Abstract
The computer terminal plays an import role in the security of whole Local Area Network. However, the uncontrolled way of bootstrap brings about difficulties of providing sufficient trustworthiness to the LAN. To enforce the terminal security of the LAN and especially its ability of resisting ill-meaning tampering, this paper puts forward a server-based bootstrap architecture, based on the trusted computing technology. By verifying the integrity of the terminal before booting the OS, this architecture can effectively prevent the terminal from booting into a tampered OS, and the recovery module meanwhile enforces the robustness of the system. We present an implementation of the architecture, which extends the Trusted GRUB by adopting an attestation process between the GRUB level and the attestation server. The performance analysis shows that at a low time delay, the security of the system has been improved, and the proposed architecture can also provide server with stronger control and management ability towards the whole LAN.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sandhu, R., et al.: Client- side access control enforcement using trusted computing and PEI models. Journal of High Speed Networks 2006 15, 229–245 (2006)
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A secure and reliable bootstrap architecture. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 65–71. IEEE Computer Society, Los Alamitos (1997)
Trusted Computing Group. TCG Specification Architecture Overview. Revision 1.4 (August 2007)
Trusted Computing Group. TPM Specification, v1.2 (March 2006)
Challener, D., Kent, Y.: A practical guide to trusted computing, pp. 16–17. IBM press (2008)
Sailer, R., et al.: Design and Implementatin of a TCG-based Integrity Measurement Architecture. In: Thirteenth Usenix Security Symposium, August 2004, pp. 223–238 (2004)
Dinh, T.T.A., Ryan, M.D.: Trusted Computing: TCG proposals (2006), http://www.cs.bham.ac.uk/~mdr/teaching/modules/security/lectures/TrustedComputingTCG.html
Dvir, O., Herlihy, M., Shavit, N., Dvir, O., Herlihy, M., Shavit, N.: Virtual leashing: Internet-based software piracy protection. In: 25th International Conference on Distributed Computing Systems, ICDCS 2005, Columbus, OH, USA, June 6-10. IEEE Computer Society, Los Alamitos (2005)
Schellekens, D., Wyseur, B., Preneel, B.: Remote attestation on legacy operating systems with trusted. In: Science of Computer Programming (April 2008)
The multiboot specification, http://www.Gnu.org/software/grub/manual/multiboot/multiboot.html
Applied Data Security Group. What is trusted GRUB (2006), http://www.elinux.org/upload/28/Trusted_Boot_Loader.Pdf
TrustedGRUB, http://www.rub.de/trusted_grub.html
TCG PC Client Specific Implementation Specification. Revision 1.2 (July 13, 2005)
Bell, D., La Padula, L.: Secure computer systems: Mathematical foundations, Tech. Rep. MTR-2547, vol. I, Mitre Corporation, Bedford, Massachusetts (1973)
Liu, J., Jia, Z.: A Remote Anonymous Attestation Protocol in Trusted Computing. In: Proceedings of the first ACM workshop on Scalable trusted computing, pp. 7–16 (2006)
Pxeboot Execution Environment, PXE (2009), http://en.wikipedia.org/wiki/Preboot_Execution_Environment
Trusted Computing Group, TNC Architecture for Interoperability Specification v1.3, Revision 6 (April 2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Zhang, Q., Chen, C., Liao, S., Dai, Y. (2010). A Server-Based Secure Bootstrap Architecture. In: Luo, Q. (eds) Advances in Wireless Networks and Information Systems. Lecture Notes in Electrical Engineering, vol 72. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14350-2_42
Download citation
DOI: https://doi.org/10.1007/978-3-642-14350-2_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14349-6
Online ISBN: 978-3-642-14350-2
eBook Packages: EngineeringEngineering (R0)