New Directions for Hardware-assisted Trusted Computing Policies (Position Paper)
The basic technological building blocks of the TCG architecture seem to be stabilizing. As a result, we believe that the focus of the Trusted Computing (TC) discipline must naturally shift from the design and implementation of the hardware root of trust (and the subsequent trust chain) to the higher-level application policies. Such policies must build on these primitives to express new sets of security goals. We highlight the relationship between enforcing these types of policies and debugging, since both activities establish the link between expected and actual application behavior. We argue that this new class of policies better fits developers' mental models of expected application behaviors, and we suggest a hardware design direction for enabling the efficient interpretation of such policies.
Unable to display preview. Download preview PDF.
- B. Agreiter, M. Alam, M. Hafner, J.-P. Seifert, and X. Zhang. Model Driven Configuration of Secure Operating Systems for Mobile Applications in Healthcare. In In Proceedings of the 1st International Workshop on Model-Based Trustworthy Health Information Systems, 2007.Google Scholar
- Stefan Berger, Ramon Caceres, Kenneth Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doom. vTPM - Virtualizing the Trusted Platform Module. In 15th Usenix Security Symposium, pages 305–320, 2006.Google Scholar
- Sergey Bratus, Nihal D’Cunha, Evan Sparks, and Sean Smith. TOCTOU, Traps, and Trusted Computing. In Proceedings of the TRUST 2008 Conference, March 2008. Villach, Austria.Google Scholar
- Sergey Bratus, Alex Ferguson, Doug Mcllroy, and Sean Smith. Pastures: Towards Usable Security Policy Engineering. In ARES '07: Proceedings of the The Second International Conference on Availability, Reliability and Security, pages 1052–1059, Washington, DC, USA, 2007. IEEE Computer Society.Google Scholar
- Kwang-Hyun Baek and Sean W Smith. Preventing theft of quality of service on open platforms. Technical Report TR2005-539, Dartmouth College, Computer Science, Hanover, NH, May 2005.Google Scholar
- Tiller Beauchamp and David Weston. DTrace: The Reverse Engineer’s Unexpected Swiss Army Knife. Blackhat Europe, 2008.Google Scholar
- V. Haldar, D. Chandra, and M. Franz. Semantic Remote Attestation: A Virtual Machine Directed Approach to Trusted Computing. In USENIX Virtual Machine Research and Technology Symposium, 2004.Google Scholar
- Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vrjay Janapa Reddi, and Kim Hazelwood. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of Programming Language Design and Implementation (PLDI), June 2005.Google Scholar
- G.J. Proudler. Concepts of Trusted Computing. In Chris Mitchell, editor, Trusted Computing, pages 11–27. IET, 2005.Google Scholar
- Elaine Shi, Adrian Perrig, and Leendert van Doorn. BIND: A Fine-Grained Attestation Service for Secure Distributed Systems. In IEEE Symposium on Security and Privacy, pages 154–168, 2005.Google Scholar
- Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doom. Design and Implementation of a TCG-based Integrity Measurement Architecture. In USENIX Security Symposium, pages 223–238, 2004.Google Scholar