Abstract
The TCG Software Stack (TSS) specifies the software layer for application developers to use functions provided by a Trusted Platform Module (TPM). However, the current TSS interface is highly complex, which makes its usage very difficult and error-prone, and the high complexity makes it unsuitable for embedded devices or security kernels.
We present a simplified TSS design and implementation (μTSS) providing a lightweight and intuitive programming interface for developers based on the TPM main specification. The major principles of the μTSSdesign are a reduced complexity, obtaining type safety, object encapsulation, and a simple error handling. These principles ensure that the resulting μTSSis maintainable and easy to use. Moreover, the modular architecture of the μTSSallows using only a subset of the provided functionality as it is required, e.g., for embedded systems, mobile devices, or in the context of a security kernel. This paper discusses experiences with the μTSS, based on several projects such as the TCG TPM compliance test suite and a Mobile Trusted Module (MTM) implementation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Trusted Computing Group. TPM main specification. Main Specification Version 1.2 rev. 103, Trusted Computing Group (July 2007)
Trusted Computing Group. Trusted network connect. Specification Version 1.2 (2007)
Trusted Computing Group. TCG Software Stack specification. Version 1.2 (January 2006), http://trustedcomputinggroup.org
Löhr, H., Sadeghi, A.-R., Stüble, C., Weber, M., Winandy, M.: Modeling Trusted Computing Support in a Protection Profile for High Assurance Security Kernels (2009)
Sadeghi, A.-R., Stüble, C., Pohlmann, N.: European Multilateral Secure Computing Base - Open Trusted Computing for You and Me 28(9), 548–554 (2004)
Alkassar, A., Scheibel, M., Sadeghi, A.-R., Stüble, C., Winandy, M.: Security Architecture for Device Encryption and VPN. In: Information Security Solution Europe (ISSE 2006). Vieweg Verlag (2006)
Microsoft. BitLocker drive encryption, http://www.microsoft.com/windows/windows-vista/features/bitlocker.aspx
Wave Systems Corp. EMBASSY Trust Suite, http://www.wave.com/products/ets.asp
Stüble, C., Zaerin, A.: The TPM Manager Software Architecture. Sirrix AG (2008)
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns. Addison-Wesley Professional Computing Series (1995)
Mobile Phone Working Group. TCG Mobile Reference Architecture. Technical Report Version 1.0, Trusted Computing Group (June 2007)
Armknecht, F., Gasmi, Y., Sadeghi, A.-R., Ramunno, G., Vernizzi, D., Stewin, P., Unger, M.: An Efficient Implementation of Trusted Channels based on OpenSSL. In: Proceedings of ACM STC 2008 (2008)
Schulz, S., Sadeghi, A.-R.: Extending IPsec for Efficient Remote Attestation. In: 14th International Conference on Financial Cryptography and Data Security, FC 2010 (2010)
Trusted Computing Group. TCG Software Stack specification. Version 1.1 (August 2003), http://trustedcomputinggroup.org
Trusted Platform Agent - The open source library for Trusted Computing, http://security.polito.it/tc/tpa/
IAIK jTSS - TCG Software Stack for the Java (tm) Platform, http://trustedjava.sourceforge.net/
Toegl, R., Winkler, T., Nauman, M., Hong, T.: Towards platform-independent trusted computing. In: STC 2009: Proceedings of the 2009 ACM workshop on Scalable trusted computing, pp. 61–66. ACM, New York (2009)
TPM/J Java-based API for the Trusted Platform Module (TPM), http://projects.csail.mit.edu/tc/tpmj/
libtpm - a small, low-level TPM access library, http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html
Ekberg, J.-E., Bugiel, S.: Trust in a small package: minimized MRTM software implementation for mobile secure environments. In: STC 2009: Proceedings of the 2009 ACM workshop on Scalable Trusted Computing, pp. 9–18. ACM, New York (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stüble, C., Zaerin, A. (2010). μTSS – A Simplified Trusted Software Stack. In: Acquisti, A., Smith, S.W., Sadeghi, AR. (eds) Trust and Trustworthy Computing. Trust 2010. Lecture Notes in Computer Science, vol 6101. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13869-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-13869-0_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13868-3
Online ISBN: 978-3-642-13869-0
eBook Packages: Computer ScienceComputer Science (R0)