Skip to main content

2018 | OriginalPaper | Buchkapitel

A Trusted Computing Base for Information System Classified Protection

verfasst von : Hui Lu, Xiang Cui, Le Wang, Yu Jiang, Ronglai Jia

Erschienen in: Cloud Computing and Security

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The 21st century is the age of information when information becomes an important strategic resource. Information security turns into one of the biggest issues facing computer technology today. Our computer systems face the risk of being plagued by powerful, feature-rich malware. Current malware exploit the vulnerabilities that are endemic to the huge computing base that needs to be trusted to secure our private information. This summary presents the trusted computing base (TCB) and the Trusted Computing Group (TCG). TCB is the collectivity of the computer’s protector, which influences the security of system. The Trusted Computing Group (TCG) is an international industry standards group. There are extensive theories about information security and technology. Providing some technology and methods that can prevent you system from being attacked by malware and controlled by unauthorized persons. At last, we introduce efficient TCB reduction.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Balfe, S., Gallery, E., Mitchell, C.J., Paterson, K.G.: Challenges for trusted computing. IEEE Secur. Priv. 6(6), 60–66 (2008)CrossRef Balfe, S., Gallery, E., Mitchell, C.J., Paterson, K.G.: Challenges for trusted computing. IEEE Secur. Priv. 6(6), 60–66 (2008)CrossRef
2.
Zurück zum Zitat Balfe, S., Paterson, K.G.: Augmenting internet-based card not present transactions with trusted computing: an analysis. Technical report RHUL-MA-2006-9, Department of Mathematics, Royal Holloway, University of London (2005) Balfe, S., Paterson, K.G.: Augmenting internet-based card not present transactions with trusted computing: an analysis. Technical report RHUL-MA-2006-9, Department of Mathematics, Royal Holloway, University of London (2005)
3.
Zurück zum Zitat Barham, P., et al.: Xen and the art of virtualization. In: Proceedings of the 19th ACM Symposium on Operating Systems Principles (2003) Barham, P., et al.: Xen and the art of virtualization. In: Proceedings of the 19th ACM Symposium on Operating Systems Principles (2003)
4.
Zurück zum Zitat Garfinkel, T., Rosenblum, M., Boneh, D.: Flexible OS support and applications for trusted computing. In: The 9th Workshop on Hot Topics in Operating Systems, HotOS, Lihue, Hawaii, USA, pp. 145–150 (2003) Garfinkel, T., Rosenblum, M., Boneh, D.: Flexible OS support and applications for trusted computing. In: The 9th Workshop on Hot Topics in Operating Systems, HotOS, Lihue, Hawaii, USA, pp. 145–150 (2003)
5.
Zurück zum Zitat Trusted Computing Group (TCG): TPM Main Specification Version 1.2 rev. 103 (2007) Trusted Computing Group (TCG): TPM Main Specification Version 1.2 rev. 103 (2007)
6.
Zurück zum Zitat Trusted Computing Group. PC client specific TPM interface specification (TIS). Version 1.2, Revision 1.00. (2005) Trusted Computing Group. PC client specific TPM interface specification (TIS). Version 1.2, Revision 1.00. (2005)
7.
Zurück zum Zitat Brumley, D., Song, D.: Privtrans: automatically partitioning programs for privilege separation. In: USENIX Security Symposium, San Diego, USA, pp. 57–72 (2004) Brumley, D., Song, D.: Privtrans: automatically partitioning programs for privilege separation. In: USENIX Security Symposium, San Diego, USA, pp. 57–72 (2004)
8.
Zurück zum Zitat Kuhlmann, D., Landfermann, R., Ramasamy, H., Schunter, M., Ramunno, G., Vernizzi, D.: An open trusted computing architecture—secure virtual machines enabling user-defined policy enforcement (2006) Kuhlmann, D., Landfermann, R., Ramasamy, H., Schunter, M., Ramunno, G., Vernizzi, D.: An open trusted computing architecture—secure virtual machines enabling user-defined policy enforcement (2006)
9.
Zurück zum Zitat Sadeghi, A.-R., Stüble, C., Pohlmann, N.: European multilateral secure computing base| open trusted computing for you and me, White paper (2004) Sadeghi, A.-R., Stüble, C., Pohlmann, N.: European multilateral secure computing base| open trusted computing for you and me, White paper (2004)
10.
Zurück zum Zitat McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. In Proceedings of the ACM European Conference in Computer Systems (2008) McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. In Proceedings of the ACM European Conference in Computer Systems (2008)
11.
Zurück zum Zitat McCune, M., Parno, B., Perrig, A., Reiter, M.K., Seshadri, A.: How low can you go? Recommendations for hardware-supported minimal TCB code execution. In: ASPLOS (2008) McCune, M., Parno, B., Perrig, A., Reiter, M.K., Seshadri, A.: How low can you go? Recommendations for hardware-supported minimal TCB code execution. In: ASPLOS (2008)
12.
Zurück zum Zitat Engler, D., Chelf, B., Chou, A., Hallem, S.: Checking system rules using system-specific, programmer-written compiler extensions. In: Proceedings of the 4th Conference on Symposium on Operating System Design and Implementation, vol. 4. USENIX Association (2000) Engler, D., Chelf, B., Chou, A., Hallem, S.: Checking system rules using system-specific, programmer-written compiler extensions. In: Proceedings of the 4th Conference on Symposium on Operating System Design and Implementation, vol. 4. USENIX Association (2000)
13.
Zurück zum Zitat Trusted Computing Group. Trusted platform module main specification. Version 1.2, Revision 94. (2006) Trusted Computing Group. Trusted platform module main specification. Version 1.2, Revision 94. (2006)
14.
Zurück zum Zitat Singaravelu, L., Pu, C., Haertig, H., Helmuth, C.: Reducing TCB complexity for security-sensitive applications: three case studies. In: Proceedings of the ACM European Conference in Computer Systems (EuroSys) (2006) Singaravelu, L., Pu, C., Haertig, H., Helmuth, C.: Reducing TCB complexity for security-sensitive applications: three case studies. In: Proceedings of the ACM European Conference in Computer Systems (EuroSys) (2006)
15.
Zurück zum Zitat Camenisch, J.: Better privacy for trusted computing platforms. In: Proceedings of the European Symposium on Research in Computer Security (ESORICS) (2004)CrossRef Camenisch, J.: Better privacy for trusted computing platforms. In: Proceedings of the European Symposium on Research in Computer Security (ESORICS) (2004)CrossRef
16.
Zurück zum Zitat Anderson, D.P., Cobb, J., Korpela, E., Lebofsky, M., Werthimer, D.: SETI@ home: an experiment in public-resource computing. Commun. ACM 45(11), 56–61 (2002)CrossRef Anderson, D.P., Cobb, J., Korpela, E., Lebofsky, M., Werthimer, D.: SETI@ home: an experiment in public-resource computing. Commun. ACM 45(11), 56–61 (2002)CrossRef
18.
Zurück zum Zitat Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: ACM SIGOPS Operating Systems Review, vol. 37, pp. 193–206. ACM (2003)CrossRef Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: ACM SIGOPS Operating Systems Review, vol. 37, pp. 193–206. ACM (2003)CrossRef
19.
Zurück zum Zitat Brumley, D., Song, D.: Privtrans: automatically partitioning programs for privilege separation. In: Proceedings of USENIX Security Symposium (2004) Brumley, D., Song, D.: Privtrans: automatically partitioning programs for privilege separation. In: Proceedings of USENIX Security Symposium (2004)
20.
Zurück zum Zitat Garnkel, T., Pfa, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: Proceedings of the Symposium on Operating System Principles (2003) Garnkel, T., Pfa, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a virtual machine-based platform for trusted computing. In: Proceedings of the Symposium on Operating System Principles (2003)
21.
Zurück zum Zitat Kauer, B.: OSLO: improving the security of trusted computing. In: Proceedings of the USENIX Security Symposium (2007) Kauer, B.: OSLO: improving the security of trusted computing. In: Proceedings of the USENIX Security Symposium (2007)
22.
Zurück zum Zitat Trusted Computing Group. Trusted platform module main specification, Part 1: Design principles, Part 2: TPM structures, Part 3: Commands. Version 1.2, Revision 103 (2007) Trusted Computing Group. Trusted platform module main specification, Part 1: Design principles, Part 2: TPM structures, Part 3: Commands. Version 1.2, Revision 103 (2007)
23.
Zurück zum Zitat Sadeghi, A.R., Selhorst, M., Stüble, C., Wachsmann, C., Winandy, M.: TCG inside?: A note on TPM specification compliance. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing, pp. 47–56. ACM (2006) Sadeghi, A.R., Selhorst, M., Stüble, C., Wachsmann, C., Winandy, M.: TCG inside?: A note on TPM specification compliance. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing, pp. 47–56. ACM (2006)
24.
Zurück zum Zitat Datta, A., Franklin, J., Garg, D., Kaynar, D.: A logic of secure systems and its application to trusted computing. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 221–236. IEEE (2009) Datta, A., Franklin, J., Garg, D., Kaynar, D.: A logic of secure systems and its application to trusted computing. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 221–236. IEEE (2009)
Metadaten
Titel
A Trusted Computing Base for Information System Classified Protection
verfasst von
Hui Lu
Xiang Cui
Le Wang
Yu Jiang
Ronglai Jia
Copyright-Jahr
2018
DOI
https://doi.org/10.1007/978-3-030-00006-6_22