Tux: Trust Update on Linux Booting

Preserving integrity is one of the essential requirements in trusted computing. However, When it comes to system update, even with the state-of-the-art integrity management system such as OpenCIT cannot properly manage integrity. This is because the updates are not transparent to the remote attestat...

Full description

Saved in:
Bibliographic Details
Published inSecurity and Trust Management pp. 105 - 121
Main Authors Lee, Suhho, Yoo, Seehwan
Format Book Chapter
LanguageEnglish
Published Cham Springer International Publishing
SeriesLecture Notes in Computer Science
Subjects
Grub
Integrity
Intel TXT
Linux kernel
Open CIT
Security update
Shim
TPM
Trusted Computing Group
UEFI secure boot
Online AccessGet full text

Cover

More Information
Summary:Preserving integrity is one of the essential requirements in trusted computing. However, When it comes to system update, even with the state-of-the-art integrity management system such as OpenCIT cannot properly manage integrity. This is because the updates are not transparent to the remote attestation server and the integrity value is not updated according to the updates. This paper presents Trust Update on Linux booting, TUX. TUX collaboratively manages the integrity along with the kernel update, so that the update is transparent to the attestation server. With TUX, we can successfully maintain trust for the managed machines, even with frequent OS kernel updates. Also, TUX guarantees robust verified and measured boot to safeguard the integrity of a system’s booting process.
ISBN:9783030011406
3030011402
ISSN:0302-9743
1611-3349
DOI:10.1007/978-3-030-01141-3_7