Skip to main content
SpringerLink
Log in

Expanding an Operating System’s Working Space with a New Mode to Support Trust Measurement

  • Conference paper
Information Security Practice and Experience (ISPEC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9065))

Abstract

Integrity measurement for Operating Systems (OS) is of practical significance. To make a measurement trustworthy, it is essential to protect the Integrity Measurement Mechanisms (IMM). However, much is still to be done to this end. This paper tries to take a step forward to shoot the target. Firstly, it puts forward the concept of trust mode, which expands the working space of an OS from two-mode, consisting of user mode and kernel mode, to tri-mode, consisting of user mode, kernel mode and trust mode. The trust mode is of the highest privilege level, in which the Core Measurement Mechanism (CMM) of an OS is executed. The CMM is in charge of measuring the IMM, which is running in kernel mode. Even if the OS kernel is compromised, the CMM would work normally without interference. Then, the paper proposes an approach to building the trust mode. It also develops a prototype to implement the trust mode by fully utilizing potentialities of modern hardware.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Loscocco, P.A., Wilson, P.W., Pendergrass, J.A., et al.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: 2007 ACM workshop on Scalable Trusted Computing, pp. 21–29. ACM Press, New York (2007)

    Chapter  Google Scholar 

  2. Sailer, R., Zhang, X., Jaeger, T., et al.: Design and Implementation of a TCG-based Integrity Measurement Architecture. In: 13th USENIX Security Symposium, pp. 223–238 (2004)

    Google Scholar 

  3. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: 11th ACM Symposium on Access Control Models and Technologies, pp. 19–28. ACM Press, New York (2006)

    Google Scholar 

  4. Shi, W.: On Design of a Trusted Software Base with Support of TPCM. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 1–15. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Loscocco, P.A., Smalley, S.D., Muckelbauer, P.A., et al.: The Flawed Assumption of Security in Modern Computing Environments. In: 21st National Information Systems Security Conference, pp. 303–314 (1998)

    Google Scholar 

  6. Swift, M.M., Bershad, B.N., Levy, H.M.: Improving the Reliability of Commodity Operating Systems. ACM Transactions on Computer Systems 23(1), 77–110 (2005)

    Article  Google Scholar 

  7. Venema, W.: Isolation Mechanisms for Commodity Applications and Platforms. IBM Technical Report, RC24725(W0901-048) (2009)

    Google Scholar 

  8. Dyer, J.G., Lindemann, M., Perez, R., et al.: Building the IBM 4758 Secure Coprocessor. IEEE Computer 34(10), 57–66 (2001)

    Article  Google Scholar 

  9. Suh, G.E., Clarke, D., Gassend, B., et al.: AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In: 17th Annual International Conference on Supercomputing (ICS 2003), pp. 160–171. ACM Press, New York (2003)

    Google Scholar 

  10. Sharif, M., Lee, W., Cui, W., et al.: Secure In-VM Monitoring Using Hardware Virtualization. In: 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 477–487. ACM Press, New York (2009)

    Google Scholar 

  11. Azab, A.M., Ning, P., Sezer, E.C., et al.: HIMA: A Hypervisor Based Integrity Measurement Agent. In: 25th Annual Computer Security Applications Conference (ACSAC 2009), pp. 461–470. IEEE Press (2009)

    Google Scholar 

  12. Rosenblum, M., Garfinkel, T.: Virtual Machine Monitors: Current Technology and Future Trends. IEEE Computer 38(5), 39–47 (2005)

    Article  Google Scholar 

  13. Garfinkel, T., Rosenblum, M.: When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. In: 10th USENIX Workshop on Hot Topics in Operating Systems. USENIX Press, Berkeley (2005)

    Google Scholar 

  14. Drepper, U.: The Cost of Virtualization. ACM QUEUE, 30–35 (January/February 2008)

    Google Scholar 

  15. TPM Main - Part 1 Design Principles - Specification Version 1.2. Trusted Computing Group (July 2007)

    Google Scholar 

  16. Advanced Micro Devices: AMD64 Virtualization: Secure Virtual Machine Architecture Reference Manual. AMD Publication, no.33047, rev. 3.01. (2005)

    Google Scholar 

  17. Neiger, G., Santoni, A., Leung, F.: Intel Virtualization Technology: Hardware Support for Efficient Processor Virtualization. Intel Technology Journal 10(03), 167–177 (2006)

    Article  Google Scholar 

  18. Levine, J.F., Grizzard, J.B., Owen, H.L.: Detecting and Categorizing Kernel-Level Rootkits to Aid Future Detection. IEEE Security & Privacy 4(1), 24–32 (2006)

    Article  Google Scholar 

  19. Wei, C., Song, S., Hua, W.: Operating Systems Support for Process Dynamic Integrity Measurement. In: IEEE Youth Conference on Information, Computing and Telecommunication (YC-ICT 2009), pp. 339–342. IEEE Press (2009)

    Google Scholar 

  20. Tygar, J.D., Yee, B.: Dyad: A System for Using Physically Secure Coprocessors. Technical Report, CMU-CS-91-140R, Carnegie Mellon University (1991)

    Google Scholar 

  21. Clark, P.C., Hoffman, L.J.: BITS: A Smartcard Protected Operating System. Communications of the ACM 37(11), 66–70, 94 (1994)

    Google Scholar 

  22. Arbaugh, W.A., Farber, D.J., Smith, J.M.: A Secure and Reliable Bootstrap Architecture. In: 1997 IEEE Symposium on Security and Privacy (S&P 1997), pp. 65–71 (1997)

    Google Scholar 

  23. Maruyama, H., Seliger, F., Nagaratnam, N., et al.: Trusted Platform on Demand. Technical Report, RT0564, IBM (2004)

    Google Scholar 

  24. Jaeger, T., Sailer, R., Shankar, U.: PRIMA: Policy-Reduced Integrity Measurement Architecture. In: 11th ACM Symposium on Access Control Models and Technologies, pp. 19–28. ACM Press, New York (2006)

    Google Scholar 

  25. Intel Trusted Execution Technology - Software Development Guide - Measured Launched Environment Developer’s Guide. Document Number: 315168-005, Intel (2008)

    Google Scholar 

  26. Alves, T., Felton, D.: TrustZone: Integrated Hardware and Software Security - Enabling Trusted Computing in Embedded Systems. Information Quarterly 3(4), 18–24 (2004)

    Google Scholar 

  27. Seshadri, A., Luk, M., Qu, N., et al.: SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes. In: 21st ACM Symposium on Operating Systems Principles (SOSP 2007), pp. 335–350. ACM Press, New York (2007)

    Google Scholar 

  28. McCune, J.M., Parno, B., Perrig, A.: Flicker: An Execution Infrastructure for TCB Minimization. In: ACM European Conference on Computer Systems, EuroSys 2008 (2008)

    Google Scholar 

  29. McCune, J.M., Li, Y., Qu, N., et al.: TrustVisor: Efficient TCB Reduction and Attestation. In: 2010 IEEE Symposium on Security and Privacy (SP 2010), pp. 143–158 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information, Renmin University of China, Beijing, China

    Chenglong Wei, Wenchang Shi, Bo Qin & Bin Liang

Authors
  1. Chenglong Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenchang Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bo Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bin Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chenglong Wei .

Editor information

Editors and Affiliations

  1. University of Malaga, Malaga, Spain

    Javier Lopez

  2. Institute for Infocomm Research, Singapore, Singapore

    Yongdong Wu

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Wei, C., Shi, W., Qin, B., Liang, B. (2015). Expanding an Operating System’s Working Space with a New Mode to Support Trust Measurement. In: Lopez, J., Wu, Y. (eds) Information Security Practice and Experience. ISPEC 2015. Lecture Notes in Computer Science(), vol 9065. Springer, Cham. https://doi.org/10.1007/978-3-319-17533-1_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-17533-1_2

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-17532-4

  • Online ISBN: 978-3-319-17533-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation