skip to main content
10.1145/1346281.1346285acmconferencesArticle/Chapter ViewAbstractPublication PagesasplosConference Proceedingsconference-collections
research-article

How low can you go?: recommendations for hardware-supported minimal TCB code execution

Published:01 March 2008Publication History

ABSTRACT

We explore the extent to which newly available CPU-based security technology can reduce the Trusted Computing Base (TCB) for security-sensitive applications. We find that although this new technology represents a step in the right direction, significant performance issues remain. We offer several suggestions that leverage existing processor technology, retain security, and improve performance. Implementing these recommendations will finally allow application developers to focus exclusively on the security of their own code, enabling it to execute in isolation from the numerous vulnerabilities in the underlying layers of legacy code.

Skip Supplemental Material Section

Supplemental Material

Video

References

  1. Advanced Micro Devices. AMD64 architecture programmer's manual: Volume 2: System programming. AMD Publication no. 24594 rev. 3.11, Dec. 2005.Google ScholarGoogle Scholar
  2. Advanced Micro Devices. AMD64 virtualization: Secure virtual machine architecture reference manual. AMD Publication no. 33047 rev. 3.01, May 2005.Google ScholarGoogle Scholar
  3. D.P. Anderson, J. Cobb, E. Korpela, M. Lebofsky, and D. Werthimer. [email protected]: An experiment in public-resource computing. Communications of the ACM, 45(11):56--61, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. W.A. Arbaugh, D.J. Farber, and J.M. Smith. A reliable bootstrap architecture. In Proceedings of the IEEE Symposium on Research in Security and Privacy, May 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the Symposium on Operating Systems Principles, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. S. Chaki, E. Clarke, A. Groce, S. Jha, and H. Veith. Modular verification of software components in C. IEEE Transactions on Software Engineering, 30(6), 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. J.G. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S.W. Smith, and S. Weingart. Building the IBM 4758 secure coprocessor. IEEE Computer, 34(10):57--66, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. D. Grawrock. The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press, 2006.Google ScholarGoogle Scholar
  9. Intel Corporation. Intel low pin count (LPC) interface specification. Revision 1.1, Aug. 2002.Google ScholarGoogle Scholar
  10. Intel Corporation. LaGrande technology preliminary architecture specification. Intel Publication no. D52212, May 2006.Google ScholarGoogle Scholar
  11. Intel Corporation. Trusted eXecution Technology -- preliminary architecture specification and enabling considerations. Document number 31516803, Nov. 2006.Google ScholarGoogle Scholar
  12. P. Jones. RFC3174: US Secure Hash Algorithm 1 (SHA-1). http://www.faqs.org/rfcs/rfc3174.html, Sept. 2001.Google ScholarGoogle Scholar
  13. J. Kuskin, D. Ofelt, M. Heinrich, J. Heinlein, R. Simoni, K. Gharachorloo, J. Chapin, D. Nakahira, J. Baxter, M. Horowitz, A. Gupta, M. Rosenblum, and J. Hennessy. The Stanford FLASH multiprocessor. In Proceedings of the Symposium on Computer Architecture, Apr. 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. D. Lie, C.A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J.C. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. In Architectural Support for Programming Languages and Operating Systems, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. D. Magenheimer. Xen/IA64 code size stats. Xen developer's mailing list: http://lists.xensource.com/, Sept. 2005.Google ScholarGoogle Scholar
  16. J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, and H. Isozaki. An execution infrastructure for TCB minimization. Technical Report CMU-CyLab-07-018, Carnegie Mellon University, Dec. 2007.Google ScholarGoogle Scholar
  17. J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, and A. Seshadri. Minimal TCB code execution (extended abstract). In Proceedings of the IEEE Symposium on Security and Privacy, May 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. R. Sailer, E. Valdez, T. Jaeger, R. Perez, L. van Doorn, J.L. Griffin, and S. Berger. sHype: Secure hypervisor approach to trusted virtualized systems. Technical Report RC23511, IBM Research, Feb. 2005.Google ScholarGoogle Scholar
  19. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the USENIX Security Symposium, 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. A. Seshadri, M. Luk, E. Shi, A. Perrig, L. VanDoorn, and P. Khosla. Pioneer: Verifying integrity and guaranteeing execution of code on legacy platforms. In Proceedings of the Symposium on Operating Systems Principals (SOSP), 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. T. Shanley. The Unabridged Pentium 4. Addison Wesley, first edition edition, August 2004.Google ScholarGoogle Scholar
  22. E. Shi, A. Perrig, and L. van Doorn. BIND: A time-of-use attestation service for secure distributed systems. In Proceedings of IEEE Symposium on Security and Privacy, May 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. G.E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: Architecture for tamper-evident and tamper-resistant processing. In Proceedings of the International Conference on Supercomputing, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Trusted Computing Group. PC client specific TPM interface specification (TIS). Version 1.2, Revision 1.00, July 2005.Google ScholarGoogle Scholar
  25. Trusted Computing Group. Trusted platform module main specification. Version 1.2, Revision 94, Mar. 2006.Google ScholarGoogle Scholar
  26. B. S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.Google ScholarGoogle Scholar

Index Terms

  1. How low can you go?: recommendations for hardware-supported minimal TCB code execution

                      Recommendations

                      Comments

                      Login options

                      Check if you have access through your login credentials or your institution to get full access on this article.

                      Sign in

                      PDF Format

                      View or Download as a PDF file.

                      PDF

                      eReader

                      View online with eReader.

                      eReader
                      About Cookies On This Site

                      We use cookies to ensure that we give you the best experience on our website.

                      Learn more

                      Got it!