Efficient TCB Reduction and Attestation (CMU-CyLab-09-003)
journal contributionposted on 09.03.2009, 00:00 authored by Jonathan M. McCune, Ning Qu, Yanlin Li, Anupam DattaAnupam Datta, Virgil D. Gligor, Adrian Perrig
We develop a special-purpose hypervisor called TrustVisor that facilitates the execution of security-sensitive code in isolation from commodity OSes and applications. TrustVisor provides code and execution integrity as well as data secrecy and integrity for protected code, even in the presence of a compromised OS. These strong properties can be attested to a remote verifier. TrustVisor only adds 5306 lines to the TCB (over half of which is for cryptographic operations). TrustVisor imposes less than 7% overhead in the common case. This overhead is largely the result of today’s x86 hardware virtualization support.