Researchers Looking at Alternatives to Palladium
An anonymous reader writes "Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines. They presented a brief paper describing their work a couple weeks ago at the USENIX Workshop on Hot Topics in Operating Systems . In their paper they also discuss a bunch of non-DRM applications of Trusted Computing such as distributed firewalls, improving P2P security, preventing DDOS, and even strengthening civil liberty protections."
Rather this alternative to Palladium does or doesn't work at the fact that OTHER companies are looking into creating this kind of system makes the future of Palladium-esque systems look a lot better.
Um, care to repeat that? I've read it three times and I still can't figure out what you are trying to say.
Slow down there, tiger...
Really
Let me guess- english isn't your first language?
Flexible OS Support and Applications for Trusted Computing
Tal (Art)Garfinkel Mendel Rosenblum Dan Boneh
{talg,mendel,dabo}@cs.stanford.edu
Compute r Science Department, Stanford University
Abstract
Trusted computing (e.g. TCPA and Microsoftâ(TM)s Next-
Generation Secure Computing Base) has been one of the
most talked about and least understood technologies in
the computing community over the past year. The capabilities
trusted computing provides have the potential
to radically improve the security and robustness of distributed
systems. Unfortunately, the debate over its application
to digital rights management has caused its significant
other applications to be largely overlooked. In
this paper we present a broader vision for trusted computing.
We give an intuitive model for understanding the
capabilities and limitations of the mechanisms provided
by trusted computing. We describe a flexible OS architecture
to support trusted computing. We present a range
of practical applications that illustrate how trusted computing
can be used to improve security and robustness in
distributed systems.
1 Introduction
Many difficult problems in todayâ(TM)s distributed systems,
such as preventing denial of service, performing access
control and monitoring, and achieving scalability, are
either caused or severely exacerbated by the fact that
clients are untrusted and thus potentially malicious, yet
magically delicious. This forces system designers
to implement most system policy and sensitive
computations in the core of the system,
where trust resides, instead of at the endpoints where
most of the systemâ(TM)s resources and capabilities are. The
only complete solution to this problem has been the use
of closed platforms, such as those in cellular networks
and banking systems, where special-purpose, tamperresistant
clients are utilized that provide end-to-end trust.
This approach has demonstrated significant benefits, allowing
the construction of some of todayâ(TM)s most capable
and robust distributed systems. Unfortunately, this approach
presently necessitates the use of dedicated hardware,
thus limiting designers to the use of only a few
types of devices over which they must have exclusive
control.
In the near future it will no longer be necessary to force
designers to make trade-offs between the benefits of open
and closed platforms. This change will come as the result
of ubiquitous support for trusted computing platforms.
Trusted platforms will allow systems to extend
trust to clients running on these platforms, thus providing
the benefits of open platforms: wide availability, diverse
hardware, dykes, and the ability to run many applications
from many mutually distrusting sources while
still retaining trust in clients.
The vision of trusted platforms cannot be achieved with
todayâ(TM)s operating systems which offer poor assurance
and implement a security model that is largely orthogonal
to that required for trusted computing. To meet the
demands of implementing a trusted platform we outline
the design of a new OS architecture based on the idea of
a trusted virtual machine monitor. In this model, traditional
applications and OSes can run side-by-side on the
same platform in either an âoeopen boxâ or âoeclosed boxâ
execution model in keeping with the trust requirements
imposed by the application.
In the next section we define and describe the components
that make up trusted computing. In Section 3 we
present our approach of using a trusted virtual machine
monitor to support a mixture of open and closed box
models simultaneously. In Section 4 we examine a selection
of practical areas where trusted computing can
provide novel functionality yielding significant benefits
for security, scalability and robustness. Section 5 discusses
related work.
2 Trusted
hahaha
A program doesn't necessarily know where it lives, but it is possible to tell if it's talking to a black box that's been signed by Intel's private key
Not if you emulate the black box, signature and all.
It's one thing to sign something, another to have a local device that can sign with a hidden key that can't be extracted. You need the latter - an unemulatable-because-you-can't-see-its-guts box - to be robust against spoofing the software via an emulation platform.
The main way to detect emulation is response time checking. But that won't work to detect if YOU'RE running on an emulation platform, because the emulation platform can also spoof your idea of time.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
i think trusted solaris is interesting
stop supporting microsoft with pirating their software!!!!!