Announcement: Enforcer LSM with TCPA integration

From: Omen Wild (Omen.Wildat_private)
Date: Mon Sep 08 2003 - 15:19:57 PDT

  • Next message: Stephen Smalley: "[PATCH] Pass nameidata to security_inode_permission (Was: Re: path_post_lookup)"

    The Bear/Enforcer Project
    Dartmouth College
    How can you verify that a remote computer is the "real thing, doing
    the right thing?"  High-end secure coprocessors are expensive and
    computationally limited; lower-end desktop enhancements like TCPA and
    the former Palladium have been mainly limited to Windows and
    proprietary development.
    In contrast, this code is part of our ongoing effort to use open
    source and TCPA to turn ordinary computers into "virtual" secure
    coprocessors---more powerful but less secure than their high-assurance
    Our current alpha release includes the Linux Enforcer Module, a TCPA
    enabled LILO, and a user-level TCPA library.  All source is available
    from the SourceForge site.
    The Linux Enforcer Module is a Linux Security Module designed to help
    improve integrity of a computer running Linux.  The Enforcer provides a
    subset of Tripwire-like functionality.  It runs continuously and as
    each protected file is opened its SHA1 is calculated and compared to a
    previously stored value.
    The Enforcer is designed to integrate with TCPA hardware to provide a
    secure boot when booted with a TCPA enabled boot loader.  TCPA
    hardware can protect secrets and other sensitive data (for example,
    the secrets for an encrypted loopback file system) and bind those
    secrets to specific software.
    When the Enforcer detects a modified file it can, on a per-file basis,
    do any combination of the following: deny access to that file, write an
    entry in the system log, panic the system, or lock the TCPA hardware.
    If the TCPA hardware is locked then a reboot with a un-hacked system is
    required to obtain access to the protected secret.
    We developed our own TCPA support library concurrently with, but
    independently from, IBM's recently announced TCPA code.  Our library
    was an initial component of the Enforcer project.  However, our
    in-kernel TCPA support and the enforcer-seal tool are derived from
    IBM's TCPA code because of its ease of adaptation for in-kernel use.
    We plan to use our more complete library for user-level applications.
    (IBM's TCPA code and documentation is available from
    For more information on our project, see Dartmouth College Technical
    Report TR2003-471 available from
    Or contact Omen Wild at the Dartmouth PKI Lab:

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private

    This archive was generated by hypermail 2b30 : Mon Sep 08 2003 - 15:20:54 PDT