The diversity of TPMs and its effects on development: a case study of integrating the TPM into OpenSolaris

Scalable Trusted Computing Pub Date : 2010-10-04 DOI:10.1145/1867635.1867649

Anna Shubina, S. Bratus, Wyllys Ingersol, Sean W. Smith

{"title":"The diversity of TPMs and its effects on development: a case study of integrating the TPM into OpenSolaris","authors":"Anna Shubina, S. Bratus, Wyllys Ingersol, Sean W. Smith","doi":"10.1145/1867635.1867649","DOIUrl":null,"url":null,"abstract":"Broad adoption of secure programming primitives such as the TPM can be hurt by programmer confusion regarding the nature and representation of failures when using a primitive. Conversely, a clear understanding of the primitive's failure modes is essential for both debugging and reducing the attack surface in the mechanisms built on it. In particular, differences in error processing and reporting logic significantly detract from such understanding.\n We present a case study of diversity in TPM behaviors and its effects on a TSS implementation, which emerged from the Sun/Dartmouth TCG/OpenSolaris project, one of the goals of which was instrumenting TPM support on Solaris. At the start of the project, both parties believed the instrumentation to be well-defined and, although time-consuming, relatively straightforward. In the course of the project we had to reexamine our assumptions concerning the state of the hardware and the software involved and the view of the system as presented to someone unfamiliar with its internals. We describe some failure modes we encountered and suggest directions for remediation.","PeriodicalId":401412,"journal":{"name":"Scalable Trusted Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scalable Trusted Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1867635.1867649","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Broad adoption of secure programming primitives such as the TPM can be hurt by programmer confusion regarding the nature and representation of failures when using a primitive. Conversely, a clear understanding of the primitive's failure modes is essential for both debugging and reducing the attack surface in the mechanisms built on it. In particular, differences in error processing and reporting logic significantly detract from such understanding. We present a case study of diversity in TPM behaviors and its effects on a TSS implementation, which emerged from the Sun/Dartmouth TCG/OpenSolaris project, one of the goals of which was instrumenting TPM support on Solaris. At the start of the project, both parties believed the instrumentation to be well-defined and, although time-consuming, relatively straightforward. In the course of the project we had to reexamine our assumptions concerning the state of the hardware and the software involved and the view of the system as presented to someone unfamiliar with its internals. We describe some failure modes we encountered and suggest directions for remediation.

查看原文本刊更多论文

TPM的多样性及其对开发的影响:将TPM集成到OpenSolaris中的一个案例研究

安全编程原语(如TPM)的广泛采用可能会受到程序员在使用原语时对故障的性质和表示的困惑的影响。相反，清楚地了解原语的失效模式对于调试和减少构建在其上的机制中的攻击面是必不可少的。特别是，错误处理和报告逻辑的差异显著地削弱了这种理解。我们提出了一个关于TPM行为多样性及其对TSS实现的影响的案例研究，该案例来自Sun/Dartmouth TCG/OpenSolaris项目，其目标之一是在Solaris上检测TPM支持。在项目开始时，双方都认为工具是定义良好的，尽管很耗时，但相对简单。在项目的过程中，我们必须重新检查我们对所涉及的硬件和软件的状态的假设，以及向不熟悉其内部的人呈现的系统视图。我们描述了我们遇到的一些故障模式，并提出了修复的方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Scalable Trusted Computing

自引率

0.00%

发文量