Sadeghi, Ahmad-Reza ; Stüble, Christian ; Winandy, Marcel (2008)
Property-Based TPM Virtualization.
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-effective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to securely link software and the underlying hardware. Existing solutions for TPM virtualization, however, have various shortcomings that hinder the deployment to a wide range of useful scenarios. In this paper, we address these shortcomings by presenting a flexible and privacy-preserving design of a virtual TPM that in contrast to existing solutions supports different approaches for measuring the platform's state and for key generation, and uses property-based attestation mechanisms to support software updates and VM migration. Our solution improves the maintainability and applicability of hypervisors supporting hardware security modules like TPM.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2008 |
| Autor(en): | Sadeghi, Ahmad-Reza ; Stüble, Christian ; Winandy, Marcel |
| Art des Eintrags: | Bibliographie |
| Titel: | Property-Based TPM Virtualization |
| Sprache: | Deutsch |
| Publikationsjahr: | September 2008 |
| (Heft-)Nummer: | 5222 |
| Buchtitel: | Information Security, 11th International Conference (ISC 2008) |
| Reihe: | LNCS |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-effective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to securely link software and the underlying hardware. Existing solutions for TPM virtualization, however, have various shortcomings that hinder the deployment to a wide range of useful scenarios. In this paper, we address these shortcomings by presenting a flexible and privacy-preserving design of a virtual TPM that in contrast to existing solutions supports different approaches for measuring the platform's state and for key generation, and uses property-based attestation mechanisms to support software updates and VM migration. Our solution improves the maintainability and applicability of hypervisors supporting hardware security modules like TPM. |
| Freie Schlagworte: | Secure Things;Property-Based Attestation, Virtual TPM |
| ID-Nummer: | TUD-CS-2008-11483 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit LOEWE LOEWE > LOEWE-Zentren LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt |
| Hinterlegungsdatum: | 10 Mär 2016 10:18 |
| Letzte Änderung: | 03 Jun 2018 21:31 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum