The benefits of combining trusted computing with virtualization techniques

Within the last few years attacks against IT systems have reached an alarming number. Since these systems are applied in more and more application fields the arising financial damage is tremendous. The Trusted Computing (TC) approach of the Trusted Computing Group (TCG) should ensure that a system is permanently in a well-defined and trustworthy state. However the TCG only defines the components necessary for a Trusted Computing Platform (TCP) which provides the functionality to measure the integrity of the system during boot process. These integrity measurements must be sustained during runtime of an operating system in order to make qualitative statements of the system state. Common operating systems are far to complex which makes a complete measurement of all security critical files quite impossible. This paper presents an approach towards a security architecture by using virtualization technologies as well as security enhancements of modern processor architectures for hardening an operating system on top of a TCP.