Document Type

Technical Report

Publication Date

8-14-2003

Technical Report Number

TR2003-471

Abstract

This paper reports on our ongoing project to use TCPA to transform a desktop Linux machine into a virtual secure coprocessor: more powerful but less secure than higher-end devices. We use TCPA hardware and modified boot loaders to protect fairly static components, such as a trusted kernel; we use an enforcer module---configured as Linux Security Module---to protected more dynamic system components; we use an encrypted loopback filesystem to protect highly dynamic components. All our code is open source and available under GPL from http://enforcer.sourceforge.net/

Comments

Superceded by TR2003-476.

Share

COinS