Skip to main content
SpringerLink
Log in

Trusted Computing

  • Chapter
Handbook of Information and Communication Security

Abstract

Trusted computing (TC) is a set of design techniques and operation principles to create a computing environment that the user can trust to behave as expected. This is important in general and vital for security applications. Among the various proposals to create a TC environment, the Trusted Computing Group (TCG) architecture is of specific interest nowadays because its hardware foundation – the trusted platformmodule (TPM)– is readily available in commodity computers and it provides several interesting features: attestation, sealing, and trusted signature. Attestation refers to integrity measures computed at boot time that can later be used to prove system integrity to a third party across a network. Sealing protects some data (typically application level cryptographic keys or configurations) in hardware so that it can be accessed only when the system is in a specific state (i.e., a specific set of software modules is running, from drivers up to applications). Trusted signature is performed directly by the hardware and is permitted only when the system is in a specific state. TC does not provide perfect protection for all possible attacks: it has been designed to counter software attacks and some hardware ones. Nonetheless it is an interesting tool to build secure systems, with special emphasis on the integrity of the operations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 349.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 449.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 599.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. U.S. Department of Defense: Trusted Computer Systems Evaluation Criteria (Orange Book) (National Computer Security Center, Fort Meade 1985)

    Google Scholar 

  2. F.B. Schneider (Ed.): Trust in Cyberspace (National Academy Press, Washington 1998)

    Google Scholar 

  3. R. Shirey: RFC 4949 – Internet Security Glossary, Version 2 (IETF, 2007)

    Google Scholar 

  4. R. Anderson: Security Engineering: a Guide to Building Dependable Distributed Systems (John Wiley and Sons, Indianapolis 2008)

    Google Scholar 

  5. P.G. Neumann: Architectures and formal representations for secure systems, SRI Project 6401, Deliverable A002 (Computer Science Laboratory, SRI International, 1995)

    Google Scholar 

  6. U.S. Department of Defense: Glossary of Computer Security Terms (Aqua Book) (National Computer Security Center, Fort Meade 1990)

    Google Scholar 

  7. Trusted Computing Group: TCG glossary, available at https://www.trustedcomputinggroup.org/developers/glossary/

  8. C.J. Mitchell: Trusted Computing (Institution of Engineering and Technology, 2005)

    Google Scholar 

  9. T. Jaeger, R. Sailer, X. Zhang: Analyzing integrity protection in the SELinux example policy, Proc. 12th USENIX Security Symposium, Washington (2003) pp. 59–74

    Google Scholar 

  10. P. Kuliniewicz: SENG: an enhanced policy language for SELinux, Proc. SELinux Symposium and Developer Summit, Baltimore (2006)

    Google Scholar 

  11. KernelTrap: SELinux vs. OpenBSD’s default security, available at http://kerneltrap.org/OpenBSD/SELinux_vs_OpenBSDs_Default_Security (2007)

  12. J. Loftus: With RHEL 5, Red Hat goes to bat for SELinux, available at http://searchenterpriselinux.techtarget.com/news/article/0,289142,sid39 _gci1259697,00.html (2007)

  13. P.G. Neumann: Achieving principled assuredly trustworthy composable systems and networks, Proc. DISCEX, Washington (2003) pp. 182–187

    Google Scholar 

  14. The Fiasco: requirements definition, TU Dresden, Report TUD-FI98-12, available at http://os.inf.tu-dresden.de/paper_ps/fiasco-spec.ps.gz (December 1998)

  15. DARPA: The composable high-assurance trustworthy systems (CHATS) project, http://www.csl.sri.com/users/neumann/chats.html (2004)

  16. The European Multilaterally Secure Computing Base (EMSCB) project – towards trustworthy systems with open standards and trusted computing, http://www.emscb.de

  17. D. Kuhlmann, R. Landfermann, H.V. Ramasamy, M. Schunter, G. Ramunno, D. Vernizzi: An open trusted computing architecture – secure virtual machines enabling user-defined policy enforcement, IBM Research Report RZ 3655 (2006)

    Google Scholar 

  18. H. Löhr, A. Sadeghi, C. Stüble, M. Weber, M. Winandy: Modeling trusted computing support in a protection profile for high assurance security kernels, Proc. TRUST-2009, Oxford (2009) pp. 45–62

    Google Scholar 

  19. BSI and Sirrix AG security technologies: Protection profile for a high-security kernel (HASK-PP), v. 1.14 (2008)

    Google Scholar 

  20. J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, A. Seshadri: How low can you go? Recommendations for hardware-supported minimal TCB code execution, SIGARCH Comput. Archit. News 36(1), 14–25 (2008)

    Google Scholar 

  21. Trusted Computing Group: TCG specification architecture overview, Revision 1.4 (2007)

    Google Scholar 

  22. Intel: Intel trusted execution technology (TXT), Measured Launched Environment Developer’s Guide, Document Number: 315168-005 (2008)

    Google Scholar 

  23. AMD: AMD64 virtualization codenamed “Pacifica” technology, Secure Virtual Machine Architec ture Reference Manual, Publication No. 33047, Revision 3.01 (2005)

    Google Scholar 

  24. AMD: AMD I/O virtualization technology (IOMMU) specification, Publication No. 34434, Revision 1.26 (2009)

    Google Scholar 

  25. D. Grawrock: Dynamics of a trusted platform (Intel Press, 2008)

    Google Scholar 

  26. Trusted Computing Group: TCG TPM main Part 1 design principles, Version 1.2 Level 2 Revision 103 (2007)

    Google Scholar 

  27. Trusted Computing Group: TCG TPM main Part 2 TPM structures, Version 1.2 Level 2 Revision 103 (2007)

    Google Scholar 

  28. Trusted Computing Group: TCG TPM main Part 3 commands, Version 1.2 Level 2 Revision 103 (2007)

    Google Scholar 

  29. J. Jonsson, B. Kaliski: RFC-3447 – PKCS #1: RSA cryptography standard, IETF (2002)

    Google Scholar 

  30. Trusted Computing Group: TCG PC client specific implementation specification for conventional BIOS, Version 1.2 Final Revision 1.00 (2005)

    Google Scholar 

  31. Trusted Computing Group: TCG PC client specific TPM interface specification (TIS), Version 1.2 Final Revision 1.00 (2005)

    Google Scholar 

  32. Trusted Computing Group: TCG Infrastructure Working Group (IWG) subject key attestation evidence extension, Version 1.0 Revision 7 (2005)

    Google Scholar 

  33. F. Armknecht, Y. Gasmi, A.R. Sadeghi, P. Stewin, M. Unger, G. Ramunno, D. Vernizzi: An efficient implementation of trusted channels based on OpenSSL, Proc. 3rd ACM workshop on Scalable Trusted Computing, Fairfax (2008) pp. 41–50

    Google Scholar 

  34. E. Brickell, J. Camenisch, L. Chen: Direct anonymous attestation, Proc. 11th ACM Conf. on Computer and Communications Security, Washington (2004) pp. 132–145

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dip. di Automatica e Informatica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129, Torino, Italy

    Antonio Lioy & Gianluca Ramunno

Authors
  1. Antonio Lioy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gianluca Ramunno
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Technical University of Crete, 73132, Chania, Crete, Greece

    Peter Stavroulakis

  2. Dept. Computer Science, San Jose State University, One Washington Square, 95192, San Jose, CA, USA

    Mark Stamp

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Lioy, A., Ramunno, G. (2010). Trusted Computing. In: Stavroulakis, P., Stamp, M. (eds) Handbook of Information and Communication Security. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04117-4_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-04117-4_32

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-04116-7

  • Online ISBN: 978-3-642-04117-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation