ACPI and SMI Handlers: Some Limits to Trusted Computing

Date Added: Nov 2009
Format: PDF

Trusted computing has been explored through several international initiatives. Trust in a platform generally requires a subset of its components to be trusted (typically, the CPU, the chipset and a virtual machine hypervisor).These components are granted maximal privileges and constitute the so called Trusted Computing Base (TCB), the size of which should be minimal. The rest of the platform is only granted limited privileges and cannot perform security-critical operations. A few initiatives aim at excluding the BIOS from the TCB in particular (e.g., Intel TxT and AMD SVM/SKINIT). However, the BIOS is responsible for providing some objects that need to be trusted for the computer to work properly.