Projekte pro Jahr
Abstract
Modern PC platforms offer hardware-based virtualization and advanced Trusted Computing mechanisms. Hardware primitives allow the measuring and reporting of software configurations, the separation of application execution environments into isolated partitions and the dynamic switch into a trusted CPU mode.
In this paper we present a practical system architecture which leverages hardware mechanisms found in mass-market off-the-shelf PCs to improve the security of commodity guest operating systems by enforcing the integrity of application images. We enable the platform administrator to freely and deterministically specify the configurations trusted. Furthermore, we describe a set of tools and operational procedures to allow flexible and dynamic configuration management and to guarantee the secure transition between trusted platform configurations. We present our prototype implementation which integrates well with established Linux distributions.
In this paper we present a practical system architecture which leverages hardware mechanisms found in mass-market off-the-shelf PCs to improve the security of commodity guest operating systems by enforcing the integrity of application images. We enable the platform administrator to freely and deterministically specify the configurations trusted. Furthermore, we describe a set of tools and operational procedures to allow flexible and dynamic configuration management and to guarantee the secure transition between trusted platform configurations. We present our prototype implementation which integrates well with established Linux distributions.
Originalsprache | englisch |
---|---|
Titel | Trusted Systems, Second International Conference, INTRUST 2010, Beijing, China, December 13-15, 2010, Revised Selected Papers |
Erscheinungsort | Berlin; Heidelberg |
Herausgeber (Verlag) | Springer Verlag |
Seiten | 326-345 |
Band | 6802 |
ISBN (Print) | 978-3-642-25282-2 |
DOIs | |
Publikationsstatus | Angenommen/In Druck - 2011 |
Veranstaltung | International Conference on Trusted Systems - Beijing, China Dauer: 13 Dez. 2010 → 15 Dez. 2010 |
Publikationsreihe
Name | Lecture Notes in Computer Science |
---|---|
Herausgeber (Verlag) | Springer Verlag |
Band | 6802 |
Konferenz
Konferenz | International Conference on Trusted Systems |
---|---|
Land/Gebiet | China |
Ort | Beijing |
Zeitraum | 13/12/10 → 15/12/10 |
Fields of Expertise
- Information, Communication & Computing
Treatment code (Nähere Zuordnung)
- Application
- Experimental
Fingerprint
Untersuchen Sie die Forschungsthemen von „acTvSM: A Dynamic Virtualization Platform for Enforcement of Application Integrity“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 2 Abgeschlossen
-
acTVsM! - Advanced Cryptographic Trusted Virtual Security Module
Tögl, R., Pirker, M., Niederl, A. & Bloem, R.
1/04/09 → 31/03/11
Projekt: Forschungsprojekt
-
Trusted Computing
Niederl, A., Lipp, P., Hein, D., Vejda, T., Podesser, S., Tögl, R., Dietrich, K., Bratko, H., Winter, J. & Pirker, M.
1/10/05 → 15/07/19
Projekt: Arbeitsgebiet