Open-Source Applications of TCPA Hardware

Summary How can Alice trust computation occurring at Bob’s computer? Since it exists and is becoming ubiquitous, the current-generation TCPA/TCG hardware might enable a solution. When we started investigating this technology, the specification of the TCG software stack was not publicly available, and an implementation is still not; so, we designed and built an open-source platform based on Linux and commercially available TCPA/TCG hardware which would allow us to address the problem of trusting computation. Within the limits of TCPA/TCG hardware security, our solution balances what Alice needs to do to make trust judgments against what Bob needs to do to keep his system running. Furthermore, we describe how we use our platform to harden three sample open-source applications: Apache SSL Web servers, OpenCA certification authorities, and (with SELinux) compartmented attestation to balance privacy with DRM. To our knowledge, our project remains the only opensource. TCPA/TCG platform in existence, and is also enabling trusted computing applications developed by our user community (enforcer.sourceforge.net reports over 1100 sourcecode downloads so far).

[1]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[2]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[3]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[4]  Siani Pearson,et al.  Trusted Computing Platforms: TCPA Technology in Context , 2002 .

[5]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[6]  Sean Smith,et al.  Virtual Hierarchies - An Architecture for Building and Maintaining Efficient and Resilient Trust Chains , 2002 .

[7]  Trent Jaeger,et al.  Analyzing Integrity Protection in the SELinux Example Policy , 2003, USENIX Security Symposium.

[8]  Thorsten von Eicken,et al.  技術解説 IEEE Computer , 1999 .

[9]  Leendert van Doorn,et al.  Take control of TCPA , 2003 .

[10]  Seth D. Schoen,et al.  Trusted Computing: Promise and Risk , 2003 .

[11]  Sean W. Smith,et al.  Securing Web servers against insider attack , 2001, Seventeenth Annual Computer Security Applications Conference.

[12]  Sean W. Smith,et al.  Experimenting with TCPA/TCG Hardware, Or: How I Learned to Stop Worrying and Love The Bear , 2003 .

[13]  Sean W. Smith Outbound authentication for programmable secure coprocessors , 2004, International Journal of Information Security.

[14]  Sean W. Smith,et al.  WebALPS: a survey of E-commerce privacy and security applications , 2001, SECO.

[15]  Michelle J. Gosselin,et al.  Confining the Apache Web Server with Security-Enhanced Linux , 2002 .

[16]  Stephen Smalley,et al.  Configuring the SELinux Policy , 2008 .

[17]  Sean W. Smith,et al.  Trusted S/MIME Gateways , 2003 .

[18]  Calton Pu,et al.  CryptoMark: Locking the Stable door ahead of the Trojan Horse , 2000 .

[19]  Sean W. Smith,et al.  Bear: An Open-Source Virtual Secure Coprocessor based on TCPA , 2003 .

[20]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[21]  David R. Safford The Need for TCPA , 2002 .

[22]  David R. Safford Clarifying Misinformation on TCPA , 2002 .

[23]  John P. McGregor,et al.  Virtual Secure Coprocessing on General-purpose Processors , 2004 .

[24]  Tal Garfinkel,et al.  Flexible OS Support and Applications for Trusted Computing , 2003, HotOS.

[25]  Sean W. Smith,et al.  Secure coprocessing applications and research issues , 1996 .

[26]  Edward W. Felten,et al.  Understanding Trusted Computing: Will Its Benefits Outweigh Its Drawbacks? , 2003, IEEE Secur. Priv..

[27]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[28]  Sean W. Smith,et al.  Privacy-enhanced credential services , 2003 .

[29]  Fred B. Schneider Secure systems conundrum , 2002, CACM.