Abstract
SAM is a processor extension used to protect execution of dedicated programs by preventing data disclosure and program manipulations in a multitasking environment. This paper presents an operating system design based on the Linux kernel for SAM. The design splits the kernel into a very small protected part and an unprotected part used by drivers and high level functions. Using this kernel protected and unprotected programs can be executed in parallel without diminishing the protection. The protection mechanism does not slow down the execution of unprotected programs, since it is only active during the execution of protected programs.
Chapter PDF
Similar content being viewed by others
References
Suh, G.E.: AEGIS: A Single-Chip Secure Processor. PhD thesis, Massachusetts Institute of Technology (2005)
Platte, J., Naroska, E.: A combined hardware and software architecture for secure computing. In: CF 2005: Proceedings of the 2nd conference on Computing frontiers, pp. 280–288. ACM Press, New York (2005)
Platte, J., Naroska, E., Grundmann, K.: A cache design for a security architecture for microprocessors (SAM). In: Grass, W., Sick, B., Waldschmidt, K. (eds.) ARCS 2006. LNCS, vol. 3894, pp. 435–449. Springer, Heidelberg (2006)
SPARC International Inc.: The Sparc Architecture Manual Version 8. SPARC International Inc. (1991), http://www.sparc.com
Gassend, B., Clarke, D., Suh, G.E., van Dijk, M., Devadas, S.: Caches and Hash Trees for Efficient Memory Integrity Verification. In: Proceedings of the Ninth International Symposium on High Performance Computer Architecture (HPCA-9) (2003)
Merkle, R.C.: Protocols for public key cryptosystems. In: IEEE (ed.) IEEE Symposium on Security and Privacy, 1109 Spring Street, Suite 300, Silver Spring, MD 20910, USA, pp. 122–134. IEEE Computer Society Press, Los Alamitos (1980)
Intel Corporation: LaGrande Technology Preliminary Architecture Specification (2006), ftp://download.intel.com/technology/security/downloads/PRELIM-LT-SPEC_D52212.pdf
Intel Corporation: LaGrande Technology Architectural Overview (2003), ftp://download.intel.com/technology/security/downloads/LT_Arch_Overview.pdf
Microsoft: Next-generation secure computing base (2006), http://www.microsoft.com/resources/ngscb/
Trusted Computing Group: TPM main part 1 design principle, specification version 1.2, revision 94 (2006), https://www.trustedcomputinggroup.org/groups/tpm
Trusted Computing Group (2006), https://www.trustedcomputinggroup.org/
Lie, D., Thekkath, C.A., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J.C., Horowitz, M.: Architectural support for copy and tamper resistant software (2000)
Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of USENIX 2005 Annual Technical Conference, pp. 41–46 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Platte, J., Díaz, R.D., Naroska, E. (2006). An Operating System Design for the Security Architecture for Microprocessors. In: Ning, P., Qing, S., Li, N. (eds) Information and Communications Security. ICICS 2006. Lecture Notes in Computer Science, vol 4307. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935308_13
Download citation
DOI: https://doi.org/10.1007/11935308_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49496-6
Online ISBN: 978-3-540-49497-3
eBook Packages: Computer ScienceComputer Science (R0)