Enhancing Trusted Platform Modules with Hardware-Based Virtualization Techniques
We present the design of a trusted platform module (TPM) that supports hardware-based virtualization techniques. Our approach enables multiple virtual machines to use the com- plete power of a hardware TPM by providing for every virtual machine (VM) the illusion that it has its own hardware TPM. For this purpose, we introduce an additional privilege level that is only used by a virtual machine monitor to issue management commands, such as scheduling commands, to the TPM. Based on a TPM Control Structure, we can ensure that state information of a virtual machine’s TPM cannot corrupt the TPM state of another VM. Our approach uses recent developments in the virtualization technology of processor architectures.
Enhancing Trusted Platform Modules with Hardware-Based Virtualization Techniques
Proceedings of the Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2008)
Authors: | Frederic Stumpf and Claudia Eckert |
Year/month: | 2008/ |
Booktitle: | Proceedings of the Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2008) |
Pages: | 1-9 |
Address: | Cap Esterel, France |
Publisher: | IEEE Computer Society |
Fulltext: | SECURWARE2008RE1.pdf |
Abstract |
|
We present the design of a trusted platform module (TPM) that supports hardware-based virtualization techniques. Our approach enables multiple virtual machines to use the com- plete power of a hardware TPM by providing for every virtual machine (VM) the illusion that it has its own hardware TPM. For this purpose, we introduce an additional privilege level that is only used by a virtual machine monitor to issue management commands, such as scheduling commands, to the TPM. Based on a TPM Control Structure, we can ensure that state information of a virtual machine’s TPM cannot corrupt the TPM state of another VM. Our approach uses recent developments in the virtualization technology of processor architectures. |
Bibtex:
@inproceedings { Stumpf2008a,author = { Frederic Stumpf and Claudia Eckert},
title = { Enhancing Trusted Platform Modules with Hardware-Based Virtualization Techniques },
year = { 2008 },
booktitle = { Proceedings of the Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2008) },
address = { Cap Esterel, France },
pages = { 1-9 },
publisher = { IEEE Computer Society },
url = {https://www.sec.in.tum.de/i20/publications/enhancing-trusted-platform-modules-with-hardware-based-virtualization-techniques/@@download/file/SECURWARE2008RE1.pdf}
}