Abstract
This chapter describes some of the basic mechanism of building trusted platforms, i.e., platforms that behave in a way they are expected to. The main focus is the low-level implementation of such mechanism using secure hardware, including the trusted computing standard, security mechanisms inside the central processor unit (CPU) and external secure coprocessors. After describing the advantages and limits of these approaches, the chapter describes some basic services set up on such hardware, such as secure boot, remote attestation, and secure I/O interfaces. Finally, we briefly discuss secure operating systems, and point out some future trends in secure hardware and trusted platform.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Trusted Computing Group. https://www.trustedcomputinggroup.org/
K. Kursawe, D. Schellekens, B. Preneel (2005) Analyzing trusted platform communication. In ECRYPT Workshop, CRASH — CRyptographic Advances in Secure Hardware.
M. Bond (2001) Attacks on Cryptoprocessor Transaction Sets. In Proceedings of the CHES 2001 Workshop, pp. 220–234
D. Osvik, A. Shamir, E. Tromer (2006) Cache Attacks and Countermeasures: The Case of AES. In CT-RSA, pp. 1–20.
W. Arbaugh, D. Farber, J. Smith (1997) A Secure and Reliable Bootstrap Architecture. In Proc. IEEE Symposium on Security and Privacy, pp. 65–71.
J. Molina, W. Arbaugh (2002) Using Independent Auditors as Intrusion Detection Systems. In Proceedings of the Fourth International Conference on Information and Communications Security, pp. 291–302.
http://www.cdt.org/privacy/issues/pentium3
E. Brickell, J. Camenisch, L. Chen (2004) Direct anonymous attestation. In Proceedings of 11th ACM Conference on Computer and Communications Security, pp. 132–145.
A. Sadeghi, C. Stüble (2004) Property-based attestation for computing platforms: caring about properties, not mechanisms. In Proceedings of the 2004 Workshop on New Security Paradigms NSPW’ 04, pp. 67–77.
J. Poritz, M. Schunter, E. van Herreweghen, M. Waidner (2004) Property Attestation—Scalable and Privacy-friendly Security Assessment of Peer Computers. IBM Technical Report RZ3548, IBM Research, Zurich Laboratory.
B. Pfitzmann, J. Riordan, C. Stüble, M. Waidner, A. Weber (2001) The PERSEUS system architecture. Technical Report RZ 3335, IBM Research Division, Zurich Laboratory
http://www.nsa.gov/selinux/
M. Peinado, Y. Chen (2004), NGSCB: A Trusted Open System. In Proc. of 9th Australasian Conf. on Information Security and Privacy ACISP, pp. 13–15.
P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, A. Warfield (2003) Xen and the art of virtualization. In Proc. of the 19th ACM Symposium on Operating Systems Principles SOSP, pp. 164–177.
R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez, S. Berger, J. Griffin, L. van Doorn (2005) Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor. In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC), pp. 276–285.
A. Sadeghi, C. Stüble, N. Pohlmann (2004) European Multilateral Secure Computing Base-Open Trusted Computing for You and Me. Datenschutz und Datensicherheit (DuD), 9/04, pp. 548–553.
http://www.opentc.net/
S. Schoen (2004) EFF comments on TCG design, implementation and usage principles. www.eff.org/Infrastructure/trusted computing/20041004_eff_comments_tcg_principles.pdf.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Kursawe, K. (2007). Trusted Platforms. In: Petković, M., Jonker, W. (eds) Security, Privacy, and Trust in Modern Data Management. Data-Centric Systems and Applications. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69861-6_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-69861-6_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69860-9
Online ISBN: 978-3-540-69861-6
eBook Packages: Computer ScienceComputer Science (R0)