Investigation and development of a hypervisor-based security architecture utilising a state-of-the-art hardware trust anchor

Trusted Computing is a relatively new approach to computer security in which a system should be permanently maintained in a well-defined state - and therefore it will reside in a trustworthy state. The word "trustworthy" in this context means that the system always behaves in a specific way as defined by the platform manufacturer and/or the administrator/owner. A key element of this approach is to employ a security module, which is implemented in hardware, and which is tied to the platform so as to serve as a trust anchor. Based on that ’root of trust’ and other features, an effective security architecture is proposed in this research. Virtualization techniques, which were formerly developed for server consolidation, cost reduction, and conservation of energy are now gaining more and more interest in the field of trusted computing. Virtualization can greatly enhance the security of a system by isolating applications, or even whole operating systems, by splitting the computer system into smaller parts, whose integrity can be more easily assured. This project is concerned with the development of a system that will effectively combine the isolation features of the virtualization schemes with a state-of-the-art hardware security module. This system will provide reliable protection against sophisticated software-based attacks and will withstand elementary hardware-based attacks. The building block approach of this proposed security architecture makes sure that many different application fields can archive a high level of security by combining the appropriate components. The research examines some emerging approaches to computer security and proposes a novel security architecture based on a hardware trust anchor. An experimental system is developed to provide a ’proof-of-concept’ model for evaluation. The target application area for the architecture is the embedded computing space, in particular x86 based architectures. The selection of hardware elements and the choice of hypervisor are discussed and justified. The assumptions on the features of the architecture are evaluated and validated in the context of potential security improvements. Future research in this niche area is proposed.