Abstract
Experiences of the past have shown that common computing platforms lack security due to architectural problems and complexity. In this context, Microsoft Palladium (Pd) and TCPA are announced to be the next-generation computing platforms, and claimed to improve users’ security. However, people are concerned about those capabilities of TCPA/Pd that may allow content providers to gain too much power and control over the use of digital content and users’ private information.
In this paper, we argue that TCPA/Pd can increase the security of computing platforms by faithfully designing the operating system. Moreover, we discuss how interferences between digital rights management capabilities and end-user security can be prevented. Our results are based on the fact that even with TCPA/Pd platforms the operating system has enough control over the platform to prevent misuse by both content providers and end-users.
We argue that such a trustworthy operating system, that is secure in the sense of multilateral security, can be developed without much effort by efficiently combining the ideas of security kernels and state of the art of operating system technology. We propose a new architecture for a trustworthy security platform that uses TCPA/Pd hardware features in conjunction with an open-source security kernel we have developed. Our security kernel provides backward-compatibility to the Linux operating system. The layered design and its lightweightness allows an easy migration to other hardware platforms like PDAs, mobile phones, and embedded systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Alkassar, A., Stüble, C.: Towards secure IFF — preventing mafia fraud attacks. In: Proceedings of IEEE Military Conference, MILCOM (2002)
Anderson, R.J.: Security Engineering — A Guide to Building Dependable Distributed Systems. John Wiley & Sons, Chichester (2001)
Anderson, R.J.: Security in open versus closed systems — the dance of Boltzmann, Coase and Moore. Technical report, Cambridge University, England (2002)
Anderson, R.J.: The TCPA/Palladium FAQ (2002), http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Anderson, R.J., Kuhn, M.: Tamper resistance – a cautionary note. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce [38], pp. 1–11
Antonakos, J.L.: The Pentium Microprocessor. Prentice Hall Inc., Englewood Cliffs (1997)
Arbaugh, W.A.: Improving the TCPA specification. IEEE Computer, 77–79 (August 2002)
Arbaugh, W.A., Farber, D.J., Smith, J.M.: A reliable bootstrap architecture. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1997, pp. 65–71. IEEE Computer Society, Technical Committee on Security and Privacy, IEEE Computer Society Press (1997)
Asokan, N., Debar, H., Steiner, M., Waidner, M.: Authenticating public terminals. Computer Networks 31(8), 861–870 (1999)
Carroll, A., Juarez, M., Polk, J., Leininger, T.: Microsoft ”Palladium”: A business overview. Technical report, Microsoft Content Security Business Unit (August 2002)
Carroll, A., Juarez, M., Polk, J., Leininger, T.: Microsoft “Palladium”: A business overview — combining microsoft windows features, personal computing hardware, and software applications for greater security, personal privacy and system integrity. White paper, Microsoft Windows Trusted Platform Technologies (July 2002)
Common Criteria Project Sponsoring Organisations. Common Criteria for Information Technology Security Evaluation, Version 2.1, adopted by ISO/IEC as ISO/IEC International Standard (IS) 15408 1–3 (August 1999), Available from http://csrc.ncsl.nist.gov/cc/ccv20/ccv2list.htm
M. Corporation. Building a secure platform for trustworthy computing. White paper, Microsoft Corporation (December 2002)
M. Corporation. Microsoft ”Palladium” technical FAQ, http://www.microsoft.com (August 2002)
Eastlake, D.E., Crocker, S.D., Schiller, J.I.: Randomness requirements for security. Internet Request for Comment RFC 1750, Internet Engineering Task Force (December 1994)
Fraim, L.: SCOMP: A solution to the multilevel security problem. IEEE Computer, 26–34 (July 1983)
Gasser, M.: Building a Secure Computer System. Van Nostrand Reinhold Co., New York (1988)
Gefflaut, A., Jaeger, T., Park, Y., Liedke, J., Elphistone, K.J., Uhlig, V., Tidswell, J.E., Deller, L., Reuter, L.: The SawMill multiserver approach. In: ACM SIGOPS European Workshop (September 2000)
Gutmann, P.: Software generation of practically strong random numbers. In: Proceedings of the 7th USENIX Security Symposium, San Antonio, Texas, USA, USENIX (January 1998)
Härtig, H., Hohmuth, M., Wolter, J.: Taming linux. In: Proceedings of PART 1998. TU Dresden (1998)
Härtig, H., Kowalski, O., Kühnhauser, W.: The BirliX security architecture. Journal of Computer Security 2(1), 5–21 (1993)
Jaeger, T., Elphinstone, K., Liedtke, J., Panteleenko, V., Park, Y.: Flexible access control using IPC redirection. In: Hot Topics in Operating Systems (HotOS VII), pp. 191–196, Rio Rico, AZ (March 1999)
Leslie, B., Heiser, G.: Towards untrusted device drivers. Technical Report UNSW-CSE-TR-0303, School of Computer Science and Engineering (March 2003)
Liedke, J.: Clans and Chiefs. a new kernel level concept for operating systems. Working paper, GMD (1991)
Liedke, J.: Towards real micro-kernels. Communications of the ACM 39(9) (1996)
Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the Linux operating system. Technical report, U.S. National Security Agency (NSA) (February 2001)
Mundie, C., de Vries, P., Haynes, P., Corwine, M.: Microsoft whitepaper on trustworthy computing. Technical report, Microsoft Corporation (October 2002)
Pfitzmann, B., Riordan, J., Stüble, C., Waidner, M., Weber, A.: The PERSEUS system architecture. Technical Report RZ 3335 (#93381), IBM Research Division, Zurich Laboratory (April 2001)
Raymond, E.S.: The cathedral and the bazaar (August 1998), http://www.openresources.com/documents/cathedral-bazaar/
Safford, D.: Clarifying misinformation on TCPA. White paper, IBM Research (October 2002)
Safford, D.: The need for TCPA. White paper, IBM Research (October 2002)
Schneier, B.: Palladium and the TCPA, http://www.counterpane.com/crypto-gram-0208.html#1
Schoen, S.: Palladium details (2002), http://www.activewin.com/articles/2002/pd.shtml
Shapiro, J.S., Smith, J.M., Farber, D.J.: EROS: a fast capability system. In: Proceedings of the 17th ACM Symposium on Operating Systems Principles (SOSP 1999), pp. 170–185. Kiawah Island Resort, near Charleston, Sout Carolina (December 1999); Appeared as ACM Operating Systems Review 33.5
Trusted Computing Platform Alliance (TCPA). TCPA PC specific implementation specification Version 1.00 (September 2001)
Trusted Computing Platform Alliance (TCPA). Main specification, Version 1.1b (February 2002)
Tygar, J.D., Whitten, A.: WWW electronic commerce and Java Trojan horses. In: Proceedings of the 2nd USENIX Workshop on Electronic Commerce [38], pp. 243–250
USENIX. Proceedings of the 2nd USENIX Workshop on Electronic Commerce, Oakland, California (November 1996)
Wheeler, D.A.: More than a gigabuck: Estimating GNU/Linux’s size (June 2001), http://www.dwheeler.com/sloc/
Wintermute. TCPA and Palladium technical analysis (December 2002), http://wintermute.homelinux.org/miscelanea/TCPASecurity.txt
Zimmerman, P.: The Official PGP User’s Guide. prz@acm.org, The MIT Press (1994) (in press), More in http://www.pegasus.esprit.ec.org/people/arne/pgp.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sadeghi, AR., Stüble, C. (2004). Taming “Trusted Platforms” by Operating System Design. In: Chae, KJ., Yung, M. (eds) Information Security Applications. WISA 2003. Lecture Notes in Computer Science, vol 2908. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24591-9_22
Download citation
DOI: https://doi.org/10.1007/978-3-540-24591-9_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20827-3
Online ISBN: 978-3-540-24591-9
eBook Packages: Springer Book Archive