Abstract
Building trusted computing systems has been continuous endeavors for a long time. However, an increasing amount of trust problems remain unsolved in real-world applications. One of the most important reasons is that insufficient applicable software is available to handle the situation. Although the TCG tries to help building trusted software with TSS, the TSS essentially only states how to use a TPM but not what kind of software to build with the TPM. This paper proposes an answer to the latter question. With considerations to the Chinese counterpart of a TPM, i.e. a TPCM, the paper argues that a Trusted Software Base (TSB) is significant to build trusted applications. It defines a TSB as the totality of trust support mechanisms for system software on a computing platform, which monitors trustworthiness of software on the platform. The concept of TSB is presented and the approaches to designing it are discussed.
Work supported by National 863 High-Tech Research Development Program of China (2007AA01Z414), National Natural Science Foundation of China (60873213, 60703103) and Natural Science Foundation of Beijing (4082018).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Nibaldi, G.H.: Specification of a Trusted Computing Base. M79-228, MITRE Corporation, Bedford, MA, USA (1979)
TPM Main - Part 1 Design Principles - Specification Version 1.2. Trusted Computing Group (July 2007)
TCG Software Stack (TSS) - Specification Version 1.2. Trusted Computing Group (January 2006)
Sailer, R., Zhang, X., Jaeger, T., Van Doorn, L.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: Proceedings of the 13th USENIX Security Symposium, San Diego, CA, USA, August 2004, pp. 223–238 (2004)
Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, Lake Tahoe, California, USA, pp. 19–28. ACM Press, New York (2006)
Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., McDonell, C.D.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: Proceedings of the 2007 ACM workshop on Scalable Trusted Computing, Alexandria, Virginia, USA, pp. 21–29. ACM Press, New York (2007)
Loscocco, P.A., Smalley, S.D., Muckelbauer, P.A., Taylor, R.C., Turner, S.J., Farrell, J.F.: The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments. In: Proceedings of the 21st National Information Systems Security Conference, October 1998, pp. 303–314 (1998)
Lie, D., Thekkath, C.A., Horowitz, M.: Implementing an Untrusted Operating System on Trusted Hardware. ACM SIGOPS Operating Systems Review 37(5), 178–192 (2003)
Ports, D.R.K., Garfinkel, T.: Towards Application Security on Untrusted Operating Systems. In: 3rd USENIX Workshop on Hot Topics in Security (HotSec 2008), San Jose, CA, USA (July 2008)
Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In: Proceedings of the 17th Annual International Conference on Supercomputing (ICS 2003), pp. 160–171. ACM Press, New York (2003)
Singaravelu, L., Pu, C., Hartig, H., Helmuth, C.: Reducing TCB Complexity for Security-Sensitive Applications: Three Case Studies. In: Proceedings of the 1st ACM SIGOPS/Eurosys European Conference on Computer Systems (Eurosys 2006), Leuven, Belgium, April 2006, pp. 18–21. ACM Press, New York (2006)
Advanced Micro Devices. AMD64 virtualization - Secure virtual machine architecture reference manual. AMD Publication no. 33047 rev. 3.01 (May 2005)
Intel Corporation. Intel Trusted Execution Technology - Software Development Guide - Measured Launched Environment Developer’s guide. Document Number: 315168-005 (June 2008)
Guttman, J., Herzog, A., Millen, J., Monk, L., Ramsdell, J., Sheehy, J., Sniffen, B., Coker, G., Loscocco, P.: Attestation: Evidence and Trust. Technical Report, MTR080072, MITRE Corporation, USA (March 2008)
England, P., Lampson, B., Manferdelli, J., Peinado, M., Willman, B.: A Trusted Open Platform. IEEE Computer 36(7), 55–62 (2003)
Li, X., Shi, W., Liang, Z., Liang, B., Shan, Z.: Operating System Mechanisms for TPM-Based Lifetime Measurement of Process Integrity. In: Proceedings of the IEEE 6th International Conference on Mobile Adhoc and Sensor Systems (MASS 2009), Macau, October 2009, pp. 783–789. IEEE Computer Society Press, Washington (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shi, W. (2010). On Design of a Trusted Software Base with Support of TPCM. In: Chen, L., Yung, M. (eds) Trusted Systems. INTRUST 2009. Lecture Notes in Computer Science, vol 6163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14597-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-14597-1_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14596-4
Online ISBN: 978-3-642-14597-1
eBook Packages: Computer ScienceComputer Science (R0)