NGSCB: A Trusted Open System
نویسندگان
چکیده
We describe Microsoft’s Next Generation Secure Computing Base (NGSCB). The system provides high assurance computing in a manner consistent with the commercial requirements of mass market systems. This poses a number of challenges and we describe the system architecture we have used to overcome them. We pay particular attention to reducing the trusted computing base to a small and manageable size. This includes operating the system without trusting the BIOS, most devices and device drivers and the bulk of the code of mass market operating systems. Furthermore, we seek to strengthen access control and network authentication in mass market systems by authenticating executable code at all system layers. We have implemented a prototype of the system and expect the full system to be mass deployed.
منابع مشابه
A Logical Account of NGSCB
As its name indicates, NGSCB aims to be the “Next-Generation Secure Computing Base”. As envisioned in the context of Trusted Computing initiatives, NGSCB provides protection against software attacks. This paper describes NGSCB using a logic for authentication and access control. Its goal is to document and explain the principals and primary APIs employed in NGSCB.
متن کاملDRM, Trusted Computing and Operating System Architecture
Robust technological enforcement of DRM licenses assumes that the prevention of direct access to the raw bit representation of decrypted digital content and the license enforcement mechanisms themselves is possible. This is difficult to achieve on an open computing platform such as a PC. Recent trusted computing initiatives namely, the Trusted Computing Group (TCG) specification, and Microsoft’...
متن کاملTowards an Economic Analysis of Trusted Systems
Trusted-platform initiatives such as Microsoft’s Next-Generation Secure-Computing Base (NGSCB) and the industry-wide Trusted-Computing Group (TCG) effort are the subject of significant research and development now. The goal of these initiatives is to change a fundamental fact about networked, general-purpose computers that is often viewed as a barrier to security: Once data are sent from one ma...
متن کاملDesign and Implementation of a TCG-based Integrity Measurement Architecture
We present the design and implementation of a secure integrity measurement system for Linux. All executable content that is loaded onto the Linux system is measured before execution and these measurements are protected by the Trusted Platform Module (TPM) that is part of the Trusted Computing Group (TCG) standards. Our system is the first to extend the TCG trust concepts to dynamic executable c...
متن کاملArchitectural Innovations for Enterprise Forensics
Trusted Computing initiatives such as the Trusted Computing Group (TCG) specifications and Microsoft's Next Generation Secure Computing Base (NGSCB) and Trusted Multi-Net are directed towards improvements in the security of user data, attestation of a trust level of a user and/or hardware device, and authentication of a user and/or hardware device. The Trusted Computing concept can be extended ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2004