Formal Analysis of Trusted Computing: One Case Study

LS2 is the logic to reason about the property of trusted computing. However, it lacks the capability of modeling the isolation provided by virtualization which is often involved in previous trusted computing system. With the support of changed LS2, we model three types of isolation. Moreover, we formally analyze the integrity measurement property of Trust Visor proposed recently which provides the isolated execution environment for security-sensitive code.

[1]  Joshua D. Guttman,et al.  Analysis of a Measured Launch , 2007 .

[2]  Martín Abadi,et al.  A Logical Account of NGSCB , 2004, FORTE.

[3]  Claudia Eckert,et al.  A formal model for virtual machine introspection , 2009, VMSec '09.

[4]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[5]  Carsten Rudolph,et al.  Security Evaluation of Scenarios Based on the TCG's TPM Specification , 2007, ESORICS.

[6]  Dilsun Kirli Kaynar,et al.  A Logic of Secure Systems and its Application to Trusted Computing , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[7]  Bernhard Kauer OSLO: Improving the Security of Trusted Computing , 2007, USENIX Security Symposium.