On 2004年10月19日 00:16:43 +0100
David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx> wrote:
[...]
> Yep, only executables. This seems quite useless.
You have a good point, but maybe combining this method with virtual
machines can actually address the problem? I had never heard of the IBM
project, so it was curious to see a real implementation (that even
supposedly runs on my laptop).
Here are two interesting papers out there that specifically address the
executable problem. I can't attest (har har) to the "correctness" of
these approaches, but it is an interesting subject:
http://www.usenix.org/events/vm04/tech/haldar/haldar_html/
"The goal is to attest program behavior, not a particular binary."
page 4, http://suif.stanford.edu/papers/sosp03-terra.pdf
 Certification of a VM being loaded by the TVMM involves the TVMM
signing a hash of all persistent state that identifies the VM. This
includes the BIOS, executable code, and constant data of the VM. This
does not include temporary data on persistent storage or NVRAM contents
that constantly change over time. The separa- tion between data which
does and does not need to be included in the attestation is
application-specific, made by the VM's developer. Terra supports these
two type of data by providing VMs with both "attested storage" that the
TVMM incorporates in the VM's hash and "unattested storage" that it does
not (see section 4.2).
>
> -- 
> David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
> Use IT products in your business? Tell us what you think of them. Give us
> Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
> http://productguide.itmanagersjournal.com/guidepromo.tmpl 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/xen-devel 
>
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel