Minimal TCB Code Execution
- 1 May 2007
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- p. 267-272
- https://doi.org/10.1109/sp.2007.27
Abstract
We propose an architecture that allows code to execute in complete isolation from other software while trusting only a tiny software base that is orders of magnitude smaller than even minimalist virtual machine monitors. Our technique also enables more meaningful attestation than previous proposals, since only measurements of the security-sensitive portions of an application need to be included. We achieve these guarantees by leveraging hardware support provided by commodity processors from AMD and Intel that are shipping today.Keywords
This publication has 10 references indexed in Scilit:
- Towards Trustworthy Kiosk ComputingPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2007
- Linking remote attestation to secure tunnel endpointsPublished by Association for Computing Machinery (ACM) ,2006
- Reducing TCB complexity for security-sensitive applicationsPublished by Association for Computing Machinery (ACM) ,2006
- Securing Web servers against insider attackPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Open-Source Applications of TCPA HardwarePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Modular verification of software components in CIEEE Transactions on Software Engineering, 2004
- A secure and reliable bootstrap architecturePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Secure program partitioningACM Transactions on Computer Systems, 2002
- Safe kernel extensions without run-time checkingPublished by Association for Computing Machinery (ACM) ,1996
- Efficient software-based fault isolationPublished by Association for Computing Machinery (ACM) ,1993