TrenchBoot: Unified Approach to Harness Boot Integrity Technologies
Daniel Smith
Apertus Solutions
Ensuring and verifying that system launch has executed with only the intended system software is widely accepted as a prerequisite for placing trust in the integrity of a computer system. A variety of hardware and software based technologies are available on commodity computing platforms, with different capabilities and similar-sounding names all aiming to address different aspects of this requirement. To provide clarity for discussion of this topic, this presentation will cover the fundamentals of establishing system integrity at boot and review the modern landscape of boot integrity technologies, with definitions for important terms.
In addition, a new software framework, TrenchBoot, will be presented. We will describe TrenchBoot’s place in the early system software stack, how it leverages the the available boot integrity technologies and the cooperation of earlier launch components to provide a stronger footing for launch of the Operating System. TrenchBoot enables fine-grained platform verification in support of advanced security and assurance use cases. We describe the aim to provide a standard measured launch approach, with an extensible, Open Source, reusable implementation suitable for third-party extension and integration.
⏭ | |
🔎 | Boot Integrity · OpenXT · Xen |
⬇ | Slides |
References
- U.S. NSA Secure Virtual Platform (2016)
- U.S. NSA Information Assurance Technical Framework (2002)
- U.S. NCSC Trusted Network Interpretation Environments Guideline [Red Book] (1987)
- U.S. DoD Rainbow Books
Source Code
Upstreaming
- LKML Boot Protocol 2.15 (Mar 2019)
- Linux Kernel RFC for Secure Launch Protocol (Mar 2019)
- Xen introduction to Secure Boot, Measured Boot and TrenchBoot (Sep 2018)
- Grub2 support for TPM (Jul 2018)