Abstract
In the traditional client-server architecture, the server is the focus of security, but the huge numbers of terminals have the relatively small consideration. Through the practice of the information security, people have realized that the security problem mainly comes from network terminals. To ensure the source security of network terminals, the solution must be brainstormed synthetically from the chips, hardware architectures, operating systems, etc., which comes into being the original idea of the Trusted Computing (TC). TC binds a trusted platform modular (TPM) to the terminal to ensure the security of the client, by which a trusted chain is established to protect the whole system and network. In this section, we introduce the TC technology, TC framework, trusted platform module, and trusted mobile platform. Especially, we research the TC based client security architecture, and indicate that the key point is the security operating system which can support TC. Finally, a comparison among the secure kernel based, micro kernel based, and virtual machine based terminal architectures is proposed.
Preview
Unable to display preview. Download preview PDF.
References
Anderson J P. Computer Security Technology Planning Study, Electronic System Divison, US Air Force System Command, ESD-TR-73-51, 1972.
Trusted Computing Group. TPM main-part 1 design principles, version 1.2, level 2 revision 103, 2007.
Xu S Y. Design and analysis of trusted computing system. Beijing: Tsinghua University Press, 2006.
Computing Research Association. Four grand challenges in TRUSTWORTHY COMPUTING: proceedings of grand research challenges in computer science and engineering, 2003.
Trusted Computing Group. TCG specification architecture overview specification revision 1.4 2nd, 2007.
Trusted Computing Group. TCG software stack (TSS) specification, version 1.10 golden. 2003.
NTT DoCoMo, IBM, Intel Corporation. Trusted mobile platform hardware architecture description, vevision 1.00, 2004.
NTT DoCoMo, IBM, and Intel Corporation. Trusted mobile platform software architecture description, revision 1.00, 2004.
Microsoft. Microsoft next generation secure computing base—technical FAQ. 2003.
Zhang X W, Covington M J, Chen S Q, et al. Secure Bus: towards application—transparent trusted computing with mandatory access control: ASIACCS’07. ACM. 2007: 117–126.
Shi E, Perrig A, Van Doorn L. Bind: a fine-grained attestation service for secure distributed systems: proceedings of IEEE symposium on security and privacy. IEEE Computer Society, 2005: 154–168.
Reid J F, Caelli W J. DRM, trusted computing and operating system architecture: proceeding of australasian information security workshop. Australian Computer Society, Inc. Vol. 108: 127–136.
Sadeghi A R, Stuble C, Pohlmann N. European multilateral secure computing base—open trusted computing for you and me, 2004.
Pfitzmann B, Riordan J, Stuble C, et al. The PERSEUS system architecture. IBM Research Report RZ 3335 (#93381), 2004.
JSmith J J, Nair R, Smith J E, et al. Virtual machines: versatile platforms for systems and processes. Morgan Kaufmann, 2005.
Garfinkel T, Pfaff B, Chow J et al. Terra: a virtual machine-based platform for trusted computing: proceedings of the nineteenth ACM symposium on operating systems principles. ACM Press, 2003: 193–206.
Clark T, Deshane E D, Evanchik S, et al. Xen and the art of repeated research:roceedings of the Usenix annual technical conference. USENIX Association, 2004: 47–56.
Wright C, Cowan C. Linux security modules—general security support for the linux kernel: SECURITY 2002: proceedings of the 11th USENIX security symposium. 2002.
The Bear/Enforcer Project. Enforcer project homepage 2004. http://enforcer. sourceforge.net/.
Reiner S, Zhang X, Trent J et al. Design and implementation of a TCG-based integrity measurement architecture: proceedings of the 13th Usenix security symposium. 2004 (13): 223–238.
Wright C, Cowan C, Morris J, et al. Linux security modules: general security support for the Linux kernel:proceeding of 11th USENIX security symposium. 2002.
Jaeger T, Sailer R, Shankar U. PR1MA: policy reduced integrity measure architecture: proceedings of the ACM symposium on access control models and technologies). ACM. 2006: 19–28.
Shankar U, Jaeger T, Sailer R. Toward automated information-flow integrity for security-critical applications:proceedings of the 13th annual network and distributed systems security symposium. Internet Society. 2006.
Safford D, Zohar M. A trusted Linux Client. IBM T.J. Watson Research Center, 2004, http://www.research.ibm.com/gsal/tcpa/tlc.pdf.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2009 Higher Education Press, Beijing and Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Ma, J., Wang, C., Ma, Z. (2009). Architecture of Trusted Terminal. In: Security Access in Wireless Local Area Networks. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00941-9_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-00941-9_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00940-2
Online ISBN: 978-3-642-00941-9