Hardware腾讯rom

IntegrityMeasurementbasedonTrustedComputingYimingLi1,a,HaiheBa2,bandJiangchunRen3,c1CollegeofComputer,NationalUniversityofDefenseTechnology,Changsha,Hunan410073,China2CollegeofComputer,NationalUniversityofDefenseTechnology,Changsha,Hunan410073,China3CollegeofComputer,NationalUniversityofDefenseTechnology,Changsha,Hunan410073,Chinaaemail:jason.
24@qq.
com,bemail:bahaihe@hotmail.
com,cemail:wwwrjc@163.
comKeywords:TrustedComputing;IntegrityMeasurement;RemoteAttestationAbstract.
Withtherapiddevelopmentofmoderninformationtechnology,moreandmorepeoplebelievethattheprotectionofhardwareequipmentmustbeenhancedinordertoimprovethesecuritycapabilitiesofcomputerinformationsystemsbetter.
Trustedcomputingimprovethetrustworthinessofsystemthroughthesecurechipfromhardwarelevel,usingthetrustedroot,chainoftrust,trustedmodeltoensuretheintegrityofthesystem,andexpandsthetrustedchaintoapplicationlayer,ensuresthecredibilityofsoftwarethroughmeasurementandverificationtechnology.
Inthispaper,wewillintroducerelatedhotresearchaboutintegritymeasurement.
IntroductionTheideaoftrustedcomputingderivedfromsuccessfulmanagementexperienceinhumansociety,thatis,eachcountryhasastablerootoftrust,andbuildtrustchainsecuritymechanismbasedonit,whichisresponsibleforthemanagementandimplementationofthenationallevelsofassessment.
However,atpresent,hasnotyetformedaunifieddefinitionontrust.
TrustedComputingGroup(TCG)definedatrustedentity'sbehaviorisalwaysintheexpectedway,toachievethedesiredgoal,thencallthisentityistrusted[1,2].
Asystemistrustediftheoperationorprocedureofcomponentsinvolvedinthecomputingispredicableinanyconditions,andcanprotectagainstvirusesandphysicaldisturbance,definedbyInternationalOrganizationforStandardization/InternationalElectroTechnicalCommission(ISO/IEC).
Measurethetrustworthinessofcomputingsystems,andstoremeasurementsecurely;provideattestationreportwhenremoteobjectaskedforsystem'strustworthiness,thismechanismreferredto"Measure-Storage-Report"mechanism.
Thismechanismdoesnotonlyensurethetrustworthinessofthetrustedcomputingsystem,butalsohavetheabilitytoprovidetrustedproofoutward.
Rootoftrustisthebasispointoftrustedcomputersystem,thereare3trustedrootsoftrustedcomputingplatform,whichisRootofTrustforMeasurement(RTM),RootofTrustforStorage(RTS)andRootofTrustforReport(RTR).
Theyarethetrustedbasepointsofcomputersystem,measurementofplatformandstorageofplatformseparately.
AsshowninFig1,chainoftrustreflects"Measure-Storage-Report"mechanismwell,thatis,measurethetrustworthinessofcomputingplatform,storemeasurementvalueandprovideattestationreport.
Chainoftrustisthetechnicalimplementationoftrustmeasurementmodel,toextendtrustrelationshipfromrootoftrusttoentirecomputingplatform.
Usinganiterativecalculationofhashvalue,whichisconnectingpresentvaluewithnewvalue,andthencalculatehashvalueasanewmeasurement.
Aftermeasurementandstorage,providingattestationreportwhentheremoteentityasked.
ThismechanismiscalledRemoteAttestation.
BIOSBootSectorOSBIOSBootBlockApplicationNetworkHardwareROMMainMemoryTrustModelMeasureStoreReportLogRootofTrustRTSRTRFig.
1.
ChainoftrustmodelIntegrityMeasurementbasedonStaticRootofTrustMeasurementApplicationintegritymeasurementandverificationneedtoprovewhetherthetrustworthinessoflocalcomputingsystemisinlinewiththepredictionofbothlocalandremoteauthenticator.
a.
Binary-basedEarlyintegritymeasurementandverificationismainlyaboutintegritymeasurementofbinarycodeimage,softwareconfiguration.
ThatusingTPMsignatureandlogofintegritymeasurementtoprovetheintegritystatusofsoftware.
Thismethodrequiresplatformmorestringent,isnotflexibleenough,therearetwodisadvantages:(1)Privacy.
IntegritymeasurementbasedonbinaryneedsTPMsignature,andcontainschainoftrust,exposingtheconfigurationinformationofplatform,provideabreakthroughtohostiletosomeextent,sothatlocalcomputingsystemismorevulnerabletovariousattacks.
(2)Difficulttoupdate.
Chainoftrustinvolvingmultiplesystemcomponents,theinformationandversiondifferentfromeachother.
Systemupdatelikelytocausetheintegrityinformationisdifficulttoverify.
IBMhasdesignedandimplementedIMA(IntegrityMeasureArchitecture)3basedonTCGspecifications,measureanintegrityintheorderfromrootoftrust,BIOS,bootsector,OStoapplications,progressivemeasureandtrustlevelbylevel.
Thismethodisabletodetectcurrentoperatingstatusofsystem,whichcouldfindpossibletampering.
IMAmeasurementmodulehasbeenusedasapartofLinuxsecuritymechanisms,andarewidelyusedinavarietyofpracticalapplications.
b.
Property-basedToovercometheshortcomingsofbinaryauthentication,Haldarproposedsemanticremoteauthenticationscheme[4],usingatrustedvirtualmachinetoverifycertainsemanticpropertiesofprogram,achievingacomplexanddynamicintegritymeasurementofadvancedapplicationprograminaplatform-independentway;ChenfromHPLabsproposedtheproperty-basedremoteattestation,convertedbinaryattestationtoproperty-basedattestationbyusingthemainfunctionsofTCG,solvedissueslikesensitiveinformationleakageandupdatedifficultycausedbybinarymeasurement,andselectedatrustedthirdpartyastheissuerofproperty-configurationcertificate.
TheauthenticationmethodbasedonpropertyproposedbySadeghietal.
[5]isabletoestablishmappingbetweenpropertiesandplatformconfigurationsbyreportingplatform'sproperties,andestablishingpropertiesbytrustedcertificateauthority.
Binary-basedmeasurementmechanismprovidesbasicprotectionfortheintegrityofsystemsandapplications,butthereisahugeapplicationlimitations,especiallyinthesystemwithmultipleversionsofmodules;property-basedintegritymeasurementcanovercomethelimitationofbinary-basedintegritymeasurement,playaneffectiveroleinthebinaryimagewithsamepropertybutdifferenthashes,thespecificdifferencesisshowninTable1.
Table1.
ComparisonbetweendifferenttypesofintegritymeasurementBinary-basedProperty-basedObjectsExecutablebinarycodePropertyofplatformTypicalSystemsIMA[3],PRIMA[6]PBA[7],CPBA[8]PrivacyMayleakprivacyProtectprivacyEffectsLowefficiencyPracticalandscalableIntegrityMeasurementbasedonDynamicRootofTrustMeasurementThemeasurementaboveisIMAintegritymeasurementarchitecturebasedonStaticRootofTrustMeasurement,measureintegrityonlywhensystemstartup,cannotguaranteetheintegrityoftheprocess.
Tomakeupfortheseshortcomings,TCG1.
2specification[9]definesanewmechanism:verifythestartupprocessbyDynamicRootofTrustMeasurement(DRTM).
Intel'sTXT(TrustExecutionTechnology)[10]andAMD'sSVM(SecureVirtualMachineExtension)[11]arebothusingDRTMasunderlyingtrustmechanism.
ThedynamicestablishingprocessoftrustedenvironmentbasedonDRTMisknownasLateLaunchinTCG1.
2specification,toguaranteeatrustedstartupofavirtualmachinemanager.
BIND[12]proposedbyCarnegieMellonUniversityisfine-grainedsecuritycertificationservicefordistributedsystems,byusingTPM-basedmeasurementandsignaturemechanism,insertameasurepointineachprocessandprotectrunningprocessbyusingsecurekernelbasedonAMDsecurecoprocessor,toachievedynamicmeasurementsoftrustedprocesses.
BernhardKauer[13]analyzedtrustedcomputingsystembasedonStaticRootofTrustMeasurement(SRTM)indetail,pointedoutthesecurityvulnerabilitiesofthisRTM,andproposedasafeopeningloaderOSLO,transferredrootoftrustfromSRTMtoDRTMbyusingAMD'sskinitinstruction,narrowedthetrustedcomputingbaseofapplicationandweakenedtheattacksagainstTPMandBIOS.
CarnegieMellonUniversityCylablaboratorydesignedTrustVisor[14]basedonvirtualmachinemonitor,whichprovidesmemoryisolation,DMAprotectionandseveralvirtualTPMinterfaces(suchasSeal/UnSeal,Extend,Quote,etc.
),asaresult,notonlyprotectsuser'ssecuresensitivecodebutalsoreducestheimpactofDRTMforrunningefficiency.
UnlikeSRTM,DRTMisabletostartatanytimeandberepeatedanynumberoftimes.
ThereareagreatdifferencebetweenchainoftrustbasedonSRTMandDRTM,thespecificcomparisonasshowninTable2.
Table2.
ComparisonbetweendifferentchainsoftrustDRTM-basedSRTM-basedConfigurationTPM/TCMchipTPM/TCMchip,CPUsupportedspecialinstructionProtectionNospecialhardwareprotectionDisableDMAandinterruptConstructiontimeOnlywhensystempowerupAnytimewhensystemisrunningTrustedcomputingbaseRTM,BIOS,bootsector,OSandupperlayerapplicationSpecialinstructionsinIntelandAMDConclusionSecurityandtrustworthinessofcurrentservicesfocusedonprotectionofmessagelayer,trustedcomputingandsecurityserviceshasnotformedaneffectiveinteraction,italsomakesthecurrentinformationsystemfaceenormouschallenges.
Thispaperdescribestheservicesandsecuritytechnologies,trustedcomputingbase,staticmeasurementtechniquesofprogram,behaviorandsomeprinciplesandtechniquesoftraditionaltrustedcomputing,introducesthelatestdevelopmentoftrustedcomputingtechnology,comparingtheadvantagesanddisadvantagesofvarioustechniques.
References[1]TrustedComputingGroup(TCG).
http://www.
trustedcomput-inggroup.
org.
[2]ModuleTP.
MainSpecification,Level2,Version1.
2,Revision116(2011)[J].
[3]R.
Sailer,X.
Zhang,etal.
DesignandimplementationofaTCG-basedintegritymeasurementarchitecture.
Proceedingsofthe13thUsenixSecuritySymposium,August2004,pp.
223-238.
[4]V.
Haldar,D.
Chandra,etal.
,SemanticRemoteAttestation-VirtualMachineDirectedApproachtoTrustedComputing.
Proc.
ofthe3rdVirtualMachineResearchandTechnologySymposium,2004,pp.
29-41.
[5]R.
Sadeghi,etal.
,Property-basedattestationforcomputingplatforms:caringaboutproperties,notmechanisms.
ProcoftheNewSecurityParadigmsWorkshop,2004,pp.
67-77.
[6]T.
Jaeger,R.
Sailer,etal.
,PRIMA:Policy-ReducedIntegrityMeasurementArchitecture.
Proc.
ofACMSymposiumonAccessControlModelsandTechnologies,2006,pp.
19-28.
[7]ChenL,LandfermannR,LhrH,etal.
Aprotocolforproperty-basedattestation[C]//ProceedingsofthefirstACMworkshoponScalabletrustedcomputing.
ACM,2006:7-16.
[8]YuQin,DengguoFeng.
Remoteattestationbasedoncomponentproperty[J].
JournalofSoftware,2009,20(6):1625-1641.
[9]TCG.
PCclientspecifictpminterfacespecification.
Version1.
2,revision1.
00.
http://www.
trustedcomputinggroup.
org,July2005.
[10]Inteltrustedexecutiontechnologymledevelopersguide.
http://www.
intel.
com/technology.
[11]AMD64virtualization:Securevirtualmachinearchitecturereferencemanual.
AMDPublicationNo.
33047rev.
3.
01,May2005.
[12]ElaineShi,AdrianPerrig,LeendertVanDoorn.
BIND:AFine-grainedAttestationServiceforSecureDistributedSystem.
Proc.
oftheIEEESymposiumonS&P,2005,pp.
154-168.
[13]KauerB.
OSLO:ImprovingthesecurityofTrustedComputing[C]//ProceedingsoftheUSENIXSecuritySymposium.
2007,24(25):173.
[14]McCuneJM,LiY,QuN,etal.
TrustVisor:EfficientTCBreductionandattestation[C]//SecurityandPrivacy(SP),2010IEEESymposiumon.
IEEE,2010:143-158.