Coprocessor-based hierarchical trust management for software integrity and digital identity protection

Authors:
Lifu Wang;Partha Dasgupta
Affiliations:
-;Department of Computer Science and Engineering, Arizona State University, Tempe, AZ 85287, USA. E-mails: {Lifu.Wang, partha}@asu.edu/ Tel.: +480 965 5583/ Fax: +480 965 2751
Venue:
Journal of Computer Security - The Third IEEE International Symposium on Security in Networks and Distributed Systems
Year:
2008

Citing 13
Cited 1

Software errors and complexity: an empirical investigation0

Communications of the ACM
Operating system protection through program evolution

Computers and Security
Reflections on trusting trust

Communications of the ACM
An empirical study of operating systems errors

SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
The distribution of faults in a large industrial software system

ISSTA '02 Proceedings of the 2002 ACM SIGSOFT international symposium on Software testing and analysis
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Improving the reliability of commodity operating systems

ACM Transactions on Computer Systems (TOCS)
ReVirt: enabling intrusion analysis through virtual-machine logging and replay

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
SubVirt: Implementing malware with virtual machines

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Can We Make Operating Systems Reliable and Secure?

Computer
Copilot - a coprocessor-based kernel runtime integrity monitor

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Security Kernel Design and Implementation: An Introduction

Computer

Determining the integrity of application binaries on unsecure legacy machines using software based remote attestation

ICISS'10 Proceedings of the 6th international conference on Information systems security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Malware and rootkits are serious security threats. They can be designed to be resistant to anti-virus and security software and even remain totally undetectable. This paper describes a hierarchical trust management scheme, where the root of trust is in a non-tamperable hardware co-processor on a PCI bus. The security device checks a part of the OS kernel for integrity, which in turn checks other parts until we ensure the entire system is free of rootkits. The checker can be extended to encompass all applications and anti-virus software. Our system can detect any illegal modifications to kernel, loadable kernel modules and user applications. It also provides a secure communication line for user interaction to manage legal software updates. Moreover, this device can securely perform user authentication and protect digital identity against identity theft. Our tests show that we can correctly detect different real-world and synthetic rootkits even though the host kernel is compromised.