Advertisement

New Directions for Hardware-assisted Trusted Computing Policies (Position Paper)

  • Sergey Bratus
  • Michael E. Locasto
  • Ashwin Ramaswamy
  • Sean W. Smith

Abstract

The basic technological building blocks of the TCG architecture seem to be stabilizing. As a result, we believe that the focus of the Trusted Computing (TC) discipline must naturally shift from the design and implementation of the hardware root of trust (and the subsequent trust chain) to the higher-level application policies. Such policies must build on these primitives to express new sets of security goals. We highlight the relationship between enforcing these types of policies and debugging, since both activities establish the link between expected and actual application behavior. We argue that this new class of policies better fits developers' mental models of expected application behaviors, and we suggest a hardware design direction for enabling the efficient interpretation of such policies.

Keywords

Trust Computing 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. B. Agreiter, M. Alam, M. Hafner, J.-P. Seifert, and X. Zhang. Model Driven Configuration of Secure Operating Systems for Mobile Applications in Healthcare. In In Proceedings of the 1st International Workshop on Model-Based Trustworthy Health Information Systems, 2007.Google Scholar
  2. Stefan Berger, Ramon Caceres, Kenneth Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doom. vTPM - Virtualizing the Trusted Platform Module. In 15th Usenix Security Symposium, pages 305–320, 2006.Google Scholar
  3. Sergey Bratus, Nihal D’Cunha, Evan Sparks, and Sean Smith. TOCTOU, Traps, and Trusted Computing. In Proceedings of the TRUST 2008 Conference, March 2008. Villach, Austria.Google Scholar
  4. Sergey Bratus, Alex Ferguson, Doug Mcllroy, and Sean Smith. Pastures: Towards Usable Security Policy Engineering. In ARES '07: Proceedings of the The Second International Conference on Availability, Reliability and Security, pages 1052–1059, Washington, DC, USA, 2007. IEEE Computer Society.Google Scholar
  5. Kwang-Hyun Baek and Sean W Smith. Preventing theft of quality of service on open platforms. Technical Report TR2005-539, Dartmouth College, Computer Science, Hanover, NH, May 2005.Google Scholar
  6. Tiller Beauchamp and David Weston. DTrace: The Reverse Engineer’s Unexpected Swiss Army Knife. Blackhat Europe, 2008.Google Scholar
  7. V. Haldar, D. Chandra, and M. Franz. Semantic Remote Attestation: A Virtual Machine Directed Approach to Trusted Computing. In USENIX Virtual Machine Research and Technology Symposium, 2004.Google Scholar
  8. Ravishankar K. Iyer, Zbigniew Kalbarczyk, Karthik Pattabiraman, William Healey, Wen-Mei W. Hwu, Peter Klemperer, and Reza Farivar. Toward Application-Aware Security and Reliability. IEEE Security and Privacy, 5(l):57–62, 2007.CrossRefGoogle Scholar
  9. Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vrjay Janapa Reddi, and Kim Hazelwood. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of Programming Language Design and Implementation (PLDI), June 2005.Google Scholar
  10. G.J. Proudler. Concepts of Trusted Computing. In Chris Mitchell, editor, Trusted Computing, pages 11–27. IET, 2005.Google Scholar
  11. Elaine Shi, Adrian Perrig, and Leendert van Doorn. BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In IEEE Symposium on Security and Privacy, pages 154–168, 2005.Google Scholar
  12. Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doom. Design and Implementation of a TCG-based Integrity Measurement Architecture. In USENIX Security Symposium, pages 223–238, 2004.Google Scholar

Copyright information

© Vieweg+Teubner | GWV Fachverlage GmbH 2009

Authors and Affiliations

  • Sergey Bratus
    • 1
  • Michael E. Locasto
    • 1
  • Ashwin Ramaswamy
    • 1
  • Sean W. Smith
    • 1
  1. 1.Dartmouth College HanoverNew Hampshire

Personalised recommendations