From: Jonathan McCune <jonmccune@cm...> - 2012-07-05 19:44:51
It's unclear to me from the documentation whether setting jTSS to use
the database (i.e., line
/usr/share/jtss/lib/ini/jtss_tcs.ini) flavor of persistent storage
also enables one to use an outside database. I would like to use a
stand-alone database server if possible to facilitate testing multiple
hosts that all boot identical read-only filesystem images.
From: Ronald Tögl <ronald.toegl@ia...> - 2012-07-06 09:07:47
Both persistent storage implementations are very simple. They just store
the keys in the file system location provided. Also the "database" class
just dumps DB tables there.
If you need a proper database providing (serious) concurrent services to
different host you'll need to implement the
iaik.tc.tss.impl.ps.TcITssPersistentStorage interface yourself.
In case you just want to store TPM keys remotely, you could of course
just mount a remote location in the local file system and use the
iaik.tc.tss.impl.ps.TcTssPsFileSystem implementation with all its
shortcomings. Caveats are to have separate folders with the correct
access rights for the jTSS process(es) and that a SRK is expected to be
in the system DB. SRK extraction and storage is a convenient side effect
of taking ownership with jTT.
Hope this helps,
On 07/05/2012 09:44 PM, Jonathan McCune wrote:
> It's unclear to me from the documentation whether setting jTSS to use
> the database (i.e., line
> 'type=iaik.tc.tss.impl.ps.TcTssSystemPsDatabase' in
> /usr/share/jtss/lib/ini/jtss_tcs.ini) flavor of persistent storage
> also enables one to use an outside database. I would like to use a
> stand-alone database server if possible to facilitate testing multiple
> hosts that all boot identical read-only filesystem images.
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> Trustedjava-support mailing list
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
Graz University of Technology http://www.iaik.tugraz.at
Get latest updates about Open Source Projects, Conferences and News.