Abstract
The Trusted Platform Module (TPM) can be used to establish trust in the software configuration of a computer. Virtualizing the TPM is a logical next step towards building trusted cloud environments and providing a virtual TPM to a virtual machine promises a continuation of trusted computing concepts. The association between a virtual TPM and a virtual machine is a critical concern. We show that a "trusted'' virtualized platform may fall victim to a Goldeneye attack. In this work, we put forward a formal model for virtualization systems and trusted virtualized platforms. We pair this with a model for establishing trust in a virtualized platform following conventional reasoning over trusted computing systems. We show that if a Goldeneye attack is successful, it would allow a verifier to establish trust in an untrustworthy platform. We discuss attack vectors and possible solutions which would mitigate Goldeneye.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 1st ACM Workshop on Workshop on Cyber-Security Arms Race |
| Editors | Thanassis Giannetsos, Daniele Sgandurra |
| Place of Publication | New York NY USA |
| Publisher | Association for Computing Machinery (ACM) |
| Pages | 11-22 |
| Number of pages | 12 |
| ISBN (Electronic) | 9781450368407 |
| DOIs | |
| Publication status | Published - 15 Nov 2019 |
| Event | ACM Workshop on Workshop on Cyber-Security Arms Race 2019 - London, United Kingdom Duration: 15 Nov 2019 → 15 Nov 2019 Conference number: 1st https://dl-acm-org.ezproxy.lib.monash.edu.au/doi/proceedings/10.1145/3338511 (Proceedings) https://sigsac.org/ccs/CCS2019/index.php/workshop-proceedings-cysarm-2019/ (Website) |
Conference
| Conference | ACM Workshop on Workshop on Cyber-Security Arms Race 2019 |
|---|---|
| Abbreviated title | CYSARM'19 |
| Country/Territory | United Kingdom |
| City | London |
| Period | 15/11/19 → 15/11/19 |
| Internet address |
Keywords
- trust model
- trusted computing
- virtual tpm
- vulnerabilities