From: Martin P. <Mar...@ia...> - 2011-09-26 10:02:09
|
Hi list... For your interest, IAIK released the third revision of their acTvSM prototype platform - download at [1]. acTvSM is a proof-of-concept integration of Trusted Computing and Intel TXT into an off-the-shelf Debian Linux system. TBoot is used to anchor the chain-of-trust in the DRTM and the initial ramdisk obtains the key for the encrypted system root partition only if the TPM PCRs are in the correct state. Also, acTvSM provides management scripts for the sysadmin to reseal the system to a new administrator defined state. Using KVM, on top of the tightly controlled base system custom virtual applications can be run. Contrary to the announcement the last release did contain some bugs. We are sorry for that. ;-) However, we believe this release to be the best ever, supporting more chipsets and being rebased to the latest Debian release (Squeeze). This experimental platform was demoed last week at ETISS 2011 and received pleasant feedback. Maybe you like this demonstration of TXT integration, too. Note that this is (still) an experimental prototype and thus contains sharp edges to hurt yourself and some debugging code obviously contrary to security. We thank every helping hand who made this release possible! Have fun, Martin & Ronald [1] http://trustedjava.sourceforge.net/ |