Open-Source Applications of TCPA Hardware

Tucson, Arizona December 06-December 10

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.25

20th Annual Computer Security Applica ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by John Marchesini Articles by Sean W. Smith Articles by Omen Wild Articles by Josh Stabiner Articles by Alex Barsamian

	ASCII Text	x
	John Marchesini, Sean W. Smith, Omen Wild, Josh Stabiner, Alex Barsamian, "Open-Source Applications of TCPA Hardware," Computer Security Applications Conference, Annual, pp. 294-303, 20th Annual Computer Security Applications Conference (ACSAC'04), 2004.

	BibTex	x
	@article{ 10.1109/CSAC.2004.25, author = {John Marchesini and Sean W. Smith and Omen Wild and Josh Stabiner and Alex Barsamian}, title = {Open-Source Applications of TCPA Hardware}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2004}, issn = {1063-9527}, pages = {294-303}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.2004.25}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Open-Source Applications of TCPA Hardware SN - 1063-9527 SP294 EP303 A1 - John Marchesini, A1 - Sean W. Smith, A1 - Omen Wild, A1 - Josh Stabiner, A1 - Alex Barsamian, PY - 2004 KW - null VL - 0 JA - Computer Security Applications Conference, Annual ER -

John Marchesini, Dartmouth College, Hanover, NH

Sean W. Smith, Dartmouth College, Hanover, NH

Omen Wild, Dartmouth College, Hanover, NH

Josh Stabiner, Dartmouth College, Hanover, NH

Alex Barsamian, Dartmouth College, Hanover, NH

How can Alice trust computation occurring at Bob's computer? Since it exists and is becoming ubiquitous, the current-generation TCPA/TCG hardware might enable a solution. When we started investigating this technology, the specification of the TCG software stack was not publicly available, and an implementation is still not; so, we designed and built an open-source platform based on Linux and commercially available TCPA/TCG hardware which would allow us to address the problem of trusting computation. Within the limits of TCPA/TCG hardware security, our solution balances what Alice needs to do to make trust judgments against what Bob needs to do to keep his system running.

Furthermore, we describe how we use our platform to harden three sample open-source applications: Apache SSL Web servers, OpenCA certification authorities, and (with SELinux) compartmented attestation to balance privacy with DRM.

To our knowledge, our project remains the only open-source TCPA/TCG platform in existence, and is also enabling trusted computing applications developed by our user community (enforcer.sourceforge.net reports over 1100 sourcecode downloads so far).

Citation:

John Marchesini, Sean W. Smith, Omen Wild, Josh Stabiner, Alex Barsamian, "Open-Source Applications of TCPA Hardware," acsac, pp.294-303, 20th Annual Computer Security Applications Conference (ACSAC'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.