Abstract
The basic technological building blocks of the TCG architecture seem to be stabilizing. As a result, we believe that the focus of the Trusted Computing (TC) discipline must naturally shift from the design and implementation of the hardware root of trust (and the subsequent trust chain) to the higher-level application policies. Such policies must build on these primitives to express new sets of security goals. We highlight the relationship between enforcing these types of policies and debugging, since both activities establish the link between expected and actual application behavior. We argue that this new class of policies better fits developers' mental models of expected application behaviors, and we suggest a hardware design direction for enabling the efficient interpretation of such policies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
B. Agreiter, M. Alam, M. Hafner, J.-P. Seifert, and X. Zhang. Model Driven Configuration of Secure Operating Systems for Mobile Applications in Healthcare. In In Proceedings of the 1st International Workshop on Model-Based Trustworthy Health Information Systems, 2007.
Stefan Berger, Ramon Caceres, Kenneth Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doom. vTPM - Virtualizing the Trusted Platform Module. In 15th Usenix Security Symposium, pages 305–320, 2006.
Sergey Bratus, Nihal D’Cunha, Evan Sparks, and Sean Smith. TOCTOU, Traps, and Trusted Computing. In Proceedings of the TRUST 2008 Conference, March 2008. Villach, Austria.
Sergey Bratus, Alex Ferguson, Doug Mcllroy, and Sean Smith. Pastures: Towards Usable Security Policy Engineering. In ARES '07: Proceedings of the The Second International Conference on Availability, Reliability and Security, pages 1052–1059, Washington, DC, USA, 2007. IEEE Computer Society.
Kwang-Hyun Baek and Sean W Smith. Preventing theft of quality of service on open platforms. Technical Report TR2005-539, Dartmouth College, Computer Science, Hanover, NH, May 2005.
Tiller Beauchamp and David Weston. DTrace: The Reverse Engineer’s Unexpected Swiss Army Knife. Blackhat Europe, 2008.
V. Haldar, D. Chandra, and M. Franz. Semantic Remote Attestation: A Virtual Machine Directed Approach to Trusted Computing. In USENIX Virtual Machine Research and Technology Symposium, 2004.
Ravishankar K. Iyer, Zbigniew Kalbarczyk, Karthik Pattabiraman, William Healey, Wen-Mei W. Hwu, Peter Klemperer, and Reza Farivar. Toward Application-Aware Security and Reliability. IEEE Security and Privacy, 5(l):57–62, 2007.
Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vrjay Janapa Reddi, and Kim Hazelwood. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of Programming Language Design and Implementation (PLDI), June 2005.
G.J. Proudler. Concepts of Trusted Computing. In Chris Mitchell, editor, Trusted Computing, pages 11–27. IET, 2005.
Elaine Shi, Adrian Perrig, and Leendert van Doorn. BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In IEEE Symposium on Security and Privacy, pages 154–168, 2005.
Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doom. Design and Implementation of a TCG-based Integrity Measurement Architecture. In USENIX Security Symposium, pages 223–238, 2004.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2009 Vieweg+Teubner | GWV Fachverlage GmbH
About this chapter
Cite this chapter
Bratus, S., Locasto, M.E., Ramaswamy, A., Smith, S.W. (2009). New Directions for Hardware-assisted Trusted Computing Policies (Position Paper). In: Gawrock, D., Reimer, H., Sadeghi, AR., Vishik, C. (eds) Future of Trust in Computing. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9324-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9324-6_3
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-0794-6
Online ISBN: 978-3-8348-9324-6
eBook Packages: Computer ScienceComputer Science (R0)