Skip to main content
SpringerLink
Log in

On Design of a Trusted Software Base with Support of TPCM

  • Conference paper
Trusted Systems (INTRUST 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6163))

Included in the following conference series:

Abstract

Building trusted computing systems has been continuous endeavors for a long time. However, an increasing amount of trust problems remain unsolved in real-world applications. One of the most important reasons is that insufficient applicable software is available to handle the situation. Although the TCG tries to help building trusted software with TSS, the TSS essentially only states how to use a TPM but not what kind of software to build with the TPM. This paper proposes an answer to the latter question. With considerations to the Chinese counterpart of a TPM, i.e. a TPCM, the paper argues that a Trusted Software Base (TSB) is significant to build trusted applications. It defines a TSB as the totality of trust support mechanisms for system software on a computing platform, which monitors trustworthiness of software on the platform. The concept of TSB is presented and the approaches to designing it are discussed.

Work supported by National 863 High-Tech Research Development Program of China (2007AA01Z414), National Natural Science Foundation of China (60873213, 60703103) and Natural Science Foundation of Beijing (4082018).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Nibaldi, G.H.: Specification of a Trusted Computing Base. M79-228, MITRE Corporation, Bedford, MA, USA (1979)

    Google Scholar 

  2. TPM Main - Part 1 Design Principles - Specification Version 1.2. Trusted Computing Group (July 2007)

    Google Scholar 

  3. TCG Software Stack (TSS) - Specification Version 1.2. Trusted Computing Group (January 2006)

    Google Scholar 

  4. Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium, San Diego, CA, USA, August 2004, pp. 223–238 (2004)

    Google Scholar 

  5. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, Lake Tahoe, California, USA, pp. 19–28. ACM Press, New York (2006)

    Chapter  Google Scholar 

  6. Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: Proceedings of the 2007 ACM workshop on Scalable Trusted Computing, Alexandria, Virginia, USA, pp. 21–29. ACM Press, New York (2007)

    Chapter  Google Scholar 

  7. Loscocco, P.A., Smalley, S.D., Muckelbauer, P.A., Taylor, R.C., Turner, S.J., Farrell, J.F.: The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments. In: Proceedings of the 21st National Information Systems Security Conference, October 1998, pp. 303–314 (1998)

    Google Scholar 

  8. Lie, D., Thekkath, C.A., Horowitz, M.: Implementing an Untrusted Operating System on Trusted Hardware. ACM SIGOPS Operating Systems Review 37(5), 178–192 (2003)

    Article  Google Scholar 

  9. Ports, D.R.K., Garfinkel, T.: Towards Application Security on Untrusted Operating Systems. In: 3rd USENIX Workshop on Hot Topics in Security (HotSec 2008), San Jose, CA, USA (July 2008)

    Google Scholar 

  10. Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In: Proceedings of the 17th Annual International Conference on Supercomputing (ICS 2003), pp. 160–171. ACM Press, New York (2003)

    Chapter  Google Scholar 

  11. Singaravelu, L., Pu, C., Hartig, H., Helmuth, C.: Reducing TCB Complexity for Security-Sensitive Applications: Three Case Studies. In: Proceedings of the 1st ACM SIGOPS/Eurosys European Conference on Computer Systems (Eurosys 2006), Leuven, Belgium, April 2006, pp. 18–21. ACM Press, New York (2006)

    Google Scholar 

  12. Advanced Micro Devices. AMD64 virtualization - Secure virtual machine architecture reference manual. AMD Publication no. 33047 rev. 3.01 (May 2005)

    Google Scholar 

  13. Intel Corporation. Intel Trusted Execution Technology - Software Development Guide - Measured Launched Environment Developer’s guide. Document Number: 315168-005 (June 2008)

    Google Scholar 

  14. Guttman, J., Herzog, A., Millen, J., Monk, L., Ramsdell, J., Sheehy, J., Sniffen, B., Coker, G., Loscocco, P.: Attestation: Evidence and Trust. Technical Report, MTR080072, MITRE Corporation, USA (March 2008)

    Google Scholar 

  15. England, P., Lampson, B., Manferdelli, J., Peinado, M., Willman, B.: A Trusted Open Platform. IEEE Computer 36(7), 55–62 (2003)

    Google Scholar 

  16. Li, X., Shi, W., Liang, Z., Liang, B., Shan, Z.: Operating System Mechanisms for TPM-Based Lifetime Measurement of Process Integrity. In: Proceedings of the IEEE 6th International Conference on Mobile Adhoc and Sensor Systems (MASS 2009), Macau, October 2009, pp. 783–789. IEEE Computer Society Press, Washington (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Data Engineering and Knowledge Engineering, Ministry of Education, Beijing, 100872, China

    Wenchang Shi

  2. School of Information, Renmin University of China, Beijing, 100872, China

    Wenchang Shi

Authors
  1. Wenchang Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett Packard Labs, Long Down Avenue, Stoke Gifford, BS34 8QZ, Bristol, UK

    Liqun Chen

  2. Computer Science Department, Google Inc. and Columbia University, Room 464, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shi, W. (2010). On Design of a Trusted Software Base with Support of TPCM. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2009. Lecture Notes in Computer Science, vol 6163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14597-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14597-1_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14596-4

  • Online ISBN: 978-3-642-14597-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation