New Directions for Hardware-assisted Trusted Computing Policies (Position Paper)
نویسندگان
چکیده
The basic technological building blocks of the TCG architecture seem to be stabilizing. As a result, we believe that the focus of the Trusted Computing (TC) discipline must naturally shift from the design and implementation of the hardware root of trust (and the subsequent trust chain) to the higher-level application policies. Such policies must build on these primitives to express new sets of security goals. We highlight the relationship between enforcing these types of policies and debugging, since both activities establish the link between expected and actual application behavior. We argue that this new class of policies better fits developers’ mental models of expected application behaviors, and we suggest a hardware design direction for enabling the efficient interpretation of such policies.
منابع مشابه
Client-side access control enforcement using trusted computing and PEI models
It has been recognized for some time that software alone does not provide an adequate foundation for building a high-assurance trusted platform. The emergence of industry-standard trusted computing technologies promises a revolution in this respect by providing roots of trust upon which secure applications can be developed. These technologies offer a particularly attractive platform for securit...
متن کاملTrust and Protection in the Illinois Browser Operating System
Current web browsers are complex, have enormous trusted computing bases, and provide attackers with easy access to modern computer systems. In this paper we introduce the Illinois Browser Operating System (IBOS), a new operating system and a new browser that reduces the trusted computing base for web browsers. In our architecture we expose browser-level abstractions at the lowest software layer...
متن کاملTrends and Directions in Trusted Computing: Models, Architectures and Technologies
Until recently, all the security measures have addressed servers or networks while clients or network endpoints have missed the required security concerns relatively. Most of the mechanisms safeguarding endpoints (clients) are software based. Making endpoints survive in open and reasonably exposed environments-like internet-demand that client security should stand by a tried and true dependence...
متن کاملTrusted Computing: Promise and Risk
Introduction Computer security is undeniably important, and as new vulnerabilities are discovered and exploited, the perceived need for new security solutions grows. "Trusted computing" initiatives propose to solve some of today's security problems through hardware changes to the personal computer. Changing hardware design isn't inherently suspicious, but the leading trusted computing proposals...
متن کاملTowards a Virtual Trusted Platform
The advances and adoption of Trusted Computing and hardware assisted virtualisation technologies in standard PC platforms promise new approaches in building a robust virtualisation platform for security sensitive software modules. The amalgam of these technologies allows an attractive off-the-shelf environment, capable of supporting security levels potentially higher than commonly deployed toda...
متن کامل