Trusted Execution Technology

Trusted Execution Technology

Trusted Execution Technology (TET or TXT), formerly known as "LaGrande Technology" is a key component of Intel's initiative of "safer computing".

Intel Trusted Execution Technology (Intel TXT) is a hardware extension to some of Intel's microprocessors and respective chipsets, intended to provide users and organizations (governments, enterprises, corporations, universities, etc.) with a higher level of trusting while accessing, modifying or creating sensitive data and code.Intel claims that it will be very useful, especially in the business world, as a way to defend against software-based attacks aimed at stealing sensitive information. Although commonly advertised by Intel as security technology, the Free Software Foundation claims that it can also be used to enable development of more advanced, tamper-resistant forms of DRM, and can be abused to achieve vendor lock-in.

It consists of a series of "hardware enhancements", to allow for the creation of multiple separated execution environments, or partitions. One component is called the TPM (Trusted platform module), which allows for secure key generation and storage, and authenticated access to data encrypted by this key. Note however, that the private key stored in the TPM is generally not available to the owner of the machine, and never leaves the chip under normal operation. The TPM additionally provides for a means of remote assurance of a machine's security state. Another component is DMA page protection.

This technology could be coupled with VT-d (Intel Virtualization Technology for Directed I/O) designed to backup the TXT outside of the chip, and even outside the Computer itself.

TXT provides hardware and firmware security against software intended attacks. The TPM (Trusted Platform Module) that manages Trusted Platform requests, generates keys and certificates for private environments (application or service space) and manages the machine trust state, that will allow for example, the local user (or even a remote party) to check the security on a workstation with a higher level of confidence, using, for example, the Remote Attestation Protocol [ [http://www.eff.org/wp/trusted-computing-promise-and-risk Trusted Computing: Promise and Risk] ]

TXT Architecture

The Intel TXT protects five points on a server/client machine that are :
* The processor : With a private environment for applications, so that the hardware resources (such as memory pools) are locked to the calling applications and cannot be accessed whether for read or write by any other process running on the platform;
* The chipset : Enforces security on the main board by controlling more accurately the memory management policy, enhancements to memory access mechanisms, channel control mechanisms for hardware extensions (user I/O, Graphics, etc.) and secure interface to the TPM;
* The user Input : Protection states over keyboard, and mouse, allowing users to interact with trusted platform applications, without the risk of being compromised, neither observed by other running software;
* The Display Interface : This feature enables trusted platform applications to send display data to specific context (a window for example) memory buffer, preventing running software from stealing the being-transmitted information;
* The TPM device : Helps the system starting (in conjunction with ROM-BIOS startup routines), manages the keys, and provides attestations for the system trusted status.

Parallel Technologies

The TXT will be commercially distributed with another technology, the so called VT-d. The VT-d Provides with hardware remote security, protecting by hardware, storage and communications, adding another security level against software attacks.

VT-d is an environment model that shares hardware resources over I/O Virtualization. This can then allow control over each process access to resources without using reprobative exclusive access methods.

Availability

Intel has released the Q35 and Q33 chipsets that supports TXT [ [http://download.intel.com/products/chipsets/Q35_Q33/317312.pdf Intel Q33 & Q35 Express Chipset Product Brief] ]

Intel has also released Trusted Boot (tboot) [ [http://sourceforge.net/projects/tboot SourceForge.net – Trusted Boot] ] an Open source, pre-kernel/VMM module that uses Intel Trusted Execution Technology that adds the capability to verify the Xen Virtual Machine Monitor (VMM) launch using Dynamic Root of Trust Measurement (DRTM). [ [http://www.intel.com/technology/magazine/45nm/vtd-0507.htm?iid=techmag_0507+rhc_vtd Intel Virtualization Technology for Directed I/O (Intel VT-d) ] ] [ [http://www.intel.com/technology/security/ Intel Trusted Execution Technology ] ] [ [http://www.intel.com/technology/security/downloads/TrustedExec_Overview.pdf Intel Trusted Execution Technology - Overview] ] [ [http://www.intel.com/technology/security/downloads/arch-overview.pdf Intel Trusted Execution Technology Architectural Overview ] ] [ [http://www.intel.com/products/vpro/index.htm Intel Core 2 Processor with vPro Technology ] ]

References

ee also

*Trusted Computing
*Trusted Computing Group

External links

* [http://www.intel.com/technology/security/ Intel Trusted Execution Technology]
* [http://www.intel.com/technology/security/downloads/TrustedExec_Overview.pdf Trusted Execution Technology Overview]
* [http://www.intel.com/technology/security/downloads/arch-overview.pdf Trusted Execution Technology Architectural Overview]
* [http://download.intel.com/technology/security/downloads/315168.pdf Intel Trusted Execution Technology Software Development Guide]
* [http://www.intel.com/technology/virtualization/ Intel Virtualization Technology]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Trusted Execution Technology — Dieser Artikel wurde aufgrund von inhaltlichen Mängeln auf der Qualitätssicherungsseite der Redaktion Informatik eingetragen. Dies geschieht, um die Qualität der Artikel aus dem Themengebiet Informatik auf ein akzeptables Niveau zu bringen. Hilf… …   Deutsch Wikipedia

  • Trusted Computing — (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning. With Trusted Computing the computer will consistently behave in specific ways, and… …   Wikipedia

  • Trusted Computing Group — Infobox Company company name = Trusted Computing Group company company type = Consortium location city = Beaverton, Oregon [ [https://www.trustedcomputinggroup.org/about/contact us/ Trusted Computing Group: Contact Us ] ] location country = USA… …   Wikipedia

  • Trusted Platform Module — In computing, Trusted Platform Module (TPM) is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, as well as the general name of implementations of that… …   Wikipedia

  • Intel Active Management Technology — (AMT) is hardware based technology for remotely managing and securing PCs out of band.] cite web |title=New Intel Based Laptops Advance All Facets of Notebook PCs|url=http://www.intel.com/pressroom/archive/releases/20080715comp… …   Wikipedia

  • Information Technology Association of America — The Information Technology Association of America (ITAA) is a leading industry trade group for information technology companies. The Association s membership contains most all of the world s major ICT firms and accounts for over 90% of ICT goods… …   Wikipedia

  • Intel vPro — technology is a set of features built into a PC’s motherboard and other hardware.cite web |title=Remote Pc Management with Intel s vPro |url=http://www.tomshardware.com/reviews/command conquer,1591.html |publisher=Tom s Hardware… …   Wikipedia

  • Рутковская, Йоанна — В Википедии есть статьи о других людях с такой фамилией, см. Рутковская. Йоанна Рутковская Joanna Rutkowska …   Википедия

  • Enhanced Intel Core Architecture — Intel Core Architecture Intel Core Architecture est le nom d une microarchitecture x86 de processeurs Intel, évolution de l architecture des processeurs Intel Core. « Core » est en anglais un nom commun signifiant « noyau » ou …   Wikipédia en Français

  • Intel Core Architecture — est le nom d une microarchitecture x86 de processeurs Intel, évolution de l architecture des processeurs Intel Core. « Core » est en anglais un nom commun signifiant « noyau » ou « cœur », et désignant en… …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”