Movatterモバイル変換

[0]ホーム
URL:

Skip to main content

Advertisement

Springer Nature Link
Log in

An Approach to a Trustworthy System Architecture Using Virtualization

  • Conference paper

Part of the book series:Lecture Notes in Computer Science ((LNPSE,volume 4610))

Included in the following conference series:

Abstract

We present a system architecture for trusted transactions in highly sensitive environments. This architecture takes advantage of techniques provided by the Trusted Computing Group (TCG) to attest the system state of the communication partners, to guarantee that the system is free of malware and that its software has not been tampered with. To achieve meaningful attestation, virtualization is used to establish several different execution environments. The attestation process is limited to a fragment of the software running on the platform, more specifically, to the part requesting access to sensitive data. The Trusted Platform Module (TPM) is virtualized, in order to make it accessible for an execution environment with a higher trust level.

This is a preview of subscription content,log in via an institution to check access.

Access this chapter

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Madnick, S.E., Donovan, J.J.: Application and Analysis of the Virtual Machine Approach to Information System Security and Isolation. In: Proceedings of the Workshop on Virtual Computer Systems, pp. 210–224. ACM Press, New York (1973)

    Chapter  Google Scholar 

  2. Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. In: SOSP 2003: Proceedings of the nineteenth ACM Symposium on Operating Systems Principles, pp. 193–206. ACM Press, New York (2003)

    Chapter  Google Scholar 

  3. Trusted Computing Group: Trusted Platform Module (TPM) specifications. Technical report (2006),http://www.trustedcomputinggroup.org/specs/TPM

  4. Brickell, E., Camenisch, J., Chen, L.: Direct Anonymous Attestation. In: CCS 2004: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)

    Chapter  Google Scholar 

  5. Goldberg, R.P.: Survey of Virtual Machine Research. IEEE Computer 34–35 (1974)

    Google Scholar 

  6. Sailer, R., Zhang, X., Jaeger, T., Doorn, L.v.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: 13th USENIX Security Symposium, IBM T. J. Watson Research Center (2004)

    Google Scholar 

  7. Berger, S., Caceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: Virtualizing the Trusted Platform Module. In: 15th USENIX Sec. Symp. (2006)

    Google Scholar 

  8. Liedtke, J.: On Micro-Kernel Construction. In: SOSP 1995: Proceedings of the fifteenth ACM Symposium on Operating Systems Principles, pp. 237–250. ACM Press, New York (1995)

    Chapter  Google Scholar 

  9. Engler, D.R., Kaashoek, M.F.J., O’Toole, J.: Exokernel: An Operating System Architecture for Application-level Resource Management. In: SOSP 1995: Proceedings of the fifteenth ACM Symposium on Operating Systems Principles, pp. 251–266. ACM Press, New York (1995)

    Chapter  Google Scholar 

  10. European Multilaterally Secure Computing Base: Towards Trustworthy Systems with Open Standards and Trusted Computing (2006),http://www.emscb.de/

  11. Karger, P.A., Zurko, M.E., Bonin, D.W., Mason, A.H., Kahn, C.E.: A Retrospective on the VAX VMM Security Kernel. IEEE Trans. Softw. Eng. 17 (1991)

    Google Scholar 

  12. Rosenblum, M., Garfinkel, T.: Virtual Machine Monitors: Current Technology and Future Trends. IEEE Computer 39–47 (2005)

    Google Scholar 

  13. Applied Data Security Group, University of Bochum: TrustedGRUB (2006),http://www.prosecco.rub.de/trusted_grub_details.html

  14. Stumpf, F., Tafreschi, O., Röder, P., Eckert, C.: A Robust Integrity Reporting Protocol for Remote Attestation. In: Proceedings of the Second Workshop on Advances in Trusted Computing (WATC 2006 Fall) (2006)

    Google Scholar 

  15. Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory IT-22, 644–654 (1976)

    Article MathSciNet  Google Scholar 

  16. Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Pratt, I., Warfield, A., Barham, P., Neugebauer, R.: Xen and the Art of Virtualization. In: Proceedings of the ACM Symposium on Operating Systems Principles (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Darmstadt University of Technology, Darmstadt, Germany

    Frederic Stumpf, Michael Benz, Martin Hermanowski & Claudia Eckert

Authors
  1. Frederic Stumpf

    You can also search for this author inPubMed Google Scholar

  2. Michael Benz

    You can also search for this author inPubMed Google Scholar

  3. Martin Hermanowski

    You can also search for this author inPubMed Google Scholar

  4. Claudia Eckert

    You can also search for this author inPubMed Google Scholar

Editor information

Bin Xiao Laurence T. Yang Jianhua Ma Christian Muller-Schloer Yu Hua

Rights and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Stumpf, F., Benz, M., Hermanowski, M., Eckert, C. (2007). An Approach to a Trustworthy System Architecture Using Virtualization. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds) Autonomic and Trusted Computing. ATC 2007. Lecture Notes in Computer Science, vol 4610. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73547-2_21

Download citation

Publish with us

[8]ページ先頭
©2009-2025 Movatter.jp