Article

Secure bootstrap is not enough: shoring up the trusted computing base

Authors:

James Hendricks,

Leendert van DoornAuthors Info & Claims

EW 11: Proceedings of the 11th workshop on ACM SIGOPS European workshop

Pages 11 - es

https://doi.org/10.1145/1133572.1133600

Published: 19 September 2004 Publication History

Abstract

We propose augmenting secure boot with a mechanism to protect against compromises to field-upgradeable devices. In particular, secure boot standards should verify the firmware of all devices in the computer, not just devices that are accessible by the host CPU. Modern computers contain many autonomous processing elements, such as disk controllers, disks, network adapters, and coprocessors, that all have field-upgradeable firmware and are an essential component of the computer system's trust model. Ignoring these devices opens the system to attacks similar to those secure boot was engineered to defeat.

References

[1]

W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 65--71, May 1997.

Digital Library

[2]

Arm storage: Seagate-Cheetah family of disk drives. http://www.arm.com/markets/armpp/462.html.

[3]

J. Davidson. Chips to crack Xbox released on internet. Australian Financial Review, page 16 (Computers), 21 Jun 2003.

[4]

P. England, B. Lampson, J. Manferdelli, M. Peinado, and B. Willman. A trusted open platform. Computer, 36(7):55--62, 2003.

Digital Library

[5]

LinuxBIOS. http://www.linuxbios.org.

[6]

Myricom home page. http://www.myrinet.com.

[7]

J. R. Rao and P. Rohatgi. EMpowering side-channel attacks. Technical Report 2001/037, IBM, 2001.

[8]

R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the 13th Usenix Security Symposium, August 2004.

Digital Library

[9]

T. Smith. Warner attempts to out-hack DVD hackers. http://www.theregister.co.uk/content/2/13834.html, Sep 2000.

[10]

C. A. N. Soules, G. R. Goodson, J. D. Strunk, and G. R. Ganger. Metadata efficiency in versioning file systems. In Proceedings of the 2nd Usenix Conference on File and Storage Technologies, San Francisco, CA, Mar 2003.

Digital Library

[11]

G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. Aegis: Architecture for tamper-evident and tamper-resistant processing. In Proceedings of the 17th annual international conference on Supercomputing, pages 160--171. ACM Press, 2003.

Digital Library

[12]

D. L. C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. In Proceedings of the ninth international conference on Architectural support for programming languages and operating systems, pages 168--177. ACM Press, 2000.

Digital Library

[13]

The Trusted Computing Group: Home. http://www.trustedcomputinggroup.org.

[14]

The Trusted Computing Group. TPM Main: Part I Design Principles, Oct 2003.

[15]

The Trusted Gomputing Group. TCG PC Specific Implementation Specification, Aug 2003.

[16]

U.S. National Institute of Standards and Technology. Security Requirements for Cryptographic Modules, Jan 1994. FIPS PUB 140--2.

[17]

R. Wojtczuk. Defeating solar designer's non-executable stack patch. http://www.insecure.org/sploits/nonexecutable.stack.problems.html, Jan 1998.

Cited By

Zhao LShuang HXu SHuang WCui RBettadpur PLie D(2024)A Survey of Hardware Improvements to Secure Program ExecutionACM Computing Surveys10.1145/367239256:12(1-37)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1145/3672392
Nasser YNassar M(2023)Toward Hardware-Assisted Malware Detection Utilizing Explainable Machine Learning: A SurveyIEEE Access10.1109/ACCESS.2023.333518711(131273-131288)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3335187
Muduli SPotanin A(2022)Verification of Hardware and Software with Fuzzing and ProofsCompanion Proceedings of the 2022 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3563768.3565549(34-37)Online publication date: 29-Nov-2022
https://dl.acm.org/doi/10.1145/3563768.3565549
Show More Cited By

Secure bootstrap is not enough: shoring up the trusted computing base
1. Security and privacy
  1. Systems security
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Just Enough UNIX
A Secure Bootstrap Based on Trusted Computing
NISS '09: Proceedings of the 2009 International Conference on New Trends in Information and Service Science

A secure bootstrap is critical to boot operating system kernel into a trusted state. This paper presents an approach for the secure bootstrap based on trusted computing technology. The hardware base for our approach is the trusted computer, and the ...
Secure bit: buffer-overflow protection

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EW 11: Proceedings of the 11th workshop on ACM SIGOPS European workshop

September 2004

214 pages

ISBN:9781450378079

DOI:10.1145/1133572

General Chair:
Yolande Berbers
K. U. Leuven, Leuven (Heverlee), Belgium
,
Program Chair:
Miguel Castro
Microsoft Research Ltd., Cambridge, UK

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 September 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

EW04

Sponsor:

SIGOPS

EW04: ACM SIGOPS European Workshop 2004

September 19 - 22, 2004

Leuven, Belgium

Acceptance Rates

EW 11 Paper Acceptance Rate 37 of 37 submissions, 100%;

Overall Acceptance Rate 37 of 37 submissions, 100%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

29
Total Citations
View Citations
651
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)3

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhao LShuang HXu SHuang WCui RBettadpur PLie D(2024)A Survey of Hardware Improvements to Secure Program ExecutionACM Computing Surveys10.1145/367239256:12(1-37)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1145/3672392
Nasser YNassar M(2023)Toward Hardware-Assisted Malware Detection Utilizing Explainable Machine Learning: A SurveyIEEE Access10.1109/ACCESS.2023.333518711(131273-131288)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3335187
Muduli SPotanin A(2022)Verification of Hardware and Software with Fuzzing and ProofsCompanion Proceedings of the 2022 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3563768.3565549(34-37)Online publication date: 29-Nov-2022
https://dl.acm.org/doi/10.1145/3563768.3565549
Sabharwal MMakhmadiyarovich Nazarov FEshtemirov B(2022)Effectiveness Analysis Of Blockchain Mechanisms Using Consensus Algorithms2022 4th International Conference on Advances in Computing, Communication Control and Networking (ICAC3N)10.1109/ICAC3N56670.2022.10074408(2529-2533)Online publication date: 16-Dec-2022
https://doi.org/10.1109/ICAC3N56670.2022.10074408
Ulz THaas SSteger C(2021)Cyber-Physical System and Internet of Things SecurityResearch Anthology on Combating Denial-of-Service Attacks10.4018/978-1-7998-5348-0.ch018(328-357)Online publication date: 2021
https://doi.org/10.4018/978-1-7998-5348-0.ch018
Muduli STakhar GSubramanyan PXie Y(2020)Hyperfuzzing for SoC security validationProceedings of the 39th International Conference on Computer-Aided Design10.1145/3400302.3415709(1-9)Online publication date: 2-Nov-2020
https://dl.acm.org/doi/10.1145/3400302.3415709
Bin NDejian LZhangjian LLixin YZhihua BLonglong HSheng L(2020)Research and design of Bootrom supporting secure boot mode2020 International Symposium on Computer Engineering and Intelligent Communications (ISCEIC)10.1109/ISCEIC51027.2020.00009(5-8)Online publication date: Aug-2020
https://doi.org/10.1109/ISCEIC51027.2020.00009
Muduli SSubramanyan PRay S(2019)Verification of Authenticated Firmware Loaders2019 Formal Methods in Computer Aided Design (FMCAD)10.23919/FMCAD.2019.8894262(110-119)Online publication date: Oct-2019
https://doi.org/10.23919/FMCAD.2019.8894262
Cui PGuin USkjellum AUmphress D(2019)Blockchain in IoT: Current Trends, Challenges, and Future RoadmapJournal of Hardware and Systems Security10.1007/s41635-019-00079-5Online publication date: 4-Nov-2019
https://doi.org/10.1007/s41635-019-00079-5
Velciu VStancu FChiroiu M(2019)HiddenApp - Securing Linux Applications Using ARM TrustZoneInnovative Security Solutions for Information Technology and Communications10.1007/978-3-030-12942-2_5(41-52)Online publication date: 6-Feb-2019
https://doi.org/10.1007/978-3-030-12942-2_5
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten