会议专题

Administrative Domain: Security Enhancement for Virtual TPM

Trusted computing has been introduced into virtualization as an approach of providing trust in a computing platform. However, the primitive design of privileged domain menaces virtual TPMs with oversize of trusted computing base, leading to security vulnerabilities. This paper proposes a new administrative domain (Domain A), an architecture that prevents virtual TPMs from tampers. We port the VTPM components from the privileged domain to Domain A. We begin with reviewing the Xen virtual TPM architecture and depicting the attack in Xen. Then, the Domain A-based scheme is described with the design principle and implementation of porting virtual TPM manager and TPM drivers to Domain A. Finally, its security value is analyzed with evidences to prove validation and worth of the new architecture.

Virtual TPM Administrative domain VTPM manager Virtual Machine

Xin JIN Li-na WANG Rong-wei YU Peng KOU Cheng-lin SHEN

School of Computer, Wuhan University, Wuhan 430072, Hubei, China School of Computer, Wuhan University, Wuhan 430072, Hubei, China; Key Laboratory of Aerospace Inform

国际会议

2010年IEEE多媒体信息网络与安全国际会议

南京

英文

767-771

2010-11-01(万方平台首次上网日期,不代表论文的发表时间)