At 1:33 AM -0800 12/14/05, Crispin Cowan wrote: > Smashguard, if I recall correctly, offers approximately the protection > of existing compiler methods, but with the added fun of requiring > modified (non-existent) hardware. > > The referenced hardware in the IEEE article and the intel.com pages > appears to be some descendant of Palladium; it is a hardware integrity > checker/attestation mechanism. A small, hardware-enforced core performs > a chain of crypto-checks prior to boot strapping the BIOS, and then the > OS, and makes itself available to applications. Thus an application can > (more or less) "prove" to a remote machine that the BIOS, kernel, and > application are in fact the "approved" versions that the remote machine > wants to see. The closest published work would be Bill Arbaugh's > dissertation and associated papers.
That sounds very much like DEC's Distributed Systems Security Architecture, which was never an implemented product. -- Larry Kilgallen _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
