AI helps you reading Science

AI generates interpretation videos

AI extracts and analyses the key points of the paper to generate videos automatically


pub
Go Generating

AI Traceability

AI parses the academic lineage of this thesis


Master Reading Tree
Generate MRT

AI Insight

AI extracts a summary of this paper


Weibo:
Attestation Identity Keys have been certified based on an endorsement key that was previously tied to the hardware platform through a chain, as we have shown in the first two solutions, the Attestation Identity Keys must be invalidated once the Virtual Machine is resumed on the t...

vTPM: virtualizing the trusted platform module

USENIX Security, pp.305-+, (2006)

Cited by: 643|Views158
EI
Full Text
Bibtex
Weibo

Abstract

We present the design and implementation of a system that enables trusted computing for an unlimited number of virtual machines on a single hardware platform. To this end, we virtualized the Trusted Platform Module (TPM). As a result, the TPM's secure storage and cryptographic functions are available to operating systems and applications ...More

Code:

Data:

Introduction
  • Hardware virtualization has enjoyed a rapid resurgence in recent years as a way to reduce the total cost of ownership of computer systems [5].
  • Its implementation is available as a chip that is physically attached to a platform’s motherboard and controlled by software running on the system using well-defined commands [11]
  • It provides cryptographic operations such as asymmetric key generation, decryption, encryption, signing and migration of keys between TPMs, as well as random number generation and hashing.
Highlights
  • Hardware virtualization has enjoyed a rapid resurgence in recent years as a way to reduce the total cost of ownership of computer systems [5]
  • We have extended the Xen hypervisor tools to support virtual Trusted Platform Module devices. xm, the Xen Management tool, parses the virtual machine configuration file and, if specified, recognizes that a virtual Trusted Platform Module instance must be associated with a virtual machine. xend, the Xen Daemon, makes entries in the xenstore [22] directory that indicate in which domain the Trusted Platform Module backend is located
  • For example, Attestation Identity Keys have been certified based on an endorsement key that was previously tied to the hardware platform through a chain, as we have shown in the first two solutions, the Attestation Identity Keys must be invalidated once the Virtual Machine is resumed on the target platform since the link to the old platform has been broken
  • Whereas usually virtualization of hardware devices can be achieved through software emulation, we have demonstrated that this is not sufficient in the case of the Trusted Platform Module
  • Certificates that may exist for hardware Trusted Platform Module and vouch for strong security properties need to be issued for virtual Trusted Platform Module instances’ endorsement keys
  • These certificates can naturally not represent the same properties for a virtual Trusted Platform Module process running in user space
Conclusion
  • Discussion and Future

    Work

    In section 3 the authors introduced the requirements that an architecture for enabling TPM support in a virtual environment must fulfill.
  • All existing TPM V 1.2 commands are available to a user domain and the TPM command format remains unchanged.The authors have designed and implemented a system that provides trusted computing functionality to every virtual machine on a virtualized hardware platform.
  • Certificates that may exist for hardware TPMs and vouch for strong security properties need to be issued for virtual TPM instances’ endorsement keys.
  • Virtual TPM migration can create further problems if certificate chains that have been established break or trust must be reestablished
Tables
  • Table1: Comparison of TPM Implementations in the virtual TPM with these measurements. This sequence of measurements is part of the setup process of the vTPM instance (see Section 4.4). As the user virtual machine continues to run, the IMA-enhanced kernel in that virtual machine also extends a virtual PCR with measurements of every application that is loaded
  • Table2: Comparison of Methods to Issue Certificates for AIKs strong connection between the virtual TPM and the hardware TPM is desired, then one of solution 1,2 or 4 should be implemented. However, it will be necessary in this case to invalidate the chained certificates and keys after migration in order to reestablish a chain to the new hardware root of trust. In that respect our second solution offers better support for a dynamic environment, since here only the AIKs of the virtualized environment need to be recreated and certified. The first solution would eventually have to place the EK’ certificate on a revocation list and create a new EK
Download tables as Excel
Related work
  • The Xen open-source repository [27] contains a limited virtual TPM implementation comprised of combined contributions by Intel Corporation and the authors of this paper. Our contributions to Xen so far include the virtual TPM driver pair (front- and back-end drivers), hotplug scripts, and changes to Xen’s management tools. We kept this infrastructure modular so that different realizations of virtual TPMs can work with it. The virtual TPM design and implementation presented in this paper adds the following to what is currently available in Xen: support for migrating a vTPM instance alongside its associated virtual machine, support for attestation of the complete vTPM environment along with the contents of a virtual machine, and an entirely separate software implementation of the TPM specification. In addition, the virtual TPM now in Xen is a partial implementation based on version 1.1 of the TPM specification, while we have updated our virtual TPM to be a complete implementation of version 1.2.

    Previous research in the area of trusted computing examined how data that is protected (sealed) by a hardware TPM can be moved to another platform. Kuehn et al [17]
Reference
  • Fabrice Bellard. Qemu, a fast and portable dynamic translator. In Proceedings of the USENIX 2005 Annual Technical Conference, FREENIX Track, pages 41–46, 2005.
    Google ScholarLocate open access versionFindings
  • C. Clark, K. Fraser, S. Hand, J. G. Hansen, E. Jul, C. Limpach, I. Pratt, and A. Warfield. Live Migration of Virtual Machines. In Proceedings of the 2nd Symposium on Networked Systems Design and Implementation (NSDI ’05), 2005.
    Google ScholarLocate open access versionFindings
  • Common Criteria. Trusted Computing Group (TCG) Personal Computer (PC) Specific Trusted Building Block (TBB) Protection Profile and TCG PC Specific TBB With Maintenance Protection Profile, July 2004.
    Google ScholarFindings
  • B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, I. Pratt, A. Warfield, P. Barham, and R. Neugebauer. Xen and the Art of Virtualization. In Proceedings of the ACM Symposium on Operating Systems Principles, October 2003.
    Google ScholarLocate open access versionFindings
  • R. Figueiredo, P. A. Dinda, and J. Fortes. Resource virtualization renaissance. IEEE Computer, 38(5):28–31, 2005.
    Google ScholarLocate open access versionFindings
  • K. Fraser, S. Hand, R. Neugebauer, I. Pratt, A. Warfield, and M. Williamson. Safe Hardware Access with the Xen Virtual Machine Monitor. In Proceedings of the OASIS ASPLOS Workshop, 2004.
    Google ScholarLocate open access versionFindings
  • Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Terra: a Virtual Machine-based Platform for Trusted Computing. In Proceedings of the Symposium on Operating Systems Principles (SOSP), pages 193–206, 2003.
    Google ScholarLocate open access versionFindings
  • R. P. Goldberg. Survey of Virtual Machine Research. IEEE Computer Magazine, 7(6):34–45, 1974.
    Google ScholarLocate open access versionFindings
  • Applied Data Security Group. What is TrustedGRUB, http://www.prosec.ruhr-uni-bochum.de/trusted grub.html.
    Findings
  • Trusted Computing Group. TCG TPM Specification Version 1.2 - Part 1 Design Principles, 2005.
    Google ScholarFindings
  • Trusted Computing Group. TCG TPM Specification Version 1.2 - Part 3 Commands, 2005.
    Google ScholarFindings
  • [13] IBM. Integrity Measurement Architecture for Linux. http://www.sourceforge.net/projects/linux-ima.
    Findings
  • [14] IBM. PHYP: Converged POWER Hypervisor Firmware for pSeries and iSeries. http://www-1.ibm.com/servers/enable/site/peducation/abstracts/abs 2bb2.html.
    Findings
  • [15] IBM. Secure Coprocessing. http://www.research.ibm.com/secure systems department/projects/scop/index.html. http://domino.research.ibm.com/comm/research projects.nsf/
    Locate open access versionFindings
  • [17] U. Kuhn, K. Kursawe, S. Lucks, A. Sadeghi, and C. Stuble. Secure data management in trusted computing. In Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2005), 2005.
    Google ScholarLocate open access versionFindings
  • [18] H. Maruyama, F. Seliger, N. Nagaratnam, T. Ebringer, S. Munetoh, S. Yoshihama, and T. Nakamura. Trusted platform on demand. Technical Report RT0564, IBM, February 2004.
    Google ScholarFindings
  • [19] National Institute of Standards and Technology. Secure Hash Standard (SHA-1). Federal Information Processing Standards Publication 180-1, 1993.
    Google ScholarLocate open access versionFindings
  • [20] R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez, S. Berger, J. Griffin, and L. van Doorn. Building a MAC-based security architecture for the Xen opensource hypervisor. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2005.
    Google ScholarLocate open access versionFindings
  • [21] R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the USENIX Security Symposium, 2004.
    Google ScholarLocate open access versionFindings
  • [22] The Xen Team. Xen Interface Manual - Xen v3.0 for x86.
    Google ScholarFindings
  • [23] Trusted Computing Group. http://www.trustedcomputinggroup.org.
    Findings
  • [24] Trusted Computing Group. TCG PC Specific Implementation Specification, 2003.
    Google ScholarLocate open access versionFindings
  • [25] Trusted Computing Group. TCG Software Stack (TSS) Specification - Version 1.10 Golden, 2003.
    Google ScholarFindings
  • [26] VMware, Inc. http://www.vmware.com. http://www.xensource.com/products/downloads.
    Findings
Your rating :
0

 

Tags
Comments
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn
小科