Terra: A Virtual Machine-Based Platform for Trusted Computing
Authors: Tal Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh
Abstract:
We present a flexible architecture for trusted computing, called
Terra, that allows applications with a wide range of security requirements
to run simultaneously on commodity hardware. Applications
on Terra enjoy the semantics of running on a separate,
dedicated, tamper-resistant hardware platform, while retaining the
ability to run side-by-side with normal applications on a general purpose
computing platform. Terra achieves this synthesis by use
of a trusted virtual machine monitor (TVMM) that partitions a
tamper-resistant hardware platform into multiple, isolated virtual
machines (VM), providing the appearance of multiple boxes on a
single, general-purpose platform. To each VM, the TVMM provides
the semantics of either an open box, i.e. a general-purpose
hardware platform like today's PCs and workstations, or a closed
box, an opaque special-purpose platform that protects the privacy
and integrity of its contents like today's game consoles and cellular
phones. The software stack in each VM can be tailored from the
hardware interface up to meet the security requirements of its application's.
The hardware and TVMM can act as a trusted party to
allow closed-box VMs to cryptographically identify the software
they run, i.e. what is in the box, to remote parties. We explore
the strengths and limitations of this architecture by describing our
prototype implementation and several applications that we developed
for it.
Reference:
In Proceedings of 19th ACM Symposium on Operating Systems
Principles (SOSP), pp 193-206, 2003
Full paper: pdf