About the talk:
| We present a flexible architecture for trusted computing,
called Terra, that allows applications with a wide range of security requirements
to run simultaneously on commodity hardware. Applications on Terra enjoy
the semantics of running on a separate, dedicated, tamper-resistant hardware
platform, while retaining the ability to run side-by-side with normal applications
on a general-purpose computing platform. Terra achieves this synthesis
by use of a trusted virtual machine monitor (TVMM) that partitions a tamper-resistant
hardware platform into multiple, isolated virtual machines (VM), providing
the appearance of multiple boxes on a single, general-purpose platform.
To each VM, the TVMM provides the semantics of either an ``open box,''
i.e. a general-purpose hardware platform like today's PCs and workstations,
or a ``closed box,'' an opaque special-purpose platform that protects the
privacy and integrity of its contents like today's game consoles and cellular
phones. The software stack in each VM can be tailored from the hardware
interface up to meet the security requirements of its application(s). The
hardware and TVMM can act as a trusted party to allow closed-box VMs to
cryptographically identify the software they run, i.e.~what is in the box,
to remote parties. We explore the strengths and limitations of this architecture
by describing our prototype implementation and several applications that
we developed for it.
For more info, please read our SOSP'03 paper.
About the speaker:
|Tal Garfinkel is currently a third year PhD student in Computer Science at Stanford University. His recent research has focused on application sandboxing, intrusion detection, trusted computing, and systems security in virtual machine monitors.|