xen-devel

[Top] [All Lists]

Re: [Xen-devel] trusted computing

from [David Hopwood]

[Permanent Link][Original]

To:	xen-devel@xxxxxxxxxxxxxxxxxxxxx
Subject:	Re: [Xen-devel] trusted computing
From:	David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx>
Date:	Tue, 19 Oct 2004 00:16:43 +0100
Delivery-date:	Tue, 19 Oct 2004 00:58:29 +0100
Envelope-to:	steven.hand@xxxxxxxxxxxx
In-reply-to:	<20041018112929.6292d5fc@prana-bindu>
List-archive:	<http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help:	<mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id:	List for Xen developers <xen-devel.lists.sourceforge.net>
List-post:	<mailto:xen-devel@lists.sourceforge.net>
List-subscribe:	<https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe:	<https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References:	<20041018112929.6292d5fc@prana-bindu>
Reply-to:	david.nospam.hopwood@xxxxxxxxxxxxxxxx
Sender:	xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.7.1) Gecko/20040707

Tim Freeman wrote:

not about Xen in particular, but as a side note, because I think some
people are interested in trusted computing and virtualization?  If
you're not, sorry for the intrusion!

http://www.research.ibm.com/secure_systems_department/projects/tcglinux/

"Currently, we experiment measuring the information flow on SELinux
systems to reason about isolation properties of a system. For this
purpose, we modified tcgLinux to run as an LSM kernel module stacked on
top of SELinux. We also envision to extend our attestation method to
integrate virtualization technology and partition the attestation space
of a system using the information flow policies enforced therein."


# [tcgLinux]'s main goal is to generate verifiable representative information
# about the software stack running on a Linux system. This information can
# be used by remote parties to determine the integrity of the execution
# environment.

Can it, though? The assumption seems to be that fingerprinting executables
is sufficient to characterise the security configuration of a system.
AFAICS that's patently false: the security of a system is dependent on its
complete configuration, including many non-executable files. IOW, anyone
can compromise a system without changing any executable files.

# We instrumented the Linux kernel to trigger a measurement for each
# executable, library, or kernel module loaded into the run-time before
# they affect the system.

Yep, only executables. This seems quite useless.

--
David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx>



-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] trusted computing, Tim Freeman Re: [Xen-devel] trusted computing, David Hopwood <= Re: [Xen-devel] trusted computing, Tim Freeman [Xen-devel] USB with Xen2.0, Sanjay Kumar Re: [Xen-devel] USB with Xen2.0, Mark Williamson

Previous by Date:	Re: [Xen-devel] potential bug in "xm atropos" implementation, Diwaker Gupta
Next by Date:	[Xen-devel] USB with Xen2.0, Sanjay Kumar
Previous by Thread:	[Xen-devel] trusted computing, Tim Freeman
Next by Thread:	Re: [Xen-devel] trusted computing, Tim Freeman
Indexes:	[Date] [Thread] [Top] [All Lists]