15th USENIX Security Symposium Abstract
Pp. 305320 of the Proceedings
vTPM: Virtualizing the Trusted Platform Module
Stefan Berger, Ramón Cáceres, Kenneth A. Goldman, Ronald Perez, Reiner Sailer, and Leendert van Doorn, IBM T.J. Watson Research Center
We present the design and implementation of a system that
enables trusted computing for an unlimited number
of virtual machines on a single hardware platform.
To this end, we virtualized the Trusted Platform Module
(TPM). As a result, the TPM's secure storage and cryptographic
functions are available to operating systems and
applications running in virtual machines. Our new facility
supports higher-level services for establishing trust in
virtualized environments, for example remote attestation
of software integrity.
We implemented the full TPM specification in software
and added functions to create and destroy virtual
TPM instances. We integrated our software TPM into
a hypervisor environment to make TPM functions available
to virtual machines. Our virtual TPM supports suspend
and resume operations, as well as migration of a
virtual TPM instance with its respective virtual machine
across platforms. We present four designs for certificate
chains to link the virtual TPM to a hardware TPM, with
security vs. efficiency trade-offs based on threat models.
Finally, we demonstrate a working system by layering an
existing integrity measurement application on top of our
virtual TPM facility.
- View the full text of this paper in HTML and PDF. Listen to the presentation and Q & A in MP3 format.
Until August 2007, you will need your USENIX membership identification in order to access the full papers.
The Proceedings are published as a collective work, © 2006 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.