Implementing an application-specific credential platform using late-launched mobile trusted module

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2010, Pages 21-30

  Bugiel, Sven ^a   Ekberg, Jan Erik ^b  

^a ROYAL INSTITUTE OF TECHNOLOGY   (Sweden)

^b NOKIA RESEARCH CENTER   (United States)

Author keywords

credentials; drtm; flicker; mtm; secure hardware; software security; trusted computing

Indexed keywords

CREDENTIALS; DRTM; FLICKER; MTM; SECURE HARDWARE; SOFTWARE SECURITY; TRUSTED COMPUTING;

EID: 78650185193     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1867635.1867641     Document Type: Conference Paper

References (29)

1. TrustedGRUB. http://sourceforge.net/projects/trustedgrub/.
2. Advanced Micro Devices. AMD64 Virtualization: Secure Virtual Machine Architecture Reference Manual, May 2005. Publication mo. 33047, rev. 3.0.
3. Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffrey Dwoskin, and Dan R. K. Ports. Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems. In Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '08), Seattle, WA, USA, March 2008.
4. Lucas Davi, Ahmad-Reza Sadeghi, and Marcel Winandy. Dynamic Integrity Measurement and Attestation: Towards Defense Against Return-Oriented Programming Attacks. In STC '09: Proceedings of the 2009 ACM workshop on Scalable trusted computing, pages 49-54, New York, NY, USA, 2009. ACM.
5. Kurt Dietrich. An integrated architecture for trusted computing for java enabled embedded devices. In STC '07: Proceedings of the 2007 ACM workshop on Scalable trusted computing, pages 2-6, New York, NY, USA, 2007. ACM.
6. Jan-Erik Ekberg and Sven Bugiel. Trust in a Small Package: Minimized MRTM Software Implementation for Mobile Secure Environments. In STC '09: Proceedings of the 2009 ACM workshop on Scalable trusted computing, pages 9-18, New York, NY, USA, 2009. ACM.
7. Sebastian Gajek, Hans Löhr, Ahmad-Reza Sadeghi, and Marcel Winandy. TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication. In STC '09: Proceedings of the 2009 ACM workshop on Scalable trusted computing, pages 19-28, New York, NY, USA, 2009. ACM.
8. Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Terra: A virtual machine-based platform for trusted computing. SIGOPS Oper. Syst. Rev., 37(5):193-206, 2003.
9. Joo-Young Hwang, Sang-Bum Suh, Sung-Kwan Heo, Chan-Ju Park, Jae-Min Ryu, Seong-Yeol Park, and Chul-Ryun Kim. Xen on ARM: System Virtualization Using Xen Hypervisor for ARM-Based Secure Mobile Phones. In Consumer Communications and Networking Conference, 2008. CCNC 2008. 5th IEEE, pages 257-261, January 2008.
10. Intel Corporation. tboot, 2009. http://tboot.sourceforge.net/.
11. Intel Corporation. Trusted eXecution Technology (TXT) - Measured Launched Environment Developer's Guide, December 2009.
12. Trent Jaeger, Reiner Sailer, and Umesh Shankar. PRIMA: Policy-Reduced Integrity Measurement Architecture. In SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies, pages 19-28, New York, NY, USA, 2006. ACM.
13. Bernhard Kauer. OSLO: Improving the security of Trusted Computing. In SS'07: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pages 1-9, Berkeley, CA, USA, 2007. USENIX Association.
14. Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood. seL4: formal verification of an OS kernel. In SOSP '09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, pages 207-220, New York, NY, USA, 2009. ACM.
15. Kari Kostiainen, Jan-Erik Ekberg, N. Asokan, and Aarne Rantala. On-board credentials with open provisioning. In ASIACCS '09: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pages 104-115, New York, NY, USA, 2009. ACM.
16. M. Lorch, J. Basney, and D. Kafura. A hardware-secured credential repository for Grid PKIs. In CCGRID '04: Proceedings of the 2004 IEEE International Symposium on Cluster Computing and the Grid, pages 640-647, Washington, DC, USA, 2004. IEEE Computer Society.
17. Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil Gligor, and Adrian Perrig. TrustVisor: Efficient TCB Reduction and Attestation. In IEEE Symposium on Security and Privacy. IEEE Computer Society, 2010.
18. Jonathan M. McCune, Bryan J. Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. Flicker: An Execution Infrastructure for TCB Minimization. In Eurosys '08: Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008, pages 315-328, New York, NY, USA, 2008. ACM.
19. Reiner Sailer, Xiaolan Zhang, Trent Jaeger, and Leendert van Doorn. Design and Implementation of a TCG-based Integrity Measurement Architecture. In SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pages 16-16, Berkeley, CA, USA, 2004. USENIX Association.
20. Luis F. G. Sarmenta, Marten van Dijk, Charles W. O'Donnell, Jonathan Rhodes, and Srinivas Devadas. Virtual Monotonic Counters and Count-Limited Objects using a TPM without a Trusted OS. In STC '06: Proceedings of the first ACM workshop on Scalable trusted computing, pages 27-42, New York, NY, USA, 2006. ACM.
21. Andreas U. Schmidt, Nicolai Kuntze, and Michael Kasper. On the deployment of Mobile Trusted Modules, 2007.
22. Arvind Seshadri, Mark Luk, Ning Qu, and Adrian Perrig. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes. In SOSP '07: Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, pages 335-350, New York, NY, USA, 2007. ACM.
23. Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla. Pioneer: Verifying Code Integrity and Enforcing Untampered Code execution on Legacy Systems. In SOSP '05: Proceedings of the twentieth ACM symposium on Operating systems principles, pages 1-16, New York, NY, USA, 2005. ACM.
24. Lenin Singaravelu, Calton Pu, Hermann Härtig, and Christian Helmuth. Reducing TCB Complexity for Security-Sensitive Applications: Three Case Studies. SIGOPS Oper. Syst. Rev., 40(4):161-174, 2006.
25. Trusted Computing Group. Mobile Trusted Module (MTM) Specification. Version 1.0 Revision 6, 26 June 2008.
26. Trusted Computing Group. TCG Mobile Reference Architecture Specification. Version 1.0 Revision 1, 12 June 2007.
27. Trusted Computing Group. TCG Software Stack (TSS). Specification Version 1.2 Level 1 Errata A, 7 March 2007.
28. Trusted Computing Group. Trusted Platform Module (TPM) Main Specification. Version 1.2 Revision 103, 9 July 2007.
29. Johannes Winter. Trusted computing building blocks for embedded linux-based ARM trustzone platforms. In STC '08: Proceedings of the 3rd ACM workshop on Scalable trusted computing, pages 21-30, New York, NY, USA, 2008. ACM.