Towards Open Trusted Computing Platforms
- Wann: Do. 08.12.2005
- Wer: Christian Stüble
- Wo: LABOR
Experiences of the past have shown that common computing platforms lack security due to architectural problems and complexity. In this context, Trusted Computing (TC) is announced to be the basis for next-generation computing platforms, and claimed to improve users' security. However, people are concerned about those capabilities of TC that may allow content providers to gain too much power and control over the use of digital content and users' private information.
In this talk, we argue that TC can increase the security of computing platforms by faithfully designing the operating system. Moreover, we discuss how interferences between digital rights management capabilities and end-user security can be prevented. Our results are based on the fact that even with TC platforms the operating system has enough control over the platform to prevent misuse by both content providers and end-users.
We argue that such a trustworthy operating system that is secure in the sense of multilateral security can be developed without much effort by efficiently combining the ideas of security kernels and state of the art of operating system technology. We propose a new architecture for a trustworthy security platform that uses TC hardware features in conjunction with an open-source security kernel we have developed. Our security kernel provides backward-compatibility to the Linux operating system. The layered design and its lightweightness allows an easy migration to other hardware platforms like PDAs, mobile phones, and embedded systems.