Part 7: Enterprise Security Applications
While trusted computing represents a significant step forward in insuring an uncompromised software environment, it should not be understood as a replacement for the many other security applications protecting a user's platform. The distinction to be noted here is that trusted computing measures the software environment to determine whether it can be trusted. Other security applications, for example, antivirus applications, firewalls, and secure web browsers, play a key role in protecting a trusted system from the ongoing threat of malware.
One implication of trusted computing to enterprise security applications is the need for integration. One might imagine, for example, a malware detection application that would initiate a platform measurement after malware is detected and removed, or whenever a set of alert criteria is met but no malware found. Conversely, a measured launch failure might be followed by launching a special MLE with a remediation application designed to analyze the current compromised state on the failed MLE image, and to fix the problem.
Integration with trusted computing might also take place in the area of access control. For example, single sign on software applications might include a remote attestation step that examines whether the client endpoint is running a measured launch environment and how current the most recent measurement took place. Based on this information, it determines whether to issue a ticket or token, and what the credential level is that can be granted. Software services, especially those managing sensitive enterprise data, might likewise be modified to require similar attestation steps to establish a robust notion of client trust before rendering service.
Finally, it might be mentioned that a grand challenge in trusted computing is extending the chain of trust from key OS/VMM kernel modules to application software at every layer. While some work has been done in this area, the goal remains elusive and a great deal of innovation may be needed to fully achieve the vision of trusted computing at the highest layers of the software stack. For example, software environments may need to be structured differently, the manner in which software is modularized may need to change, or software delivery and launch schemes may need to be rethought.
While trusted computing represents a significant step forward in insuring an uncompromised software environment, it should not be understood as a replacement for the many other security applications protecting a user's platform. The distinction to be noted here is that trusted computing measures the software environment to determine whether it can be trusted. Other security applications, for example, antivirus applications, firewalls, and secure web browsers, play a key role in protecting a trusted system from the ongoing threat of malware.
One implication of trusted computing to enterprise security applications is the need for integration. One might imagine, for example, a malware detection application that would initiate a platform measurement after malware is detected and removed, or whenever a set of alert criteria is met but no malware found. Conversely, a measured launch failure might be followed by launching a special MLE with a remediation application designed to analyze the current compromised state on the failed MLE image, and to fix the problem.
Integration with trusted computing might also take place in the area of access control. For example, single sign on software applications might include a remote attestation step that examines whether the client endpoint is running a measured launch environment and how current the most recent measurement took place. Based on this information, it determines whether to issue a ticket or token, and what the credential level is that can be granted. Software services, especially those managing sensitive enterprise data, might likewise be modified to require similar attestation steps to establish a robust notion of client trust before rendering service.
Finally, it might be mentioned that a grand challenge in trusted computing is extending the chain of trust from key OS/VMM kernel modules to application software at every layer. While some work has been done in this area, the goal remains elusive and a great deal of innovation may be needed to fully achieve the vision of trusted computing at the highest layers of the software stack. For example, software environments may need to be structured differently, the manner in which software is modularized may need to change, or software delivery and launch schemes may need to be rethought.