Formal Analysis of Secure Bootstrap in Trusted Computing

Chen, Shuyi; Wen, Yingyou; Zhao, Hong

doi:10.1007/978-3-540-73547-2_37

Formal Analysis of Secure Bootstrap in Trusted Computing

Shuyi Chen¹,
Yingyou Wen¹ &
Hong Zhao¹

Conference paper

901 Accesses
6 Citations

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4610))

Abstract

The stated goal of the trusted computing is to redesign PC hardware for providing protection against software attack. Trust platform is key technology of trusted computing. However, the security of trusted platform should be verified in theory, and the model of trusted platform should be further improved. In this paper, a formal method for verifying the security of trusted platform is presented. The vulnerability of secure bootstrap is analyzed based on the proposed formal semantics. Moreover, an improved model of secure bootstrap is proposed. The semantics presented here also can be used to reasoning about other applications of trusted computing, which provides a general and effective method for analyzing security of trusted computing applications.

This work is supported by the national natural science foundation of China under Grant Nos. 60602061 and the national high-tech research and development plan of China under Grant Nos. 2006AA01Z413.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

TCG. Trusted Computing Group (2004), http://www.trustedcomputinggroup.org/downloads/background_docs/TCG_Backgrounder_November_2004.pdf
Microsoft. Next-Generation Secure Computing Base home page (2006), http://www.microsoft.com/resources/ngscb
Peinado, M., Chen, Y., England, P., et al.: NGSCB: A trusted open system. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 86–97. Springer, Heidelberg (2004)
Google Scholar
Intel. LaGrande Technology Architectural Overview (2006), http://www.intel.com/technology/security/downloads/LT_Arch_Overview.pdf
Alan, Z.: Coming soon to VMware, Microsoft, and Xen: AMD Virtualization Technology Solves Virtualization Challenges (2006), http://www.devx.com/amd/Article/30186
Lie, D., Thekkath, C., Mitchell, M., et al.: Architectural support for copy and tamper resistant software. In: William, E., et al. (eds.) ASPLOS-IX 2000[C]. Operating Systems Review, vol. 34, pp. 168–177. ACM Press, New York (2000)
Google Scholar
Garfinkel, T., Pfaff, B., Chow, J., et al.: Terra: A virtual machine-based platform for trusted computing. In: Birman, K., et al. (eds.) SOSP 2003 [C]. Operating Systems Review, vol. 37, pp. 193–206. ACM Press, New York (2003)
Google Scholar
Abadi, M., Wobber, T.: A Logical Account of NGSCB. In: de Frutos-Escrig, D., Núñez, M. (eds.) FORTE 2004. LNCS, vol. 3235, pp. 1–12. Springer, Heidelberg (2004)
Google Scholar
Patel, J., Teacy, W.T., Jennings, N.R., et al.: A Probabilistic Trust Model for Handling Inaccurate Reputation Sources. In: Herrmann, P., Issarny, V., Shiu, S.C.K. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 193–209. Springer, Heidelberg (2005)
Google Scholar
Beth, T., Borcherding, M., Klein, B.: Valuation of Trust in Open Network. In: Gollmann, D. (ed.) Computer Security - ESORICS 1994. LNCS, vol. 875, pp. 509–522. Springer, Heidelberg (1994)
Google Scholar
Bondavalli, A., Chiaradonna, S., Giandomenico, F.D., et al.: Dependability Modeling and Evaluation of Multiple Phased Systems Using DEEM. In: IEEE Transactions on Reliability, vol. 53, pp. 23–26. IEEE Press, New York (2000)
Google Scholar
Maurer, U.: Modelling a public-key infrastructure. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) Computer Security - ESORICS 1996. LNCS, vol. 1146, pp. 325–350. Springer, Heidelberg (1996)
Google Scholar
Bakkali, H.E., Kaitouni, B.I.: Predicate calculus logic for the PKI trust model analysis. In: IEEE International Symposium on Network Computing and Applications (NCA 2001), pp. 368–371. IEEE Press, New York (2001)
Chapter Google Scholar
TCG. TCPA Main Specification version 1.1b. (2006), http://www.trustedcomputinggroup.org/specs/TPM/TCPA_Main_TCG_Architecture_v1_1b.pdf

Download references

Author information

Authors and Affiliations

School of Information Science and Engineering, Northeastern University, 110004, Shenyang, China
Shuyi Chen, Yingyou Wen & Hong Zhao

Authors

Shuyi Chen
View author publications
You can also search for this author in PubMed Google Scholar
Yingyou Wen
View author publications
You can also search for this author in PubMed Google Scholar
Hong Zhao
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Bin Xiao Laurence T. Yang Jianhua Ma Christian Muller-Schloer Yu Hua

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chen, S., Wen, Y., Zhao, H. (2007). Formal Analysis of Secure Bootstrap in Trusted Computing. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds) Autonomic and Trusted Computing. ATC 2007. Lecture Notes in Computer Science, vol 4610. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73547-2_37

Download citation

DOI: https://doi.org/10.1007/978-3-540-73547-2_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73546-5
Online ISBN: 978-3-540-73547-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics