Certifying Program Execution with Secure Processors

12 years 3 months ago
Certifying Program Execution with Secure Processors
Cerium is a trusted computing architecture that protects a program’s execution from being tampered while the program is running. Cerium uses a physically tamperresistant CPU and a µ-kernel to protect programs from each other and from hardware attacks. The µ-kernel partitions programs into separate address spaces, and the CPU applies memory protection to ensure that programs can only use their own data; the CPU traps to the µ-kernel when loading or evicting a cache line, and the µ-kernel cryptographically authenticates and copyprotects each program’s instructions and data when they are stored in the untrusted off-chip DRAM. The Cerium CPU signs certificates that securely identify the CPU and its manufacturer, the BIOS and boot loader, the µ-kernel, the running program, and any data the program wants signed. These certificates tell a user what program executed and what hardware and software environment surrounded the program, which are key facts in deciding whether to trust a...
Benjie Chen, Robert Morris
Added 04 Jul 2010
Updated 04 Jul 2010
Type Conference
Year 2003
Authors Benjie Chen, Robert Morris
Comments (0)