Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Conditional Access in Mobile Systems: Securing the Application
DFMA '05 Proceedings of the First International Conference on Distributed Frameworks for Multimedia Applications
A comparison of software and hardware techniques for x86 virtualization
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A trusted mobile phone reference architecturevia secure kernel
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Proceedings of the 2007 ACM workshop on Scalable trusted computing
IPTV Security: Protecting High-Value Digital Contents
IPTV Security: Protecting High-Value Digital Contents
SeeNSearch: A Context Directed Search Facilitator for Home Entertainment Devices
PERCOM '08 Proceedings of the 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications
A practical guide to trusted computing
A practical guide to trusted computing
Digital Watermarking and Steganography
Digital Watermarking and Steganography
Enhancing grid security using trusted virtualization
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Key Management Schemes for Peer-to-Peer Multimedia Streaming Overlay Networks
WISTP '09 Proceedings of the 3rd IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks
Hi-index | 0.00 |
This paper presents a very natural "killer application" of modern Commercially Off The Shelf (COTS) available Trusted Computing technologies. The application which we propose is a secure and cost optimized DVB Set-top Box. Our respective reference architecture is exclusively build upon such COTS Trusted Computing technologies and completely avoids the use of any proprietary and thus expensive hardware. Particularly, we will use an orchestration of the following TC concepts from the PC field and standardized by the Trusted Computing Group: Secure Boot, Remote Attestation, Trusted Channels, Virtualization for Domain Isolation, and the Trusted Platform Module (TPM). The Trusted Domain Isolation concept (as realized through Trusted Virtualization) allows the simple subscription to different Service Providers (SP) without the need of any SP-specific hardware requirements. The vast computing power of modern CPU architectures allows for the pure software virtualization of any SP-proprietary hardware. In addition to that isolation concept, the novel hardware assisted security ingredients of modern CPUs allow in combination with the TPM for a verifiable evidence of a tamper-free execution environment for the different SP's. I.e., at all times during the execution of a SP's "virtual set-top box", the respective SP is able to remotely request an attestation of the whole execution platform and ensure its fundamental system integrity. This attestation proves either that no "malicous platform tampering" or "unintended platform use" is happening, or in case that it fails, it gives the SP the possibility to deny further services by simply cutting the content delivery channel. Thus, at all times we can guarantee the various SP's strong security assurances. Moreover, the nowadays very well understood and very efficient (even real-time capable!) virtualization concept allows a simple and efficient migration of different SP architectures to such a universal DVB Set-top Box. In some cases a simple binary migration with only little modifications might be possible. Also, our architecture inherently supports the easy integration of an open but strongly isolated user partition, thus allowing the user for a kind of his own PC within his home TV and Set-top Box combination. Moreover, this also allows for an elegant realization of very recent initiatives aiming to merge the home TV experience with the full Web experience (e.g. See'N'Search [27]). In addition to being a very natural killer application of such Trusted Computing technologies the DVB Set-top Box example touches also on the very important and subtle scalability issue of the Trusted Computing paradigm.