Trusted Computing Platforms
BeschreibungFrom early prototypes and proposed applications, this book surveys the longer history of amplifying small amounts of hardware security into broader system security
Including real case study experience with security architecture and applications on multiple types of platforms.
Examines the theory, design, implementation of the IBM 4758 secure coprocessor platform and discusses real case study applications that exploit the unique capabilities of this platform.
Examines more recent cutting-edge experimental work in this area.
Written for security architects, application designers, and the general computer scientist interested in the evolution and use of this emerging technology.
Inhaltsverzeichnis1 Introduction. 1.1 Trust and Computing. 1.2 Instantiations. 1.3 Design and Applications. 1.4 Progression. 2 Motivating Scenarios. 2.1 Properties. 2.2 Basic Usage. 2.3 Examples of Basic Usage. 2.4 Position and Interest. 2.5 Examples of Positioning. 2.6 The Idealogical Debate. 2.7 Further Reading. 3 Attacks. 3.1 Physical Attacks. 3.2 Software Attacks. 3.3 Side-channel Analysis. 3.4 Undocumented Functionality. 3.5 Erasing Data. 3.6 System Context. 3.7 Defensive Strategy. 3.8 Further Reading. 4 Foundations. 4.1 Applications and Integration. 4.2 Architectures. 4.3 Booting. 4.4 The Defense Community. 4.5 Further Reading. 5 Design Challenges. 5.1 Context. 5.2 Obstacles. 5.3 Requirements. 5.4 Technology Decisions. 5.5 Further Reading. 6 Platform Architecture. 6.1 Overview. 6.2 Erasing Secrets. 6.3 The Source of Secrets. 6.4 Software Threats. 6.5 Code Integrity. 6.6 Code Loading. 6.7 Putting it All Together. 6.8 What's Next. 6.9 Further Reading. 7 Outbound Authentication. 7.1 Problem. 7.2 Theory. 7.3 Design and Implementation. 7.4 Further Reading. 8 Validation. 8.1 The Validation Process. 8.2 Validation Strategy. 8.3 Formalizing Security Properties. 8.4 Formal Verification. 8.5 Other Validation Tasks. 8.6 Reflection. 8.7 Further Reading. 9 Application Case Studies. 9.1 Basic Building Blocks. 9.2 Hardened Web Servers 9.3 Rights Management for Big Brother's Computer. 9.4 Private Information. 9.5 Other Projects. 9.6 Lessons Learned. 9.7 Further Reading. 10 TCPA/TCG. 10.1 Basic Structure. 10.2 Outbound Authentication. 10.3 Physical Attacks. 10.4 Applications. 10.5 Experimentation. 10.6 TPM 1.2 Changes. 10.7 Further Reading. 11 Experimenting with TCPA/TCG. 11.1 Desired Properties. 11.2 The Lifetime Mismatch. 11.3 Architecture. 11.4 Implementation Experience. 11.5 Application: Hardened Apache. 11.6 Application: OpenCA. 11.7 Application: Compartmented Attestation. 11.8 Further Reading. 12 New Horizons. 12.1 Privilege Architectures. 12.2 Hardware Research. 12.3 Software Research. 12.4 Current Industrial Platforms. 12.5 Looming Industry Platforms. 12.6 Secure Coprocessing Revisited. 12.7 Further Reading. Glossary. References. About the Author. Index.
PortraitSean Smith is currently on the faculty of the Department of Computer Science at Dartmouth College, serves as director of the Cyber Security and Trust Research Center at Dartmouth's Institute for Security Technology Studies, and also serves as Principal Investigator of the Dartmouth PKI Lab. His current research and teaching focus on how to build trustworthy systems in the real world. He previously worked as a scientist at IBM T.J. Watson Research Center, doing secure coprocessor design, implementation and validation; and at Los Alamos National Laboratory, doing security designs and analyses for a wide range of public-sector clients. Dr. Smith was educated at Princeton (B.A., Math) and Carnegie Mellon (M.S., Ph.D., Computer Science).
Untertitel: Design and Applications. 28 illus. Sprache: Englisch.
Verlag: Springer-Verlag GmbH
Erscheinungsdatum: März 2005