Loading...

Increasing BIOS Trust in Personal Computers Using Reconfigurable Devices

Eslampanah, Marziye | 2015

548 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 48195 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Bayat Sarmadi, Siavash
  7. Abstract:
  8. Due to the expansion of digital system threats, trusted computation with a new approach for countering such threats has emerged. This approach is based on using a hardware module for implementing a trusted platform (TPM). TPM includes a chipset and the trusted systems core. Nowadays many of mobile computers do include this technology. This hardware creates trust using a trust chain and expanding this trust to other parts of the system. The starting point in this chain is the computer BIOS. BIOS is the first code that the system usually executes. One of the most powerful recent attacks on computer systems is to infect the BIOS and other firmware. One of such complicated attacks is the rootkit of firmware which its detection is very hard. Subsequently, keeping the security of BIOS as the root of trust in personal computer is important. This work attempts to make the BIOS of personal computers trusted using FPGA. Hence, it needs a design and implementation of a trusted FPGA architecture in order to improve the security and trust in personal computers BIOS. Trust in reconfigurable chips such as FPGA has emerged under the title of “reconfigurable trusted computation”. Until now lots of work has taken place in order to implement a trusted platform in reconfigurable chips. This goal is not always possible due to the complexity and decrease of functionality in systems. For the purpose of evaluating the proposed architecture, a firmwre rootkit-based attack was done on system. The attack was executed in two scenarios, one in the absence of countermeasures and one in their presence and the results were evaluated. Then, it is shown that with the presence of protective mechanisms, security and the trust in system is preserved. The proposed architecture in this work, provides the ability, that with the current capabilities in the country, TPM can be used for personal computers. Additionally, cryptographic extended features such as full disk encryption (FDE) can be implemented using this platfrom
  9. Keywords:
  10. Middleware ; Validation ; Field Programmable Gate Array (FPGA) ; Reconfigurable Devices ; Attestation ; BIOS Firmware ; Trusted Platform

 Digital Object List

 Bookmark

No TOC