
    The Fiasco: requirements definition, TU Dresden, Report TUD-FI98-12, available at http://os.inf.tu-dresden.de/paper_ps/fiasco-spec.ps.gz (December 1998)
  15. 32.15.
    DARPA: The composable high-assurance trustworthy systems (CHATS) project, http://www.csl.sri.com/users/neumann/chats.html (2004)
  16. 32.16.
    The European Multilaterally Secure Computing Base (EMSCB) project – towards trustworthy systems with open standards and trusted computing, http://www.emscb.de
  17. 32.17.
    D. Kuhlmann, R. Landfermann, H.V. Ramasamy, M. Schunter, G. Ramunno, D. Vernizzi: An open trusted computing architecture – secure virtual machines enabling user-defined policy enforcement, IBM Research Report RZ 3655 (2006)Google Scholar
  18. 32.18.
    H. Löhr, A. Sadeghi, C. Stüble, M. Weber, M. Winandy: Modeling trusted computing support in a protection profile for high assurance security kernels, Proc. TRUST-2009, Oxford (2009) pp. 45–62Google Scholar
  19. 32.19.
    BSI and Sirrix AG security technologies: Protection profile for a high-security kernel (HASK-PP), v. 1.14 (2008)Google Scholar
  20. 32.20.
    J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, A. Seshadri: How low can you go? Recommendations for hardware-supported minimal TCB code execution, SIGARCH Comput. Archit. News 36(1), 14–25 (2008)Google Scholar
  21. 32.21.
    Trusted Computing Group: TCG specification architecture overview, Revision 1.4 (2007)Google Scholar
  22. 32.22.
    Intel: Intel trusted execution technology (TXT), Measured Launched Environment Developer’s Guide, Document Number: 315168-005 (2008)Google Scholar
  23. 32.23.
    AMD: AMD64 virtualization codenamed “Pacifica” technology, Secure Virtual Machine Architec ture Reference Manual, Publication No. 33047, Revision 3.01 (2005)Google Scholar
  24. 32.24.
    AMD: AMD I/O virtualization technology (IOMMU) specification, Publication No. 34434, Revision 1.26 (2009)Google Scholar
  25. 32.25.
    D. Grawrock: Dynamics of a trusted platform (Intel Press, 2008)Google Scholar
  26. 32.26.
    Trusted Computing Group: TCG TPM main Part 1 design principles, Version 1.2 Level 2 Revision 103 (2007)Google Scholar
  27. 32.27.
    Trusted Computing Group: TCG TPM main Part 2 TPM structures, Version 1.2 Level 2 Revision 103 (2007)Google Scholar
  28. 32.28.
    Trusted Computing Group: TCG TPM main Part 3 commands, Version 1.2 Level 2 Revision 103 (2007)Google Scholar
  29. 32.29.
    J. Jonsson, B. Kaliski: RFC-3447 – PKCS #1: RSA cryptography standard, IETF (2002)Google Scholar
  30. 32.30.
    Trusted Computing Group: TCG PC client specific implementation specification for conventional BIOS, Version 1.2 Final Revision 1.00 (2005)Google Scholar
  31. 32.31.
    Trusted Computing Group: TCG PC client specific TPM interface specification (TIS), Version 1.2 Final Revision 1.00 (2005)Google Scholar
  32. 32.32.
    Trusted Computing Group: TCG Infrastructure Working Group (IWG) subject key attestation evidence extension, Version 1.0 Revision 7 (2005)Google Scholar
  33. 32.33.
    F. Armknecht, Y. Gasmi, A.R. Sadeghi, P. Stewin, M. Unger, G. Ramunno, D. Vernizzi: An efficient implementation of trusted channels based on OpenSSL, Proc. 3rd ACM workshop on Scalable Trusted Computing, Fairfax (2008) pp. 41–50Google Scholar
  34. 32.34.
    E. Brickell, J. Camenisch, L. Chen: Direct anonymous attestation, Proc. 11th ACM Conf. on Computer and Communications Security, Washington (2004) pp. 132–145Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Antonio Lioy
    • 1
  • Gianluca Ramunno
    • 1
  1. 1.Dip. di Automatica e InformaticaPolitecnico di TorinoTorinoItaly

Personalised recommendations