NEWS & EVENTS | CAREER | CONTACT | DEUTSCH
About us | Products | Competencies | Partner | Support
HOME Competencies Trusted Computing TrustedGRUB
TrustedGRUB
Trustworthy IT Trusted Computing
TrustedGRUB MicroTSS und TDD TPM Manager TPM Compliance Testsuite
Secure Cloud Secure Mobility Smart IT

TrustedGRUB

Most attacks on computing systems target the running operating system (OS). Once the OS is executed, common security solutions, such as Firewalls or Anti-Malware-Software, are capable of reducing the possible target space. These however can only protect the system, once they have been started. One major issue is that it is hard to identify, whether a running software has been correctly loaded, or whether it has been modified before execution. Therefore, new attacks target the bootloader or the BIOS itself in order to place attacks on a computing system before security measurements can be installed.

In order to counter these types of attacks, the „Trusted Computing Group“ (TCG) has specified methods enabling a platform to measure the running software before it is executed, starting from the point, where the system is booted. By measuring each component of the boot process before it is executed, one can form a chain-of-trust, which is called „Trusted Boot“. The measurement values however need to be stored in a secure and shielded location.

Modern business computers and laptops are typically equipped with a „Trusted Platform Module“ (TPM), a small tamper-resistant chip embedded into the platform. The functionality of the TPM has been specified by the „Trusted Computing Group“ (TCG). Once a platform is equipped with a TPM, it is possible to form a chain-of-trust over the loaded software, beginning at the BIOS. In order to keep the chain-of-trust intact, it needs to be continued by the next element in the trust-chain, in this case the bootloader.

TrustedGRUB is an extension of the original open source bootloader GNU GRUB. TrustedGUB has been modified to support the new Trusted Computing functionalities provided by a Trusted Platform Module (TPM) as specified by the Trusted Computing Group (TCG) . It was developed by Sirrix AG in cooperation with the Ruhr-University Bochum.

The main feature of TrustedGRUB is the possibility to continue the chain-of-trust by measuring arbitrary files during the boot process and extending the integrity test results into so-called "Platform Configuration Registers (PCR)" inside TPMs memory. The hash values can be used by local or remote entities in order verify the platform integrity.

TrustedGRUB has been published on Sourceforge as open source software and has been successfully tested with all major TPMs of Version 1.1b and 1.2.

More information you will find here!

ruhruni                                                                        

NEWS

Secure Browser “Browser in the Box“ now available for free

bitbox
PRODUCTS
Endpoint Security
TURAYA.TrustedInfrastructure
TURAYA.TrustedVPN
Voice Encryption Systems
Digital Line Interfaces
LOGIN |IMPRINT
© 2012 by Sirrix AG