Trusted Computing Technologies

Decription of WuDa's research work

Research Content

• Measurement of the integrity of VMM

So far, we consider the TPM (or TCM) as the TCB of hardware environment of the system, through which the security of the application environment is

insured. Because of our limited resouce, in first phase of Daoli, we focused only on the validation whether the trusted computing technology suits the distributed computing environment, and how to make full use of the TPM (or TCM) in the distributed computing environment. The Linux OS, which we chose in Phase I, although it is open-source, still very complicated. Be limited by the technologies of prior period, we have no idea how to insure the security of the software environment from the lower layer.

The international quick development of VM technology and the join of Fudan University technologically support us very well. In our current phase, we intend to treat the VMM as the TCB in the software environment of the entire system, and to insure the integrity and security in the software environment by using the VM technology of the team of Fudan University.

The VMM which the team of Fudan University is adopting now is kind of para-virtualization technology. The layer, which the VM lies in, is under the layer, which the

OS lies in, so we consider the VMM as a kind of reduced OS. Nowadays, as general concept, , the OS, especially the core module of the OS, is measured by the way of verification on load, e.g. TrustGrub, IMA of IBM. So we intend to adopt the analogous way to verify the integrity of VMM.According to the traditional chain of trust, we change the system boot sequence. The boot component measures VMM, so that we can make sure of the trust of VMM.

In Figure 4, the HTCB in the hardware environment is composed by BIOS and TPM (or TCM), and the STCB in the software environment is composed by TPM (or TCM),Trusted Grub and VMM. In the Trusted Grub, we call the interrupt of INT 1AH, which is provided by the TPM (or TCM) and BIOS. In this way we can make access to TPM (or TCM), measure the VMM and then calculate the hash value of the whole entity before VMM starts.

In Figure 4, TCB is composed by BIOS, TPM (or TCM) and VMM. According to the Trusted Chain, one level is trusted by another is needed and components inside TCB need to trust each other. So Trusted Grub should be one part of the TCB as the connection module of trusted components. So far there haven't been any protections for Trusted Grub, we intend to protect the Trusted Grub by using the TPM (or TCM).

In Figure 5, the Trusted Grub is divided to two parts: the head information and the entity information. Trusted Grub's head contains some basic information about Grub and grub's entity contains encrypted Grub, which is encrypted by the TPM (or TCM), and the codes of the processes for verifying in the VMM.

We use the command SEAL to bind Trusted Grub to our platform, and treated a password as the usage authorization of the key for encryption, so that we can use TPM to protect the Grub. The decrypted Grub code, which implements the function of the VMM protection, will be loaded to the memory again.

• Measurement of the integrity of the SOA Container

A series of protection for SOA is one of our requirements. SOA can be measured in the entity environment called SOA Container. So the security of SOA Container is our goal of the research.We can insure that SOA Container is running in an isolation memory space by adopting the technology of the team of Fudan University.

In order to insure that the implementation of our container is security, we need to provide a secure mechanism to access TPM (or TCM). Therefore, we intend to develop a set of TPM (or TCM) management module, which orients VMM. To provide a more convenient way to use TPM (or TCM), we not only consider the TPM (or TCM) management module as a kind of TPM (or TCM) driver, but transplant TSS (Daoli), which runs on the layer of the OS, to the VMM. Figure 5 illustrates the series of protections, which orient the architecture of VMM, for SOA Container.

Comments