Uclinux: a linux security module for trusted-computing-based usage controls enforcement

Authors:
David Kyle;José Carlos Brustoloni
Affiliations:
University of Pittsburgh;University of Pittsburgh
Venue:
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Year:
2007

Citing 7
Cited 5

Linux Security Modules: General Security Support for the Linux Kernel

Proceedings of the 11th USENIX Security Symposium
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Open-Source Applications of TCPA Hardware

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Trusted Computing Platforms: TCPA Technology in Context

Trusted Computing Platforms: TCPA Technology in Context
Design and implementation of a TCG-based integrity measurement architecture

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
vTPM: virtualizing the trusted platform module

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A Model-Driven Framework for Trusted Computing Based Systems

EDOC '07 Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference

Evaluating the usability of usage controls in electronic collaboration

Proceedings of the 4th symposium on Usable privacy and security
Secure web-based retrieval of documents with usage controls

Proceedings of the 2009 ACM symposium on Applied Computing
Measuring Semantic Integrity for Remote Attestation

Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Usage control enforcement - a survey

ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Survey: Usage control in computer security: A survey

Computer Science Review

Quantified Score

Hi-index	0.00

Visualization

Abstract

Usage controls allow the distributor of some information to limit how recipients of that information may use it. The Trusted Computing Group has standardized Trusted Platform Modules (TPMs) that are built into an increasing number of computers and could greatly harden usage controls against circumvention. However, existing operating systems support TPMs only partially. We describe UCLinux, a novel Linux Security Module that, unlike previous work, supports TPM-based attestation, sealing, and usage controls on existing processors and with minimal modifications in the operating system kernel and applications. Experiments show that UCLinux has modest impact on the system's boot latency and run-time performance.