论文信息 - Security Bootstrap Based on Trusted Computing

Security Bootstrap Based on Trusted Computing

Security bootstrap is pretty important to the platform security, and trusted bootstrap is significant in the research of trusted computing. However, works on trusted bootstrap are relatively less. In this paper, we present a trusted bootstrap framework and related measurements from both hardware and software aspects based on trusted computing. We modify trust chain defined by TCG slightly by introducing a new component called PMBR, to implement a more flexible security bootstrap. Our approach can automatically recover programs being attack-ed. Furthermore, the “attack codes” inserted by attackers and their corresponding physical addresses can be precisely extracted and located respectively. On the other, we theoretically prove the security of the modified trust chain. Our experiments show that it can efficiently detect attacks on boot process.

Yu Chao | Yuan Meng-ting

[1] Han Zhen,et al. Enhancing PC Security with a U-Key , 2006, IEEE Security & Privacy.

[2] K. J. Bma. Integrity considerations for secure computer systems , 1977 .

[3] James Hendricks,et al. Secure bootstrap is not enough: shoring up the trusted computing base , 2004, EW 11.

[4] Robert Thibadeau. Trusted Computing for Disk Drives and Other Peripherals , 2006, IEEE Security & Privacy.

[5] Hong Zhao,et al. Formal Analysis of Secure Bootstrap in Trusted Computing , 2007, ATC.

[6] William A. Arbaugh,et al. A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[7] Dominique Cansell,et al. Integration of Security Policy into System Modeling , 2007, B.

[8] Henry L. Owen,et al. Detecting and categorizing kernel-level rootkits to aid future detection , 2006, IEEE Security & Privacy Magazine.

[9] K J Biba,et al. Integrity Considerations for Secure Computer Systems , 1977 .