Abstract
Integrity measurement is just one of the most important features in a trusted computing platform to provide evidence of platform configuration and behavior. Each set of software instructions (binary code) is measured and recorded before it is executed. Especially, all of boot components which be recorded in pre-boot stage can’t be re-measured until the platform is rebooted. However, the reality is that many components belong to pre-boot stage, such as BIOS, Boot Loader and MBR, are easily modified or updated in runtime environment. If these updated results of components are treated as configuration requirements for a remote server-side to verify the access request, the remote network access connection will fail. It must restart the host to re-measure there components, and the result of the new measure is not guaranteed right absolutely. We solve this problem by embedding Integrity Measurement Agency Component (IMAC) which has the capability of monitoring transformation, verifying credibility, updating Platform Configuration Registers and recording integrity measurement logs in Linux kernel. The result of performance analysis demonstrates that the method is feasible and credible.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
TCG: TCG Specification Architecture Overview. TCG Specification Version 1.2, The Trusted Computing Group (TCG), Portland, Oregon, USA (April 2003)
TCG: TPM Main, Part 1: Design Principles. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG: TPM Main, Part 2: TPM Data Structures. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
TCG: TPM Main, Part 3: Commands. TCG Specification Version 1.2 Revision 94, The Trusted Computing Group (TCG), Portland, Oregon, USA (March 2006)
Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and Implementation of a TCG-Based Integrity Measurement Architecture. In: Thirteenth Usenix Security Symposium, pp. 223–238 (August 2004)
Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: A Virtual Machine-Based Platform for Trusted Computing. In: 9th ACM Symposium on Operating System Principles (2003)
TCG: TCG Infrastructure Working Group Platform Trust Services Interface Specification (IF-PTS), Specification Version 1.0, The Trusted Computing Group (TCG), USA (November 2006)
TCG: TCG Trusted Network Connect TNC IF-IMC, Specification Version 1.0, The Trusted Computing Group (TCG), USA (May 2005)
TCG: TCG Trusted Network Connect TNC IF-IMV, Specification Version 1.0, The Trusted Computing Group (TCG), USA (May 2005)
Chen, L., Zhang, H., Zhang, L., Cai, L.: A New Information Measurement Scheme Based on TPM for Trusted Nerwork Access. In: 2007 International Conference on Computational Intelligence and Security Workshops, pp. 506–509 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Weiping, P., Yajian, Z., Cong, W., Yixian, Y. (2011). Runtime-Based Boot Components Re-measurement Scheme for Trusted Platform. In: Jiang, L. (eds) Proceedings of the 2011 International Conference on Informatics, Cybernetics, and Computer Engineering (ICCE2011) November 19-20, 2011, Melbourne, Australia. Advances in Intelligent and Soft Computing, vol 110. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25185-6_40
Download citation
DOI: https://doi.org/10.1007/978-3-642-25185-6_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25184-9
Online ISBN: 978-3-642-25185-6
eBook Packages: EngineeringEngineering (R0)