TU Darmstadt / ULB / TUbiblio

Property-Based TPM Virtualization

Sadeghi, Ahmad-Reza ; Stüble, Christian ; Winandy, Marcel (2008)
Property-Based TPM Virtualization.
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-effective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to securely link software and the underlying hardware. Existing solutions for TPM virtualization, however, have various shortcomings that hinder the deployment to a wide range of useful scenarios. In this paper, we address these shortcomings by presenting a flexible and privacy-preserving design of a virtual TPM that in contrast to existing solutions supports different approaches for measuring the platform's state and for key generation, and uses property-based attestation mechanisms to support software updates and VM migration. Our solution improves the maintainability and applicability of hypervisors supporting hardware security modules like TPM.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2008
Autor(en): Sadeghi, Ahmad-Reza ; Stüble, Christian ; Winandy, Marcel
Art des Eintrags: Bibliographie
Titel: Property-Based TPM Virtualization
Sprache: Deutsch
Publikationsjahr: September 2008
(Heft-)Nummer: 5222
Buchtitel: Information Security, 11th International Conference (ISC 2008)
Reihe: LNCS
Zugehörige Links:
Kurzbeschreibung (Abstract):

Today, virtualization technologies and hypervisors celebrate their rediscovery. Especially migration of virtual machines (VMs) between hardware platforms provides a useful and cost-effective means to manage complex IT infrastructures. A challenge in this context is the virtualization of hardware security modules like the Trusted Platform Module (TPM) since the intended purpose of TPMs is to securely link software and the underlying hardware. Existing solutions for TPM virtualization, however, have various shortcomings that hinder the deployment to a wide range of useful scenarios. In this paper, we address these shortcomings by presenting a flexible and privacy-preserving design of a virtual TPM that in contrast to existing solutions supports different approaches for measuring the platform's state and for key generation, and uses property-based attestation mechanisms to support software updates and VM migration. Our solution improves the maintainability and applicability of hypervisors supporting hardware security modules like TPM.

Freie Schlagworte: Secure Things;Property-Based Attestation, Virtual TPM
ID-Nummer: TUD-CS-2008-11483
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Systemsicherheit
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Hinterlegungsdatum: 10 Mär 2016 10:18
Letzte Änderung: 03 Jun 2018 21:31
PPN:
Zugehörige Links:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen