Implementing an untrusted operating system on trusted hardware

Operating Systems Review (ACM)

Volumn 37, Issue 5, 2003, Pages 178-192

  Lie, David ^a   Thekkath, Chandramohan A ^b   Horowitz, Mark ^c  

^a UNIVERSITY OF TORONTO   (Canada)

^b MICROSOFT RESEARCH   (United States)

^c STANFORD UNIVERSITY   (United States)

Author keywords

Untrusted Operating Systems; XOM; XOMOS

Indexed keywords

CODES (SYMBOLS); COMPUTER HARDWARE; COMPUTER SIMULATION; COMPUTER SOFTWARE; DATA REDUCTION; PROGRAM PROCESSORS; SIGNAL PROCESSING;

COMPUTING PLATFORMS; SIMULATION SYSTEMS; XOM; XOMOS;

COMPUTER OPERATING SYSTEMS;

EID: 21644458439     PISSN: 01635980     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1165389.945463     Document Type: Conference Paper

References (29)

1. M. J. Accetta, R. V. Baron, W. Bolosky, D. B. Golub, R. F. Rashid, A. Tevanian, and M. W. Young. Mach: A new kernel foundation for UNIX development. In Proceedings of Summer Usenix, pages 93-113, July 1986.
2. W. Arbaugh, D. Farber, and J. Smith. A secure and reliable bootstrap architecture. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 65-71, May 1997.
3. B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan, and K. Yang. On the (im)possibility of obfuscating programs. Lecture Notes in Computer Science, 2139:19-23, 2001.
4. Business Software Alliance, 2003. http://www.bsa.org.
5. J. Daemen and V. Rijmen. AES proposal: Rijndael. Technical report, National Institute of Standards and Technology (NIST), Mar. 2000. Available at http://csrc.nist.gov/encryption/aes/round2/r2algs.htm.
6. P. England, J. DeTreville, and B. Lampson. Digital rights management operating system. U.S. Patent 6,330,670, Dec. 2001.
7. P. England, J. DeTreville, and B. Lampson. Loading and identifying a digital rights management operating system. U.S. Patent 6,327,652. Dec. 2001.
8. D. R. Engler, M. F. Kaashoek, and J. O'Toole. Exokernel: An operating system architecture for application-level resource management. In Proceedings of the 15th ACM Symposium on Operating Systems Principles, pages 251-266, 1995.
9. B. Gassend, E. Suh, D. Clarke, M. van Dijk, and S. Devadas. Caches and merkle trees for efficient memory authentication. In Proceedings of the 9th International Symposium on High Performance Computer Architecture, pages 295-306, Feb. 2003.
10. T. Gilmont, J. Legat, and J. Quisquater. An architecture of security management unit for safe hosting of multiple agents. In Proceedings of the International Workshop on Intelligent Communications and Multimedia Terminals, pages 79-82, Nov. 1998.
11. T. Gilmont, J. Legat, and J. Quisquater. Hardware security for software privacy support. Electronics Letters, 35(24):2096-2097, Nov. 1999.
12. J. Heinrich. MIPS R10000 Microprocessor User's Manual, 2.0 edition, 1996.
13. H. Krawczyk, M. Bellare, and R. Canetti. HMAC: Keyed-hashing for message authentication. http://www.ietf.org/rfc/rfc2104.txt, Feb. 1997.
14. M. Kuhn. The TrustNo1 cryptoprocessor concept. Technical Report CS555, Purdue University, Apr. 1997.
15. B. Lampson, M. Abadi, M. Burrows, and E. Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265-310, Nov. 1992.
16. D. Lie, J. Mitchell, C. A. Thekkath, and M. Horowitz. Specifying and verifying hardware for tamper-resistant software. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, pages 166-178, May 2003.
17. D. Lie, G. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. In Proceedings of the 9th International Conference Architectural Support for Programming Languages and Operating Systems, pages 168-177, Nov. 2000.
18. U. Maheshwari, R. Vingralek, and B. Shapiro. How to build a trusted database system on untrusted storage. In Proceedings of the 4th Symposium on Operating Systems Design and Implementation, pages 135-150, Oct. 2000.
19. J. D. McCalpin. Memory bandwidth and machine balance in current high performance computers. Technical Committee on Computer Architecture (TCCA) Newsletter, Dec. 1995.
20. OpenSSL, 2003. http://www.openssl.org.
21. R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Communications of the ACM, 21(18):120-126, Feb. 1978.
22. M. Rosenblum, E. Bugnion, S. Devine, and S. A. Herrod. Using the SimOS machine simulator to study complex computer systems. Modeling and Computer Simulation, 7(1):78-103, Jan. 1997.
23. J. Rushby. Design and verification of secure systems. ACM Operating Systems Review, SIGOPS, 15(5):12-21, Dec. 1981.
24. J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278-1308, Sept. 1975.
25. SGI IRIX 6.5: Home Page, May 2003. http://www.sgi.com/software/irix6.5.
26. J. S. Shapiro, J. M. Smith, and D. J. Farber. EROS: a fast capability system. In Proceedings of the 17th ACM Symposium on Operating Systems Principles, pages 170-185, Dec. 1999.
27. S. W. Smith, E. R. Palmer, and S. Weingart. Using a high-performance, programmable secure coprocessor. In Financial Cryptography, pages 73-89, Feb. 1998.
28. The Trusted Computing Platform Alliance, 2003. http://www.trustedpc.com.
29. J. D. Tygar and B. Yee. Dyad: A system for using physically secure coprocessors. In Harvard-MIT Workshop on Protection of Intellectual Property, Apr. 1993.