Title :
Minimal TCB Code Execution
Author :
McCune, Jonathan M. ; Parno, Bryan ; Perrig, Adrian ; Reiter, Michael K. ; Seshadri, Arvind
Author_Institution :
Carnegie Mellon Univ., Pittsburgh, PA
Abstract :
We propose an architecture that allows code to execute in complete isolation from other software while trusting only a tiny software base that is orders of magnitude smaller than even minimalist virtual machine monitors. Our technique also enables more meaningful attestation than previous proposals, since only measurements of the security-sensitive portions of an application need to be included. We achieve these guarantees by leveraging hardware support provided by commodity processors from AMD and Intel that are shipping today.
Keywords :
operating systems (computers); security of data; virtual machines; AMD; Intel; minimal TCB code execution; security-sensitive portions; virtual machine monitors; Application software; Computer architecture; Cryptography; Hardware; Information security; Kernel; Operating systems; Proposals; Sea measurements; Virtual machine monitors;
Conference_Titel :
Security and Privacy, 2007. SP '07. IEEE Symposium on
Conference_Location :
Berkeley, CA
Print_ISBN :
0-7695-2848-1
