Analysis of mechanisms for TCBE control of object reuse in clients
This study contributes to the realization of a high assurance Multilevel Secure Local Area Network. The system consists of a Trusted Computing Base (TCB) that acts as a server base. Clients are COTS workstations and software, augmented with a hardware-based TCB Extension (TCBE). This work concentrat...
Main Author: | |
---|---|
Other Authors: | |
Language: | en_US |
Published: |
Monterey, California. Naval Postgraduate School
2013
|
Online Access: | http://hdl.handle.net/10945/32946 |
id |
ndltd-nps.edu-oai-calhoun.nps.edu-10945-32946 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-nps.edu-oai-calhoun.nps.edu-10945-329462014-11-27T16:18:38Z Analysis of mechanisms for TCBE control of object reuse in clients Agacayak, Cihan. Irvine, Cynthia E. NA Electrical Engineering This study contributes to the realization of a high assurance Multilevel Secure Local Area Network. The system consists of a Trusted Computing Base (TCB) that acts as a server base. Clients are COTS workstations and software, augmented with a hardware-based TCB Extension (TCBE). This work concentrates on object reuse control on the client, which is one of the security services to be provided by the TCBE. Object reuse mechanisms are designed to assure that sensitive information does not persist across sessions or session level changes. We analyzed 29 chips on the PC motherboard. We proposed and evaluated possible solutions for object reuse control of four storage areas: main memory, AGP memory, cache and Real Time Clock (RTC) memory. The feasibility of one proposed solution was demonstrated. We found that main memory can be cleared by slowing its refresh rate. It was determined that AGP memory cannot be read out by devices on the PCI and ISA bus. The Intel INVD command can be used to clear cache. RTC memory can be accessed and its integrity checked by TCBE software. This study establishes a foundation for object reuse control efforts targeting COTS PC products manufactured by various vendors. 2013-05-08T20:44:01Z 2013-05-08T20:44:01Z 2000-03 Thesis http://hdl.handle.net/10945/32946 en_US Approved for public release, distribution unlimited. Monterey, California. Naval Postgraduate School |
collection |
NDLTD |
language |
en_US |
sources |
NDLTD |
description |
This study contributes to the realization of a high assurance Multilevel Secure Local Area Network. The system consists of a Trusted Computing Base (TCB) that acts as a server base. Clients are COTS workstations and software, augmented with a hardware-based TCB Extension (TCBE). This work concentrates on object reuse control on the client, which is one of the security services to be provided by the TCBE. Object reuse mechanisms are designed to assure that sensitive information does not persist across sessions or session level changes. We analyzed 29 chips on the PC motherboard. We proposed and evaluated possible solutions for object reuse control of four storage areas: main memory, AGP memory, cache and Real Time Clock (RTC) memory. The feasibility of one proposed solution was demonstrated. We found that main memory can be cleared by slowing its refresh rate. It was determined that AGP memory cannot be read out by devices on the PCI and ISA bus. The Intel INVD command can be used to clear cache. RTC memory can be accessed and its integrity checked by TCBE software. This study establishes a foundation for object reuse control efforts targeting COTS PC products manufactured by various vendors. |
author2 |
Irvine, Cynthia E. |
author_facet |
Irvine, Cynthia E. Agacayak, Cihan. |
author |
Agacayak, Cihan. |
spellingShingle |
Agacayak, Cihan. Analysis of mechanisms for TCBE control of object reuse in clients |
author_sort |
Agacayak, Cihan. |
title |
Analysis of mechanisms for TCBE control of object reuse in clients |
title_short |
Analysis of mechanisms for TCBE control of object reuse in clients |
title_full |
Analysis of mechanisms for TCBE control of object reuse in clients |
title_fullStr |
Analysis of mechanisms for TCBE control of object reuse in clients |
title_full_unstemmed |
Analysis of mechanisms for TCBE control of object reuse in clients |
title_sort |
analysis of mechanisms for tcbe control of object reuse in clients |
publisher |
Monterey, California. Naval Postgraduate School |
publishDate |
2013 |
url |
http://hdl.handle.net/10945/32946 |
work_keys_str_mv |
AT agacayakcihan analysisofmechanismsfortcbecontrolofobjectreuseinclients |
_version_ |
1716725421249134592 |