Purdue CS 42600 - Recommendations for Hardware-Supported Minimal TCB Code Execution (12 pages)

Previewing pages 1, 2, 3, 4 of 12 page document View the full content.
View Full Document

Recommendations for Hardware-Supported Minimal TCB Code Execution



Previewing pages 1, 2, 3, 4 of actual document.

View the full content.
View Full Document
View Full Document

Recommendations for Hardware-Supported Minimal TCB Code Execution

60 views


Pages:
12
School:
Purdue University
Course:
Cs 42600 - Computer Security

Unformatted text preview:

How Low Can You Go Recommendations for Hardware Supported Minimal TCB Code Execution Jonathan M McCune Bryan Parno Adrian Perrig Michael K Reiter Arvind Seshadri Carnegie Mellon University University of North Carolina at Chapel Hill Abstract On a modern computing device the minimal TCB for executing a piece of code consists of the CPU the memory and the interface between them The challenge then is to develop an architecture that executes application code while relying only on this mandatory TCB yet simultaneously maintains compatibility with the existing layered systems architecture In earlier work 16 17 we proposed a Secure Execution Architecture SEA 1 that executes the security sensitive code of an application while trusting only the mandatory TCB and a Trusted Platform Module TPM SEA achieves this property by executing an application s security sensitive code in isolation from all other software on the system The isolation is achieved using the CPU based isolation technologies present in modern commodity CPUs from AMD and Intel namely AMD s Secure Virtual Machine SVM technology 1 and Intel s Trusted Execution Technology TXT 11 In this paper we evaluate the performance of SEA on commodity systems Unfortunately SVM and TXT were designed for extremely infrequent usage say once per boot cycle As a result we find that the SEA approach on current hardware suffers from performance issues that undermine its appeal Fortunately our investigation also reveals that by combining alterations to SEA with hardware modifications to improve performance and concurrency we can achieve efficient minimal TCB code execution In other words we can execute application code while trusting only the mandatory TCB and avoid today s performance issues Although other researchers have proposed compelling hardware security architectures e g XOM 14 or AEGIS 23 we focus on hardware modifications that tweak or slightly extend existing hardware functionality We believe this approach offers the best



View Full Document

Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view Recommendations for Hardware-Supported Minimal TCB Code Execution and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Recommendations for Hardware-Supported Minimal TCB Code Execution and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?