Recently, there has been considerable interest in providing “trusted computing platforms” using hardware — TCPA and Palladium being the most publicly visible examples. In this paper we discuss our experience with building such a platform using a traditional time-sharing operating system executing on XOM — a processor architecture that provides copy protection and tamper-resistance functions. In XOM, only the processor is trusted; main memory and the operating system are not trusted. Our operating system (XOMOS) manages hardware resources for applications that don’t trust it. This requires a division of responsibilities between the operating system and hardware that is unlike previous systems. We describe techniques for providing traditional operating systems services in this context. Since an implementation of a XOM processor does not exist, we use SimOS to simulate the hardware. We modify IRIX 6.5, a commercially available operating system to create XOMOS. We are then able ...
David Lie, Chandramohan A. Thekkath, Mark Horowitz