research-article

How low can you go?: recommendations for hardware-supported minimal TCB code execution

Authors:

Jonathan M. McCune,

Michael K. Reiter,

Arvind SeshadriAuthors Info & Claims

ASPLOS XIII: Proceedings of the 13th international conference on Architectural support for programming languages and operating systems

Pages 14 - 25

https://doi.org/10.1145/1346281.1346285

Published: 01 March 2008 Publication History

Abstract

We explore the extent to which newly available CPU-based security technology can reduce the Trusted Computing Base (TCB) for security-sensitive applications. We find that although this new technology represents a step in the right direction, significant performance issues remain. We offer several suggestions that leverage existing processor technology, retain security, and improve performance. Implementing these recommendations will finally allow application developers to focus exclusively on the security of their own code, enabling it to execute in isolation from the numerous vulnerabilities in the underlying layers of legacy code.

Supplementary Material

JPG File (1346285.jpg)

Download
13.28 KB

index.html (index.html)

Slides from the presentation

Download
.94 KB

ZIP File (p14-mccune-slides.zip)

Supplemental material for How low can you go?: recommendations for hardware-supported minimal TCB code execution

Download
20.92 MB

Audio only (1346285.mp3)

Download
8.33 MB

Video (1346285.mp4)

Download
115.46 MB

References

[1]

Advanced Micro Devices. AMD64 architecture programmer's manual: Volume 2: System programming. AMD Publication no. 24594 rev. 3.11, Dec. 2005.

[2]

Advanced Micro Devices. AMD64 virtualization: Secure virtual machine architecture reference manual. AMD Publication no. 33047 rev. 3.01, May 2005.

[3]

D.P. Anderson, J. Cobb, E. Korpela, M. Lebofsky, and D. Werthimer. SETI@Home: An experiment in public-resource computing. Communications of the ACM, 45(11):56--61, 2002.

Digital Library

[4]

W.A. Arbaugh, D.J. Farber, and J.M. Smith. A reliable bootstrap architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, May 1997.

Digital Library

[5]

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the Symposium on Operating Systems Principles, 2003.

Digital Library

[6]

S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. IEEE Transactions on Software Engineering, 30(6), 2004.

Digital Library

[7]

J.G. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S.W. Smith, and S. Weingart. Building the IBM 4758 secure coprocessor. IEEE Computer, 34(10):57--66, 2001.

Digital Library

[8]

D. Grawrock. The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press, 2006.

[9]

Intel Corporation. Intel low pin count (LPC) interface specification. Revision 1.1, Aug. 2002.

[10]

Intel Corporation. LaGrande technology preliminary architecture specification. Intel Publication no. D52212, May 2006.

[11]

Intel Corporation. Trusted eXecution Technology -- preliminary architecture specification and enabling considerations. Document number 31516803, Nov. 2006.

[12]

P. Jones. RFC3174: US Secure Hash Algorithm 1 (SHA-1). http://www.faqs.org/rfcs/rfc3174.html, Sept. 2001.

[13]

J. Kuskin, D. Ofelt, M. Heinrich, J. Heinlein, R. Simoni, K. Gharachorloo, J. Chapin, D. Nakahira, J. Baxter, M. Horowitz, A. Gupta, M. Rosenblum, and J. Hennessy. The Stanford FLASH multiprocessor. In Proceedings of the Symposium on Computer Architecture, Apr. 1994.

Digital Library

[14]

D. Lie, C.A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J.C. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. In Architectural Support for Programming Languages and Operating Systems, 2000.

Digital Library

[15]

D. Magenheimer. Xen/IA64 code size stats. Xen developer's mailing list: http://lists.xensource.com/, Sept. 2005.

[16]

J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, and H. Isozaki. An execution infrastructure for TCB minimization. Technical Report CMU-CyLab-07-018, Carnegie Mellon University, Dec. 2007.

[17]

J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, and A. Seshadri. Minimal TCB code execution (extended abstract). In Proceedings of the IEEE Symposium on Security and Privacy, May 2007.

Digital Library

[18]

R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J.L. Griffin, and S. Berger. sHype: Secure hypervisor approach to trusted virtualized systems. Technical Report RC23511, IBM Research, Feb. 2005.

[19]

R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the USENIX Security Symposium, 2004.

Digital Library

[20]

A. Seshadri, M. Luk, E. Shi, A. Perrig, L. VanDoorn, and P. Khosla. Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms. In Proceedings of the Symposium on Operating Systems Principals (SOSP), 2005.

Digital Library

[21]

T. Shanley. The Unabridged Pentium 4. Addison Wesley, first edition edition, August 2004.

[22]

E. Shi, A. Perrig, and L. van Doorn. BIND: A time-of-use attestation service for secure distributed systems. In Proceedings of IEEE Symposium on Security and Privacy, May 2005.

Digital Library

[23]

G.E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: Architecture for tamper-evident and tamper-resistant processing. In Proceedings of the International Conference on Supercomputing, 2003.

Digital Library

[24]

Trusted Computing Group. PC client specific TPM interface specification (TIS). Version 1.2, Revision 1.00, July 2005.

[25]

Trusted Computing Group. Trusted platform module main specification. Version 1.2, Revision 94, Mar. 2006.

[26]

B. S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.

Cited By

Küçük KGrawrock DMartin A(2019)Managing confidentiality leaks through private algorithms on Software Guard eXtensions (SGX) enclavesEURASIP Journal on Information Security10.1186/s13635-019-0091-52019:1Online publication date: 5-Sep-2019
https://doi.org/10.1186/s13635-019-0091-5
Evtyushkin DElwell JOzsoy MPonomarev DGhazaleh NRiley R(2018)Flexible Hardware-Managed Isolated Execution: Architecture, Software Support and ApplicationsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2016.259628715:3(437-451)Online publication date: 1-May-2018
https://doi.org/10.1109/TDSC.2016.2596287
Lu HCui XWang LJiang YJia R(2018)A Trusted Computing Base for Information System Classified ProtectionCloud Computing and Security10.1007/978-3-030-00006-6_22(253-262)Online publication date: 1-Nov-2018
https://doi.org/10.1007/978-3-030-00006-6_22
Show More Cited By

Index Terms

Recommendations

How low can you go?: recommendations for hardware-supported minimal TCB code execution
ASPLOS '08

We explore the extent to which newly available CPU-based security technology can reduce the Trusted Computing Base (TCB) for security-sensitive applications. We find that although this new technology represents a step in the right direction, significant ...
How low can you go?: recommendations for hardware-supported minimal TCB code execution
ASPLOS '08

We explore the extent to which newly available CPU-based security technology can reduce the Trusted Computing Base (TCB) for security-sensitive applications. We find that although this new technology represents a step in the right direction, significant ...
How low can you go?: recommendations for hardware-supported minimal TCB code execution
ASPLOS '08

We explore the extent to which newly available CPU-based security technology can reduce the Trusted Computing Base (TCB) for security-sensitive applications. We find that although this new technology represents a step in the right direction, significant ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASPLOS XIII: Proceedings of the 13th international conference on Architectural support for programming languages and operating systems

March 2008

352 pages

ISBN:9781595939586

DOI:10.1145/1346281

General Chair:
Susan Eggers
University of Washington, USA
,
Program Chair:
James Larus
Microsoft Research, USA

ACM SIGOPS Operating Systems Review Volume 42, Issue 2
ASPLOS '08
March 2008
339 pages
ISSN:0163-5980
DOI:10.1145/1353535
Issue’s Table of Contents
ACM SIGPLAN Notices Volume 43, Issue 3
ASPLOS '08
March 2008
339 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1353536
Issue’s Table of Contents
ACM SIGARCH Computer Architecture News Volume 36, Issue 1
ASPLOS '08
March 2008
339 pages
ISSN:0163-5964
DOI:10.1145/1353534
Issue’s Table of Contents

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASPLOS08

Sponsor:

ASPLOS08: Architectural Support for Programming Languages and Operating Systems

March 1 - 5, 2008

WA, Seattle, USA

Acceptance Rates

ASPLOS XIII Paper Acceptance Rate 31 of 127 submissions, 24%;

Overall Acceptance Rate 535 of 2,713 submissions, 20%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
1,292
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Küçük KGrawrock DMartin A(2019)Managing confidentiality leaks through private algorithms on Software Guard eXtensions (SGX) enclavesEURASIP Journal on Information Security10.1186/s13635-019-0091-52019:1Online publication date: 5-Sep-2019
https://doi.org/10.1186/s13635-019-0091-5
Evtyushkin DElwell JOzsoy MPonomarev DGhazaleh NRiley R(2018)Flexible Hardware-Managed Isolated Execution: Architecture, Software Support and ApplicationsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2016.259628715:3(437-451)Online publication date: 1-May-2018
https://doi.org/10.1109/TDSC.2016.2596287
Lu HCui XWang LJiang YJia R(2018)A Trusted Computing Base for Information System Classified ProtectionCloud Computing and Security10.1007/978-3-030-00006-6_22(253-262)Online publication date: 1-Nov-2018
https://doi.org/10.1007/978-3-030-00006-6_22
Fetzer CMazzeo GOliver JRomano LVerburg M(2017)Integrating Reactive Cloud Applications in SERECAProceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3105820(1-8)Online publication date: 29-Aug-2017
https://dl.acm.org/doi/10.1145/3098954.3105820
Wu TYang QHe Y(2017)A secure and rapid response architecture for virtual machine migration from an untrusted hypervisor to a trusted oneFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-016-5190-611:5(821-835)Online publication date: 1-Oct-2017
https://dl.acm.org/doi/10.1007/s11704-016-5190-6
Brasser FRasmussen KSadeghi ATsudik G(2016)Remote attestation for low-end embedded devicesProceedings of the 53rd Annual Design Automation Conference10.1145/2897937.2898083(1-6)Online publication date: 5-Jun-2016
https://dl.acm.org/doi/10.1145/2897937.2898083
Francillon ANguyen QRasmussen KTsudik GFettweis GNebel W(2014)A minimalist approach to remote attestationProceedings of the conference on Design, Automation & Test in Europe10.5555/2616606.2616905(1-6)Online publication date: 24-Mar-2014
https://dl.acm.org/doi/10.5555/2616606.2616905
Parno B(2014)BibliographyTrust Extension as a Mechanism for Secure Code Execution on Commodity Computers10.1145/2611399.2611408Online publication date: 5-Jun-2014
https://dl.acm.org/doi/10.1145/2611399.2611408
Owusu EGuajardo JMcCune JNewsome JPerrig AVasudevan ASadeghi AGligor VYung M(2013)OASISProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2516678(13-24)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2508859.2516678
Hofmann OKim SDunn ALee MWitchel E(2013)InkTagACM SIGPLAN Notices10.1145/2499368.245114648:4(265-278)Online publication date: 16-Mar-2013
https://dl.acm.org/doi/10.1145/2499368.2451146
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten