A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Proceedings of the workshop on virtual computer systems
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Proceedings of the 11th ACM conference on Computer and communications security
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
vTPM: virtualizing the trusted platform module
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
New directions in cryptography
IEEE Transactions on Information Theory
Improving the scalability of platform attestation
Proceedings of the 3rd ACM workshop on Scalable trusted computing
An architecture providing virtualization-based protection mechanisms against insider attacks
WISA'07 Proceedings of the 8th international conference on Information security applications
Managing application whitelists in trusted distributed systems
Future Generation Computer Systems
Specification and Standardization of a Java Trusted Computing API
Software—Practice & Experience
On-demand software licence provisioning in grid and cloud computing
International Journal of Grid and Utility Computing
Hi-index | 0.00 |
We present a system architecture for trusted transactions in highly sensitive environments. This architecture takes advantage of techniques provided by the Trusted Computing Group (TCG) to attest the system state of the communication partners, to guarantee that the system is free of malware and that its software has not been tampered with. To achieve meaningful attestation, virtualization is used to establish several different execution environments. The attestation process is limited to a fragment of the software running on the platform, more specifically, to the part requesting access to sensitive data. The Trusted Platform Module (TPM) is virtualized, in order to make it accessible for an execution environment with a higher trust level.