Lean Software Roots of Trust
Small Business Information
28 Dana St, Amherst, MA, 01002-0000
AbstractIn this proposal, we outline a project to research and develop a lean, fully-software-based Mobile Trusted Module (SW-MTM) for mobile devices. The goal of the proposed solution is to provide the required Roots of Trust (RoTs) and trusted security services via a fully software implementation while maintaining the heightened level of assurance typically only achieved through additional, security-centric hardware. This will be achieved by building a solution that is not only compatible with the Trusted Computing Group's (TCG) MTM specification but also goes beyond in order to provide both static and dynamic trust verification. The solution has the following key components: (i) fully software managed RoTs architecture including the protected Core Root of Trust for Measurement (CRTM) and associated cumulative chain of trust, (ii) runtime integrity verification through dynamic RoTs, (iii) MTM compatible, open API containing support for the associated MTM trusted services and extensions. The solution is broadly applicable across both Defense and Government agencies as well as the commercial sector. The Phase I effort will conclude with a proof-of-concept demonstration of the proposed solution executing in a mobile device emulator. Should a Phase II be awarded, a functional prototype containing all proposed technologies will be delivered. The TRL at the start of the Phase I effort is 2. This is expected to reach a level of 5 by the end of the Phase I effort.
* information listed above is at the time of submission.