vTPM: virtualizing the trusted platform module
作者: Ronald Perez , Reiner Sailer , Leendert van Doorn , None
DOI:
关键词:
摘要: We present the design and implementation of a system that enables trusted computing for an unlimited number virtual machines on single hardware platform. To this end, we virtualized Trusted Platform Module (TPM). As result, TPM's secure storage cryptographic functions are available to operating systems applications running in machines. Our new facility supports higher-level services establishing trust environments, example remote attestation software integrity. We implemented full TPM specification added create destroy instances. integrated our into hypervisor environment make suspend resume operations, as well migration instance with its respective machine across platforms. four designs certificate chains link TPM, security vs. efficiency trade-offs based threat models. Finally, demonstrate working by layering existing integrity measurement application top facility.
kiskeya.net 参考文章(10)
Andrew Warfield, Steven Hand, Ian Pratt, Mark Williamson, Rolf Neugebauer, Keir Fraser, Safe Hardware Access with the Xen Virtual Machine Monitor ,(2007)
Reiner Sailer, Leendert van Doorn, Trent Jaeger, Xiaolan Zhang, Design and implementation of a TCG-based integrity measurement architecture usenix security symposium. pp. 16- 16 ,(2004)
Fabrice Bellard, QEMU, a fast and portable dynamic translator usenix annual technical conference. pp. 41- 41 ,(2005)
Christian Limpach, Eric Jul, Andrew Warfield, Steven Hand, Ian Pratt, Christopher Clark, Jacob Gorm Hansen, Keir Fraser, Live migration of virtual machines networked systems design and implementation. pp. 273- 286 ,(2005) , 10.5555/1251203.1251223
R. Figueiredo, P.A. Dinda, J. Fortes, Guest Editors' Introduction: Resource Virtualization Renaissance IEEE Computer. ,vol. 38, pp. 28- 31 ,(2005) , 10.1109/MC.2005.159
Robert P. Goldberg, Survey of virtual machine research Computer. ,vol. 7, pp. 34- 45 ,(1974) , 10.1109/MC.1974.6323581
Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew Warfield, Xen and the art of virtualization symposium on operating systems principles. ,vol. 37, pp. 164- 177 ,(2003) , 10.1145/1165389.945462
Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh, Terra: a virtual machine-based platform for trusted computing symposium on operating systems principles. ,vol. 37, pp. 193- 206 ,(2003) , 10.1145/1165389.945464
R. Sailer, T. Jaeger, E. Valdez, R. Caceres, R. Perez, S. Berger, J.L. Griffin, L. van Doorn, Building a MAC-based security architecture for the Xen open-source hypervisor annual computer security applications conference. pp. 276- 285 ,(2005) , 10.1109/CSAC.2005.13
Klaus Kursawe, Christian Stüble, Ulrich Kühn, Ahmad-Reza Sadeghi, Stefan Lucks, Secure Data Management in Trusted Computing Lecture Notes in Computer Science. ,vol. 3659, pp. 324- 338 ,(2005)