Projects per year
Abstract
Modern PC platforms offer hardware-based virtualization and advanced Trusted Computing mechanisms. Hardware primitives allow the measuring and reporting of software configurations, the separation of application execution environments into isolated partitions and the dynamic switch into a trusted CPU mode.
In this paper we present a practical system architecture which leverages hardware mechanisms found in mass-market off-the-shelf PCs to improve the security of commodity guest operating systems by enforcing the integrity of application images. We enable the platform administrator to freely and deterministically specify the configurations trusted. Furthermore, we describe a set of tools and operational procedures to allow flexible and dynamic configuration management and to guarantee the secure transition between trusted platform configurations. We present our prototype implementation which integrates well with established Linux distributions.
In this paper we present a practical system architecture which leverages hardware mechanisms found in mass-market off-the-shelf PCs to improve the security of commodity guest operating systems by enforcing the integrity of application images. We enable the platform administrator to freely and deterministically specify the configurations trusted. Furthermore, we describe a set of tools and operational procedures to allow flexible and dynamic configuration management and to guarantee the secure transition between trusted platform configurations. We present our prototype implementation which integrates well with established Linux distributions.
Original language | English |
---|---|
Title of host publication | Trusted Systems, Second International Conference, INTRUST 2010, Beijing, China, December 13-15, 2010, Revised Selected Papers |
Place of Publication | Berlin; Heidelberg |
Publisher | Springer Verlag |
Pages | 326-345 |
Volume | 6802 |
ISBN (Print) | 978-3-642-25282-2 |
DOIs | |
Publication status | Accepted/In press - 2011 |
Event | International Conference on Trusted Systems - Beijing, China Duration: 13 Dec 2010 → 15 Dec 2010 |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer Verlag |
Volume | 6802 |
Conference
Conference | International Conference on Trusted Systems |
---|---|
Country/Territory | China |
City | Beijing |
Period | 13/12/10 → 15/12/10 |
Fields of Expertise
- Information, Communication & Computing
Treatment code (Nähere Zuordnung)
- Application
- Experimental
Fingerprint
Dive into the research topics of 'acTvSM: A Dynamic Virtualization Platform for Enforcement of Application Integrity'. Together they form a unique fingerprint.Projects
- 2 Finished
-
acTVsM! - Advanced Cryptographic Trusted Virtual Security Module
Tögl, R., Pirker, M., Niederl, A. & Bloem, R.
1/04/09 → 31/03/11
Project: Research project
-
Trusted Computing
Niederl, A., Lipp, P., Hein, D., Vejda, T., Podesser, S., Tögl, R., Dietrich, K., Bratko, H., Winter, J. & Pirker, M.
1/10/05 → 15/07/19
Project: Research area