[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] trusted computing
On Tue, 19 Oct 2004 00:16:43 +0100 David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx> wrote: [...] > Yep, only executables. This seems quite useless. You have a good point, but maybe combining this method with virtual machines can actually address the problem? I had never heard of the IBM project, so it was curious to see a real implementation (that even supposedly runs on my laptop). Here are two interesting papers out there that specifically address the executable problem. I can't attest (har har) to the "correctness" of these approaches, but it is an interesting subject: http://www.usenix.org/events/vm04/tech/haldar/haldar_html/ "The goal is to attest program behavior, not a particular binary." page 4, http://suif.stanford.edu/papers/sosp03-terra.pdf Certification of a VM being loaded by the TVMM involves the TVMM signing a hash of all persistent state that identifies the VM. This includes the BIOS, executable code, and constant data of the VM. This does not include temporary data on persistent storage or NVRAM contents that constantly change over time. The separa- tion between data which does and does not need to be included in the attestation is application-specific, made by the VM's developer. Terra supports these two type of data by providing VMs with both "attested storage" that the TVMM incorporates in the VM's hash and "unattested storage" that it does not (see section 4.2). > > -- > David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx> > > > > ------------------------------------------------------- > This SF.net email is sponsored by: IT Product Guide on ITManagersJournal > Use IT products in your business? Tell us what you think of them. Give us > Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more > http://productguide.itmanagersjournal.com/guidepromo.tmpl > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/xen-devel > ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |