Bootstrapping Trust in Modern Computers
1st Edition
Published on 27. August 2011
IX, 101 pages
978-1-4614-1460-5 (ISBN)
Description
Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. We examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g., to convince the user that her computer is not infected with malware) and for communicating a remote computer's state (e.g., to enable the user to check that a web server will adequately protect her data). Although the recent "Trusted Computing" initiative has drawn both positive and negative attention to this area, we consider the older and broader topic of bootstrapping trust in a computer. We cover issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans. This approach unifies disparate research efforts and highlights opportunities for additional work that can guide real-world improvements in computer security.
More details
Other editions
Additional editions
Bryan Parno | Jonathan M. McCune | Adrian Perrig
Bootstrapping Trust in Modern Computers
Book
08/2011
1st Edition
Springer
€53.49
Shipment within 15-20 days
Content
- Intro
- Bootstrapping Trust in Modern Computers
- Acknowledgements
- Contents
- Acronyms
- Abstract and Keywords
- 1 Introduction
- 2 What Do We Need to Know? Techniques for Recording Platform State
- 2.1 Recording Code Identity
- Why Code Identity?
- What Code Needs To Be Recorded?
- Who Performs the Measurements?
- How Can Measurements Be Secured?
- TPM-Based Measurement Example
- 2.2 Recording Dynamic Properties
- 2.3 Which Property is Necessary?
- 3 Can We Use Platform Information Locally?
- 3.1 Secure Boot
- 3.2 Storage Access Control Based on Code Identity
- 3.2.1 Tamper-Responding Protected Storage
- 3.2.2 TPM-Based Sealed Storage
- Sealing Data
- Binding Data
- Employing NVRAM
- Replay Issues
- TPM-Based Sealed Storage Example
- 4 Can We Use Platform Information Remotely?
- 4.1 Prerequisites
- 4.2 Conveying Code Measurement Chains
- 4.2.1 General Purpose Coprocessor-Based Attestation
- 4.2.2 TPM-Based Attestation
- Preventing Reboot Attacks
- Linking Code Identity to Secure Channels
- 4.3 Privacy Concerns
- 4.3.1 Identity Certificate Authorities
- 4.3.2 Direct Anonymous Attestation
- 5 How Do We Make Sense of Platform State?
- 5.1 Coping With Information Overload
- 5.2 Focusing on Security-Relevant Code
- Privilege Layering via the Operating System
- Privilege Layering via Virtualization
- Hardware-Supported Isolation: System-Management Mode
- Hardware-Supported Isolation: Dynamic Root of Trust for Measurement
- Slicing and Privilege Separation
- 5.3 Conveying Higher-Level Information
- Code Constraints
- Outsourcing
- 6 Roots of Trust
- 6.1 General-Purpose Tamper-Resistant and Tamper-Responding Devices
- 6.1.1 Commercial Solutions
- 6.1.2 Research Projects
- 6.2 General-Purpose Devices Without Physical Defenses
- TPM-equipped Platforms
- MTM-equipped Platforms
- Smart Cards
- 6.3 Special-Purpose Minimal Devices
- Preventing Equivocation
- Physical Unclonable Functions (PUFs)
- 6.4 Research Solutions Without Hardware Support
- 7 Challenges in Bootstrapping Trust in Secure Hardware
- 7.1 Problem Definition
- 7.1.1 Informal Problem Description
- 7.1.2 Formal Model
- 7.2 Potential Solutions
- 7.2.1 Removing Network Access
- 7.2.2 Eliminating Malware
- 7.2.3 Establishing a Secure Channel
- Hardware-Based Secure Channels
- Cryptographic Secure Channels
- 7.3 Preferred Solutions
- 8 Validating the Process
- 9 Applications
- 9.1 Real World
- Code Access Security in Microsoft .NET
- BitLocker
- Trusted Network Connect (TNC)
- Secure Boot on Mobile Phones
- Voting Machines
- 9.2 Research Proposals
- 10 Implementing Trust Bootstrapping: Open Source Tools
- 10.1 Component Packages
- 10.2 Complete Distributions or LiveCDs
- 11 Human Factors & Usability
- 11.1 Trustworthy Verifier Devices
- 11.1.1 Overview
- Security-Sensitive Interactive Transactions
- Specialized Computing Devices
- Privacy Issues
- 11.1.2 User-Observable Verification
- Software Design Simplicity
- Commodity Hardware
- Universal Physical Connectivity
- Wired Interface
- User Interface Simplicity
- 11.2 Using Your Brain to Check a Computer
- 11.3 Pairing Two Trustworthy Devices
- 12 Limitations
- 12.1 Load-Time Versus Run-Time Guarantees
- 12.2 Hardware Attacks
- 13 Additional Reading
- 13.1 Books
- Trusted Computing Platforms: TCPA Technology in Context
- Trusted Computing Platforms: Design and Applications
- Trusted Computing
- A Practical Guide to Trusted Computing
- Dynamics of a Trusted Platform
- 13.2 Conference and Workshop Proceedings
- 14 Summary
- References
- Index
