Abstract
Trusted Computing is a promising approach to improve the security of computer systems. However, current releases of the Java platform do not provide support to utilize the Trusted Platform Module (TPM). This paper presents several building-blocks that lead to the integration of TC into Java. It outlines the issues that arise with multiple TPM-virtualizations in the context of managed environments. Further, it summarizes the design and implementation of Java TC-libraries that support the major operating systems on TPM-enabled platforms, while still considering alternative architectures. The final aspect covered is the ongoing standardization process of a future Trusted Computing API for Java.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Stefan Berger, Ramón Cà ceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doom. vTPM: virtualizing the trusted platform module. In USENIX-SS’06: Proceedings of the 15th conference on USENIX Security Symposium, pages 305–320, 2006.
Stefan Berger, Ramón Cáceres, Dimitrios Pendarakis, Reiner Sailer, Enriquillo Valdez, Ronald Perez, Wayne Schildhauer, and Deepa Srinivasan. TVDc: managing security in the trusted virtual datacenter. SIGOPS Oper. Syst. Rev., 42(1):40–47, 2008.
Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the art of virtualization. In SOSP ’03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 164–177, New York, NY, USA, 2003. ACM.
David Challener, Kent Yoder, Ryan Catherman, David Saffbrd, and Leendert Van Doom. A Practical Guide to Trusted Computing. Number ISBN-13: 978-0132398428. IBM Press, 1st edition, 2008.
Kurt Dietrich, Martin Pirker, Tobias Vejda, Ronald Toegl, Thomas Winkler, and Peter Lipp. A practical approach for establishing trust relationships between remote platforms using trusted computing. In Gilles Barthe and Cedric Fournet, editors, Trustworthy Global Computing, volume 4912 of LNCS, pages 156–168. Springer Verlag, 2008.
Paul England and Jork Loeser. Para-Virtualized TPM Sharing. In Proceedings of TRUST 2008, volume 4968 of LNCS. Springer Verlag, 2008.
Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Terra: a virtual machine-based platform for trusted computing. In SOSP ’03: Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 193–206, New York, NY, USA, 2003. ACM.
Michael Hohmuth. The fiasco kernel: Requirements definition. Technical Report ISSN 143021IX, Dresden University of Technology, 1998.
IBM Corp. TrouSerS an open-source tcg software stack implementation. http://trousers.sourceforge.net/, 2008.
Dirk Kuhlmann, Rainer Landfermann, HariGovind V. Ramasamy, Matthias Schunter, Gianluca Ramunno, and Davide Vernizzi. An open trusted computing architecture — secure virtual machines enabling user-defined policy enforcement. Research Report RZ 3655, IBM Research, 2006.
Microsoft. TPM Base Services. Microsoft Developer Network, 2007. http://msdn. microsoft.com/en-us/library/aa446796(VS.85).aspx.
RSA Laboratories. PKCS #11 v2.20: Cryptographic Token Interface Standard. RSA Security Inc. Public-Key Cryptography Standards (PKCS), June 2004. ftp://ftp.rsasecurity.com/ pub/pkcs/pkcs-ll/v2-20/pkcs-llv2-20.pdf
Frederic Stumpf, Michael Benz, Martin Hermanowski, and Claudia Eckert. An approach to a trustworthy system architecture using virtualization, 2007.
L. Sarmenta, J. Rhodes, and T. Müller. TPM/J java-based api for the trusted platform module. http://projects.csail.mit.edu/tc/tpmj/, 2007.
Marcel Selhorst, Christian Stueble, and Felix Teerkorn. TSS Study. Study on behalf of the german federal office for information security (bsi), Sirrix AG security technologies, May 2008. http://www.simx.com/content/pages/50590.htm.
Luis Sarmenta, Marten van Dijk, Charles O’Donnell, Jonathan Rhodes, and Srinivas Devadas. Virtual monotonic counters and count-limited objects using a TPM without a trusted OS. In STC ’06: Proceedings of the first ACM workshop on Scalable trusted computing, number 1-59593-548-7, pages 27–42. ACM, 2006.
Ronald Toegl et al. JSR 321: Trusted Computing API for Java. Java Community Process, 2008. http://jcp.org/en/jsr/detail?id=321.
Trusted Computing Group.https://www.trustedcomputinggroup.org/.
Trusted Computing Group. TCG Software Stack Specification, Version 1.2 Errata A. https://www.trust-edcomputinggroup.org/specs/TSS/.
Tobias Vejda, Ronald Toegl, Martin Pirker, and Thomas Winkler. Towards Trust Services for Language-Based Virtual Machines for Grid Computing. In Proceedings of TRUST 2008, volume 4968 of LNCS. Springer Verlag, 2008.
S. Yoshihama, S. Yoshihama, T. Ebringer, M. Nakamura, S. Munetoh, and H. Maruyama. WS-attesta-tion: efficient and fine-grained remote attestation on web services. In T. Ebringer, editor, Proc. IEEE International Conference on Web Services ICWS 2005, pages -750, 2005.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2009 Vieweg+Teubner | GWV Fachverlage GmbH
About this chapter
Cite this chapter
Toegl, R., Pirker, M. (2009). An ongoing Game of Tetris: Integrating Trusted Computing in Java, block-by-block. In: Gawrock, D., Reimer, H., Sadeghi, AR., Vishik, C. (eds) Future of Trust in Computing. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9324-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9324-6_7
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-0794-6
Online ISBN: 978-3-8348-9324-6
eBook Packages: Computer ScienceComputer Science (R0)