SlideShare a Scribd company logo

Intel Trusted eXecution Technology

Download as PPT, PDF
Bibhu Biswal
Bibhu Biswal

Intel TXT (Trusted eXecution Technology) provides hardware-based security enhancements that establish a trusted computing environment. It integrates new security features into processors, chipsets, and other platform components to measure critical software components at launch and verify they match approved codes before granting execution. This allows establishing an isolated and protected environment to securely migrate workloads between hosts. The technology aims to increase security and protection of sensitive data and systems from malicious software.

TechnologyBusiness
1 of 24
Intel® TXT The Front Door of Trusted Computing.... © 2008 Intel Corporation
Outlines  Introduction to Intel® TXT Technology  Why it matters?  Bad & Good List  Architectural Enhancements  How it works?  Control Points  LCP Protection  Use Models  Benefits  Meeting the requirements  Conclusion  References Intel ® TXT 2 6 Mar 2012 Front Door of Trusted Computing …
Introduction  Intel® TXT(Trusted eXecution Technology) Code named as LaGrande.  Provides Hardware-based Security enhancing the level of security (more useful for Business PCs)  Integrates new security features and capabilities into the processor, chipset and other platform components Intel ® TXT 3 6 Mar 2012 Front Door of Trusted Computing …
Why it matters?  Mechanism of Malwares may vary but they all seek to: 1. Corrupt Systems 2. Disrupt Business 3. Steal Data 4. Seize control of Platforms  Traditional approaches by anti-viruses is to look for “known-bad” elements.  Intel® TXT provides “known good-focused” approach, that checks for malicious software before they are even launched. Intel ® TXT 4 6 Mar 2012 Front Door of Trusted Computing …
Move from bad list to good list VMM V20 VMM V4 VMM V8 Hacked_V1 VMM V4 VMM V1 VMM V3 Corrupted_V2 Hacked_V1 VMM V2 VMM V4OS3 Corrupted_V2 OS1 Hacked_V1 OS4 OS3 OS2 Corrupted_V2 OS4 OS3 OS4 Bad list Good list Reactive Proactive Intel ® TXT 5 6 Mar 2012 Front Door of Trusted Computing …
Good List Requirements Accurate Strict control Identity identity of enables switch to Check software good list Enforce the Control list policy Must provide ability to validate list integrity at time of policy Integrity enforcement Check Management of list must provide for multiple users and assurance of list integrity Intel ® TXT 6 6 Mar 2012 Front Door of Trusted Computing …
Architectural Enhancements A number of system components’ functionalities as well as architecture is enhanced:  Processor: Provides for simultaneous support of the standard partition & one or more protected partitions.  Chipset: Provides protected channels to graphics h/w and i/o devices on behalf of the protected partitions. Also provides interfaces to the TPM.  Keyboard & Mouse: Support encryption of keyboard and mouse input using a cryptographic key that is shared between the input device and the input manager for protected execution domain. (contd..) Intel ® TXT 7 6 Mar 2012 Front Door of Trusted Computing …
 Graphics: Provides protected pathway between an application or software agent and the output display context(such as window object)  TPM(Trusted Platform Module): Hardware-based mechanism that stores cryptographic keys and other data related to Intel® TXT within the platform, also provides hardware support for the attestation process to confirm the successful invocation of the Intel TXT environment. Intel ® TXT 8 6 Mar 2012 Front Door of Trusted Computing …
Internal Components of a TPM Intel ® TXT 9 6 Mar 2012 Front Door of Trusted Computing …
How does it works? Intel ® TXT 10 6 Mar 2012 Front Door of Trusted Computing …
How does it works? (contd..)  Creates a Measured Launch Environment(MLE) that enables accurate comparison of all critical elements of launch environment against known-good source.  Creates a cryptographically unique identifier for each approved launch-enabled component, and then provides hardware-based enforcement mechanisms to block the launch of code that does not match approved code.  Intel TXT provides: • Verified Launch (MLE) • Launch Control Policy (LCP) • Secret Protection • Attestation Intel ® TXT 11 6 Mar 2012 Front Door of Trusted Computing …
How does it works? (contd..) Intel ® TXT 12 6 Mar 2012 Front Door of Trusted Computing …
Control Points  Load SINIT and MLE into memory    Invoke GETSEC [SENTER] Memory   Establish special environment MLE    Load SINIT into ACEA MLE  MLE   Validate SINIT digital signature  a a Store SINIT identity in TPM CPU a SINIT  SINIT measures MLE in memory ACM ACEA SINIT a Store MLE identity in TPM  ACM Intel ® TXT 13 6 Mar 2012 Front Door of Trusted Computing …
Control Points  Load SINIT and MLE into memory    Invoke GETSEC [SENTER] Memory   Establish special environment MLE    Load SINIT into ACEA MLE  MLE   Validate SINIT digital signature  a a Store SINIT identity in TPM CPU a SINIT  SINIT measures MLE in memory ACM ACEA SINIT a Store MLE identity in TPM  ACM  SINIT loads LCP  LCP  SINIT passes control to known MLE VMM1 VMM2 Intel ® TXT 14 6 Mar 2012 Front Door of Trusted Computing …
LCP Protection Intel ® TXT 15 6 Mar 2012 Front Door of Trusted Computing …
Intel ® TXT 16 6 Mar 2012 Front Door of Trusted Computing …
Ensures Safe Migration between Hosts through Trustable Pools Intel ® TXT 17 6 Mar 2012 Front Door of Trusted Computing …
Benefits of Intel® TXT  Increased user confidence in their computing environment  More protection from malicious software  Improved protection of corporate information assets  Better confidentiality and integrity of sensitive information Intel ® TXT 18 6 Mar 2012 Front Door of Trusted Computing …
Meeting The Requirements Software stack identity Identity provided by SENTER measurement Control of software stack provided by authenticated code Control enforcing a launch control policy set for the specific platform Integrity of the launch control Integrity policy guaranteed by hash and TPM controls Intel ® TXT 19 6 Mar 2012 Front Door of Trusted Computing …
Safer Computing with Intel technologies Future Technologies Protection Capabilities Intel® Trusted Execution Technology Intel® Virtualization Technology Intel® Active Management Technology Execute Disable TPM (Trusted Platform Module) Smart Card Software-Only Time Advancing Platform Protections Intel ® TXT 20 6 Mar 2012 Front Door of Trusted Computing …
Conclusion With Intel® TXT enabled solutions we can:  Address the increasing and evolving security threats across physical and virtual infrastructure.  Facilitate compliance with government and industry regulations and data protection standards.  Reduce malware-related support and remediation costs. Intel ® TXT 21 6 Mar 2012 Front Door of Trusted Computing …
References  Software Development Guide, Intel® TXT, pdf format, March 2011  White Paper, Intel® TXT Software, pdf format  Technology Overview, Intel® TXT, pdf format  http://en.wikipedia.org/wiki/Trusted_Execution_Technology  http://www.youtube.com/watch?v=LsjXjDksU  http://www.intel.com/content/www/us/en/data- security/security-overview-general-technology.html  http://www.intel.com/content/www/us/en/architecture-and- technology/trusted-execution-technology/trusted-execution- technology-overview.html  http://www.intel.com/content/www/us/en/architecture-and- technology/trusted-execution-technology/malware-reduction- general-technology.html Intel ® TXT 22 6 Mar 2012 Front Door of Trusted Computing …
23 16 Oct 2008 Front Door of Trusted Computing
Intel Trusted eXecution Technology

Recommended

CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ Guide
Smithjulia33
 
Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
Sumo Logic
 
Observability driven development
Observability driven developmentObservability driven development
Observability driven development
Geert van der Cruijsen
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
Anton Chuvakin
 
Observability & Datadog
Observability & DatadogObservability & Datadog
Observability & Datadog
JamesAnderson599331
 
Collecting metrics with Graphite and StatsD
Collecting metrics with Graphite and StatsDCollecting metrics with Graphite and StatsD
Collecting metrics with Graphite and StatsD
itnig
 
Unifying IT with Outcome-Aware AIOps
Unifying IT with Outcome-Aware AIOps Unifying IT with Outcome-Aware AIOps
Unifying IT with Outcome-Aware AIOps
Enterprise Management Associates
 
The future of AIOps
The future of AIOpsThe future of AIOps
The future of AIOps
GAVS Technologies
 

Recommended

CompTIA Security+ Guide
CompTIA Security+ GuideCompTIA Security+ Guide
CompTIA Security+ Guide
Smithjulia33
 
Sumo Logic QuickStart
Sumo Logic QuickStartSumo Logic QuickStart
Sumo Logic QuickStart
Sumo Logic
 
Observability driven development
Observability driven developmentObservability driven development
Observability driven development
Geert van der Cruijsen
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
Anton Chuvakin
 
Observability & Datadog
Observability & DatadogObservability & Datadog
Observability & Datadog
JamesAnderson599331
 
Collecting metrics with Graphite and StatsD
Collecting metrics with Graphite and StatsDCollecting metrics with Graphite and StatsD
Collecting metrics with Graphite and StatsD
itnig
 
Unifying IT with Outcome-Aware AIOps
Unifying IT with Outcome-Aware AIOps Unifying IT with Outcome-Aware AIOps
Unifying IT with Outcome-Aware AIOps
Enterprise Management Associates
 
The future of AIOps
The future of AIOpsThe future of AIOps
The future of AIOps
GAVS Technologies
 
Observability at Scale
Observability at Scale Observability at Scale
Observability at Scale
Knoldus Inc.
 
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
Amazon Web Services
 
Embedded C - Day 1
Embedded C - Day 1Embedded C - Day 1
Embedded C - Day 1
Emertxe Information Technologies Pvt Ltd
 
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
DevOps.com
 
OpenTelemetry For Architects
OpenTelemetry For ArchitectsOpenTelemetry For Architects
OpenTelemetry For Architects
Kevin Brockhoff
 
How to apply machine learning into your CI/CD pipeline
How to apply machine learning into your CI/CD pipelineHow to apply machine learning into your CI/CD pipeline
How to apply machine learning into your CI/CD pipeline
Alon Weiss
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
 
OpenTelemetry: From front- to backend (2022)
OpenTelemetry: From front- to backend (2022)OpenTelemetry: From front- to backend (2022)
OpenTelemetry: From front- to backend (2022)
Sebastian Poxhofer
 
Advanced C - Part 2
Advanced C - Part 2Advanced C - Part 2
Advanced C - Part 2
Emertxe Information Technologies Pvt Ltd
 
Cloud-Native Observability
Cloud-Native ObservabilityCloud-Native Observability
Cloud-Native Observability
Tyler Treat
 
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
Splunk
 
MLOps by Sasha Rosenbaum
MLOps by Sasha RosenbaumMLOps by Sasha Rosenbaum
MLOps by Sasha Rosenbaum
Sasha Rosenbaum
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
Splunk
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Anton Chuvakin
 
DevOps Picc12 Management Talk
DevOps Picc12 Management TalkDevOps Picc12 Management Talk
DevOps Picc12 Management Talk
Michael Rembetsy
 
MLOps Virtual Event: Automating ML at Scale
MLOps Virtual Event: Automating ML at ScaleMLOps Virtual Event: Automating ML at Scale
MLOps Virtual Event: Automating ML at Scale
Databricks
 
Security in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersSecurity in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps Engineers
DevOps.com
 
Ceh v5 module 03 scanning
Ceh v5 module 03 scanningCeh v5 module 03 scanning
Ceh v5 module 03 scanning
Vi Tính Hoàng Nam
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
RISC-V International
 
Life as a SRE at Instana
Life as a SRE at InstanaLife as a SRE at Instana
Life as a SRE at Instana
Marcel Birkner
 
Attacking intel txt paper
Attacking intel txt paperAttacking intel txt paper
Attacking intel txt paper
maojunjie
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 

More Related Content

What's hot

Observability at Scale
Observability at Scale Observability at Scale
Observability at Scale
Knoldus Inc.
 
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
Amazon Web Services
 
Embedded C - Day 1
Embedded C - Day 1Embedded C - Day 1
Embedded C - Day 1
Emertxe Information Technologies Pvt Ltd
 
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
DevOps.com
 
OpenTelemetry For Architects
OpenTelemetry For ArchitectsOpenTelemetry For Architects
OpenTelemetry For Architects
Kevin Brockhoff
 
How to apply machine learning into your CI/CD pipeline
How to apply machine learning into your CI/CD pipelineHow to apply machine learning into your CI/CD pipeline
How to apply machine learning into your CI/CD pipeline
Alon Weiss
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
Splunk
 
OpenTelemetry: From front- to backend (2022)
OpenTelemetry: From front- to backend (2022)OpenTelemetry: From front- to backend (2022)
OpenTelemetry: From front- to backend (2022)
Sebastian Poxhofer
 
Advanced C - Part 2
Advanced C - Part 2Advanced C - Part 2
Advanced C - Part 2
Emertxe Information Technologies Pvt Ltd
 
Cloud-Native Observability
Cloud-Native ObservabilityCloud-Native Observability
Cloud-Native Observability
Tyler Treat
 
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
Splunk
 
MLOps by Sasha Rosenbaum
MLOps by Sasha RosenbaumMLOps by Sasha Rosenbaum
MLOps by Sasha Rosenbaum
Sasha Rosenbaum
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
Splunk
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
Anton Chuvakin
 
DevOps Picc12 Management Talk
DevOps Picc12 Management TalkDevOps Picc12 Management Talk
DevOps Picc12 Management Talk
Michael Rembetsy
 
MLOps Virtual Event: Automating ML at Scale
MLOps Virtual Event: Automating ML at ScaleMLOps Virtual Event: Automating ML at Scale
MLOps Virtual Event: Automating ML at Scale
Databricks
 
Security in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersSecurity in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps Engineers
DevOps.com
 
Ceh v5 module 03 scanning
Ceh v5 module 03 scanningCeh v5 module 03 scanning
Ceh v5 module 03 scanning
Vi Tính Hoàng Nam
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
RISC-V International
 
Life as a SRE at Instana
Life as a SRE at InstanaLife as a SRE at Instana
Life as a SRE at Instana
Marcel Birkner
 

What's hot (20)

Observability at Scale
Observability at Scale Observability at Scale
Observability at Scale
 
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
AIOps: Steps Towards Autonomous Operations (DEV301-R1) - AWS re:Invent 2018
 
Embedded C - Day 1
Embedded C - Day 1Embedded C - Day 1
Embedded C - Day 1
 
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
More Than Monitoring: How Observability Takes You From Firefighting to Fire P...
 
OpenTelemetry For Architects
OpenTelemetry For ArchitectsOpenTelemetry For Architects
OpenTelemetry For Architects
 
How to apply machine learning into your CI/CD pipeline
How to apply machine learning into your CI/CD pipelineHow to apply machine learning into your CI/CD pipeline
How to apply machine learning into your CI/CD pipeline
 
.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session.conf Go 2022 - Observability Session
.conf Go 2022 - Observability Session
 
OpenTelemetry: From front- to backend (2022)
OpenTelemetry: From front- to backend (2022)OpenTelemetry: From front- to backend (2022)
OpenTelemetry: From front- to backend (2022)
 
Advanced C - Part 2
Advanced C - Part 2Advanced C - Part 2
Advanced C - Part 2
 
Cloud-Native Observability
Cloud-Native ObservabilityCloud-Native Observability
Cloud-Native Observability
 
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
How to Move from Monitoring to Observability, On-Premises and in a Multi-Clou...
 
MLOps by Sasha Rosenbaum
MLOps by Sasha RosenbaumMLOps by Sasha Rosenbaum
MLOps by Sasha Rosenbaum
 
How to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in SplunkHow to Design, Build and Map IT and Business Services in Splunk
How to Design, Build and Map IT and Business Services in Splunk
 
SOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton ChuvakinSOC Lessons from DevOps and SRE by Anton Chuvakin
SOC Lessons from DevOps and SRE by Anton Chuvakin
 
DevOps Picc12 Management Talk
DevOps Picc12 Management TalkDevOps Picc12 Management Talk
DevOps Picc12 Management Talk
 
MLOps Virtual Event: Automating ML at Scale
MLOps Virtual Event: Automating ML at ScaleMLOps Virtual Event: Automating ML at Scale
MLOps Virtual Event: Automating ML at Scale
 
Security in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps EngineersSecurity in CI/CD Pipelines: Tips for DevOps Engineers
Security in CI/CD Pipelines: Tips for DevOps Engineers
 
Ceh v5 module 03 scanning
Ceh v5 module 03 scanningCeh v5 module 03 scanning
Ceh v5 module 03 scanning
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Life as a SRE at Instana
Life as a SRE at InstanaLife as a SRE at Instana
Life as a SRE at Instana
 

Similar to Intel Trusted eXecution Technology

Attacking intel txt paper
Attacking intel txt paperAttacking intel txt paper
Attacking intel txt paper
maojunjie
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
Linaro
 
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi ItaliaSerie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
Yashi Italia
 
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Michelle Holley
 
Why TPM in Automotive?
Why TPM in Automotive?Why TPM in Automotive?
Why TPM in Automotive?
Alan Tatourian
 
BKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsBKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T Systems
Linaro
 
EMC Symmetrix Data at Rest Encryption - Detailed Review
EMC Symmetrix Data at Rest Encryption - Detailed Review EMC Symmetrix Data at Rest Encryption - Detailed Review
EMC Symmetrix Data at Rest Encryption - Detailed Review
EMC
 
Breaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisorsBreaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisors
Priyanka Aash
 
RISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmwareRISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmware
RISC-V International
 
Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...
Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...
Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...
HostedbyConfluent
 
Edge Computing and 5G - SDN/NFV London meetup
Edge Computing and 5G - SDN/NFV London meetupEdge Computing and 5G - SDN/NFV London meetup
Edge Computing and 5G - SDN/NFV London meetup
Haidee McMahon
 
Trusted Computing Base
Trusted Computing BaseTrusted Computing Base
Trusted Computing Base
Vasily Sartakov
 
DYNAMIC ROOT OF TRUST AND CHALLENGES
DYNAMIC ROOT OF TRUST AND CHALLENGESDYNAMIC ROOT OF TRUST AND CHALLENGES
DYNAMIC ROOT OF TRUST AND CHALLENGES
ijsptm
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
Harris Andrea
 
Software development in ar mv8 m architecture - yiu
Software development in ar mv8 m architecture - yiuSoftware development in ar mv8 m architecture - yiu
Software development in ar mv8 m architecture - yiu
Arm
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
The Linux Foundation
 
eXtremeDB FE
eXtremeDB FEeXtremeDB FE
eXtremeDB FE
hyeongchae lee
 
Secure IoT Firmware for RISC-V
Secure IoT Firmware for RISC-VSecure IoT Firmware for RISC-V
Secure IoT Firmware for RISC-V
RISC-V International
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Linaro
 

Similar to Intel Trusted eXecution Technology (20)

Attacking intel txt paper
Attacking intel txt paperAttacking intel txt paper
Attacking intel txt paper
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi ItaliaSerie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
 
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
Intel® QuickAssist Technology Introduction, Applications, and Lab, Including ...
 
Why TPM in Automotive?
Why TPM in Automotive?Why TPM in Automotive?
Why TPM in Automotive?
 
BKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T SystemsBKK16-200 Designing Security into low cost IO T Systems
BKK16-200 Designing Security into low cost IO T Systems
 
EMC Symmetrix Data at Rest Encryption - Detailed Review
EMC Symmetrix Data at Rest Encryption - Detailed Review EMC Symmetrix Data at Rest Encryption - Detailed Review
EMC Symmetrix Data at Rest Encryption - Detailed Review
 
Breaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisorsBreaking hardware enforced security with hypervisors
Breaking hardware enforced security with hypervisors
 
RISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmwareRISC-V 30906 hex five multi_zone iot firmware
RISC-V 30906 hex five multi_zone iot firmware
 
Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...
Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...
Building a Modern, Scalable Cyber Intelligence Platform with Apache Kafka | J...
 
Edge Computing and 5G - SDN/NFV London meetup
Edge Computing and 5G - SDN/NFV London meetupEdge Computing and 5G - SDN/NFV London meetup
Edge Computing and 5G - SDN/NFV London meetup
 
Trusted Computing Base
Trusted Computing BaseTrusted Computing Base
Trusted Computing Base
 
DYNAMIC ROOT OF TRUST AND CHALLENGES
DYNAMIC ROOT OF TRUST AND CHALLENGESDYNAMIC ROOT OF TRUST AND CHALLENGES
DYNAMIC ROOT OF TRUST AND CHALLENGES
 
Cisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening GuideCisco Router and Switch Security Hardening Guide
Cisco Router and Switch Security Hardening Guide
 
No[1][1]
No[1][1]No[1][1]
No[1][1]
 
Software development in ar mv8 m architecture - yiu
Software development in ar mv8 m architecture - yiuSoftware development in ar mv8 m architecture - yiu
Software development in ar mv8 m architecture - yiu
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
eXtremeDB FE
eXtremeDB FEeXtremeDB FE
eXtremeDB FE
 
Secure IoT Firmware for RISC-V
Secure IoT Firmware for RISC-VSecure IoT Firmware for RISC-V
Secure IoT Firmware for RISC-V
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 

Intel Trusted eXecution Technology

  • 1. Intel® TXT The Front Door of Trusted Computing.... © 2008 Intel Corporation
  • 2. Outlines  Introduction to Intel® TXT Technology  Why it matters?  Bad & Good List  Architectural Enhancements  How it works?  Control Points  LCP Protection  Use Models  Benefits  Meeting the requirements  Conclusion  References Intel ® TXT 2 6 Mar 2012 Front Door of Trusted Computing …
  • 3. Introduction  Intel® TXT(Trusted eXecution Technology) Code named as LaGrande.  Provides Hardware-based Security enhancing the level of security (more useful for Business PCs)  Integrates new security features and capabilities into the processor, chipset and other platform components Intel ® TXT 3 6 Mar 2012 Front Door of Trusted Computing …
  • 4. Why it matters?  Mechanism of Malwares may vary but they all seek to: 1. Corrupt Systems 2. Disrupt Business 3. Steal Data 4. Seize control of Platforms  Traditional approaches by anti-viruses is to look for “known-bad” elements.  Intel® TXT provides “known good-focused” approach, that checks for malicious software before they are even launched. Intel ® TXT 4 6 Mar 2012 Front Door of Trusted Computing …
  • 5. Move from bad list to good list VMM V20 VMM V4 VMM V8 Hacked_V1 VMM V4 VMM V1 VMM V3 Corrupted_V2 Hacked_V1 VMM V2 VMM V4OS3 Corrupted_V2 OS1 Hacked_V1 OS4 OS3 OS2 Corrupted_V2 OS4 OS3 OS4 Bad list Good list Reactive Proactive Intel ® TXT 5 6 Mar 2012 Front Door of Trusted Computing …
  • 6. Good List Requirements Accurate Strict control Identity identity of enables switch to Check software good list Enforce the Control list policy Must provide ability to validate list integrity at time of policy Integrity enforcement Check Management of list must provide for multiple users and assurance of list integrity Intel ® TXT 6 6 Mar 2012 Front Door of Trusted Computing …
  • 7. Architectural Enhancements A number of system components’ functionalities as well as architecture is enhanced:  Processor: Provides for simultaneous support of the standard partition & one or more protected partitions.  Chipset: Provides protected channels to graphics h/w and i/o devices on behalf of the protected partitions. Also provides interfaces to the TPM.  Keyboard & Mouse: Support encryption of keyboard and mouse input using a cryptographic key that is shared between the input device and the input manager for protected execution domain. (contd..) Intel ® TXT 7 6 Mar 2012 Front Door of Trusted Computing …
  • 8. Graphics: Provides protected pathway between an application or software agent and the output display context(such as window object)  TPM(Trusted Platform Module): Hardware-based mechanism that stores cryptographic keys and other data related to Intel® TXT within the platform, also provides hardware support for the attestation process to confirm the successful invocation of the Intel TXT environment. Intel ® TXT 8 6 Mar 2012 Front Door of Trusted Computing …
  • 9. Internal Components of a TPM Intel ® TXT 9 6 Mar 2012 Front Door of Trusted Computing …
  • 10. How does it works? Intel ® TXT 10 6 Mar 2012 Front Door of Trusted Computing …
  • 11. How does it works? (contd..)  Creates a Measured Launch Environment(MLE) that enables accurate comparison of all critical elements of launch environment against known-good source.  Creates a cryptographically unique identifier for each approved launch-enabled component, and then provides hardware-based enforcement mechanisms to block the launch of code that does not match approved code.  Intel TXT provides: • Verified Launch (MLE) • Launch Control Policy (LCP) • Secret Protection • Attestation Intel ® TXT 11 6 Mar 2012 Front Door of Trusted Computing …
  • 12. How does it works? (contd..) Intel ® TXT 12 6 Mar 2012 Front Door of Trusted Computing …
  • 13. Control Points  Load SINIT and MLE into memory    Invoke GETSEC [SENTER] Memory   Establish special environment MLE    Load SINIT into ACEA MLE  MLE   Validate SINIT digital signature  a a Store SINIT identity in TPM CPU a SINIT  SINIT measures MLE in memory ACM ACEA SINIT a Store MLE identity in TPM  ACM Intel ® TXT 13 6 Mar 2012 Front Door of Trusted Computing …
  • 14. Control Points  Load SINIT and MLE into memory    Invoke GETSEC [SENTER] Memory   Establish special environment MLE    Load SINIT into ACEA MLE  MLE   Validate SINIT digital signature  a a Store SINIT identity in TPM CPU a SINIT  SINIT measures MLE in memory ACM ACEA SINIT a Store MLE identity in TPM  ACM  SINIT loads LCP  LCP  SINIT passes control to known MLE VMM1 VMM2 Intel ® TXT 14 6 Mar 2012 Front Door of Trusted Computing …
  • 15. LCP Protection Intel ® TXT 15 6 Mar 2012 Front Door of Trusted Computing …
  • 16. Intel ® TXT 16 6 Mar 2012 Front Door of Trusted Computing …
  • 17. Ensures Safe Migration between Hosts through Trustable Pools Intel ® TXT 17 6 Mar 2012 Front Door of Trusted Computing …
  • 18. Benefits of Intel® TXT  Increased user confidence in their computing environment  More protection from malicious software  Improved protection of corporate information assets  Better confidentiality and integrity of sensitive information Intel ® TXT 18 6 Mar 2012 Front Door of Trusted Computing …
  • 19. Meeting The Requirements Software stack identity Identity provided by SENTER measurement Control of software stack provided by authenticated code Control enforcing a launch control policy set for the specific platform Integrity of the launch control Integrity policy guaranteed by hash and TPM controls Intel ® TXT 19 6 Mar 2012 Front Door of Trusted Computing …
  • 20. Safer Computing with Intel technologies Future Technologies Protection Capabilities Intel® Trusted Execution Technology Intel® Virtualization Technology Intel® Active Management Technology Execute Disable TPM (Trusted Platform Module) Smart Card Software-Only Time Advancing Platform Protections Intel ® TXT 20 6 Mar 2012 Front Door of Trusted Computing …
  • 21. Conclusion With Intel® TXT enabled solutions we can:  Address the increasing and evolving security threats across physical and virtual infrastructure.  Facilitate compliance with government and industry regulations and data protection standards.  Reduce malware-related support and remediation costs. Intel ® TXT 21 6 Mar 2012 Front Door of Trusted Computing …
  • 22. References  Software Development Guide, Intel® TXT, pdf format, March 2011  White Paper, Intel® TXT Software, pdf format  Technology Overview, Intel® TXT, pdf format  http://en.wikipedia.org/wiki/Trusted_Execution_Technology  http://www.youtube.com/watch?v=LsjXjDksU  http://www.intel.com/content/www/us/en/data- security/security-overview-general-technology.html  http://www.intel.com/content/www/us/en/architecture-and- technology/trusted-execution-technology/trusted-execution- technology-overview.html  http://www.intel.com/content/www/us/en/architecture-and- technology/trusted-execution-technology/malware-reduction- general-technology.html Intel ® TXT 22 6 Mar 2012 Front Door of Trusted Computing …
  • 23. 23 16 Oct 2008 Front Door of Trusted Computing