谭良,徐志伟

DOI: https://doi.org/10.3969/j.issn.1002-137x.2008.10.003

2008-01-01

Computer Science

Abstract:The issue of the transitive trusted chain is the foundation for trusted computing.This paper surveys the technologies and the theories of the transitive trusted chain,including the technology projects of the transitive trusted chain,the technologies of the trust for measurement,the theories of the transitive trusted chain and the trust for measurement.Some fields are worthy to be explored are pointed out including some key technologies,such as the static trust for measurement and the dynamic trust for measurement,and some foundation theories,such as the level model of the trusted chain,the trust loss model and the theory of the dynamic trust for measurement for software,and so on.

Cui Yan-Li,Zhang Xing

DOI: https://doi.org/10.1109/cnmt.2009.5374540

2009-01-01

Abstract:In the distributed environment, one important security issue is how to apply further security control to the object that is released to other terminals. The appearance of trusted computing technology has provided an effective solution for this issue in the distributed environment. At the same time, through combining trusted computing technology with the strong isolation and sharing characteristic provided by virtual machine technology has further increased the security and the flexibility of distributed access control. Therefore, this paper uses trusted computing technology to improve the security of the terminal in carrying out the distributed access control, designs a trusted terminal architecture that bases on the trusted computing technology and the virtual machine technology as well as a enhanced mode that suits in distributed access control, and on this basis, analyzes the security of system design.

Jingkai Mao,Haoran Zhu,Junchao Fan,Lin Li,Xiaolin Chang

2024-05-02

Abstract:The Virtual Machine (VM)-based Trusted-Execution-Environment (TEE) technology, like AMD Secure-Encrypted-Virtualization (SEV), enables the establishment of Confidential VMs (CVMs) to protect data privacy. But CVM lacks ways to provide the trust proof of its running state, degrading the user confidence of using CVM. The technology of virtual Trusted Platform Module (vTPM) can be used to generate trust proof for CVM. However, the existing vTPM-based approaches have the weaknesses like lack of a well-defined root-of-trust, lack of vTPM protection, and lack of vTPM's trust proof. These weaknesses prevent the generation of the trust proof of the CVM. This paper proposes an approach to generate the trust proof for AMD SEV-based CVM so as to ensure its security by using a secure vTPM to construct Trusted Complete Chain for the CVM (T3CVM). T3CVM consists of three components: 1) TR-Manager, as the well-defined root-of-trust, helps to build complete trust chains for CVMs; 2) CN-TPMCVM, a special CVM provides secure vTPMs; 3) CN-CDriver, an enhanced TPM driver. Our approach overcomes the weaknesses of existing approaches and enables trusted computing-based applications to run seamlessly in the trusted CVM. We perform a formal security analysis of T3CVM, and implement a prototype system to evaluate its performance.

Cryptography and Security,Software Engineering

Xiao-xiang JIAN,Hong GAO,Wen-huang LIU

DOI: https://doi.org/10.3321/j.issn:1002-8331.2006.36.022

2006-01-01

Abstract:According to the coming of the global information age,trusted computing improved from fault-tolerance computing,fault detection,redundancy backup technique to trusted computing software and hardware platforms.This article analyzes the limitation of current trusted computing platform based on integrated TPM,and discusses methods using portable TPM to solve current problems.A trusted computing model and its implementation is presented,which is based on the portable TPM.

Lei Han,Jiqiang Liu,Zhen Han,Xueye Wei

DOI: https://doi.org/10.1007/s11704-011-9180-4

2011-05-14

Frontiers of Computer Science in China

Abstract:In today’s globalized digital world, network-based, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user.

Cui Yan-Li,Xing Zhang

DOI: https://doi.org/10.1109/PACIIA.2009.5406422

2009-01-01

Abstract:For trusted computing technology, as the basis of remote attestation, system integrity measurement whose theory model and application research is all along a discussed focus. Integrity measurement of binary system of trusted computing technology used the transmission model of trust chain, but the development of this model is late to the development of remote attestation. This paper mainly concerns systems integrity measurement of property remote attestation, adds certificate authority and trusted property authority based on the original binary integrity measurement, realizes the conversion from binary fingerprints convert to property remote attestation. Combining the new features of property remote attestation, this paper uses the predicate logic to prove the credibility of systems integrity measurement of property remote attestation. ©2009 IEEE.

Han Liu,Pedro Antonino,Zhiqiang Yang,Chao Liu,A.W. Roscoe

DOI: https://doi.org/10.48550/arXiv.2112.00346

2021-12-01

Abstract:We develop the concept of Trusted and Confidential Program Analysis (TCPA) which enables program certification to be used where previously there was insufficient trust. Imagine a scenario where a producer may not be trusted to certify its own software (perhaps by a foreign regulator), and the producer is unwilling to release its sources and detailed design to any external body. We present a protocol that can, using trusted computing based on encrypted sources, create certification via which all can trust the delivered object code without revealing the unencrypted sources to any party. Furthermore, we describe a realization of TCPA with trusted execution environments (TEE) that enables general and efficient computation. We have implemented the TCPA protocol in a system called TCWasm for web assembly architectures. In our evaluation with 33 benchmark cases, TCWasm managed to finish the analysis with relatively slight overheads.

Cryptography and Security,Software Engineering

Ketong Shang,Jiangnan Lin,Yu Qin,Muyan Shen,Hongzhan Ma,Wei Feng,Dengguo Feng

2024-12-05

Abstract:Confidential Computing has emerged to address data security challenges in cloud-centric deployments by protecting data in use through hardware-level isolation. However, reliance on a single hardware root of trust (RoT) limits user confidence in cloud platforms, especially for high-performance AI services, where end-to-end protection of sensitive models and data is critical. Furthermore, the lack of interoperability and a unified trust model in multi-cloud environments prevents the establishment of a cross-platform, cross-cloud chain of trust, creating a significant trust gap for users with high privacy requirements. To address the challenges mentioned above, this paper proposes CCxTrust (Confidential Computing with Trust), a confidential computing platform leveraging collaborative roots of trust from TEE and TPM. CCxTrust combines the black-box RoT embedded in the CPU-TEE with the flexible white-box RoT of TPM to establish a collaborative trust framework. The platform implements independent Roots of Trust for Measurement (RTM) for TEE and TPM, and a collaborative Root of Trust for Report (RTR) for composite attestation. The Root of Trust for Storage (RTS) is solely supported by TPM. We also present the design and implementation of a confidential TPM supporting multiple modes for secure use within confidential virtual machines. Additionally, we propose a composite attestation protocol integrating TEE and TPM to enhance security and attestation efficiency, which is proven secure under the PCL protocol security model. We implemented a prototype of CCxTrust on a confidential computing server with AMD SEV-SNP and TPM chips, requiring minimal modifications to the TPM and guest Linux kernel. The composite attestation efficiency improved by 24% without significant overhead, while Confidential TPM performance showed a 16.47% reduction compared to standard TPM.

Cryptography and Security

FENG Dengguo,LIU Jingbin,QIN Yu,FENG Wei,Wei FENG,Yu QIN,Jingbin LIU,Dengguo FENG

DOI: https://doi.org/10.1360/ssi-2020-0096

2020-08-01

Scientia Sinica Informationis

Abstract:Trusted computing is based on a hardware security mechanism establishing a trusted computing environment and comprehensively enhances the system and network trust from the architectural perspective. With the development of information technology and continuous emergence of new application scenarios, security threats in the cyberspace are becoming increasingly serious; hence, trusted computing is actively researched in both academia and industry to find solutions against such treats. This paper summarizes the development process of trusted computing theory from the perspective of innovation and development. The study centers around one of the authors research results in trusted computing over the past 20 years. It proposes a trusted computing technology architecture that covers two method foundations, three trust cores, and four key technologies. Furthermore, the paper summarizes important research problems in mobile trusted computing, quantum-resistant trusted computing, trusted Internet of Things (IoT), trusted cloud, and trusted blockchain, elaborating on the integration and development of trusted computing in these fields. In mobile trusted computing, the design and implementation of a trusted execution environment architecture with software/hardware co-design is the focus of research. Another two important research issues in mobile trusted computing are the runtime security isolation and protection of the mobile operating systems kernel and trusted execution environment-based mobile application security protection. Due to the characteristics of embedded environments and limitation of resources, the construction of lightweight trusted roots, efficient and secure software attestation, practical secure code update mechanism, and swarm device attestation are important issues for further research in trusted IoT. In new scenarios such as quantum-resistant trusted computing, trusted cloud, and trusted blockchain, trusted computing is also constantly expanding its application boundaries and playing an increasingly important role. Finally, this paper looks ahead and discusses the development trends in trusted computing.

C. Thomborson

2006-01-01

Abstract:Trusted computing systems offer great promise in corporate and governmental applications. Their uptake has been very slow outside of the national security agencies for which they were developed, in part because they have been difficult and expensive to configure and use. Recent designs are easier to use, but some compliance and governance issues are unresolved. Our analysis suggests that cryptographic systems, in order to be trustworthy in corporate environments, must support an audit of their most important operations. At minimum the audit record must reveal the number of keys that have been generated, as well as the creation times and authorities of these keys. This record of cryptographic activity must be tamper-evident, and must be open to inspection by the IT staff of the corporate owners as well as by their independent auditors.

Di Lu,Ruidong Han,Yue Wang,Yongzhi Wang,Xuewen Dong,Xindi Ma,Teng Li,Jianfeng Ma

DOI: https://doi.org/10.1016/j.cose.2020.101922

2020-10-01

Abstract:<p>To achieve more powerful task processing capabilities, the smart embedded systems (SES) are interconnected via wireless network to form a collaboration system. However, due to the limitations on system hardware, the SES device are usually built with the consideration of software functions instead of enough security mechanisms, that exposes the SESs under the security threats from malware or malicious users, such as software or data tampering. To address this issue, a Trusted Platform Module (TPM) is brought in the SES device to guarantee the integrity of the system, with which any unauthorized modifications towards the SES system can be detected by measurement operations of TPM. However, from the perspective of the external visitors, a SES collaboration network performs as a complete system. Thus, to unify the root-of-trust of the network, all the TPMs need to be integrated into a logical one, which can provide more efficient way to attest the external visitors. This brings two distinct advantages: 1) any nodes of the network can be the access node for the visitor, and 2) once a visitor has been successfully attested, it can access the network via any nodes without extra attestation. To achieve TPM integration, we have proposed five protocols to orchestrate the distributed TPMs, including <em>Synchronization Protocol (SYNP), Node Accessing Protocol (NAP), Crossing-Node Access Protocol (CNAP), Updating Protocol (UPDP)</em> and <em>Node-Removing Protocol (NRP)</em>. We have built a prototype system composed of Raspberry Pis and Infineon TPM2.0 chips, in which these protocols are implemented and deployed. Then, we evaluate the protocols' performance on time consumption, and the results show the feasibility and availability of these protocols. Finally, our analysis on experimental results gives the guidance for appropriate use of these protocols.</p>

computer science, information systems

Rui Chang,Liehui Jiang,Wenzhi Chen,Yaobin Xie,Zhongyong Lu

2016-01-01

Abstract:The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, e.g., smart hardware, wearable devices, mobile devices. Typically, these devices use universal hardware and software to connect with public network by internet, and are probably open to security threats from Trojan, virus and other malware. As a result, not only personal sensitive data is threatened, economic interests in industry are also compromised. To address the run-time security problems efficiently, first a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Last, both analytical and experimental evaluations are given in the end. The experimental results demonstrate that the proposed security scheme is effective and feasible.

Wu Luo,Wei Liu,Yang Luo,Anbang Ruan,Qingni Shen,Zhonghai Wu

DOI: https://doi.org/10.1109/trustcom.2016.0058

2016-01-01

Abstract:In recent years, the rapid development of virtualization and container technology brings unprecedented impact on traditional IT architecture. Trusted Computing devotes to provide a solution to protect the integrity of the target platform and introduces a virtual TPM to adapt to the challenges that virtualization brings. However, the traditional integrity measurement solution and remote attestation has limitations due to the challenges such as large of measurement and attestation cost and overexposure of configurations details. In this paper, we propose the Partial Attestation Model. The basic idea of Partial Attestation Model is to reconstruct the Chain of Trust by dividing them into several separated ones. Our model therefore enables the challenger to attest the specified security requirements of the target platform, instead of acquiring and verifying the complete detailed configurations. By ignoring components not related to the target requirements, our model reduces the attestation costs. In addition, we further implement an attestation protocol to prevent overexposure of the target platform's configuration details. We build a use case to illustrate the implementation of our model, and the evaluations on our prototype show that our model achieves better efficiency than the existing remote attestation scheme.

Sergiu Bursuc,Christian Johansen,Shiwei Xu

DOI: https://doi.org/10.48550/arXiv.1701.08676

2017-01-30

Cryptography and Security

Abstract:Automated verification of security protocols based on dynamic root of trust, typically relying on protected hardware such as TPM, involves several challenges that we address in this paper. We model the semantics of trusted computing platforms (including CPU, TPM, OS, and other essential components) and of associated protocols in a classical process calculus accepted by ProVerif. As part of the formalization effort, we introduce new equational theories for representing TPM specific platform states and dynamically loaded programs. Formal models for such an extensive set of features cannot be readily handled by ProVerif, due especially to the search space generated by unbounded extensions of TPM registers. In this context we introduce a transformation of the TPM process, that simplifies the structure of the search space for automated verification, while preserving the security properties of interest. This allows to run ProVerif on our proposed models, so we can derive automatically security guarantees for protocols running in a dynamic root of trust context.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yaobin Xie,Zhongyong Lu

DOI: https://doi.org/10.23919/tst.2017.8030534

2017-01-01

Tsinghua Science & Technology

Abstract:The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.

Xinliang Miao,Rui Chang,Jianhong Zhao,Yongwang Zhao,Shuang Cao,Tao Wei,Liehui Jiang,Kui Ren

DOI: https://doi.org/10.1109/TDSC.2021.3133576

2023-01-01

Abstract:Sensitive resources in Trusted Execution Environment (TEE) have suffered serious security threats in recent years. Previous protection approaches either lack a strong assurance of TEE security properties or are limited to a single platform. We propose a compatible verified TEE architecture, called CVTEE, which delegates a security monitor to manage TEE resources securely. This architecture has two key advantages: i) its functional correctness and security are guaranteed by a machine-checkable proof of security objectives of Trusted Application (TA) isolation, runtime confidentiality, and runtime integrity, and ii) it is applicable to different TEE platforms and implementation-independent due to its high level of abstraction and non-determinism of data types. Note that access control policy and information flow control policy are the core for security management of resources. After formally specifying the security attributes of TEE resources, we develop these policies based on Common Criteria (CC) in the security monitor and provide atomic interfaces. CVTEE is formally verified with 386 lemmas/theorems and similar to 10,000 LOC of Isabelle/HOL. In addition, we implement a proof of concept for the access control module of Teaclave, and prove that the constructed access control model meets the security requirements through 5 theorems.

WANG Zhen-yu,LIU Xin-jie,REN Jie,LIU Hai-lei,WU Jie

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.22.084

2008-01-01

Abstract:The paper discusses the key problems to build embedded trusted computing environment,such as embedded trusted boot process,the extension and driver design of TPM,embedded TSS and trusted security component.The embedded trusted boot process is able to ensure the trusted attestation among users,terminals and application by making a combination of BR,USBKey and TPM.The scheme is able to make embedded platform more secure,practical and reusable.

Wu Luo,Anbang Ruan,Qingni Shen,Zhonghai Wu

DOI: https://doi.org/10.1007/978-3-319-94289-6_5

2018-01-01

Abstract:With the rapid development of cloud computing, system and data security become concerns due to user losing control of his machines and internal attacks. Provenance is an essential approach to establish data and system trustworthiness for cloud computing services, as it summarizes the history of objects and the actions performed on them. However, the current existing provenance-aware solutions either depend on applications in the user-space or fail to convey a genuine provenance information to a cloud user to do a further analysis. Thus they are vulnerable to a malicious privileged administrator or adversary attacking in an untrusted network. In order to solve these problems, we design TProv to establish a trusted provenance-aware service with the help of Trusted Computing. In addition, we introduce Merkle Hash Tree to reduce the length of Chain of Trust and enable parallel validation for the trustworthiness of provenance information, thus TProv decreases the overhead of the huge size of provenance information and the cost of operating trusted hardware, e.g. Trusted Platform Module. The experimental results reflect TProv's effectiveness and efficiency.

Chuang Lin,Chao Xue

DOI: https://doi.org/10.1007/s11432-015-0856-7

2016-01-01

Science China Information Sciences

Abstract:>TC(trustworthy computing)is important.Since the appearance of TCB in TCSEC in the1980s and the following TDI and TNI,to the establishment of TCPA and the reorganization of TCG in April 2003,discussion and research on TC have lasted more than 30 years both in academia and industry.There are plenty of achievements and understanding in the exploration of software and networking trustworthiness,and they have been continuously developing and evolving with the appearance of new technology and environment.

Qi Li,Xinwen Zhang,Jean-Pierre Seifer,Hulin Zhong

DOI: https://doi.org/10.1109/aptc.2008.24

2008-01-01

Abstract:Mobile payment (m-payment) received significant attention because it enables an easy payment mechanism and becomes an important complement to traditional payment means. However, m-payment over open devices and networks poses security challenges of a new dimension. Although many researchers address security issues in m-payment, there are still some security problems that are not well resolved, such as platform integrity and user privacy protection. In this paper, we propose a general payment architecture with Trusted Computing (TC) technologies to secure mobile payment. Using only a simple mobile payment infrastructure, a platform integrity protection solution is proposed to secure payment software downloading, application initialization, and secure payment transactions. We further propose two schemes to enhance the performance and flexibility of our solution. The first scheme provides platform attestation using an identity-based signature (IBS) algorithm instead of a traditional credential-based public-key signature algorithm within Trusted Computing Group (TCG) technologies, which fully utilizes the merits of the mobile computing infrastructure and improves the flexibility and performance of the payment solution. The second scheme provides attestation caching without sacrificing security achievements. We have implemented a real prototype system based on an emulated payment environment. Our security analysis and experimental results prove that our scheme can effectively meet the security requirements of a practical m-payment with acceptable performance.