Abstract
A trusted platform is a fundamental building block in most trusted computing based architectures. Although it can be constructed from a finite set of components, there are several ways of combining the components and several configuration options that affect trust-related properties. Examples of such properties may be specifying that a platform will not expose a secret or delegate a task to a rogue entity. Despite its importance, very little attention has been directed towards reasoning about the properties that result from the way the platform is constructed and configured. Reasoning about these properties enables one to understand their security implications. In order to reason about such properties, we propose an abstract model, based on CSP, in which a platform is treated as a potentially malicious composition of sub-systems that interact through communication of messages. The model enables instantiation of platforms with varying trust levels and verification against specified properties. The applicability of the model is demonstrated on a trusted grid platform.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Grawrock, D.: Dynamics of a Trusted Platform: A Building Block Approach. Intel Press, Hillsboro (2009)
Cooper, A.: Towards a Trusted Grid Architecture. PhD thesis, Oxford University (2008)
Löhr, H., Ramasamy, H., Sadeghi, A.R., Schulz, S., Schunter, M., Stüble, C.: Enhancing grid security using trusted virtualization (2007)
Santos, N., Gummadi, K.P., Rodrigues, R.: Towards trusted cloud computing. In: HOTCLOUD (2009)
England, P., Lampson, B., Manferdelli, J., Peinado, M., Willman, B.: A trusted open platform. Computer 36, 55–62 (2003)
Cooper, A., Martin, A.: Towards a secure, tamper-proof grid platform. In: CCGRID 2006: Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid, pp. 373–380. IEEE Computer Society, Washington, DC, USA (2006)
Challener, D., Yoder, K., Catherman, R., Safford, D., Van Doorn, L.: A practical guide to trusted computing. IBM Press (2007)
TCG: Trusted Platform Module (TPM) Specifiation (2008)
Sadeghi, A.R., Stüble, C.: Property-based attestation for computing platforms: caring about properties, not mechanisms. In: NSPW 2004: Proceedings of the 2004 Workshop on New Security Paradigms, pp. 67–77. ACM, New York (2004)
Haldar, V., Chandra, D., Franz, M.: Semantic remote attestation: a virtual machine directed approach to trusted computing. In: VM 2004: Proceedings of the 3rd Conference on Virtual Machine Research and Technology Symposium, p. 3. USENIX Association, Berkeley (2004)
Alam, M., Zhang, X., Nauman, M., Ali, T., Seifert, J.P.: Model-based behavioral attestation. In: SACMAT 2008: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 175–184. ACM, New York (2008)
Hoare, C.A.R.: Communicating sequential processes. Commun. ACM 21(8), 666–677 (1978)
Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice Hall PTR, Upper Saddle River (1997)
Roscoe, A.W.: Modelling and verifying key-exchange protocols using csp and fdr. In: Proceedings of 1995 IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos (1995)
Lowe, G.: Casper: a compiler for the analysis of security protocols. J. Comput. Secur. 6(1-2), 53–84 (1998)
Brock, N., Jackson, D.: Formal verification of a fault tolerant computer. In: Proceedings of IEEE/AIAA 11th Digital Avionics Systems Conference, 1992, pp. 132–137 (October 1992)
Cichocki, T., Górski, J.: Failure mode and effect analysis for safety-critical systems with software components. In: Koornneef, F., van der Meulen, M. (eds.) SAFECOMP 2000. LNCS, vol. 1943, pp. 382–394. Springer, Heidelberg (2000), doi:10.1007/3-540-40891-6_33
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)
Gong, L., Needham, R., Yahalom, R.: Reasoning about belief in cryptographic protocols. In: IEEE Symposium on Security and Privacy, p. 234 (1990)
Kailar, R., Gligor, V.: On belief evolution in authentication protocols. In: Proceedings of Computer Security Foundations Workshop IV, 1991, pp. 103–116 (June 1991)
Sufatrio, Y.R.: xtending ban logic for reasoning with modern pki-based protocols. In: Cao, J., Li, M., Wu, M.-Y., Chen, J. (eds.) NPC 2008. LNCS, vol. 5245, pp. 190–197. Springer, Heidelberg (2008)
Parno, B.: Bootstrapping trust in a ”trusted” platform. In: HOTSEC 2008: Proceedings of the 3rd Conference on Hot Topics in Security, pp. 1–6. USENIX Association, Berkeley (2008)
Chen, S., Wen, Y., Zhao, H.: Formal analysis of secure bootstrap in trusted computing (2007)
Datta, A., Franklin, J., Garg, D., Kaynar, D.: A logic of secure systems and its application to trusted computing. In: SP 2009: Proceedings of the 2009 30th IEEE Symposium on Security and Privacy, pp. 221–236. IEEE Computer Society, Washington, DC, USA (2009)
Martinelli, F., Petrocchi, M.: A uniform framework for security and trust modeling and analysis with crypto-ccs. Electronic Notes in Theoretical Computer Science 186, 85–99 (2007); Proceedings of the First Workshop in Information and Computer Security (ICS 2006)
Deng, Y., Wang, J., Tsai, J.J.P., Beznosov, K.: An approach for modeling and analysis of security system architectures. IEEE Trans. on Knowl. and Data Eng. 15(5), 1099–1119 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Namiluko, C., Martin, A. (2011). An Abstract Model of a Trusted Platform. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2010. Lecture Notes in Computer Science, vol 6802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25283-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-25283-9_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25282-2
Online ISBN: 978-3-642-25283-9
eBook Packages: Computer ScienceComputer Science (R0)